Golden Recursion Inc. logoGolden Recursion Inc. logo
Advanced Search
Cybersecurity

Cybersecurity

Cybersecurity is the protection of software, hardware, and data from digital attacks for the purpose of accessing, changing, destroying, interrupting, or extorting assets and information.

Overview

Cybersecurity, also known as computer security and information technology security, is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. Cybersecurity is a broad term that can be applied in a variety of contexts. The field can be divided into different categories:

  • Information security—protecting the integrity and privacy of sensitive information, both in storage and transit.
  • Network security—the practice of securing networks from intruders, including both wired and wireless connections.
  • Application security—building protections into software to keep them free of threats. Compromised applications can lead to bad actors gaining access to sensitive data.
  • Operational security—the processes and decisions for handling and protecting digital assets, including the permissions users have and the procedures defining how and where data is stored and shared.
  • Disaster recovery/business continuity planning—the tools and procedures governing how an organization responds to unplanned events such as a cybersecurity incident or another event affecting IT operations.
  • Cloud security—encrypting cloud data at rest, in motion, and during use to protect sensitive information and adhere to compliance standards.
  • End-user education—teaching users cybersecurity best practices and building security awareness.
  • Critical infrastructure security—practices for protecting critical computer systems, networks, and other assets that society relies upon for national security, economic health, and/or public safety.
  • Mobile security—managing the security of mobile devices.
  • Software supply chain security—securing the components, activities, and practices involved in the development and deployment of software, including third-party and proprietary code.

Maintaining effective cybersecurity practices allows individuals and businesses to protect themselves against cyberattacks and data breaches. This includes improved recovery time after a breach and improving a business's reputation in the eyes of developers, partners, customers, stakeholders, and employees.

Cyber threats

With the proliferation of technology and the connectivity between systems around the world, cyber-attacks have skyrocketed. Data from 2022 shows cybercrime has increased by 600% since the covid-19 pandemic, affecting nearly every industry. In 2015 worldwide cybercrime cost companies an estimated $3 trillion. This figure is estimated to reach $10.5 trillion by 2025. Companies that fall victim to cyber-attacks can have major financial losses, reputational damage, legal liability, productivity losses, and business continuity problems.

Research shows the global average cost of a data breach in 2022 to be $4.35 million. The average cost in the US is the highest in the world at $9.44 million. The most significant jump in data breach cost in 2022 affected the healthcare industry with an average of $10.1 million, a 42% increase since 2020. 45% of data breaches in 2022 occurred in the cloud.

Bad actors use many methods to bypass cybersecurity measures. Generally, these threats can be separated into three motives:

  1. Cybercrime for financial gain, committed by a single actor or a group.
  2. Politically motivated cyber attacks to cause disruption or gather information.
  3. Cyberterrorism to undermine electronic systems and generate fear or panic.
Malware

An umbrella term with many different types, malware refers to malicious software. One of the most common cyber threats, malware generally intends to provide an attacker with access to a legitimate user's computer in order to disrupt or damage operations. Types of malware include:

  • Virus—self-replicating programs that spread throughout a computer system infecting files with malicious code.
  • Trojans—malware disguised as legitimate software to trick users into uploading the trojan themselves.
  • Spyware—programs that secretly record user behavior.
  • Adware—advertising software used to spread malware.
  • Botnets—networks of infected systems used by cybercriminals to perform tasks online without the owner's permission.
  • Ransomware—blocking access to the victim's files until a ransom is paid.
Ransomware

Ransomware attacks have grown significantly in recent years, with 68% of US organizations admitting to experiencing a ransomware attack in 2020. Ransomware attacks permanently block access to the victim's data, threatening to delete or publish sensitive information unless a ransom is paid. Simple ransomware attacks can be easily reversed, but more advanced techniques such as crypto-viral extortion, encrypt the victim's files. Ransoms are often paid in cryptocurrencies making it harder to track perpetrators.

Phishing

A common attack vector where cybercriminals target victims using what appears to be legitimate correspondence (typically via email), tricking users to offer up sensitive information. This could be login details or personal/financial information. Phishing is a type of social engineering attack which use deception rather than exploiting a vulnerability in code.

Distributed denial-of-service (DDoS) attacks

DDoS attacks attempt to crash a server, website, or network by coordinating a large number of systems to overload the network. DDoS attacks typically involve using malware to infect a large number of systems to create a botnet capable of spamming a server with requests.

