What is Cyber Security?
Cyber security - which can be defined as the protection of systems, networks and data in cyber space - is a critical issue for all businesses.
Rapid technological developments have provided vast areas of new opportunity and potential sources of efficiency for organisations of all sizes. These new technologies we all rely upon, however, have also brought with them unprecedented threats.
This page will introduce you to some of these threats, including Cyber Crime, Cyber War, and Cyber Terror; and explain the precautions you should take against them.
On this page:
Introduction to the Cyber risks
Cyber risks can be divided into 3 distinct areas. For additional information on all of them, our book 'Cyber War, Cyber Terror, Cyber Crime' offers a no-nonsense discussion:
Cyber crime - Individuals working alone, or in organised groups, intent on extracting money, data or causing disruption. This can take many forms including the acquisition of credit/debit card data, intellectual property and impairing the operations of a web site or service.
Cyber war - A nation state conducting sabotage and espionage against another nation to cause disruption or to extract data. This could involve the use of Advanced Persistent Threats (APTs).
Cyber terror - An organisation, working independently of a nation state, conducting terrorist activities through the medium of cyber space.
Cyber security for organisations
Cyber security should be proportional to the risks faced by each organisation, and cyber security measures should be based upon the outcomes of a risk assessment.
It is unlikely that most organisations would face the threat of cyber war and cyber terror. Organisations that would have to consider measures against cyber war or cyber terror should include governments, those within the critical national infrastructure and very high-profile institutions. cyber crime is a far greater risk to all organisations, of all sizes, in all sectors. ISO27001 is the international cyber security standard that should be employed by all organisations.
Read about ISO27001 here »
All organisations face one of two types of attack:
Either they will be deliberately attacked, because they have a high profile and appear to have valuable data (or there is some other publicity benefit in a successful attack), or
It will be opportunistic, because an automated scan detects the existence of exploitable vulnerabilities – and virtually every Internet-facing entity, unless it has been specifically tested and secured, will have exploitable vulnerabilities.
Cyber criminals are indiscriminate. Where there is a weakness, they will try to exploit it. Therefore, all organisations need to understand the cyber threats they face, and safeguard against them.
Introduction to cyber criminals
The cost of committing cyber crime is surprisingly low. A report from Fortinet, published in 2012, claimed that an effective Botnet (a network of private computers infected with malicious software and controlled without the oweners' knowledge) can be established for as little as 350 USD, or can be rented for just $535 per week.
The world of cyber crime never stops innovating. Every month, Microsoft publishes the vulnerabilities of its systems - an ever-growing list of known threats, bugs and viruses. For a more complete overview of cyber security threats, mailing lists such as Bugtraq can provide up-to-date resources listing all new 'bugs'.
Cyber criminals can now even buy ‘off-the-shelf’ hacking software, complete with support services. cyber crime is increasingly simple to commit, making it more difficult to police.
Specific Cyber attack vectors
Cyber criminals operate remotely, in what is called ‘automation at a distance’. There are many types of attack available to cyber criminals, which broadly fall under the umbrella term of malware (malicious software). These include:
Aim – Gain access to, steal, modify and /or corrupt information and files from a targeted computer system.
How – A small piece of software program that can replicate itself and spread from one computer to another by attaching itself to another computer file.
Aim – By exploiting weaknesses in operating systems, worms seek to damage networks and often deliver payloads, which allow remote control of the infected computer.
How – Worms are self-replicating and do not require a program to attach themselves to. Worms continually look for vulnerabilities and report back to the worm author when weaknesses are discovered.
Spyware / Adware
Aim – To take control of control of your computer and / or to collect personal information without your knowledge.
How – By opening attachment, clicking links or downloading infected software, spyware/adware is installed on your computer.
Aim – To create a ‘back-door’ on your computer where information can be stolen and damage caused.
How – A software program appears to perform one function (for example, virus removal) but actually acts as something else.
There are a number of attack vectors that are available to cyber criminals:
Phishing: An attempt to deceive users into acquiring their information by masquerading as a legitimate entity; such as spoof emails or websites
Pharming: An attack to re-direct a website’s traffic to different, fake website, where the individual's information is then compromised
Drive-by: Opportunistic attacks against specific weaknesses within a system
MITM: ‘Man in the middle attack’ where a middleman impersonates each endpoint and is thus able to manipulate both victims.
Social engineering: Exploiting the weakness of the individual, by making them click malicious links, or by physically gaining access to a computer through deception. Pharming and phishing are examples of social engineering.
Cyber security Solutions
Cyber space is unregulated and cyber criminals have a range of ways in which to attack organisations. It is essential therefore that you have robust cyber security that protects your critical assets, customer details and your operating systems.
Effective cyber security can also help you win new business by providing assurances to your supply chain partners, stakeholders and customers of your commitment to cyber security.
ISO27001 is the international cyber security Standard against which organisations can have their information security management system (ISMS) independently certified, proving it to be of an acceptable, independently audited and verified standard.
IT Governance are specialists in helping organisations with cyber security, cyber governance and cyber compliance:
We also offer the most extensive range of books and tools on the Web to help organisations with cyber security: