You use the internet on a regular, if not daily, basis.
But, unless you’re taking steps to increase your cyber security, you’re not safe when you’re sending private data in emails, accessing websites with passwords, and browsing unsafe web pages.
What is cyber security? Cyber security can be defined as finding ways to protect and defend computers, servers, as well as other devices, from malicious attacks.
There are many ways in which these attacks can be undertaken by cyber criminals – and you could be their next victim
With that in mind, let’s look at cyber security, what it’s about and how to protect yourself against online threats.
Table of Contents
Brief History Of Cyber Security
How did cyber security come about? Let’s take a look at the origins of cyber security and how it has developed over time.
Cyber security started to gain interest in the 1940s. At this time, cyber attacks weren’t easy because only a few people could gain access to computers, which had only been created in 1943.
But, in 1949, computer pioneer John von Neumann came up with the theory of computer viruses, so the idea had been planted that there was potential risk for people when using these machines.
However, in the next decade, it was actually telephones that became targets for security attacks, not computers. In the late 1950s, a trend called “phone phreaking” came about.
This referred to the manipulation of phone signals to make free calls. Phone companies battled to stop these phone phreaks.
When computers became more accessible to the public, companies realized they had to use technology to make their systems safer.
In the 1960s, this brought about the idea of using passwords to protect these systems, and it paved the way for cyber security to become a buzzword.
The term “cyber security” actually originated in the early 1970s, with a research project on a computer program that was able to move across the Advanced Research Projects Agency Network (ARPANET) network, which came before the internet.
This program was called Creeper and it was created by researcher Bob Thomas. Then, the inventor of email, Ray Tomlinson, wrote a Reaper program that was able to detect and delete Creeper.
It was like the first type of antivirus software that was available!
As computers became more popular and networking grew, it was clear that cyber security was important.
Early cyber security research was conducted by organizations such as the ARPA (Advanced Research Projects Agency) and the U.S. Air Force.
Halfway into the ‘70s, the idea of cyber security started to take hold, especially since there were already notable examples of computer hacking taking place.
These included the cyber crimes committed by adolescent Kevin Mitnick who hacked into The Ark, a computer at the Digital Equipment Corporation, and was able to make copies of the software.
He ended up being one of the most famous hackers in history and you can find out more about him by reading, “Best Books On Cyber Security: From Hacking To Real-Life Adventures.”
Then, in the 1980s, even more security attacks occurred. In 1983, the term “computer virus” was first used. In 1987, commercial antivirus software became available, and by 1988, this was being used all over the world.
With the 1990s came even more attention to cyber security and computer viruses. By 1996, there were many viruses that were finding innovative ways to attack users.
Around the same time, a NASA researcher developed the very first firewall program. It got its name because of how it was modeled on the physical structures which prevent fires from spreading in buildings.
The excitement of new technology, such as email, came with a big drawback: it provided cyber criminals access to devices in new ways.
When the 2000s arrived, even more, innovative methods of infecting devices came to the fore. An example is how, in 2001, it was found that users didn’t have to download files on their devices in order to become infected with viruses.
Visiting infected websites was enough to do damage, or they could be prone to attacks via instant messaging services.
More milestones were therefore met by antivirus software companies to combat these issues, such as with free software that users could download to protect themselves.
The establishment of OS security also appeared. This is cybersecurity within a device’s operating system that can install software, firewalls, and updated antivirus engines to combat security attacks.
But, as you know, the attackers wouldn’t be stopped. They continued with their innovative ways of attacking people online, all through the 2010s.
This resulted in even more modern attempts to stop them, methods of which included multi-factor authentication, real-time scanning and protection, back-up and mirroring, and web-application firewalls (via Avast).
What Are The Most Common Types Of Cyber Attacks Today?
Nowadays, we have many cyber security threats to deal with. Here are some of the most common ones to know about.
Malware
This is a type of application that can gain access to a network, spy on users to gain their data, or even encrypt victims’ files and demand a ransom, as in the case of Ransomware.
Malware can be found in various places online, even in ads.
Phishing
This is one of the most common cyber attacks, and it involves an attacker trying to get a potential victim to provide their personal data, such as credit card details or passwords.
It usually occurs in email form, where the attacker will pretend to be someone from a real organization, such as your bank, in order to get his or her hands on your information.
Zero-Day Exploit
This cyber attack is common in businesses. It involves criminals discovering a weak spot in the software applications and operating systems of the organization and then trying to target the companies to exploit the vulnerability.
DNS Tunneling
This is another common cyber attack that affects organizations. How it works is that attackers will insert (or tunnel) malware into a company’s DNS queries that are sent from the client to the server.
This is common because some organizations don’t check DNS traffic for malicious activity and the malware can be used to create a communication channel that isn’t detected by many firewalls.
SQL Injection
SQL databases make use of SQL statements to query data, and you’ll find these in the form of HTML forms on web pages.
They’re vulnerable to attacks because if permissions have not been set effectively, the attacker could gain access to the form to access, create, or change the data that’s stored in the database.
Drive-By Attack
This is when you unknowingly visit a website that has malware in it, such as in the form of ads that overwhelm the web page.
Shockingly, hackers can even use kits to help them set up websites with malicious content on them, which is why it’s so important to protect oneself, such as with the use of ad blockers.
Cross-Scripting
This is a type of security attack that targets the comments sections on websites. How it works is that hackers will infect users who come to the website.
If the user input hasn’t been filtered prior to publishing the comment, a hacker will be able to publish malicious script hidden in the page.
So, when an unsuspecting user arrives at the page, the script will be administered, which can infect their device, steal cookies, or direct them to a malicious website.
Password Cracking
As its name suggests, this is when a criminal will try to guess a user’s password. Hackers have a variety of ways in which to do this, such as with the Dictionary Attack or Password Spraying Attack methods.
A Dictionary Attack is when a hacker will make use of commonly-used words or phrases in order to try to guess passwords.
Usually, there’s a predefined password list that could include local sports teams, or, if an organization is a target, it could include names that are related to it.
By comparison, a Password Spraying Attack involves hackers trying the same password on multiple accounts before trying another one in the same process.
It is useful because so many people use the same, generic type of password for various accounts.
Snooping Attack
This is sometimes referred to as sniffing, and it’s when a hacker tries to find any unsecured network communications to try to access data sent across the network.
This is why VPNs are encouraged to be used when people make use of public Wi-Fi hotspots.
The Industries That Are Commonly Targeted By Cyber Attacks
Interestingly, some industries are bigger targets for cyber attacks than others. Here’s a list of some industries that are usually targeted by hackers and online fraudsters.
Small Businesses
While you might think that large businesses are more prone to cyber attacks, this is not always the case.
Alarmingly, research states that approximately 60 percent of small businesses will fail within a mere six-month period due to being the victim of a cyber attack.
This kind of attack can include phishing scams or malware.
Healthcare
The healthcare industry is a common target for cyber attacks. One of the biggest threats is ransomware, and it’s said to cause a minimum of one attack every day that affects over 27 million patient records.
The reason why the healthcare industry is a target of cyber criminals is that organizations and facilities don’t always have the equipment to keep them at bay, such as because they’re using outdated hardware.
Higher Education
Higher education organizations store a wealth of information, such as research and user data, so they’re a gold mine for hackers.
Ransomware attacks made on colleges doubled between 2019 and 2020, while there were at least 26 ransomware attacks that involved universities and colleges in 2020.
Why Should You Care About Cyber Security?
Cyber security isn’t just something you should be concerned about if you’re a business owner. You should care about cyber security as an individual.
Think about it: every day, we rely on computers and technology for a variety of tasks, not just at work but also in our social lives.
Daily, the average internet user will spend 145 minutes on social media – that’s just social media, but what about the rest of the internet?
Imagine all the websites you visit and all the personal data that you’re sending about yourself on the internet. There are a lot of opportunities for hackers to attack you online.
Technology and devices are prone to weak spots that criminals can take advantage of. If you find yourself the victim of a cyber attack, it can result in your sensitive data being stolen and used against you.
Some hackers want to create problems for victims, while others are looking to make some money off them.
Either way, being the victim of a cyber attack can be frightening and devastating, as well as lose you a lot of money.
It’s also important to be aware of the larger scale consequences of cyber attacks. They can result in electrical blackouts, the leaking of national security secrets, and the disruption of computer and phone networks.
How Cyber Criminals Choose Their Targets
There are various ways in which hackers will settle on their next target – is it going to be you? Here are some things they’re looking for.
- Hashtags on social media. Just by checking out some hashtags on social media sites such as Instagram, hackers can see who is rich, who travels a lot, and who will be able to pay a ransom. All of these details and more can give them a good idea of who they should target.