Man-in-the-middle attacks

An eavesdropping attack where cybercriminals intercept communications between two parties in order to steal data. Examples include compromising an unsecured Wi-Fi network to intercept data between the victim and the network.

SQL injection

An SQL (Structured Language Query) injection exploits vulnerabilities in data-driven applications to insert malicious code into a database. This gives them access to any sensitive information within the database.

Insider threats

Someone with access to the system or network abusing their permissions. This could be current or former employees, partners, and contractors. Insider threats can bypass many common cybersecurity tools focused on preventing external threats, such as firewalls and intrusion detection systems.

Advanced persistent threats (APTs)

APTs refer to infiltrated systems where the presence of intruders goes undetected for an extended period. A longer-term cyber attack, the intruder leaves the network intact typically to spy on business activity and steal sensitive data without alerting the security measures. The Solar Winds hack is an example of an APT.

Cryptojacking

Cryptojacking, also referred to as malicious cryptomining, is a type of cybercrime where a victim's computing resources are hijacked to mine cryptocurrency. Cryptojacking perpetrators can mine cryptocurrency without paying for hardware, electricity, or any other mining resources. Malware for cryptojacking can be delivered using multiple methods, with phishing the most commonly used. Data from 2021 found cryptojacking to be the third most prevalent cybersecurity threat.

Data security

Data security is the term used to describe digital data protection, such as information stored in databases, from destructive outside forces, unwanted actions from hackers or cyberattacks, and accidental errors introduced by unauthorized users. Data security is a high-level term, used to describe various sub-services, including data privacy, synthetic data, data encryption including cryptography and homomorphic encryption, and data integrity.

Synthetic data

According to McGraw-Hill, synthetic data is "any production data applicable to a given situation that is not obtained by direct measurement." Craig S. Mullins describes production data as "information that is persistently stored and used by professionals to conduct business processes."

Data encryption

Data encryption is a security method, used to encode information, that users can only access or decrypt with the correct encryption key. Encrypted data is sometimes referred to as ciphertext and will appear scrambled or unreadable to individuals without the proper access information. Two types of data encryption are homomorphic encryption, which allows an individual to perform calculations on encrypted data without decrypting it first, and cryptography, which requires a user to have a key to view the information.

Data integrity

Data integrity is defined as the overall accuracy, completeness, and consistency of data. Additionally, data integrity references regulatory compliance and data safety; one example is GDRP compliance and security. The integrity of data is maintained by processes and standards that are implemented in the design phases. Sub-sectors of data security include adversarial machine learning and artificial intelligence (AI) safety.

Adversarial machine learning

Adversarial machine learning is a machine learning technique that attempts to fool or trick models through deceptive input to cause a malfunction in the machine learning model. This is done to fix breaks in code and better protect machine learning models from providing inaccurate data with vulnerabilities that can compromise the entirety of data sets.

AI safety

AI safety is an important developing technology as the development of deepfakes grows more prominent. Deepfakes are a synthetic AI form where users take on the identity of other people. Synthetic media generation of photorealistic avatars and actors causes concern for identity theft and biometric data collection, resulting in companies developing software to detect deepfakes proactively.

Network security

Network security is a set of rules and configurations developed and designed to protect the confidentiality, integrity, and accessibility of computer networks. Network security softwares work to prevent and monitor access, misuse, and modification of computer networks or other network-accessible devices or resources.

Application security

Application security is the process of finding, fixing, and enhancing the protection and securities involving applications. App security is typically implemented in the development stages, but oftentimes includes various tools and methods to help protect apps after they are deployed for use. Application security has become more necessary over the years as hackers have turned attention to applications over traditional websites and emails. Automated methods for assessing the effectiveness of application security have been developed including static program analysis and dynamic program analysis.

Static program analysis

Static program analysis is used in application security to ensure a product is protected before it is deployed. Static analysis takes place in a non-runtime environment and is also referred to as static application security testing (SAST). SAST is the method of looking at an application and testing its securities from the inside out. The test is performed without the deployment of the application and instead focuses on the source code, byte code, or application binaries for signs of vulnerability regarding security. Once the SAST is complete, data and control paths are modeled for security weakness analysis of the internal structure and security of the application, not the overall functionality.

