What is Cyber Security and what does it mean?
Cyber Security is the nickname for the protection of digital data and devices. It is a broad term and encompasses both software and hardware used to protect computers, servers, mobile phones, tablets, electronic systems, networks and data. The name is used to describe multiple security protocols, such as:
· Network security.
· Application security.
· Information security.
· Operational security.
· Disaster recovery.
And in some case’s;
· End-user education.
Cyber Security has become a hugely reliant resource around the world due to the reliance on computers, mobile technology, the internet and wireless technology like WiFi and Bluetooth.
So, what is the Cyber Security risk?
The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches each year. In 2018 the I.T. security company ‘RiskBased Security’ reported 5 billion data breaches that year. By 2019 that figure had risen to 10.5 billion breaches. In a report published by ‘I.T. Governance’, they state that over 9.8 billion breaches have already been identified in the first 6 months of 2021.
Cybercrime is on the rise.
Worldwide, Cybercrime was up 600% due to the COVID-19 pandemic.
According to a recent ACCC’s ScamWatch report, Australian’s lost over $850 million in 2020 to online scams. Investment scams made up almost a third of the reported losses, with Dating and Romance scams, Payment Redirection and Shopping scams making up much of the other two thirds.
Malware, or malicious software is the most prevalent form of cybercrime, with a staggering increase over recent years.
What are the types of scams to watch out for?
Investment scams involve offering highly lucrative investment opportunities, often promising high returns through short-term investments.
Dating and Romance scams take advantage of people. Scammers utilise dating websites, apps and social media to connect with prospective ‘victims’. They play on emotional triggers to request money, gifts or other personal items.
Payment Redirection scams involve scammers impersonating a trusted and well used business. These are often received by email or a text message, and request your payment to be made through a new account.
Phishing scams, again, mostly in the form of an email. Phishing scams focus on tricking customers of trusted and well used business into providing personal information – account logins and passwords, credit card or bank account details.
Shopping scams are mainly when scammers impersonate well trusted online retail stores and offer cheap deals for goods if purchased directly through a secondary or look-alike website.
Other scams to watch out for include:
- Health & Medical products offering cure-all products or unbelievable outcomes.
- Threats to Life, Arrest or Direct Requests for money.
Another large scam utilised by online criminals involves Ransomware Attacks. A Ransomware Attack is a type of malware (malicious software) used by cybercriminals, this is often received in the form of an email attachment and is installed to a local computer when the recipient clicks the attachment. If a computer or network has been infected with ransomware, the software can block access to the system or it may encrypt its data. Cybercriminals will then demand ransom money from their victims in exchange for releasing the data.
A recent example of this was the JBS Foods Ransomware attack. In June 2021, the worldwide meat processor was effectively shut down for a period of five days when they were unable to access large parts of their I.T. system. The Cyber criminals demanded an amount of $11Million US dollars to unlock the systems and to minimise the effect of the worldwide shut-down the company paid the money.
How can I avoid becoming a Cyber Security victim?
Cybercriminals are becoming increasingly cleaver in how they target and implement attacks. The unfortunate truth is there is no one-size-fits-all approach, however to minimise vulnerability, you can implement a few key measures.
- Install firewalls, antivirus, network and server monitoring, and other forms of physical and digital data centre security.
- Maintain patches and updates of digital assets through proper IT security asset management.
- Manage SSL/TLS certificates and keys on websites. SSL (Secure Sockets Layer) is a standard encryption protocol for data travelling between a website and the visitors computer.
- Educate your staff to identify common phishing tactics and what to do when a suspicious email is received.
- Implement email security solutions.
- Monitor traffic and access and denial logs on your network and other IT infrastructure.
- Regularly assess vulnerability and test your systems.
- Develop, implement, and enforce security policies.
Cyber Security is something we all need to take serious. Protect yourself as best you can and avoid becoming a tatistic of Cyber Security.