It’s sixteen years since the US Department of Homeland Security and the National Cyber Security Alliance joined forces to initiate Cyber Security Awareness Month.
The initiative, which is now marked around the world including in the EU and the UK, is more important than ever in 2020. The overnight shift to distributed working brought about by the Covid-19 pandemic added significant risk to a situation already challenged with the growing number cyberattacks, malware, disinformation and data breaches.
Cybercriminals are always ready to exploit a crisis, and the Covid-19 pandemic is a global crisis. Since January, cyberattacks, including ransomware take-overs of hospital systems, private network hacking and phishing scams have intensified. During October Sytorus plans to participate in Cyber Security Awareness Month to help raise awareness about the importance of cybersecurity for organizations and individuals.
Why is Cyber Security Important?
Cybersecurity can seem overwhelming to many. When you hear statistics that thousands of new types of malicious software are reported each year, it is not hard to imagine the impact a virus or a computer compromise can have on our networks and the information contained within those systems. Poor standards of Cyber Security can leave you open to various forms of cyberattack. Some examples of how your IT system could be affected by a cybersecurity incident include the following:
- Your websites could be compromised and/or unavailable to users
- Office computers could be shut down by malicious software
- Someone could break into your computer system to steal intellectual property or employees' and customers' personal information
- A disgruntled employee could manipulate or destroy important organisational data
- A malicious user or cyber criminal could use your systems to access financial information to steal money from you or your customers
Who could target you?
- Cybercriminals - who are interested in making money through fraud or from the sale of valuable information;
- Industrial competitors and foreign intelligence services - who are interested in gaining an economic advantage for their companies or countries;
- Amateur Hackers - who find interfering with computer systems an enjoyable challenge;
- Hacktivists - who wish to attack companies for political or ideological motives; for example, Anonymous.
- Employees - or those who have legitimate access, either by accident or deliberate misuse.
Attacker's Capabilities
The capabilities attackers can deploy, fall into two main categories:
- Commodity refers to tools and techniques that are openly available on the internet, which are bought off the shelf, and are relatively easy to use. They are specifically designed to scan for publicly-known vulnerabilities in operating systems and applications.
Openly available commodity capabilities are effective when basic cyber security principles are not properly followed. Attackers use techniques that take advantage of the openness of the internet such as: Phishing, which is the sending of emails to large numbers of people asking for sensitive information or encouraging them to visit a fake website. Other techniques include water holing, ransomware and scanning.
Take the PrivacyEngine Phishing Quiz
- Bespoke: capabilities are developed and used for specific purposes, which require more specialist knowledge. This could include malicious code that takes advantage of software vulnerabilities or bugs that are not yet known. These are often called zero-day exploits, as the vulnerability is not yet known to the vendor.
Bespoke capabilities are most likely used in targeted attacks, which is when you or your organisation is singled out because the attacker has a specific interest in you or your business, or has been paid to target you or the business you work in. A targeted attack is often more damaging, because it has been specifically tailored to attack your systems, processes or personnel, in the office and sometimes at home.
Targeted attacks may include: Spear-phishing, which is the sending of emails to individuals that contain an attachment with malicious software, or a link that downloads malicious software. Other techniques include a whaling attack, deploying a botnet and subverting the supply chain.
In general, attackers will, in the first instance, use commodity tools and techniques to probe your systems for an exploitable vulnerability. Bespoke capabilities are likely to follow this initial probe if this is a targeted attack.
Got any questions regarding Cyber Security and how it relates to Data Protection and Data Privacy, or how we can help reduce risks of damage from cyberattacks? Click on the button below to arrange a call from one of our experts.
Schedule a Demo with PrivacyEngine