Dynamic program analysis

Dynamic analysis, also known as dynamic application security testing (DAST) is a testing method that looks at the application from the outside, while the program or application is operating. DAST programs test the integrity of the application through manipulations to find vulnerabilities. The dynamic test simulates an outside attack against an application and analyzes the application's reactions to determine the level of vulnerability, if a vulnerability exists.

Endpoint security

Endpoint security is the process of securing endpoints or entry points on end-user devices such as laptops, desktops, and mobile devices from malicious attacks. Endpoint security systems and software protect the endpoints on the network or in the cloud from cybersecurity threats. Endpoint security has evolved from the well-known anti-virus software programs into software that can defend endpoints from sophisticated malware. Endpoint security is the combination of various software including antivirus, identity and access management, mobile device management, authentication, fraud detection, identity theft, email security, and anti-phishing.

All cybersecurity companies

Timeline

2008
A combination of SQL injection, malware, and password sniffers breach Heartland Payment compromising the data of 134 million users.
2005
A security breach at a US retailer leads to data from 1.4 million HSBC Mastercard users leaking.
2000
A series of DDoS attackes hit some of the largest commercial websites, including Amazon, Yahoo, CNN, and eBay, bringing them down for hours.

The attacks were launched by 15 year old hacker Michael Calse who went by "Mafiaboy" online.

March 1999
The Melissa Virus spreads across teh internet corrupting Microscoft documents and causing an estimated $80 million in damages.

The Melissa Virus is the first virus to significantly affect the general public.

1998
While working as a security consultant for the FBI, Max Butler hacks into US government websites under false pretenses.
1995
Kevin Mitnick becomes the first cybercriminal to penetrate large networks (Motorola and Nokia) by manipulating people.
1995
Vladimir Levin becomes the first known hacker to infltrate and rob a bank's network.

Levin hacked into Citibank's network and conducted an abundance of fraudulent transactions, transferring more than $10 million dollars into accounts around the world.

1994
Hackers launch a series of attacks that cripple the US Air Force's Rome Laboratory and steal research data.

The attackers were carried out by hackers with the pseudonyms Datastream Cowboy and Kuji.

1988
The first major cyber attack occurs, the "Morris Worm" infects systems at a number of institutions, including Stanford, Princeton, John Hopkins, NASA, Lawrence Livermore Labs, and UC Berkeley.

The attack was carried out by Cornell grad student Robert Morris.

1981
After hacking into AT&T's internal system, Ian Murphy becomes the first person to be convicted of cybercrime.

Murphy infiltrated the AT&T network changing their computer's clocks and causing havoc.

Further Resources

Title
Author
Link
Type
Date

5 Best Cyber Security Documentaries You Must Watch in 2021

Web

June 24, 2021

Buffer Overflow Exploits and Defenses

Web

March 30, 2017

Capabilities

Web

March 30, 2017

Control Hijacking Attacks

Web

March 30, 2017

Cybersecurity Podcast Roundup | Emily Neuens | SANS Institute

Web

News

Title
Author
Date
Publisher
Description
August 13, 2021
Harvard Business Review
class="mbm">Sponsor content from Siemens Energy.
July 29, 2021
WebWire
, , , , • The transaction, which includes 100% of the share capital of Cancom UK&I, was completed for €398 million at a multiple of 13.5x EV/ OIBDA (based on 2021E)., , , , , , , , , , • With 600 employees, Cancom UK&I provides professional and managed services in advanced IT, cyber security and multi-cloud solutions., , , , , , , , , , • This acquisition reinforces Telefónica Tech's growth story and its positioning in one of the Group's four key markets, the UK., , , , , , Telefónica Tech has agreed with Canco...
MIT Technology Review Insights
July 12, 2021
MIT Technology Review
The enterprise attack surface is broad--sensors, devices, and cloud services connected to facilities and real estate. That leaves companies vulnerable, but AI can help.
Latham & Watkins
June 17, 2021
www.prnewswire.com:443
/PRNewswire/ -- Latham & Watkins LLP1 is pleased to announce that Antony ("Tony") Kim has joined the firm's Washington, D.C. office as a partner in the...
Emeritus
June 11, 2021
www.prnewswire.com:443
/PRNewswire/ -- With ransomware, malware, phishing and other cyber-attacks threatening the security of companies, government entities, and organizations across...
SHOW MORE

References

Golden logo
By using this site, you agree to our Terms & Conditions.