Individuals and businesses of all sizes are increasingly performing both daily and specialised tasks on digital platforms. Although the advantages are improved productivity and revenue, and more effective synchronous collaboration and connectedness, the digital world holds significant risks and threats to businesses, and private, sensitive data. These threats and cyberattacks often result in the loss of critical data, consumer trust, business continuity and incurring financial losses.
Types of cybersecurity threats
A computer virus is a program written to modify the way a computer operates without the permission or knowledge of the user. Known to self-replicate and self-execute, these viruses and worms damage computers in the process. It can spread from computer to another computer or network to network while launching malicious attacks. It can corrupt or damage an organisation’s sensitive data, destroy files, and format hard drives.
Spyware, classified as a type of malware, unwittingly infiltrates computing devices, and steals Internet usage data and sensitive information. Spyware is a serious computer security threat and consists of any program that monitors online activities to profit from or capture personal information.
Hackers and Predators
Viewed as perpetrating forms of cyber-terrorism, hackers and predators are programmers who victimise users for gain by breaking into computer systems to steal, change, or destroy information. Online predators aim to compromise credit card information, lock people out of their own data, and steal identities.
Phishing, a type of social engineering attack is a very successful method used by cybercriminals to launch data breaches. Phishers scam users for sensitive and confidential financial or personal information through fraudulent email or instant messages.
Trojan horse or trojan
Named after the ancient Greek myth of the wooden Trojan Horse that led to the fall of the city of Troy, a trojan horse, or trojan is any deceptive malware disguised as legitimate software intending to gain access to organisations’ systems. Designed to delete, modify, damage or block systems and data, it can be harmful to networks.
Denial-of-service (DoS) and Distributed Denial-of-Service (DdoS) attacks
A Denial-of-Service (DoS) attack is a type of cyberattack where malicious actors incapacitate a computer or network by interrupting its normal functioning. Attacks typically consist of overwhelming one targeted machine with requests until normal traffic cannot be processed resulting in a denial-of-service making it inaccessible to users. Distributed Denial-of Service (DDoS) works on the same principle but the incoming traffic flooding the victim originates from many different sources, making it impossible to stop the attack by blocking a single source.
Related to Denial-of-service (DoS) attacks, ransomware or ransom malware prevents users from accessing their system or personal files and an attacker demands a ransom payment, either by credit cards or cryptocurrency to regain access. Examples include WannaCry which exploits a vulnerability in Windows. It spread across 150 countries and affected 230 000 computers in 2017.
Elements of cybersecurity
Keeping track of the known and emerging security threats is a daunting task exacerbated by the scarcity and cost of trained cybersecurity specialists. The elements of cybersecurity are very important for every organisation to protect business information as one of its most important commodities. Essential components include application security, information security, network security, disaster recovery planning, operational security, and end user education. Each of these elements require some form of planned protection.
Benefits of cybersecurity
Selecting best practice approaches to build greater resilience in the changing cyber landscape is extremely important. Some of the benefits of increased cybersecurity measures include:
- Protection of networks and data from unauthorised and malicious access
- Enhanced information security
- Business continuity and risk management
- Stakeholder confidence in enhanced security measures
- Quicker recovery times in the event of a cyberattack
Some of the security challenges include the large number of devices used that are either difficult or sometimes impossible to protect. As a result, millions of connected devices have little or no defence against hackers. Thus, ensuring a higher level of protection for IoT devices and systems is essential.
Cloud platforms store large amounts of sensitive and valuable data and there are many security issues that cannot be ignored. According to Symantec, cloud services such as Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS) will be a challenge for many organisations. Businesses are not totally prepared for the complexities involved in securing cloud data, and hence breaches caused by error, compromise, and design are to be expected.
While Artificial Intelligence (AI) and Machine Learning (ML) software are used by cybersecurity professionals to prevent cyberattacks, chances are that knowledgeable hackers will also use these tools to launch more sophisticated attacks. AI-powered password guessing, cryptographic attacks, sending massive amounts of phishing messages via chatbots are all part of how AI and ML may be used for performing different types of attacks.
With serious threats lurking in the darkness of the Internet, the best we can do is to remain vigilant and be prepared since all systems are penetrable and vulnerable to some form of cyberattack at any time.