You cannot turn on the television, visit a news site or listen to the radio without encountering terms such as “cyber-attack,” “cyber-crime” or “cyber threat.” They have become catch phrases in a world steeped in ever-changing technology. Consequently, cybersecurity has become a fact of technological life.
The need to protect computer devices and networks from destruction and damage is not new. In fact, it has become necessary since the first reported cyber-attack in the late 1980s with a worm created by Robert Morris.
While we contemplated making the changeover from cassette tapes to compact discs, Morris had successfully shut down most of the internet…but we hadn’t noticed. In fact, most of us had no idea what an internet was.
Flash-forward to present day: Now, it is impossible to imagine a life without an internet or any of the connected devices and software we use to conduct virtually every facet of our lives. We rely on technology to conduct our personal lives and our finances. We use it for banking, scheduling and planning, among a laundry list of other uses. And no matter the device, it can all be accessed with the click of a button (or mouse). But our reliance on technology makes us vulnerable.
Ever since the first cyber-attack, cybersecurity has become a concern for individuals, businesses and governments alike. Every industry has a computer system for storing information: personal records, finances, usernames, passwords, health information, academic information, etc. And despite all our best efforts, these systems are still vulnerable to attack. As new technologies and devices are introduced, so too are new ways to attack those devices and technologies.
The damage that can be done can range from minor (say, a cyber-threat that requires you to change your passwords) to life-threatening (a software system that controls embedded medical devices keeping people alive). And physical safety becomes an issue as we connect even more devices to each other and the Internet of Things (IoT, the ever-growing network of devices and “smart” products) continues to expand. All it takes is someone wanting to access your physical space (your home or a hotel room) with the intent to harm, and that access can be achieved via one of the connected devices or by gaining access to critical software. You name it, it can be compromised: cars, smart homes, stores, schools, hospitals, financial institutions, implantable medical devices, plane systems, infrastructure, traffic systems, etc.
Cyber-threats and attacks can take many shapes, but they all have the same objective: to cause harm for gain. The following are just a few examples of common types of cyber-attacks and threats:
- Getting access to users’ credentials (compromised credentials)
- Damaging software (malware)
- Infecting a system and then demanding a ransom (ransomware)
- Hackers gaining access to private or secure information (data breach)
- Using fake yet reputable-looking emails to direct a user to a fake website to steal information (phishing)
- Gaining unauthorized access to a physical computer (direct access attack)
- Accessing information by gaining entry into a system by way of bypassing security (backdoor)
- Intercepting private communications for information, such as passwords, usernames, etc. (eavesdropping)
- Manipulating individuals into divulging confidential information (social engineering)
- Flooding a website to the point that it shuts down (denial of service)
So how do you protect your devices?
Cybersecurity can take the shape of installing patches, encrypting data, paying attention to physical security, creating strong passwords and changing them frequently, training employees, purchasing a cyber insurance policy, having a work place policy about hand-held devices, protecting outbound data, tightening security, applying firewalls and avoiding the re-use of the passwords for multiple accounts.
Like the neighborhood watch signs that dominated suburban yards in both the ’80s and ’90s, you must be ever-vigilant where cyber-crime is concerned. Because instead of someone coming through your front door or window, someone might be coming through your computer.
For more information and for additional tips to help protect you and your information, visit IEEE’s Cybersecurity Vulnerability Navigator.