Introduction to security, what is cybersecurity, types of cyber-attacks, what is firewall, best cybersecurity practices
Introduction to Security
Basic Terminologies
Threat:
An event or an action that can damage the system or violate security.
Exploit:
It is a piece of code that provides a way to breach the security of a machine through a loophole or a vulnerability on hardware or software.
Vulnerability:
It is generally defined as the existence of a loophole or a weakness in the design or the implementation. That could lead to an undesirable, unexpected event that would compromise the machine.
Attacker:
Any individual who understands the security of the machine is against the law or unlawful. Then they steal, expose, or causes the destruction of the data.
Attack:
An attacker acts on information that would harm the system or the information stored in it.
Data Breach:
The action of stealing sensitive and confidential information from someone’s machine.
What is Cyber Security?
Cybersecurity involves techniques and processes that help in securing various components, networks, data, and computer systems from unauthorized digital access. There are many ways to execute cybersecurity depending on the kind of connected network and the type of cyber-attack you are prone to.
Why is Cyber awareness important?
Every organization is at risk of cybercrime. When a public or private organization is confronted with a data breach the whole information is at a risk. Cyber awareness is important to prevent data breaches, attacks and to build a culture of security.
Types of Cyber threads:
1. Cybercrime
It is a type of criminal and planned attack by an individual or group with political or profit reasons that disrupt targeting systems.
2. Cyber-attack
Cybercriminals direct cyber-attack. They use one or more computers against single or many computers or networks. These are aimed at gaining authorized access to a device to perform steal data. This may include Denial of Service (DOS) or Distributed Denial of Service (DDOS).
3. Cyberterrorism
It is the use of technology to involve in violent acts that cause panic or fear.
Common Cyber-attacks:
Malware attack:
The user downloaded any suspicious attachments/links online. The system could have got interrupted by malicious viruses embedded within the attachment.
Types: Trojan horse, adware, spyware, ransomware, virus, and worms
For example Cryptolocker, Keyboard Logger spyware, Storm worm.
Phishing attack:
Attacker attempt to gain sensitive information like login credentials, payment card details via email, messages. And fake websites or download attachments containing malware.
Types: Spear Phishing, CEO Fraud, Social Media Phishing, and Mobile Phone Phishing.
For example Tax season messages, Bank account, and credit card concerns.
Man-in-the-middle attack:
The Attacker gains the access to the information path between end devices and the website servers. The Attacker’s computer takes over the IP address. Then alters the communication between the user and the website is in private intercepted. This will happen with unsecured Wi-Fi networks and also through malware.
Types: IP spoofing, DNS spoofing, HTTPS spoofing, SSL hijacking, Email hijacking, Wi-Fi eavesdropping, and stealing browser cookies.
For example fake websites between the user and bank website.
Password attack:
One of the easiest ways to hack a system. Cracking passwords using common passwords or typing alphabets of all combinations.
Types: Brute force attacks, Dictionary attacks, Credential stuffing attacks, Password spraying attacks, and keylogger attacks.
What is Firewall?
A Firewall is a virtual wall between users and internet firewalls filter incoming and outgoing traffic from a device. And allow or block data based on security rules. The main purpose is to provide a barrier to block malicious traffic. When hackers start attacking the system the firewall will defense the real system.
Packet-Filtering Firewalls:
It examines data packets and restricts them from passing through the router according to the set of rules. It inspects information such as source and destination IP and port number without opening up the packet.
Proxy Firewalls:
It acts as a gateway between two end systems.
Next-generation firewalls:
A network security device that is beyond the traditional firewall provides deep packet inspection and surface-level packet inspection.
What are the best cybersecurity practices?
To tackle cyber-attack follow these steps:
1. Use unique and strong alphanumeric passwords
2. Activate your firewall
3. Data encryption
4. Keep your software up-to-date
5. Use anti-virus software
6. Keep backup of your data
7. Start avoiding mails from an untrusted source
8. Do not click unauthenticated links
9. Cyber insurance
10. Don’t use an insecure public wi-fi network while transfer sensitive data or online banking. A public Wi-Fi network may not be trustworthy that share your information with other companies.
Cyber-attacks are not confined to individual users but also public and private organizations.
Cyber-attacks that companies are subjected to:
Various public sector organizations enlarge corporations that face the Advanced Persistent Threat (APT). In this form of attack, hackers gain access to the network for a prolonged period to continuously gain confidential information.
Companies also witness a Denial of Service attack. Flooded traffic in the network in turn leaves legitimate service requests on a system. A variant of this is a DDOS attack when many systems are used to launch the attack.
When a hacker manipulates a standard SQL query on a database-driven website. It is known as an SQL injection attack by doing so hackers can view, edit and delete tables from databases.
It is indeed a challenge for organizations with several networks and services to ensure complete security. To help with this cybersecurity professionals are hired to work on identifying cyber threats. It also secures the company’s networks.
Many job roles in the field of cybersecurity
If hacking disturbs you then the role of an ethical hacker is to be explored. Such professionals try to explore networks vulnerabilities and resolve them for protection against an actual cyber-attack. But you want to design a security structure then the role of security architect comes into the picture. A Chief Information Security Officer (CISO) plays a crucial role relating to the security and safety of information in an organization.
Latest cyber-attack news
A Healthcare data breach happened in Mississippi’s Coastal Family Health Center (MCFHC). The data of the patient’s personal information was leaked. They confirmed that no evidence of data has been misused.
COMMENTS