Cyber Security – What are the Risks

All You Need to Know About Cyber Risks

Over the course of the last year, there have been more than 3 million known security breaches affecting businesses of all sizes – a statistic which further highlights the necessity for a cyber security strategy in every company.

In order to fully grasp the threats your organisation is faced with and to protect against cyber-attacks as efficiently as possible, it’s essential to understand the different areas of cyber risks, the various means of attack cyber criminals use and the attack vectors through which they can target a network.

There are three main areas into which cyber risks can be divided:

• Cyber crime is defined as the extraction of money and data, as well as purposeful disruption conducted by an individual or a group of people working on their own, independent of state affairs. It can take many forms such as intellectual property or debit/credit card data theft, or damaging the operations of a particular service or website.
• Cyber war is a form of cyber risk launched on one nation by another, with the aim to extract data and/or cause disruption – this type of attack often utilises Advanced Persistent Threats (APTs).
• Cyber terror describes the terrorist activities managed through cyberspace, conducted by an organisation not associated with a nation state.

It is highly improbable that the majority of companies would ever have to deal with cyber war or cyber terror – organisations who typically have to consider including protective measures against these types of risk within their cyber security strategy are governments, extremely high-profile institutions and those critical to the national infrastructure.

Usually cyber criminals operate remotely, through means of various types of cyber-attacks which are broadly categorised under the blanket term malicious software (more commonly known as malware).

The most common types of malware include:

• Viruses are small software programs which attach themselves to another file as a means to replicate themselves and spread from one computer to another. The primary aim is accessing, stealing, changing and/or damaging data on the targeted system.
• Trojans, as the name suggests, are programs which appear to have a certain function, but in reality act as something entirely different – in most cases a ‘backdoor’ through which cyber-criminals can access a computer or a network and steal or damage information.
• Spyware (Adware) is usually installed on your computer following the download of infected software, opening attachments or clicking through corrupt links. Spyware’s main aim is to access your personal information without your knowledge and/or take over control of your computer.
• Worms look for vulnerabilities in your operating system and allow their author to exploit them for damaging your networks and remotely control the affected device. This particular type of malware does not require a file to attach to and is notoriously self-replicating.

Cyber-attacks are launched through a number of attack vectors which allow cyber criminals to harvest data and take control over devices by infecting them with malware.

These include:

• Social engineering is used to describe the exploitation of an individual’s weaknesses though deception, either in the form of malicious clickbait links, or physically gaining access to their computer.
• Phishing is a form of social engineering, which more specifically involves attempting to acquire personal information from a user by posing as a legitimate entity (e.g. spoof websites or emails).
• Pharming, also a type of social engineering, compromises individuals’ information by redirecting the traffic from an existing website to a fake counterpart.
• MITM, or ‘man in the middle’, is a form of attack where a certain person poses as each of the endpoints thus scamming both victims.
• Drive-by is used to describe an opportunistic attack targeting a network based on a specific system weakness.