...
Cyber Security

What Is Cyber Security? Types, Threats, and Strategies.

Pinterest LinkedIn Tumblr

Cyber security is part of the global agenda. Nowadays, no one is safe from being a victim of a cyberattack; companies, government, hospitals, financial institutions, SMEs, and end-users are exposed to threats on the network.

Understanding the importance of IT security gives us a broader perspective on the strategies, plans, and best practices that should be implemented in organizations.

That is why we are going to talk about what cybersecurity is, the types of IT security, the most common cyber attacks, and strategic solutions.

What is cybersecurity?

What is cybersecurity

Cybersecurity is the set of procedures and tools implemented to protect information generated and processed through computers, servers, mobile devices, networks, and electronic systems.

According to experts from the Information Systems Audit and Control Association (ISACA), cybersecurity is defined as “a layer of protection for information archives”. The term computer security or electronic information security is also used to refer to cybersecurity.

One of the objectives of cybersecurity is to build trust among customers, suppliers, and the market in general. In a hyperconnected world, where most of our activities are done through the network and electronic devices, ensuring the security of operations is an imperative need.

Business people and world leaders considered cyber-attacks as one of the main risks they face today and cybersecurity as their biggest challenge.

History of cybersecurity

The evolution of cybersecurity provides a broader context of what the transformation to the digital world was like and the risks that came with this change.

The first hacker in history was Nevil Maskelyne. In 1903, he intercepted the first wireless telegraph transmission, exposing the vulnerabilities of this system developed by Marconi.

John Draper was the first cybercriminal, better known as “Captain Crunch”. Draper discovered that the sound emitted by a whistle that was given away in the “Cap’n Crunch” cereal boxes, could fool the signal of the telephone exchange and thus be able to make free calls.

In the 1970s, the first malware in history appeared: Creeper, a program that replicated itself. This malware displayed the message “I’m a creeper, catch me if you can!”. From there, the first antivirus called Reaper was born, whose function was to eliminate Creeper infections.

Over the years and with technological advances, networked information became increasingly valuable and important to both organizations and cybercriminals.

Malware in the 1980s increased its presence and at the same time, more efficient antivirus software was developed. Today, an endpoint detection and response (EDR) platform is used to protect computers from malware attacks due to its evolution.

At the end of this decade, Kevin Mitnick used social engineering to gain access to personal and confidential information; this type of cyberattack, which began to be more widely used at that time, is still one of the most popular methods of breaching a company’s assets; however, it can be prevented and reduced with a good strategy, employee training, and security awareness protocols.

The regulation of the Internet is a huge challenge due to its international nature and the variety of its content. In the early 90s, the need to deal with cyber-attacks became a topic of international discussion, the lack of knowledge about cyberspace, security measures, jurisdiction, and competence affected mainly developed countries, where the use of technology and the abuse of users affected the economy and society.

The first actions to create legal mechanisms to deal with cybercrime were local. In 1986, the Computer Fraud and Abuse Act was created in the United States, but its capacity was overwhelmed by the technological transformation.

In 1995, a committee of computer crime experts was formed in Europe to work on strategies to counter Internet attacks. Convinced of the need to implement a criminal policy to protect society against cybercrime and the importance of strengthening international cooperation, the Budapest Convention was approved and signed in 2001 and is now comprised of 56 countries.

Types of IT security

Computer security is a crucial issue for the protection and management of the information of any organization, so it is of utmost importance to recognize the categories that exist to determine the actions in each of them.

Computer security contemplates four main areas:

  • Confidentiality: Only authorized users can access resources, data, and information.
  • Integrity: Only authorized users should be able to modify data when required.
  • Availability: Data must be available to users when required.
  • Authentication: Verify that they are actually communicating with whom they are communicating.

According to the protection object elements, we classify these types of computer security:

  • Hardware security
  • Software security
  • Network security

Hardware security

It applies to the protection of physical elements to prevent threats and intrusions. Hardware security is responsible for finding existing vulnerabilities in equipment from its manufacture to the input and output devices that are connected.

The tools used for hardware security comprehensively control the traffic that occurs on the network, providing more powerful security. This type of security is among the most robust. It strengthens the most important systems as an additional security filter.

Typical examples are firewalls or proxy servers. Less common are hardware security modules (HSMs) that provide cryptographic keys for encryption, decryption, and authentication.

Software security

Errors in software generate vulnerabilities and are one of the greatest security risks. There are different types of errors that are generated in software, for example, implementation errors, buffer overflows, design flaws, or mishandling of the same.