- Dark web content. The dark web consists of content that isn’t available via regular online search engines, and it’s filled with websites where hackers can buy stolen goods as well as people’s data, like credit card numbers, without being tracked. Sometimes hackers will sell login details they’ve stolen to other hackers, such as full names, addresses, usernames, and passwords of potential victims. If you don’t protect your private information, it could end up on the dark web and be available for criminals to use.
- Easy ways to engage in cyber attacks. Usually, cyber criminals will try to find the easiest ways in which to target people, such as by finding passwords that are easy to crack and free Wi-Fi networks that give them fast access to user data.
How To Protect Yourself Against Cyber Attacks
With the above points in mind, it’s important to bolster your online security. Here are some good habits to start following.
- Avoid using the same passwords for different accounts. A strong, unique password should be used for every single account you have online, otherwise, you risk cyber criminals getting your information.
- Check app permission settings. You might be surprised to discover that some apps on your devices have permissions they really don’t need, such as access to your address book, location, and microphone. This data can be shared with third parties. Disable these permissions and consider deleting apps that you don’t use or need.
- Check for any compromised activity. It’s good to check if any online accounts of yours have been compromised on a regular basis, and you can do this with online tools such as Have I been pwned?
- Be careful when posting on social media. Never share personal details on your social media accounts and be mindful of what you share with your friends and followers. This content could be misinterpreted and even used against you in the future, as well as be accessed by others.
- Avoid linking online accounts. While it might be convenient to link your account on a retail website with your Facebook or Google account, this is dangerous because if someone accesses one account they’ll be able to access the others.
- Be smart about passwords. You might feel uninspired to use a ton of different passwords that you battle to remember, but it’s worth it. To make your passwords stronger, use passphrases. These are a combination of words you know with some special characters, such as “&@!” thrown in. Always make these passwords longer than eight characters and change your passwords regularly!
- Be careful when using public Wi-Fi. Always access public Wi-Fi hotspots with a VPN installed on your device that will hide your IP address and keep your data safe. It’s also wise to never access important data, such as your financial information, via public Wi-Fi. And, make sure you disable the “auto-connect to Wi-Fi” feature on your devices. This is especially important if you consider that cybercriminals sometimes use Wi-Fi access points that have common names, like “Cafe”, so that they seem benign but automatically connect your device to them to access your data.
How To Prevent Cyber Attacks As A Business Owner
While the previous tips work well for individuals and they can also benefit you at work, there are some extra steps you should take to protect your business from cyber attacks.
Let’s take a look at some of the most important ones.
Train Your Staff
Your staff should be informed about cyber security and how they can safeguard against cyber attacks.
For example, they should be trained to check web links before opening them, check sender email addresses before opening emails, and so on.
Update Software Regularly
Earlier, we mentioned how outdated systems are common targets for cyber attacks, so it’s essential to update software and operating systems on a regular basis.
They will have the latest security features in place to protect your company.
You should also use a patch management system to manage all updates so that you will always ensure that the latest versions are working in a stress-free way.
Start Using A Firewall
Anti-malware tools can help you to detect and isolate viruses, but you want to prevent them from gaining access to your database in the first place. That’s where a firewall can help you.
When installing a firewall, make sure it’s a commercial-grade firewall that runs a full range of security services for your business.
If you’ve got more than one office in your business, each one should have its own firewall, and all these firewalls must be connected to the company’s main one for increased protection.
Encrypt Your Data
All your company’s sensitive data, such as customer data and employee data, should be encrypted. You can make use of encryption software to do this easily, which is included in almost all operating systems today.
Use Endpoint Protection
Endpoint protection protects networks in your company that are bridged to devices in a remote way.
All devices, such as laptops and phones, that are connected to the company’s network can be vulnerable to security threats. Therefore, endpoint protection software needs to be used.
Conduct Audits Regularly
You should always review the security measures your business has in place to ensure that they’re still working well and aren’t outdated. This will also help you to detect any weaknesses in the system.
Conclusion
Cyber threats are nothing to take lightly. They can cause businesses to fail and individuals a lot of distress. This is why you have to take measures to increase your level of cyber security, both at home and as a business owner.
In this article, we’ve featured top tips on how to thwart cyber attacks. Stay safe and keep cyber criminals at bay!
Related Questions
What Does a Cyber Security Professional Do?
Cyber security professionals have many responsibilities, such as protecting data from being compromised.
They will have to protect company files and networks, install firewalls, and monitor activity for any security threats.
Can Anyone Become a Cyber Security Professional?
As long as you have general IT experience, you could enter the cyber security field. To find out more about this exciting career path, read, “How To Start A Cyber Security Career: Top Tips You Need.”
Resources: