What is Cyber Security?by Iwan Price-Evans on Security • March 23, 2022
Cyber security is a term that describes the actions individuals and organizations take to prevent a cyber attack on their devices or systems.
What is a cyber attack?
A cyber attack is a digital attack on a device, IT system, network, database, or software program with the intention of gaining unauthorized access, theft, extortion, or destruction.
Why is cyber security important?
Smartphones, computers, IT systems, and smart devices such as smart TVs are all vulnerable to cyber attacks because of their connections to the internet. Mobile devices are constantly connected to different WIFI networks and physical networks which makes them vulnerable to being accessed by malicious individuals or organizations. IT systems in fixed locations are also vulnerable to the same threats if they are connected to the internet. It's important to protect these devices and systems from criminals who want to access, steal, or destroy digital systems or data.
Where do cyber attacks come from?
Cyber attacks can be grouped into indiscriminate attacks and targeted attacks.
Indiscriminate cyber attacks
Attackers may identify a vulnerability in a system or software and target all of the devices that have this vulnerability at the same time. In this scenario, the attacker doesn't care who the victim is. These vulnerabilities can be flaws in software code, authentication processes, or unprotected access to file systems, databases, or networks.
Targeted cyber attacks
A targeted cyber attack affects an individual or organization that has been specifically identified by the attacker. They may be working for someone else or have a reason to target them. These are often well-planned attacks that have taken time to set up, the criminals will have carefully identified the best method of attack. The attack may be made by targeting a combination of people, systems, or business processes.
Who are the targets of cyber attacks?
Cyber attacks target individuals and organizations.
Cyber attacks on individuals
The phrase 'Phishing' describes a common method of tricking people into handing over their personal information. Phishing attacks may come in the form of an email that appears to come from a known organization like a bank. It may contain phrases that urge the recipient to take immediate action, for example, to 'secure your account' by logging in from a link in the email. Once clicked, the person is taken to a fake website where they may enter their login credentials to their bank account. The criminals use these details to empty the bank account and the owner will have no way to recover the money. Most banks will not return stolen money if the account owner chose to hand over their login information, even if they were tricked into it.
Social engineering is another common method of accessing personal information with the purpose of the criminal pretending to be someone else. An example of this is where an employee might receive a text message from someone who appears to be a senior manager in their company. The text will ask them to take some kind of financial action stating that it's extremely urgent. This may be something like purchasing a large number of commonly used vouchers such as from Amazon. The person will then be asked to send the voucher codes and of course, once they have they have lost their money. In this scenario, the criminals will have identified the employee, the senior manager and gained their personal details from their social media profiles such as LinkedIn or Facebook. This means they can pretend to be the senior manager and text the employee using a personal mobile number.
Cyber attacks on organizations
Phishing and social engineering are targeted at individuals but cyber attacks can also be targeted at organizations by compromising their systems.
A common system cyber attack is ransomware. Ransomware is malicious software that is installed or introduced into a computer system. The purpose of ransomware is to access files and steal or lock them so that the organization can't access them. The criminals will then attempt to extort money from the organization before releasing their files. Often paying the ransom doesn't mean that the criminals return the stolen data or return access to the files.
Another cyber attack that is aimed at organizations is Distributed Denial of Service (DDos). A DDoS attack is where criminals send huge amounts of web traffic to a website or application to overload it and stop it from functioning. This type of attack is designed to cause service disruption to an organization which can impact revenue or vital services such as healthcare systems. A DDoS attack can be instigated by harmful individuals or can be part of highly organized cyber attack campaigns by malicious states or governments.
What are the types of Cyber Security?
So how do you protect against a cyber attack? The methods of protecting against cyber attacks can be grouped into three categories; people; processes; and technology.
People are often considered the 'weak point' of cyber security because of the mistakes they can make. However, people are the strongest protection against these attacks if they are trained in what to do and what to look out for. Teaching people to be able to identify phishing or social engineering attacks is vital and can be very effective. Equally, if people are made aware of how to minimize the exposure of their personal information this can reduce the potential of a social engineering attack.
Individuals and organizations should have processes ready for dealing with cyber attacks. For example, if an individual is duped into providing their credit card information via a phishing attack, then immediately contacting their bank and canceling their card should be their procedure. Organizations must have procedures in place to manage attempted and successful cyber attacks.
Security software and systems are essential to both individuals and organizations. Individuals should have anti-virus and anti-malware software on their devices. Organizations must ensure that all of their user's devices also have these installed and configured correctly. Organizations can also use unified threat management systems that protect all of their system access, computers, mobile devices, networks, and cloud services. For example, a web application firewall (WAF) can secure application traffic, and a threat intelligence platform (TIP) can provide pre-emptive cyber security.
Where can I find cyber security information?
There are many sources of useful information on how to implement cyber security measures for individuals and organizations such as:
UK National Cyber Security Centre (NCSC)
US National Institute of Standards and Technology