On top of everything that has happened this year, 2020 has seen an increase in cyber attacks on a range of actors: individuals, companies, organizations and even hospitals. In March, the Czech Republic’s Brno University Hospital was hit by an attack, causing fears that it would impact the institution’s coronavirus testing capacity.
And in Germany, a patient died following a recent ransomware attack on the University Hospital of Düsseldorf. The attack shut down parts of the hospital, forcing staff to divert the critically ill patient to another facility, as a result of which she couldn’t receive life-saving treatment.
Police subsequently launched a manslaughter investigation, which could very well confirm the first known instance of a cyber attack resulting in a person’s death.
Cybersecurity is More Needed than Ever
These examples demonstrate the increasing dangers of cybercrime. It’s no longer a hobby for hackers; cybercrime has grown into a lucrative industry. As the attacks show, no industry is safe — not even healthcare amid a global pandemic. On the contrary, we’re all more vulnerable in times of crisis, making cybersecurity a crucial investment.
Why is Cybercrime Currently Growing?
In recent decades, nearly all sectors have undergone processes of automation and digitization. Just look at how bank transfers are performed nowadays as compared to back in 1990. We used to fill out paper slips to be physically submitted to a bank employee. But, today we can transfer funds with the click of a button through an online interface.
All across the globe, myriads of data points are in constant flow, from API endpoints to databases and vice versa. Many companies choose to store their data using a cloud-based service. At the same time, digitization opens the door to distributed teams and remote work — which has been accelerated by the COVID-19 pandemic.
Now let’s consider how all these processes expose new vulnerabilities. Data in transit may be intercepted if it’s not properly secured. Switching from human-controlled systems to fully automated processes means that bugs might take much longer to be detected by an IT security system. And the move towards home offices and BYOD policies catapults the number of devices and accounts requiring tight security protocols.
However, in this context of acceleration, it seems that our cybersecurity awareness is lagging. All this provides fertile ground for cybercrime.
Which Industries are Investing in Cybersecurity?
In finance and healthcare, data security requirements are frequently mandated by industry standards.
Two examples of such standards are PCI DSS in finance and HIPAA in healthcare. Companies that want to comply with the standards are required to implement cybersecurity measures and go through regular security audits.
Research and development companies don’t necessarily have industry-mandated standards to meet, but in many cases, they adopt advanced cybersecurity measures to protect their intellectual property from misuse or theft by competition. R&D facilities implement workflows to secure everything from individual user workstations to central repositories of information.
In the software space, it’s not uncommon for startups and enterprises to have large teams of cybersecurity engineers and analysts dedicated to keeping their systems safe.
Larger sets of on-premises or cloud infrastructure mean more potential surface area for attackers. Software companies do their best to stay ahead of malicious actors by proactively monitoring their systems and training their staff to create software that’s secure by design.
What are Some Types of Cybersecurity Threats?
While all types of cybercrime exploit the same fundamental shortcoming — security liabilities within a system — they can manifest in different ways. Let’s look at a few common kinds of cyberthreats.
Short for “malicious software,” malware is an umbrella term for programs designed to enter your device without your knowledge with the purpose of stealing the information on the device. Malware might make its way into your system quite easily (e.g., through an email attachment which once downloaded can take control). It is therefore important to protect both your virtual and physical user interfaces: Never open a suspicious attachment or plug in an unknown flash drive.
Technically, this belongs to the malware category, as it works by infecting a system from the outside. In a ransomware attack, hackers gain control of a vulnerable system and encrypt information vital to the company’s processes. They often leave a message offering the decryption key in exchange for ransom. For some businesses, this sum might be so high as to cause them to file for bankruptcy.
DoS and DDoS
In a denial of service (DoS) attack, the perpetrator blocks a service, like a website or an internal system, by flooding it with useless requests. When the attack is orchestrated using various machines (often compromised through malware distribution) we call that a Distributed Denial of Service (DDoS). The purpose of such attacks is to overload a service to the point of breakdown, causing it to go offline. If your systems need to be online 24/7, downtime could cost you millions of dollars.
Phishing is an example of a social engineering attack. Its goal is to trick people into divulging their personal data to allow a perpetrator to assume the victim’s identity. Phishing campaigns may consist of fraudulent emails asking you to provide personal information, or fake websites and social media profiles that might trick you into providing your financial details. For a company whose employees are not educated about Internet-based risks, these campaigns can be particularly troublesome.
Data is the most valuable resource for many companies. What if this data could not only be taken hostage, but also stolen and misused? Data theft might have the purpose of intellectual property appropriation. Alternatively, it can lead to the public disclosure of sensitive private information, as happened during the 2016 document leak known as the Panama Papers.
How Can Companies Protect Themselves From Cyber Attack?
To protect your company from cybercrime, it’s crucial to take a holistic approach. It’s not enough to put up a firewall, while failing to educate your employees on cybersecurity issues. Companies need to ensure that their employees are trained to deal with the risks inherent to handling data and the use of online platforms.
Procedures concerning the transferral of data, encryption and multi-factor authentication should be in place, and managers need to make sure that everyone follows them.
What are Some Branches of Cybersecurity?
As we’ve seen, cybersecurity is a growing field that addresses a number of increasingly diverse problems. Let’s look at some specializations in the field of cybersecurity.
A company’s data travels along various routes — e.g., from an internal server to an external one, or from a customer’s mobile device to the database. It’s important to keep these routes safe from interception by securing all endpoints. This can be achieved with various techniques, such as by using firewalls and anti-malware software, controlling network access through different authentication procedures or creating a safe virtual private network (VPN) for people working from different locations.
In digital forensics, cybersecurity specialists analyze past attacks and learn from them. This job includes collecting data and conducting data analysis. Machine learning algorithms and classical statistical analyses are useful tools for detecting patterns in the data. When a digital forensics expert uncovers a security issue, the company can then devise new techniques to combat it.
Cryptographers develop algorithms that scramble data in a way that makes it impossible to read for outsiders. Most modern mechanisms are based on asymmetric encryption, meaning that the keys used to encrypt and decrypt the data are not identical, but associated through an often complex mathematical relationship. Cryptography experts, therefore, require advanced mathematical proficiency, including in branches such as linear algebra and number theory.
In order to beat hackers, you have to think like one. This is the principle behind ethical hacking. As an ethical (or white-hat) hacker, you employ the same methods as cyber criminals to break into a system — the difference is that you’re hired to do it. Specifically, ethical hackers perform penetration testing to detect a system’s vulnerabilities and report findings to their employers.
Governance, Risk, and Compliance (GRC)
The aim of GRC is to integrate all three of the essential cybersecurity components — programs, processes, and people — into one working system. The compliance part looks at the human factor, ensuring that employees adhere to auditing and authentication processes. This is typically accomplished through training and monitoring.
In this article, we took a first look at the growing and exciting field of cybersecurity. If you’re curious about cybersecurity and want to specialize in the field, enroll now in our Introduction to Cybersecurity Nanodegree.
The program requires a basic familiarity with network connectivity and operating system fundamentals such as Windows or Linux. If you feel that you need to get up to speed in these areas, take our free online course to learn the basics of working with the command line in Linux!