The ABCs of Cybersecurity - Part III
Cybersecurity
In this third and final section of the three-part blog series “The ABCs of Cybersecurity” we’ll round out National Cybersecurity Awareness Month with topics from ransomware to zero trust.
Ransomware is one of the most vicious and prevalent cyber threats out there. It is the name attributed to the attack in which malware is used to infect computers and/or networks; once the malware has been placed, essential data is stolen and encrypted by the malicious actor perpetrating the attack and then held for ransom. If the company chooses not to pay, sometimes the ransomware attackers will take the stolen data and sell it online on the dark web or take out their frustration by stealing more of the company’s data if they have access to it. Despite this, the recommendation from the authorities is to not pay the ransom. Instead, set up strong cybersecurity precautions to try to block an attack from happening and keep secure, encrypted backups of all essential data so that you can get back up and running quickly in the event of an attack.
Social engineering is what happens when cybercriminals manipulate a given target with the plan of gaining otherwise unauthorized access to devices and/or systems. It can involve the victimized person directly handing over sensitive data such as PII or being deceived into giving their login credentials to the manipulator.
Threats are the actions of individuals or entities with evil intentions whose goal is to gain unauthorized access to crucial data or otherwise cause damage to a company. Common threats include malware, ransomware, data breached, social engineering, phishing attempts, and more.
Unique and strong passwords are the key components of a secure login credential. A password is made strong by use of various types of characters; however, a strong password is nothing without the other key element of password creation – uniquity. If a person uses the same password for every single account that he has and one of these companies suffers a data breach, he has not only exposed the information that the affected company holds, but he has made every other account accessible to any person with those login details. Having passwords which are unique from one to another is a fundamental element of strong cybersecurity.
Vulnerability refers to any area that is not strong when it comes to cybersecurity. This can include unprotected accounts, out-of-date operating systems, unpatched software updates, insider threats (both malicious actors as well as people who are not knowledgeable when it comes to cybersecurity information). A vulnerability is the weak spot in the castle wall; it is what makes a company susceptible to a cyber attack. One of the primary focuses of cybersecurity is ensuring that vulnerabilities are patched and/or remedied before a cybercriminal exposes one.
The World Wide Web is (of course) the www at the beginning of every website we access! This is included on the big list of cybersecurity ABCs because without it, there is no cybersecurity – in fact, there’s no “cyber” at all. The Internet is crucial in our daily lives from personal, educational, professional, and more, we are reliant on this, the world wide web, for many areas in our lives. It is crucial that we navigate this space safely and with cybersecurity at top of mind.
Xbox, PlayStation, and other gaming consoles might not be among the first items we think of when considering cybersecurity, but these devices and systems are just as vulnerable to an attack as any others, particularly due to the anonymity that comes with having unique, often silly gamer tags instead of listing a person’s actual name publicly. Cyber bullying is unfortunately common for many gamers; if you are being bullied while gaming, be sure to reach out for support and block the harassing accounts. Additionally, update your device often in order to keep your PII safe from attackers.
YouTube, Netflix, Hulu, and more are all examples of streaming services; while we might not typically think of cybersecurity in relation to these platforms, many malicious actors will create their phishing emails under the guise of being from these companies since so many of us have accounts with them. If you receive an urgent, poorly worded email that is seemingly from one of these businesses imploring you to click on a link, be sure to verify that it is not a scam email before taking any action (and definitely do not click that link!). Also, be sure to not share your login details for any of these accounts with people who you do not trust to have the same level of personal cybersecurity as you would have yourself as this puts you at risk.
Zero Trust means that no user is allowed default access to any aspect of the network. All users must authenticate their account and confirm that they are authorized to access whatever it is that they are trying to view or edit, regardless of whether they are inside or outside of the network. This is the most secure way to operate and adds extra protection from many cybersecurity vulnerabilities and threats.
While there are so many other elements within cybersecurity beyond the topics discussed over the course of these three blogs, we hope that you’ve been able to learn a little something about the basics of the world of cyber during this National Cybersecurity Awareness Month!
Image by rawpixel.com for Freepik.
