Cybersecurity is a word we hear a lot, from the tech-savvy to those who don’t know the meaning. People most times forget that cybersecurity and physical security are important in the computing context of security.
Cybersecurity is the protection of computer systems from the theft and damage to their hardware, software or information, as well as from disruption or misdirection of the services they provide.
According to Wikipedia
The field is of growing importance due to the increasing reliance on computer systems and the Internet, wireless networks such as Bluetooth and Wi-Fi, the growth of “smart” devices, including smartphones, televisions and tiny devices as part of the Internet of Things.
It is no doubt that many of the cyber-attacks faced are very deadly because of loss of data and code injection. Some of the cyber threats we can face are:
TYPES OF CYBERSECURITY ATTACKS
- Backdoor attack
- Denial of service attack
- Direct service attack
- Eavesdropping attack
- Spoofing attack
- Tampering attack
- Privilege escalation attack
- Phishing attack
- Clickjacking attack
- Social engineering attack
All the attacks we have above might look scary but we will go through them one at a time.
A backdoor attack is any secret method of bypassing normal authentication or security controls. They may exist for a number of reasons, including by original design or from poor configuration
DENIAL OF SERVICE ATTACK
A denial of service attack is a type of attack designed to make a machine or network resource unavailable to its intended users. Attackers can deny service to individual victims, such as by deliberately entering a wrong password enough consecutive times to cause the victims to account to be locked, or they may overload the capabilities of a machine or network and block all users at once.
DIRECT SERVICE ATTACK
A direct service attack is an unauthorized user gaining physical access to a computer is most likely able to directly copy data from it. it can also be done by operating system modification, using a wireless mouse or installing key loggers, worms, and covert listening devices.
Eavesdropping attack as the name implies, involves the act of listening to a private conversation, typically between hosts on a network.
A spoofing attack involves hiding as a valid entity through falsification of data, in order to gain access to information that is unauthorized to obtain. spoofing could occur in many forms like:
- Email spoofing
- Biometric spoofing
- IP address spoofing
- Media Access control spoofing
Tampering is an attack that involves modifying products in a bad way.
PRIVILEGE ESCALATION ATTACK
Privilege escalation is a situation where an attacker with some level of restricted access is able to, without authorization, elevate their privileges or access level. This type of attack occurs in access-controlled systems or network.
A phishing attack is the attempt to acquire sensitive information such as usernames, passwords, and credit card details directly from users. Though It is most times classified as social engineering.
CLICK JACKING ATTACK
Clickjacking is a technique in which an attacker tricks a user into clicking on a button or link on another web page while the user intended to click on the top-level page.
This attack is also known as User Interface redress attack.
SOCIAL ENGINEERING ATTACK
Social engineering attack convinces a user to disclose passwords, card numbers, etc. by impersonating an authority like a bank, etc.
All these attacks are bad and one can easily fall prey to them given the advancement of technology. In the next paragraph, I will be talking about different types of social engineering and solution to cyber threats.
COUNTERMEASURES FOR CYBERSECURITY ATTACKS
Moreover, there are 10 different types of cybersecurity attacks where listed above but how can we protect ourselves from the attacks?
Therefore, I have some expert’s recommendation on the ways you can protect yourself from these attacks are:
- Continuous antivirus software updates for protection against Social engineering malware.
- Strong passwords to reduce or eliminate phishing techniques
- Never disclose personal information if malicious mail is sent to your inbox.
- For denial of service attack, the best countermeasure is to have extra bandwidth to handle increased traffic.
- User account access controls and cryptography can protect systems files and data.
Firewalls are by far the most common prevention systems from network security.
Intrusion Detection System (IDS) products are designed to detect network attacks in-progress and assist in post-attack forensics
- For some hardware related attacks, we could use drive locks to encrypt hard drives and prevent a malicious attack.
- Tampering attacks can be counter measured by good end-user education.
AREAS OF CYBERSECURITY
According to economictimes.indiatimes.com
Major areas covered in cybersecurity are:
1) Application Security
2) Information Security
3) Disaster recovery
4) Network Security
Application security encompasses measures or countermeasures that are taken during the development life-cycle to protect applications from threats that can come through flaws in the application design, development, deployment, upgrade or maintenance.
Meanwhile, Information security protects data from unauthorized access to avoid identity theft and to protect the privacy and usually involves cryptography.
Disaster recovery planning is a process that includes performing risk assessment, establishing priorities, developing recovery strategies in case of a disaster. Any business should have a concrete plan for disaster recovery to resume normal business operations as quickly as possible after a disaster.
Network security includes activities to protect the usability, reliability, integrity, and safety of the network. Effective network security targets a variety of threats and stops them from entering or spreading on the network.
For one to be safe in this fast advancing technology age we have to be abreast we all we can about cybersecurity. Thanks for reading and feel free to leave a comment in the box below and subscribe for more articles.