Click with Caution: A Beginner’s Guide to Cybersecurity

“CTU’s been breached. A worm’s erasing files faster than we can back them up.”

You might have heard lines like this in movies and shows like 24, Westworld, Scorpion, and Mr. Robot. Growing up, I enjoyed watching sci-fi and tech shows. Cybercrime shows were some of my favourites. In these shows, you’d see hackers typing fast, trying to break into systems. Sometimes, agencies like the CIA or MI6 would get attacked, and someone would say, “The worm is growing fast,” or “There has been a data breach.” I always wondered what kind of job that was. I also imagined how a worm could enter, grow, and spread in a digital system. Yes, I thought they were talking about real, living worms! So, if you have ever been curious about data breaches or worms and viruses and how they operate, this article is a good place to start.

What is cybersecurity?

Cybersecurity is a field that deals with protecting systems, networks, and data or information from digital threats and attacks. It consists of those steps and measures taken to ensure that information and digital data are safeguarded from authorized users. For example, a bank app’s user details. Those details can include the user’s account number, username, and password, as well as any information needed to use the bank app. Cybersecurity ensures that the user’s details and account are only accessible to the authorized user.

Cybersecurity aims to protect the CIA triad. In this case, the CIA does not stand for Central Intelligence Agency but for Confidentiality, Integrity, and Availability. Confidentiality means that the organization’s data is private and cannot be accessed by unauthorized personnel. Integrity stands for trustworthiness. It means the data or information from an organization is not tampered with. Availability stands for readiness. This means that it can be accessed without any complications whenever the data is needed. To learn more about the CIA Triad, check out this video.

Importance of Cybersecurity

From the definitions above, cybersecurity plays a role in securing individual or organizational data. Some of the importance of cybersecurity includes:

• Safeguarding against identity theft.
• Protection from growing threats.
• Helps prevent financial loss.
• Protects sensitive data or information from being stolen or altered.
• Cybersecurity ensures that the regulatory best practices are being followed.

Cyber threats and attacks.

Cyber threats and attacks are attempts by hackers to access, steal, or damage data from computers or networks. The difference between cyber threats and cyber attacks is that threats have the potential to damage the system while an attack is an intentional act to damage the system. Cyber threats might exploit vulnerabilities and can be blocked by controlling the said vulnerabilities, while the same cannot be said for cyber attacks. Some types of cyberattacks include:

• Malware: This stands for malicious software. It is software designed to exploit a system and gain unauthorized access to the system’s data. It steals information and disrupts computer operations. Examples are viruses, worms, spyware, ransomware, rootkits, and adware.

• Social Engineering: This refers to manipulating a user into performing actions they shouldn't, such as divulging sensitive information or granting unauthorized access, to steal data or compromise an individual or organization. Examples include phishing, vishing, smishing, and spear phishing.

• Distributed Denial of Service (DDoS): A DDoS attack is a type of cyber attack in which multiple systems flood a network or service with requests, forcing the network or service to shut down and making it unavailable to users. The difference between a denial of service and a distributed denial of service is that the former involves a single system sending a request, while the latter involves multiple systems sending requests at the same time.

• Web App Attack: This is a malicious action targeting web applications to exploit vulnerabilities, compromise functionality, steal sensitive data, or disrupt operations. Examples include SQL injection, cross-site scripting, cross-site request forgery, file inclusion attacks, and authentication bypass.

• Zero-Day Exploit: It is a cyberattack that takes advantage of an unknown or unpatched security flaw in computer software or hardware. "Zero day" refers to the fact that the vendor has zero days to fix the flaw before malicious actors use it to gain access.

• Man-in-the-Middle (MITM): This type of attack occurs when a hacker inserts himself between two entities in a communication channel. The hacker impersonates an endpoint in an online information exchange, for example, a communication between a user and the user’s bank. The attacker impersonates the user and communicates with the bank and then impersonates the bank to communicate with the user.

Sources of cyber threats.

Cyber threats originate from different sources, ranging from individuals and groups to nation-state actors. Each is driven by motives like financial gain, political agendas, and so on. These threats can originate internally, such as from an employee with a grudge, or externally. Its sources include hacktivists, nation-states, hackers, malicious insiders and terrorist organizations.

Fields in security

Cybersecurity includes different fields, each addressing specific aspects of security, ranging from preventing breaches to managing risks and responding to incidents. Some of the fields in cybersecurity include:

• Network Security: Protecting networks from unauthorized access, misuse, and disruptions.
• Application Security: Ensuring the security of software applications by identifying and mitigating vulnerabilities.
• Cloud Security: Securing data, applications, and infrastructure in cloud environments. Incident Response: Detecting, analyzing, and responding to cybersecurity incidents effectively.
• Cryptography: Using encryption to protect data and communications.
• Penetration Testing (Ethical Hacking): Simulating attacks to identify vulnerabilities in systems. For more information on the different fields of cybersecurity, check out this website

Summary

Cybersecurity is a pretty broad and interesting field. It is crucial in protecting digital assets from a wide range of threats and attacks. By understanding the importance of cybersecurity and the different types of attacks, individuals and organizations can take proactive steps to safeguard their data. Taking cybersecurity seriously is crucial for staying ahead of cybercriminals and securing a safer digital future. You don’t need to be an expert to implement security measures. Simple actions like using strong passwords, enabling two-factor authentication, keeping software up to date, avoiding suspicious links, and learning about common threats can go a long way in protecting your data and staying ahead of cybercriminals.