How much do you know about cybersecurity threats?

Overview of Cybersecurity and its Threats

• Cybersecurity is the protection of computer systems and networks from malicious attacks that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data.

• The field has become significant due to the expanded reliance on computer systems, the internet, and wireless network standards such as Bluetooth and Wi-Fi, and the growth of smart devices, including smartphones, televisions, and the Internet of Things (IoT).

• Cybersecurity is one of the most significant challenges of the contemporary world due to both the complexity of information systems and the societies they support.

• Security is of especially high importance for systems that govern large-scale systems with far-reaching physical effects, such as power distribution, elections, and finance.

• The history of cybersecurity dates back to the 1970s and 1980s, where computer security was mainly limited to academia until the conception of the internet.

• Vulnerabilities can be researched, reverse-engineered, hunted, or exploited using automated tools or customized scripts.

• To secure a computer system, it is important to understand the attacks that can be made against it, which can typically be classified into backdoor, denial-of-service attack, direct-access attacks, eavesdropping, multi-vector, polymorphic attacks, phishing, privilege escalation, reverse engineering, side-channel attacks, social engineering, spoofing, tampering, and malware.

• Employee behavior can have a big impact on information security in organizations, and information security culture needs to be improved continuously.

• Financial systems, websites, and apps that accept or store credit card numbers, brokerage accounts, and bank account information are prominent hacking targets for cybercriminals interested in manipulating markets and making illicit gains.

• In-store payment systems and ATMs have also been tampered with in order to gather customer account data and PINs.

• The most common web technologies for improving security between browsers and websites are named SSL (Secure Sockets Layer) and its successor TLS (Transport Layer Security), identity management and authentication services, and domain name services.

• The National Security Agency (NSA) is responsible for the protection of US information systems and also for collecting foreign intelligence. The agency analyzes commonly used software to find security flaws, which it reserves for offensive purposes against competitors of the United States.Overview of Cybersecurity Threats and Countermeasures

• Visa and MasterCard developed the secure EMV chip for credit cards, and banks provide hand-held card readers for online transactions.

• Utilities, industrial equipment, and aviation systems are vulnerable to cyber attacks, even if not connected to the internet.

• Biometric passports and facial recognition technology are used to verify identity and improve border control.

• The use of electronic tickets in the airline industry and long-distance bus companies is increasing, but security breaches could have severe consequences.

• Consumer devices such as desktop computers, laptops, smartphones, and home automation devices are potential targets for hackers.

• Health-care providers and health insurance companies use the internet to provide enhanced services, but the risk of cyber attacks is real.

• Large corporations are common targets, with data breaches causing serious financial damage, and attacks may not always be financially motivated.

• Vehicles are increasingly computerized, and self-driving cars pose additional security risks.

• Shipping companies use RFID technology for tracking, but the risk of cyber attacks is a concern.

• Government and military computer systems are frequently targeted, as well as infrastructure such as traffic lights and financial systems.

• The internet of things (IoT) creates opportunities for misuse and physical threats, such as cyber-kinetic attacks.

• Medical devices and hospital organizations are vulnerable to cyber attacks, and the US FDA has released recommendations for maintaining security in internet-connected medical devices.

• Countermeasures include security by design, security architecture, and various policies and system components such as firewalls, big data platforms, and threat prevention, detection, and response processes.Computer Security: Vulnerabilities, Prevention, and Response

• Companies are losing more through electronic theft of data than physical stealing of assets.

• Excessive reliance on firewalls and automated detection systems is a primary obstacle to effective eradication of cybercrime.

• The CIA triad (confidentiality, integrity, and availability) must be protected as the foundation of information security.

• Vulnerability management is integral to computer and network security, and involves identifying, remediating, or mitigating vulnerabilities.

• Formal verification of computer systems is possible but not common, and vulnerability scanning and penetration testing are often used.

• Two-factor authentication is a method for mitigating unauthorized access to a system or sensitive information.

• End-users are the weakest link in the security chain, and security awareness training is essential in reducing cyber risk.

• Digital hygiene or cyber hygiene is a fundamental principle relating to information security, and involves establishing simple routine measures to minimize the risks from cyber threats.

• Incident response is an organized approach to addressing and managing the aftermath of a computer security incident or compromise.

• Notable examples of computer security breaches include the first computer worm, the Stuxnet attack, and the Ashley Madison breach.

• International legal issues of cyber attacks are complicated, and proving attribution for cybercrimes and cyberattacks is a major problem for law enforcement agencies.

• The government's regulatory role in cyberspace is complicated and involves protecting its own national infrastructure as well as making regulations to force companies and organizations to protect their systems.Global Cybersecurity: Government Regulations and Private Sector Responses

• There is a need for improved regulation in cybersecurity due to the failure of the private sector to efficiently solve the problem.

• The private sector believes that government intervention would affect their ability to innovate efficiently.

• The UN Security Council held its second ever informal meeting on cybersecurity in May 2020 to focus on cyber challenges to international peace.

• The European Parliament and Council of the European Union adopted The General Data Protection Regulation (GDPR) in 2016 to provide data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA).

• Most countries have their own computer emergency response team to protect network security.

• Canada has had a cybersecurity strategy since 2010, which has three main pillars: securing government systems, securing vital private cyber systems, and helping Canadians to be secure online.

• China's Central Leading Group for Internet Security and Informatization was established in 2014 to oversee policy-making in the economic, political, cultural, social, and military fields as they relate to network security and IT strategy.

• Germany established the National Center for Cyber Defense in 2011 to detect and prevent attacks against the national infrastructure.

• India has incorporated provisions for cybersecurity into rules framed under the Information Technology Act 2000 and has a National Cyber Security Policy 2013 to protect public and private infrastructure from cyberattacks.

• South Korea committed to the training of 5,000 new cybersecurity experts by 2017 following cyberattacks in 2013.

• The United States has legislation such as the Computer Fraud and Abuse Act, and agencies such as the National Cyber Security Division, US-CERT operations, and the National Cybersecurity and Communications Integration Center to protect computer networks and infrastructure.

• Cybersecurity is a fast-growing field of IT concerned with reducing organizations' risk of hack or data breaches, and there is a shortage of cybersecurity skills in many organizations. Typical cybersecurity job titles include Security Analyst, Security Engineer, Chief Information Security Officer (CISO), and Data Protection Officer (DPO).