Meet Anne
Meet Anne. She often shops from www.shoppingcart.com. She has her information like email ID, address, and credit card details saved on the website to enable a faster and hassle-free shopping experience. The required information is stored in a server. One day, Anne received an email which stated her eligibility for a special discount voucher from shoppingcart.com. In order to receive the coupon code, she was asked to fill in her shoppingcart.com account credentials. This didn’t seem fishy to her at the time, as she thought it was just an account verification step. Little did she realize the danger she would be facing. She was knocked off her feet when a substantial amount of money was wiped off her account. How do you think this happened? Well, yes, the email she received was fake. Anne’s shoppingcart.com account witnessed unauthorized access from a third party. This type of attack is known as a cyber attack, and the person who carries it out is called a hacker.
Could Anne Have Prevented the Attack?
Could Anne have prevented this attack? Indeed, she could have, with the help of cybersecurity. Cybersecurity involves techniques that help in securing various digital components, networks, data, and computer systems from unauthorized digital access. There are multiple ways to implement cybersecurity depending on the kind of network you are connected to and the type of cyber attacks you are prone to.
Types of Cyber Attacks Anne Could Have Been Exposed To
Let’s take a look at the various cyber attacks that Anne could have been exposed to.
One of the most common types of cyber attacks is a malware attack, like Trojan, adware, and spyware to name a few. Had Anne downloaded any suspicious attachments online, her system could have gotten corrupted by certain malicious viruses embedded within the attachments.
Next is a phishing attack, the type of cyber attack which Anne experienced here. The hacker usually sends fraudulent emails which appear to be coming from a legitimate source. This is done to install malware or to steal sensitive data like credit card information and login credentials.
Another type of attack is the man-in-the-middle attack. Here, the hacker gains access to the information path between Anne’s device and the website’s server. The hacker’s computer takes over Anne’s IP address. By doing so, the communication line between Anne and the website is secretly intercepted. This commonly happens with unsecured Wi-Fi networks and also through malware.
Password attack is one of the easiest ways to hack a system. Here, Anne’s password could have been cracked by using either common passwords or trying all possible alphabetical combinations.
Implementing Cybersecurity Practices
To prevent future cyber attacks, Anne sought to implement a few cybersecurity practices. First, she installed a firewall. As the name suggests, it is a virtual wall between Anne’s computer and the internet. Firewalls filter the incoming and outgoing traffic from your device to safeguard your network, and they can either be software applications or hardware reinforcements.
Secondly, Anne implemented honeypots. Just like how flowers attract bees, dummy computer systems called honeypots are used to attract attackers. These systems are made to look vulnerable in order to deceive attackers, and this in turn defends the real system.
In addition to these, she also decided to use unique alphanumeric passwords, install antivirus software, and started avoiding emails from unknown senders. That was Anne’s story.
Cyber Attacks on Organizations
Cyber attacks are not just confined to individuals but also to public and private organizations. The cyber attacks carried out in such places are more deadly and they result in colossal losses. Motives of such attacks are many, starting from tampering with crucial data to monetary gains. Let’s have a look at a few of the cyber attacks that companies are subjected to.
Various public sector organizations and large corporations face the Advanced Persistent Threat (APT). In this form of attack, hackers gain access to networks for a prolonged period in order to continuously gain confidential information.
Companies also witness the Denial of Service (DoS) attack, where networks are flooded with traffic, which in turn leaves legitimate service requests unattended. A variant of this is the Distributed Denial of Service (DDoS) attack, when multiple systems are used to launch the attack.
When a hacker manipulates a standard SQL query in a database-driven website, it is known as an SQL injection attack. By doing so, hackers can view, edit, and delete tables from databases.
Challenges in Cybersecurity for Organizations
Amidst a plethora of cyber attacks, it is indeed a challenge for organizations with several networks and servers to ensure complete security. This is not an easy task, and to help with this, cybersecurity professionals are hired to work on identifying cyber threats and securing a company’s network. There are multiple job roles in the field of cybersecurity.
Cybersecurity Career Roles
If hacking fascinates you, then the role of an ethical hacker is something to explore. Such professionals try to find a network’s vulnerabilities just like a hacker would do, but only to identify those vulnerabilities and resolve them for protection against an actual cyber attack.
But if you are looking to design robust security structures, then the role of a security architect is more apt. A Chief Information Security Officer (CISO) plays a crucial role in enterprise security and is entrusted with the overall safety of the information in an organization.
Quiz: Identifying Cyber Attacks
So here’s a question for you: Identify the type of cyber attack where the hacker’s system takes over the client’s IP address:
- A) DDoS attack
- B) Man-in-the-middle attack
- C) Phishing attack
- D) Password attack
Give it a thought and leave your answers in the comments section below. Three lucky winners will receive Amazon gift vouchers.
The Future of Cybersecurity
With the increase in the production of global digital data, it is anticipated that cyber attacks will quadruple in the near future. Organizations are going to need cybersecurity professionals who can prevent these attacks. A career in the field of cybersecurity is lucrative and a very smart decision for professionals now. So what are you waiting for? Get certified and become a cybersecurity expert.
Conclusion
Thank you for reading and stay tuned for more updates on cybersecurity