Spooky season is here, October has finally arrived! In addition to being the month of costumes, horror movies, and candy, October is also Cybersecurity Awareness Month. As cybercrime increases, so to must our knowledge in prevention measures. The cost of cybercrime is predicted to reach $6 trillion dollars by the end of 2021. Becoming cyber aware ensures future safety for individuals, friends, families, businesses, organizations and large corporations. 2020 was the year characterized by cybersecurity. With increased remote working, more reliance on online delivery and shopping services, this led to a increase if cyber attacks. Cybersecurity goes way beyond large corporations; Small businesses, schools, hospitals and individuals should all have a basic knowledge in cybersecurity.
There are several types of cyber attacks and surprisingly, most of them are very preventable.
A malware attack is a common cyberattack in which malware, otherwise known as malicious software, executes malicious actions on a victim’s system. Most viruses originate from malware attacks. Malware has a few purposes, some of which include stealing information, disrupting operations, and demanding money. Demanding money is its own type of attack which is known as ransomware.
Malware is a catch-all term for any type of malicious software designed to harm or exploit any programmable device, service or network.
Ransomware is a type of malware in which a user’s system is hacked. The threat actor will restrict users’ access to certain data until a ransom is paid. This is done by encrypting a victim’s files. The attacker then demands a “ransom” from the victim to restore access to the data. Upon payment, users are then shown instructions for how to pay a fee to get the decryption key. These costs can range from a few hundred dollars to thousands, usually payable to cybercriminals in Bitcoin or some other type of cryptocurrency.
A DDoS attack otherwise known as a Distributed Denial of Service attack is a type of attack that overruns websites by sending multiple requests to the web score with the goal of exceeding the website’s capacity. Some websites, most in fact, have a limited capacity to how many requests they can take. Certain websites when overrun with data will shut down and become non-functional. Common targets of these types of attacks are online shopping sites, online casinos and nearly any business that relies on online operations.
In some cases, DDoS attacks are simply designed to cause disruption with those behind the attacks just launching them because they can.
Zero-day is a term that describes recently discovered vulnerabilities in security. These are the vulnerabilities that hackers can use to attack systems. A zero-day attack means the developer has exactly zero days to fix the vulnerabilities. A zero-day exploit is the method hackers use to attack systems with an unidentified vulnerability that had been unidentified in the past.
Phishing is type of attack in which threat actors target users through email, calls, or text messages. They pose as someone or something important and trick the target into providing sensitive data or personally identifiable information. They will also attempt to gather banking and credit card information as well as any passwords they can get their hands on.
In each of these attacks there are the more common and the less common. According to Lepide.com, the most common types of cyberattacks and phishing and ransomware. The reason these are the most common is because they are easy. attacks can target anyone and they can be done by anyone. It does not take a skilled hacker to send a phishing email. Hackers will target anyone including large corporations, small businesses, and even individuals.
Phishing attacks can be done by anyone. They do not require and serious hacking skills to execute
We are all engaging on the internet and as we do, hackers are getting smarter. However, we have the ability to be smarter than they are. There are ways to prevent these attacks and Cyber Security Awareness Month is the perfect time to learn about these prevention measures.
1. Use strong and separate passwords
Of course you’ve heard this before, using strong passwords for almost anything but especially for your emails is actually just as important as is said. If a hacker discovers one password, the likelihood of them trying the same password for other things is high. This is why it’s important to use different passwords for different things.
2. Update your devices
While yes, some updates can be both annoying and irritating, they are extremely important when it comes to system security. Updates almost always include an update in the security for your device. Update your devices regularly and you are less likely to have security vulnerabilities.
3. Back up your data
In some cases, even when you do everything right, hackers are too smart for the loopholes. Backing up your data to the cloud is one of the safest things you can do. Sometimes, you cannot prevent an attack and backing up your data ensures that everything you need is in more than one place.
4. Manage your social media
Cybercriminals may comb through social media in an attempt to find the answers to common security questions such as mother’s maiden name, pet’s name, ect. Making sure that information is nowhere to be found will also help prevent attacks.
5. Educate the people around you
Teaching people how to recognize spam email and cautioning them against unknown sources can help prevent attacks as well.
Mile2 Cybersecurity Certifications is a world-leader in providing accredited education, training, and certifications for INFOSEC professionals. We strive to deliver the best course ware, the strongest Cyber Range, and the most user-friendly exam system in the market.
Our training courses follow our role-based Certification Roadmap. Plus, many of our classes include hands-on skill development in our Cyber Range. We train students in penetration testing,disaster recovery, incident handling, and network forensics. Additionally, our Information Assurance training certification meets military, government, private sector and institutional specifications.