Cybersecurity should be an all engaging war, where everybody is expected to bring to the table all necessary arsenals. Some of the terms we use when talking about cybersecurity tend to be a bit confusing. A word like “firewalls” may disillusion us.
It gives the deceptive feeling that our data is protected by one reinforced wall that may require the force of a bulldozer to break through. As wrong as this may be, the fact that something can still break the supposedly “reinforced wall” should all the same be a course for concern.
Another thing that should bother us so much is the fact that cybercriminals are daily on the news with reports of one breach here or there.
On November 27, 2017, three Chinese hackers, Wu Ying Zhuo, Dong Hao, and Xia Lei were charged for computer hacking, theft of trade secrets, conspiracy, and identity theft directed at the U.S. and foreign employees.
This is in spite of all effort put in place by governments and businesses to curb the menace and havoc that is brought to bear on corporate bodies and individuals by these hackers.
Traveler’s Cyber-Fraud investigative team developed a mock business website and used it to demonstrate that it is possible to hack into a site, download sensitive data, and deface the homepage of the site in a matter of minutes.
The worst scenario is that hackers have got a direct access to hacking kit, including penetration toolkits designed to be used to defend a network. These tools are unfortunately being used by hackers to identify weaknesses they can easily exploit.
Chris Hauser, a former FBI agent responsible for cyber investigations had this to say on hacks: “They are a series of discrete attacks taking advantage of certain vulnerabilities.”
Knowing the fact that hacks are happening all the time and that hackers are not relenting, we need to actually view cybersecurity as a chain linked together by many appendages. This will make it easier for us to handle more effectively.
The following are three ways we may be attacked by hackers.
- Through an unsecured wireless network
Some hackers nose around for unsecured wireless network through where they can launch an attack. This is known as WarDriving.
Once a hacker is able to gain access through this means, circumventing all other smaller security put in place such as plugins that provide DevOps with on the spot identification of web vulnerabilities, all other computers in the network are for the taking. Access to all sensitive materials in the entire network becomes quite easy.
- Through an SQL injection attack
SQL injection attack exploits the vulnerability in the software, where the user inputs data. The hacker enters a code in the username and password field.
This action enables the hacker to assign an administrative username and password, thereby executing commands on the server including downloading sensitive data such as customer data, personally identifiable information (PII), trade secrets, intellectual property, and other sensitive information.
- Through a brute-force attack
Hackers keep on entering usernames and passwords at random until they are able to click on the right one. Since these process may be cumbersome they have devised a means where bots are used to carry out the job.
Bots are programmed with tens of thousands of dictionary words and their variations and the odds of gaining access by the hacker is, therefore, increased.
However, this method may not work very perfectly again since most computers have been configured to deny access to a particular account after a number of attempts are made.
The chain approach to your cybersecurity issue is a very appropriate one because it is rather very glaring that you need to focus serious attention on every link. You constantly scrutinize and strengthen all the links to prevent a possible breach.
Your service provider is not left out. Your technology and people working at the Information Technology unit are also properly and constantly investigated since any arm can be compromised at any time.
You will need to carry out improvement and upgrade as at when due to enhancing a more protected system.
The linked approach will bring to focus the fact that most breaches are quickly highlighted and the root causes quickly identified. You will discover that these breaches are as a result of exploitative efforts searching for overlooked links in the chain.
The 2015 Verizon Data Breach Investigation Report found that 10 common vulnerabilities and exposures or CVEs, accounted for 97% exploits in 2014. Known vulnerabilities can be systematically defended by organizations. The most important thing is being proactive.
Photo Credit: Tarun Sundersingh Flickr via Compfight cc</a
1 thought on “Why Cybersecurity Should be a Chained-linked Affair”