Cyber security is becoming more and more important because it protects all of the vast wealth of information that has been stored in computers, computer networks, smartphones, tablets, and the cloud. The information we store is as basic and as sensitive as our personal health information, intellectual property, private preferences, data, and businesses and government data that may be vital to the economy and the infrastructure of our world.
We are all interconnected in one way or another. Even the cloud is vulnerable to being attacked, allowing a cyber threat to be delivered to an individual, a small business, or one of the largest corporations in the country. We can no longer rely solely on firewalls or antivirus software to protect our electronic systems or data.
Definition of Cyber Security
The easiest definition to give for cyber security is this: The protection of electronic devices (computers, smartphones, servers, networks, electronic systems and stored data) from attacks that would steal it, corrupt it, delete it, or hold it for ransom. Cyber security covers application security, network security, operational and informational security, end-user education, disaster recovery, and business continuity.
Cyber security can sometimes be as simple as teaching employee why they shouldn’t click on links that may come from someone they don’t know. It may also involve creating and then implementing a disaster recovery plan so that a company, corporation, government agency, or school district can return to business as usual, with much stronger protections set in place, after a security breach or disaster of some other kind. Even your personal smartphone needs protection.
Why is Cyber Security So Important?
We need good, strong cyber security because so many threats exist. Large corporations like Target have been attacked. Government agencies have realized hackers attacked their networks after the fact. Small businesses have crumbled under the weight of the consequences of a cyber-attack. Medical groups have had to harden their defenses so the private medical information of patients wouldn’t be stolen.
Even though Target was able to handle and minimize the damage it suffered, customers had to worry about identity thieves getting their financial information. This means that there may be several levels to every cyber-attack; once a company’s computer networks have been secured and the malware has been quarantined, now individuals have to worry about their own information and whether their identities and accounts are still fully secure.
The costs of cyber-crime were estimated at $2 trillion for 2019 but financial losses aren’t the only issues. Loss of reputation and the future loss of market shares will hurt the company far into the future. Everyone, individuals and businesses, should operate from the belief that their businesses and information are under attack all the time.
What Needs to Be Secured?
Everything. Attacks are designed to steal or destroy data. The criminals behind ransomware attacks extort money from victims for the release of data - and they don’t always return it.
Individuals have to protect every single bit and byte of data they have stored on their computers and smartphones. If you use your credit or debit card at the store, put the debit card away. If a cyber thief steals your information from the store’s servers, your credit card company can protect you. But be ready to monitor your credit reports.
Companies need to adopt the practice of dividing a three-part infrastructure:
- Computer security
- IT security
- Cyber security
IT security protects the data stored in it, as well as physical data. Cyber security protects the digital information that is collected and stored on devices, computers, and networks. Computer security is also known as network security. This is a smaller part of cyber security, which relies on software and hardware to protect data that gets sent from the computers and devices through to the network.
A business needs all three types of security to help protect data from different types of attacks. These attacks are designed to delete or change data, access data, extort money, or otherwise keep the business from carrying out normal processes.
Cyber security can be further broken down into “types” of security:
- Network security
- Critical infrastructure security
- Application security
- Cloud security
- Information security
- Data loss prevention
- End-user education
Cyber thieves employ various types of threats:
- Advanced persistent threats (APTs)
- Social engineering
- Attacks on availability
- Attacks on confidentiality
- Attacks on integrity
Who Needs Cyber Security?
Anyone who owns a device that connects to the internet via cellphones, computers, tablets, routers, servers, cloud accounts, or social media accounts needs to know about cyber security and how to use it.
Cambridge Analytica used various forms of data engineering in an attempt to manipulate the 2016 general election. After partnering with social media giant Facebook, it began to mine and harvest the private data of almost 87 million Facebook profiles; they did this illegally with the help of someone from the company. Then, Cambridge Analytica (CA) began to work with the Trump campaign, pulling in another firm, the SCL Group. The SCL Group through CA started what it called an influence operation.
Facebook users took a quiz which had been placed on Facebook. This exposed a loophole in the Facebook API, enabling it to collect data from the friends of the Facebook users who took the quiz. The friends of people who took the quiz were never aware that their information had been taken.
