By Darlington Lelata
According to the Global Digital Report 2019, the number of people using the internet has steadily been increasing each year, so has been the number of global cyber attacks on businesses and individuals. Cyber security threats continue to emerge and evolve every year and many cyber security experts concur that cybercrime is here to stay as long as our dependence on technology continues to grow.
Zimbabwe as a nation has not been spared from cyber threats. Many people have fallen to victim unaware to these attacks and it is our hope that that this article will help shed some light on cyber security and ways to mitigate the cyber attacks.
What is Cyber Security?
Cyber security comprises technologies, processes and controls that are designed to protect systems, networks and data from cyber-attacks.
What is a Cyber-Attack?
A cyber-attack is classified as any type of offensive action used by cyber criminals to deploy malicious code in your system with the purpose of stealing, altering, destroying or taking any advantage from this action. Cyber-attacks can target both people and things. Individual users, computer networks, information systems, IT infrastructure of all types and sizes.
What are the consequences of a cyber-attack?
Cyber-attacks can disrupt and cause considerable financial and reputational damage to individuals, businesses and organization.
What are the Common types of Cyberattacks?
Phishing
Phishing is method that cyber criminals use in order to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by posing as a trustworthy entity in emails or other means of electronic communication. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability aspects of current web security technologies.
Phishing is done through emails, instant messaging apps or social media posts. A phishing email could seem that it legitimately comes from your bank, and could trick you into entering valid credentials on a fake website.
Ransomware
Ransomware is a form of malware that essentially holds a computer system captive while demanding a ransom. This type of malware locks you out of your computer by either; encrypting files on the hard drive, or locking down the system and displaying messages that extort you into paying the malware creator to remove the restrictions and regain access to their computer, usually via a key. The bad news is that the malware creator is the only one who knows the key.
Ransomware typically spreads like a normal computer worm (by replicating
itself in order to spread to other computers), and it could infect your system
via a downloaded file or through some other vulnerability in a network service. The
chances of retrieving your data are very slim, unless you’re willing to pay the ransom. But
there is no guarantee that you will recover your data, even if
you pay the requested ransom.
Zero-Day
Zero-Day exploit hits when cyber criminals discover a flaw in a piece of software. They exploit that vulnerability, launching an attack that users can’t defend themselves against, for two simple reasons:
- The flaw they exploit is attacked by launching a previously unknown computer virus or other malware
- Antivirus programs rely upon signatures to identify malware, but the signature for this new breed of malware or virus is not in their database, because it’s new and hasn’t been sampled.
Social engineering
Social engineering is one of the most commonly used methods of cyber hacking,
which requires little to no technology. It relies on psychological manipulation
to persuade the victims to perform certain actions or divulge confidential
information. For example criminals can call you on the phone pretending to be
from your bank and trick you into divulging personal information such as your
PIN or bank details.
Malware
Malware (short for malicious software) is one of the terms you’ll hear most often when it comes to cyber security threats. The terms define any software used by cyber criminals to; disrupt computer operations, gather sensitive information, or unlawfully gain access to private computer systems.
Malware is characterized by its malicious intent, because it acts
stealthily to steal your information or to spy on your computer for a long
time, without your knowledge.
‘Malware’ is a general term used to refer to an entire category of malicious or
intrusive software, including computer viruses, worms, Trojan horses,
ransomware, spyware, adware, scareware, and other harmful programs.
What you can do to prevent Cyberattacks
We will take you through a few steps to significantly increase your online security and mitigate cyberattacks;
- Password Management
Use a strong mix of characters and don’t use the same password in more than one online account. By using different passwords, you minimize the potential loss you could suffer in case of a privacy breach.
- Software Updates
Keep your Devices Operating System and applications up to date. Many people don’t take these issues seriously, but software vulnerabilities are not something you can ignore. If you don’t update your operating system or application software, you’ll leave security holes open for cybercriminals to take advantage of.
- Public and free Wi-Fi
Be careful when connecting to public and free wireless networks. One of the favorite methods used by online criminals to retrieve your private data is to use wireless network sniffers to access data sent over unprotected networks. One way to increase your security is by using a “private browsing” session or VPN (Virtual Private Network)
- Links and Email attachments
Always check the link or attachment before you click on it. Phishing exploits are usually done by using email messages that apparently come from financial institutions or well-known, trusted brands and persons. To make sure you won’t be infected by clicking on dangerous links, double check the link to see if you are directed to a legitimate website.
- Secure Browsing
Your web browser is the main tool you use to access Internet. Thus, you should pay a great deal of attention to secure it correctly. Sensitive browsing such as banking, online shopping should be done on a device that belongs to you or network that you trust.
- Social Media
Exposing personal details on social media may lead cybercriminals to finding your vulnerable personal data. For the same reason, check your kids’ social media behavior to make sure they won’t expose private information that may possibly be used against you, in phishing attacks (home address, what you own, where you do your shopping, where you go to school, where you work, etc.)
Thank
you for reading. We hope this article has given you some clarity on Cyber
Security and how you can minimize cyberattacks.
About Us
Paradox has a wealth of experience in the cyber security and risk management field. Our services can be tailored for organizations of all sizes in any industry and location. To find out more on how our cyber security services can protect your organization, or to receive some guidance and advice, speak to one of our experts on WhatsApp +263778848127 778848127, Telephone: +263734324094. Website; www.paradox.co.zw