There was a time, not so long ago that securing our valuables meant vaulting our door or storing it in a safety deposit box in the bank so that unscrupulous individuals won't have access to it.
However, with the rise and the integration of the internet in our daily lives came a new valuable commodity that thieves are now after- information. This information come in many forms- private information about us, bank and credit card information, important passwords for emails, social media accounts to name a few.
When shady individuals have access to this information, they can literally wreak havoc in our lives by withdrawing all your hard earned money from the bank, or maybe steal your identity to commit fraud, or use this information to blackmail organizations and business, the list is endless.
Since physical locks are useless in defending people in this kind of threat, a new type of protection was founded to combat these type of threats -cybersecurity.
Cybersecurity Defined
Cybersecurity is defined by Cisco as the practice of protecting systems, networks, and programs from digital attacks. These digital assaults are done so that the hacker can access, alter or even destroy information that is sensitive. These attackers can use this information to extort money from the user or to wreak havoc on the normal operation of a business.
Types of Cyber Attacks
There are many types of cyber threats that are out there, but all of them fall into three main categories:
- Attacks on Privacy
This type of cyber threat can include stealing personal information like your bank account or credit card information. These people can use this information for themselves or they can auction it off to the dark web ( yes, it really exists) for other unscrupulous people to use.
One of the examples of attacks in privacy is social engineering. This is psychological manipulation to trick people into giving private and sensitive information like credit card numbers or login information. Phishing or sending of fake emails that looks like emails from trustworthy sources.
- Attacks on Truthfulness
The aim of this kind of attack is business or personal sabotage. This is often called "leaks". The hacker will typically gain entrance to a business system, take confidential information and then release it to the public so that the people lose trust in that particular business or organization.
An example of this kind of threat is APT's or Advanced Persistent Threats. This is where a cybercriminal penetrates a network unnoticed and stays invisible in the system for a long time, stealing data, but not harming the network. This type of attack happens usually in industries with high value and confidential information like the military, national defense, and banking and finance. Very simply put, it's like high tech spying.
- Attacks on Accessibility
This kind of cyber-attack is similar to kidnapping but instead of people, they hold your important information until you pay a ransom. Companies that rely on this information to function will usually yield and pay, then fix the system weakness after.
Ransomware is a software that's designed to extract money from the user by preventing entry to files or computer system until the ransom has been paid.
The Right Approach to Cybersecurity
So that data, networks, computers, and programs are protected, cybersecurity should be implemented in multiple levels which include procedures, people and technology complement one another so that it can produce effective protection against cyber-attacks.
- Procedures
Businesses must have a ready set of procedure on dealing with cyber-attacks -both tried and successful ones. A well-defined procedure should help the business identify what kind of attack (attempted or successful), how to defend the system, how to detect and respond to cyber threats, and how to recover from attacks that are successful.
- People
Employees should be able to comprehend and follow basic principles for data security. This includes choosing passwords that can't be guessed easily, not opening suspicious looking attachments in emails and regularly backing up data.
- Technology
There are three main objects that must be protected from cyber attacks are user devices( like computers, routers, smart devices), networks, and the cloud where SaaS software like new home construction scheduling software are found.
There are many technologies that are used to protect these, and these can include DNS filtering Firewalls ( hardware or software ), malware protection, solutions for email security, and anti-virus software programs to name a few.
Protecting Yourself
Cyber-attacks can happen to anybody whether it be a business or organization or to common people like you and me. The good news is that you can protect yourself from cyber threats by following simple, common sense safety practices like the ones below.
- Be wary of opening email attachments or even click links that come from unknown sources. One of the most common ways that people are misled is through emails that are sent disguised as someone or organization that you trust.
- Try your best to keep your devices updated. It can be a pain to receive a pop up saying that you need to update, but the key thing to remember is that software updates have important ‘patches' that can fix security loopholes in your device's software.
- When you are on the internet, be vigilant on where you are giving out your personal information like your credit card number. A good rule to follow is to check the URL to see if there is an S at the end of the HTTP: or an icon of a padlock. The S stands for secure. If there is no S (httpS://) or an icon padlock, then it's probably not a good idea to be giving out sensitive information.
Cyber threats and cyber security sound like a plot straight out of a high tech spy novel, but these threats are real. And, while you may never experience a cyber-attack in your lifetime, it helps to be always vigilant and protect yourself. After all, an ounce of prevention is worth a pound of cure.