Software security protects applications and software from external threats such as viruses or malicious attacks. Antivirus is one of the most commonly used tools for this type of security, which has an automatic update and helps to find new viruses. Other examples are firewalls, anti-spam filters, content filtering software, and unwanted advertising.

Network security

These are activities aimed at protecting network data, i.e. their main function is to protect the use, reliability, integrity, and security of the network to prevent information from being modified or stolen.

The most common network threats are:

  • Viruses, worms, and Trojan horses.
  • Spyware and adware
  • Zero-day attacks are also called zero-hour attacks.
  • Hacker attacks
  • Denial of service attacks
  • Denial of service attacks
  • Data interception or theft
  • Identity theft

Network security components include anti-virus and anti-spyware, firewalls, intrusion prevention systems, and virtual private networks.

Types of cyber-attacks and how to deal with them

Types of cyber-attacks and how to deal with them

Cybercriminals use various techniques to access corporate networks, hijack information, install malware, and compromise company or user assets. These are the different types of cyber-attacks:

Ransomware

This is malicious software that prevents access to users’ information or equipment. Basically, it is a kidnapping of information or equipment and demands the payment of a certain amount in order to recover it. It is one of the most popular attacks used by criminals to extort money from companies and consumers.

There are many ways in which they can sneak into computers, generally using social engineering techniques or through the vulnerabilities that exist in the software with which they manage to install themselves in the user’s machine.

Types of ransomware.

  • Cryptographic malware is the most common, it encrypts files so you cannot open them.
  • Blocker disables access to your computer and encrypts the master table of files on the hard drive.
  • Doxware, this type of ransomware downloads a copy of users’ confidential files and threatens to publish them on the network.
  • Scareware is fake software that claims to have found problems on your computer and asks for money to fix them.

How to protect yourself from a ransomware attack

Here are some recommendations to protect yourself from a ransomware-type attack:

  • Make a periodic backup of your information; this will allow you to disinfect your computer and restore information from your backup.
  • Configure to display hidden file extensions; sometimes the ways in which it is presented is in a file with a “.PDF.EXE” extension and it will be easier to detect suspicious files.
  • Filter email .EXE files and disallow emails that have “.EXE” files or files with double extensions.
  • Disable files running from the AppData and LocalAppData folders.
  • Disable remote desktop protocol (RDP). Cryptolocker/Filecoder malware most of the time accesses machines via RDP which allows third parties to log in to your desktop remotely. If you do not need to use the RDP protocol, you can disable to protect the machines.
  • Install patches and updates to your software, cybercriminals exploit vulnerabilities in outdated computers and thus enter an exploit and gain access to the system.
  • Use a reliable security package; the recommendation is to always have good anti-malware protection and a firewall, capable of recognizing threats or suspicious activity.
  • Immediately disconnect the computer from the Internet network, either from Wi-Fi or network cable. Acting very quickly can mitigate the damage. It takes some time to encrypt files so the attack can be stopped.
  • System Restore. If this feature is on your computer, run the system restore to return to an uninfected state. Beware because some updates of Cryptolocker, a ransomware-like cyber-attack, can delete backup files.

Phishing

Phishing or identity theft is a type of cyber-attack aimed at obtaining confidential information from users, usually banking information or information from applications with access to payments. It consists of the creation of communication to the user, usually an email, whose manipulation has an appearance of veracity.

Phishing continues to be one of the most successful cyber-attacks for the following reasons:

  • It uses common user communication channels.
  • They know the tastes, activities, and tendencies of their victims.
  • They employ personalized messages, using their name, email, or phone number.
  • They play on the sense of urgency or use promotional hooks.

Recommendations to prevent Phishing attacks

  • Identify suspicious emails, this type of email usually uses names and images of real companies, includes websites very similar to the original ones, uses gifts or promotions as hooks, even the loss of the account or information.
  • Verify the source of your incoming emails, your bank will not ask for your personal data and passwords by mail.
  • Do not enter links included in emails, as they redirect you to a fraudulent website to obtain your information. Type directly the web page you want to access.
  • Strengthen the security of computers with antivirus, update the operating system and browsers.
  • Check your bank accounts periodically to be aware of any irregularities.
  • Beware of popular platforms because they can use those channels for information theft, e.g. Facebook, Paypal, eBay.
  • Attacks can come in any language, usually with bad wording or translation, which can serve as an indicator to be careful.
  • Reject any email requesting your information that is a suspicious source and offers a hook.