This is an example of what a corporation can do to get around privacy laws, but hackers carry out similar campaigns when attacking a company or individual, sending them emails or texts that look legitimate, phone calls that seem urgent and seem to come from a company you recognize, or they may just insert a scanner into a gas pump and steal your credit card information wirelessly. There are more cyber threats out there than most people realize.
What are the Common Types of Threats?
Cyber thieves and hackers employ many types of cyber-attacks. Each type of attack allows them to get data, personal information, or money.
These attacks include:
- Malware This is malicious spyware, viruses, worms, software, and ransomware - Malware gets into a network by finding a soft, vulnerable spot in a computer system. The hacker may send an email with a link that has the malware embedded in it. Once the link has been opened, it quietly installs the software, where it begins to install more harmful malware, blocks access to needed areas of the network (ransomware), or interrupts particular areas of the system and makes it inoperable or steals information by taking data from the hard drive (spyware).
- Phishing This involves sending a fake communication that looks like it comes from a valid source, via email. The victim answers the email, thinking it’s urgent or at least legitimate, and only later finds out that personal or financial information has been stolen.
- Denial of Service attack In this type of attack, a system is flooded with incoming traffic that overwhelms the bandwidth. This crowds out legitimate requests and is known also as a distributed denial of service attack, keeping legitimate users from a service or business until the bad actors get what they want.
- Man in the middle (MitM) attack This is an eavesdropping attack which happens when a hacker puts themselves in the middle of a two-party transaction so they can steal the data or funds sent through the interaction. They use insecure public Wi-Fi, then install software that allows them to pose as an intermediary hub between the user and the site they are using.
- Structured Query Language (SQL) injection In this form of attack, a hacker places malicious code inside a server to force the server to reveal information that it would usually keep secret.
- DNS tunneling This uses the DNS protocol to send non-DNS traffic over a specific port where, when used illegally, DNS requests are manipulated to extract data from a system that has been compromised.
How to Minimize Threats
You can take several precautionary steps to protect yourself and/or your company from cyber theft. You don’t have to be part of a large company to become a target; small companies and individuals have also found themselves to be targeted.
In reality, too many small businesses don’t have any official internet security policy for themselves or their employees. But small companies are just as vulnerable as large ones, especially as cyber-thieves are looking for the easiest targets to attack. In a study conducted by Symantec, more than 40% of attacks are carried out against companies with less than 500 employees.
Prevent attacks by:
- Changing passwords regularly
- Training every employee in cyber security practices
- Limiting the access of employees to information and data
- Install a firewall
- Each employee should have their own user account
- Download and install software updates regularly
- Make your Wi-Fi network hidden and secure
- Create backup copies of vital information and data
- Control all physical access to all network components and computers
Beyond the Programs
Let’s say your business has been hit by a ransomware attack. Your data was inaccessible, forcing you to place your business into unavoidable downtime. Only after a period of time, in which you may have lost vital business and revenue, not to mention the ongoing hit to your reputation and the trust of your clients or customers, you finally have access to your data again. All’s well that ends well? Not so much.
A disaster recovery plan would have helped you. A disaster recovery plan has five components:
- One owner
- Uses several partners throughout the company
- Easy to put into action
- Requires a multi-level approach
- Must be practiced frequently and updated often
Decide which tools and data are the most critical such as sales, code repositories, order information, and customer lists. Keep a current inventory of physical assets. Decide how and where vital business information gets backed up. The backup should run automatically, uses cloud backup, and gives every computer protection. Easy recovery is also a necessity.
You should also have a communication plan. You’ll need to notify employees and possibly work remotely; have contingencies for notifying customers and vendors. You should also educate your employees. They may not know they shouldn’t click on a link from an unknown person. Knowing they almost all have access to the internet and an email address, you should also make sure they have basic knowledge of online security.
As employees enter and leave, your cyber security training will have to be continuous. Assume you’re going to have to educate each employee, no matter what they may or may not know. You can run an exercise with a fake phishing email, or pay an outside company to do so, to see how many employees open the link. Afterward, you can speak privately to each one who fails and let them know what could have happened if that link had been a malicious piece of malware.
No matter how you do it, whether you’re a business or an individual, it’s important you do everything in your power to keep your data, servers, cloud, and personal information safe. Knowing how to do that will never be a bad idea.