An appreciation of Cybersecurity and Network Security is an essential for all IT people today. The incidence and sophistication of malware and of targeted attacks on corporate and individual sites are increasing daily. Individual and corporate users must have a comprehensive online security environment in place, comprised of a mix of internet security services and internet security solutions.
In short – Cybersecurity is not just about viruses.
External Threats
Connecting to the Internet opens a revolving door to your systems. You need a range of Internet Security Solutions as a gatekeeper.
You expect to be able to receive as well as send data. Without the appropriate online security checks and guards in place, you will receive data you didn’t intend or want to receive.
A malicious attack on your systems with the intent of preventing you being able to use the Internet and stopping users reaching your systems is a denial of service (“DOS”) or distributed DOS (“DDOS”) attack. The difference is that a DOS attack comes from one computer, while a DDOS attack comes from many.
An attacker saturates your system with continuous service requests from one or many external systems, preventing any other users reaching your systems. If your business relies on online systems, for example , n online store, the effect can be catastrophic.
An attacker manages to engage the services of lots of computers to launch a DDOS attack by using a Trojan Horse or botnet. A botnet is a piece of computer programming that has been inserted as malware into other computers. The botnet sits silently waiting to be triggered, at which point it hijacks the computer and places it under the control of the remote attacker.
Other external attacks are the generally accepted “hacking” activities of theft of information and replacement of legitimate information. Legitimate website pages have been replaced with pornographic or libellous pages. It may be curiosity, as in the case of the alleged hacking of the Pentagon systems, or an attempt to steal bank or credit card data for use in later scams.
A final case is that of bandwidth theft. Though strictly speaking not malware, it is where an external user hacks into your WiFi network to gain free access to the Internet.
Internal Threats
Internal threats are those occurring on individual computers. They may spread through an organisation over the corporate network. They usually manifest themselves as Trojan Horses, viruses and more recently rootkits.
A Trojan Horse is a computer programme which appears useful or interesting to the user, but contains software for another purpose altogether. They are usually programmed to allow remote access to the computer without the user realising or sometimes pass user data back to an attacker.
Viruses are small pieces of computer programming that attach themselves to genuine software or are downloaded from websites as part of another download or by opening a webpage. They can be malicious in that they destroy data, or they can pass user details and email address books to the attacker. Ransomware viruses are particularly evil in that they encrypt your hard drive, with the attacker demanding payment before the data is unencrypted.
Rootkits are a specialised type of virus that is programmed to hide itself from the user and from anti-virus software by modifying the computer operating software. Some even actively defend themselves against being removed.
Email is a popular method of transferring malware, either as an attachment to the email, or the email text having a link to an external website controlled by the scammers. That technique is also used to extract user information by directing users to what they think is a legitimate website, often an online banking website, but is actually one operated by scammers.
Individual and corporate users must have a comprehensive online security environment in place. For the individual user, their Internet Security Solution will include locally based malware protection, detection and removal software. A vital part is regular updates of the malware signatures.
Corporate online security will be based on corporate Internet Security Services and Internet Security Solutions, protecting the corporate servers and individual PCs. Modifications and restrictions may be needed for user workstations. In the corporate environment, the most common method of malware distribution is users bringing flash drives, CDs or DVDs from home containing the malware. It may be necessary to disable these interfaces.