;

by Nathan House, Udemy Instructor

With frequent reports of data breaches of individual and corporate data, understanding what cyber security is and why it’s critical to our digital lives and work. In its simplest understanding, cyber security covers everything we do to reduce the risk of digital attacks. That includes protecting devices (everything from phones to laptops to smart TVs) and the online services we access like social media accounts, work email, and learning platforms.

Because so much business and personal information are now stored on devices and online, an important part of cyber security involves keeping that data safe. 

In this brief overview, we’ll cover the bad actors who pose cyber threats, common types of cyberattacks, and suggestions to reduce the risks of attacks. For more on understanding this growing field in the technical space, check out our library of beginner-friendly cyber security courses (Shop Courses).

Cyber security threat actors

In the world of cyber security, who exactly are we trying to protect against? We can split the threat actors into three groups: 

  • Data thieves: Names, email and postal addresses, bank details, and confidential business information — these are prime examples of valuable data. Many threat actors specialize in extracting this information, to use themselves or to sell on to others. 
  • Wreckers: These people are focused on disabling devices, services, and organizations. Sometimes, it’s for political reasons, in other cases, they do it just because they can. 
  • Cyberwarfare agents: When a new cyber threat hits the news, people are keen to know where it came from. Common culprits include government actors. State-backed groups deliberately create threats to target rival states and destabilize their infrastructure. Citizens and private businesses can be caught in the cross-fire. 

5 types of common cyber attacks 

  • Malware: You’ll see this word a lot related to cyber security. It means any software program used for malicious purposes. This includes malicious software designed to damage or gain unauthorized access to a computer or network. 
  • Ransomware: This is a type of malware designed for extortion. Ransomware blocks access to devices or files until a ransom is paid to the hacker behind it. Paying the ransom does not guarantee that the block will be removed. 
  • Phishing attacks: Before it can do its job, many malware applications must be installed and launched by an unwitting victim. Phishing occurs when a hacker pretends to be a trusted source and tricks the victim into opening an email or message. The recipient is then duped into clicking on a malicious link that launches the malware. 
  • Social engineering: The more attackers know about victims, the easier it is to trick them into revealing sensitive data or clicking on dangerous links. Through sources such as LinkedIn and social media websites, you can find out a lot about people. Threat actors use this information to create highly-targeted and convincing phishing attacks.   
  • Advanced Persistent Threats (APTs): Spyware is a type of malware. Unless detected, it can stay in a device or network for a long time, giving the hacker access to lots of information. These long-term, often highly-targeted attacks are called Advanced Persistent Threats. 

Essential tools and strategies for cyber security

A big part of network security for an organization involves showing its users how to stay safe. Examples include how to use passwords responsibly and how to back up data. It also involves teaching people how to avoid unsafe messages, email attachments, websites, and apps. 

Cyber security professionals help organizations draw up safe usage policies related to the use of devices and services. These rulebooks cover best practices like the do’s and don’ts of web browsing and downloading software. A safe usage policy also sets out what people should do if they suspect an attack has occurred. 

Tools

An organization’s cyber security or IT teams should outfit their employees’ systems with tools to prevent cyber attacks, That includes the following:  

  • Anti-virus (AV): Also called end-point protection, this type of software tries to identify, detect, and remove viruses or malware from computers and networks. Most types of AV scan for malware automatically on a set frequency or when you add new files. You can also use it to do manual checks of specific files, devices, and networks. AV is not as effective at detecting malware as most people commonly believe. AV is particularly poor at detecting new and custom malware, something that’s becoming more common as bad actors grow more sophisticated. 
  • Firewalls: A firewall monitors and controls the flow of traffic between the internet and a private computer network. You can set the rules for what is and isn’t allowed to pass through the wall. It’s a valuable way of stopping access from unknown or unauthorized sources. However, firewalls can have limited effectiveness in preventing some types of attacks, as attackers can simply penetrate through open ports that must be open to allow the network to function.  
  • Security Information and Event Management (SIEM): The bigger the network you have to protect, the harder it can be to keep it safe. SIEM software can alert IT teams of any events or behavior that might need closer investigation. Examples include unusual log-in attempts and the copying or removal of files that may indicate a data breach. It’s a kind of early warning system, one that helps technical teams act quickly before any major damage is caused.  

How to minimize impacts of an attack

It’s unlikely you’ll be able to stop every cyber security attack. This is why an important aspect of cyber security involves minimizing the impact of an attack. 

You or your IT team should have a cyber attack response plan prepared in advance of any issues. Common response plans involve isolating the attack and blocking access to other devices, drives, or parts of the network. To reduce business interruption, the team should also prepare to bring backup systems online in the event of an attack.

The post-attack investigation is important, too. A thorough debrief involves working out what happened, how it happened, and what damage was caused. Once there’s a better understanding of the attack, review your existing cyber security measures to see how they can be strengthened. 

You’ll often see cyber security referred to as a game of cat and mouse. Hackers are forever finding new vulnerabilities to take advantage of, and it’s up to cyber security professionals to stop them. It’s rarely a dull profession and, for those experienced in the trade, can be a financially lucrative career choice.

To start exploring how cyber security works in practice, check out our online courses today.

Anonymous