Adware

Adware is adware, a type of malware that bombards with endless pop-up windows that can be potentially dangerous to devices.

Adware, like spyware, usually comes with some freeware, but it can also be installed on browsers or operating systems through some system vulnerability.

Keys to protect yourself from adware

  • Download applications from the developers’ official websites.
  • Pay attention to the installation windows and check that the selections are the right ones.
  • Click the “Advanced Installation” or “Installation Options” button to disable the add-on installation.
  • Before removing the adware make a backup copy. Then use an adware removal antivirus to search for and remove any adware found on your computer.

Spyware

It is a type of malware that runs “on the sly” on computers, with the purpose of spying and accessing user information, they try to hide their trail by running in the background and are usually installed by a second application in principle legitimate.

Spyware can reach your computer through system vulnerabilities, deceptive marketing, or software packages.

Types of spyware.

  • Password stealers: Designed to obtain computer passwords that include credentials stored in browsers, login, and various personal passwords.
  • Banking Trojans: Obtain sensitive information from financial institutions, alter page content, add transactions, and other actions.
  • Info stealers: Able to search for all kinds of data such as usernames, passwords, email addresses, histories, system files, and more.
  • Keyloggers: Record keystrokes to capture computer activity, site visits, search history, email conversations.

How to protect yourself from spyware.

  • Do not open emails from strangers.
  • Do not download files unless they come from a trusted source.
  • Mouse over links before opening them and make sure you are accessing the correct web page.
  • Installing a good computer security program is essential to deal with new forms of advanced spyware.

Trojans

Trojan viruses are malicious programs; this type of attack performs unauthorized actions such as deleting data, blocking, modifying, taking control of your computer, etc.

Types of Trojans

  • Backdoors, generate remote access to the system, allow a hacker to gain access to your computer and control it, steal data and even download more malware.
  • Spyware, observes your behavior, has access to online accounts and provides credit card details in order to transmit it.
  • Zombie Trojans, take control of your computer to make it a slave in a network under the attacker’s control. Subsequently, it is used to perform a distributed denial of service (DDoS) attack.
  • Downloader Trojans, download other malicious content such as ransomware or keystroke loggers.

How to protect yourself from a Trojan.

  • Do not open files sent via e-mail, only from trusted users.
  • Do not visit web pages that are unknown or of dubious origin.
  • Be careful when downloading files using file-sharing programs. It is recommended to first run an antivirus scan before opening and downloading.
  • Perform Windows and antivirus updates.
  • Periodically scan computers with the antivirus for greater control.
  • Use Firewall to prevent malicious transmissions from one network to another.
  • Change the use of browsers.

A good cybersecurity strategy

Here are some recommendations that a good cybersecurity strategy should include:

Asset management.

One of the most complicated but extremely important aspects.

  • A complete and classified inventory of computers, corporate cell phones, tablets, servers, software, monitors, projectors and more is necessary.
  • Classify the information considering the three properties of IT security; confidentiality, integrity, and availability.
  • Once classified, measures for its protection are applied.
  • Manage the media, this prevents unauthorized disclosure, modification or deletion of the stored information.
  • Design and maintain a configuration management database containing the elements to provide a service and the relationship between them.

Security of operations

All activities aimed at ensuring the correct operation of the equipment where information is processed should consider the following:

  • Establishing and documenting the procedures and responsibilities performed in the organization.
  • Ensure the installation of systems and applications that are performed in accordance with the organization’s security requirements.
  • Monitor and analyze the capacity of servers and devices.
  • Manage and monitor the company’s antivirus systems.
  • Implement a backup system.

Incident management and disaster recovery.

It is important to establish a plan to be prepared for any eventuality. Responsibilities and procedures should be established.

  • Define security incident management.
  • Establish a disaster recovery plan.

Control access to systems and applications

As a measure to prevent unauthorized access to systems and applications, physical and logical access control policies should be established.

  • Control access to critical applications and restricted areas.
  • Manage logical access, manage credentials, permissions, attributes, and authentication measures.
  • Manage users and split roles.
  • Securely enforce passwords.

Security Awareness

Awareness and education of users, training them and through the production of security policies, the use of their systems in a secure manner, and practices that include maintaining awareness of cyber risks.

Professional Cyber Security. Web Dev and Social Media Specialist. Music lover. Friendly organizer. Entrepreneur.

Write A Comment

Optimized by Seraphinite Accelerator
Turns on site high speed to be attractive for people and search engines.