Cybersecurity: definition, threats and advice
Those who had never looked into cybersecurity before Covid-19, have been obliged to do so in recent months, given the surge in cyber attacks, which have not only increased dramatically globally (+300%) but have also evolved to quickly take advantage of the many faults made visible by the new working habits linked to the pandemic.
According to the Global Threat Intelligence 2021 report by global technology services provider NTT Ltd, the most affected sectors include finance (up from 15% to 23%), followed by manufacturing (22%) and healthcare (17%). It is therefore essential to delve deeper into the topic of cyber threats by spending some time clarifying the key elements and reviewing the advice.
This term is used to define the increasingly urgent,yet complex need to defend, not only one’s own computers, but also servers, mobile devices, electronic systems, networks and above all data from attacks by web criminals, which are particularly tempting to those who want to harm us.
The topic of cybersecurity, also known as computer security, is a broad one, and as we have all noticed, it covers the most diverse contexts, with no one excluded. To analyse it better, it can be divided into different categories.
Information security is the branch that deals with safeguarding the integrity and privacy of data, both those we have stored and those that are transmitted extemporaneously. Network security is concerned with the computer networks needing to be defended against the actions of criminals who may carry out targeted or ‘random’ attacks trying to cause damage without any particular objectives.
Then there is application security, i.e. the protection of software and devices from any threats that may through a compromised application.
When it comes to analysing processes and decisions relating to the management and protection of data by tracing back to the various access, storage and sharing authorisations, we talk about operational security, while the terms disaster recovery and business continuity refer to all the methods that a company can develop to react to a cyber attack and respectively indicate the procedures for restoring business operations and the strategy adopted to try to ensure that activities continue without creating discontinuity.
Also part of the cybersecurity concept are all those training initiatives towards end users. Indeed they are among the most valuable because, as the pandemic period has taught us, cybercrime relies above all on human error and naivety to break into company secrets, steal data or information or create enormous damage.
Cybersecurity: types of cyber threats
Threats can attack systems to make money or damage a company (cybercrime), gather information for political purposes (cyberattacks) or threaten security to generate panic (cyberterrorism). Here are the main threats to be aware of:
- Malware: very common software created to damage or cause a legitimate user’s computer to malfunction in order to gain financial gain or political advantage. They can arrive via unsolicited email attachments or seemingly legitimate downloads, and can be viruses, Trojans, spyware, ransomware, adware or botnets.
- Phishing: an attack carried out through a series of e-mails apparently sent by legitimate companies, requesting sensitive information to convince users to provide data such as credit card details or otherwise personal data.
- Denial of Service attack to render a computer system unusable by overloading networks and servers with excessive traffic and preventing the company from performing vital functions.
- SQL code injection to take control of a database and steal its data and access sensitive information contained in the database.
- Man-in-the-Middle attack to intercept communications between two people in order to steal data, for example by using an unsecured Wi-Fi network
Cybersecurity: tips for the future
It is true that criminals are always one step ahead, but today there is no lack of tools to defend oneself or at least to try and minimise the chances of being hit by a cyber criminal attack.
The users, the people, are clearly the weakest link that must be protected but also well educated deeply because one small distraction can cause disasters, even of global importance. There is no shortage of cases in the news to confirm this. Artificial intelligence has a very important role to play, and it is becoming increasingly important when it comes to analysing cybersecurity data in order to better predict and prevent attacks by also identifying possible anomalies that should be interpreted as warning signals.
We need to invest in this as well as in human capital, but let’s start with some advice to lay the foundations for a more aware and therefore prudent future. Here are 5 things to do to protect yourself as a simple user:
- Use complex passwords
- Use antivirus software: security solutions
- Update your software and operating system
- Do not open e-mail attachments from unknown senders or click on links contained therein
- Do not use unprotected Wi-Fi networks in public spaces