Scribd
Upload
14 views6 pages

Cybersecurity Is The Practice of Protecting Systems

Cybersecurity involves protecting systems and networks from digital attacks aimed at accessing or damaging sensitive information. Cyberattacks are increasingly common, with various methods such as malware, phishing, and denial-of-service attacks being utilized by attackers for financial gain or disruption. Effective cybersecurity requires a multi-layered approach involving people, processes, and technology to safeguard against these threats.

Uploaded by

Aljondear Ramos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
14 views6 pages

Cybersecurity Is The Practice of Protecting Systems

Cybersecurity involves protecting systems and networks from digital attacks aimed at accessing or damaging sensitive information. Cyberattacks are increasingly common, with various methods such as malware, phishing, and denial-of-service attacks being utilized by attackers for financial gain or disruption. Effective cybersecurity requires a multi-layered approach involving people, processes, and technology to safeguard against these threats.

Uploaded by

Aljondear Ramos
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Cybersecurity is the practice of protecting systems, networks, and programs

from digital attacks. These cyberattacks are usually aimed at accessing,


changing, or destroying sensitive information; extorting money from users; or
interrupting normal business processes.
Implementing effective cybersecurity measures is particularly challenging
today because there are more devices than people, and attackers are
becoming more innovative.
A cyberattack is a malicious and deliberate attempt by an individual or
organization to breach the information system of another individual or
organization. Usually, the attacker seeks some type of benefit from disrupting
the victim’s network.

How often do cyberattacks occur?


Cyberattacks hit businesses every day. Former Cisco CEO John
Chambers once said, “There are two types of companies: those that
have been hacked, and those who don’t yet know they have been
hacked.” According to the Cisco Annual Cybersecurity Report, the
total volume of events has increased almost fourfold between
January 2016 and October 2017.
Why do people launch cyberattacks?
Cybercrime has increased every year as people try to benefit from
vulnerable business systems. Often, attackers are looking for
ransom: 53 percent of cyberattacks resulted in damages of
$500,000 or more.

Cyberthreats can also be launched with ulterior motives. Some


attackers look to obliterate systems and data as a form of
“hacktivism.”

What is a botnet?
A botnet is a network of devices that has been infected with
malicious software, such as a virus. Attackers can control a botnet
as a group without the owner’s knowledge with the goal of
increasing the magnitude of their attacks. Often, a botnet is used to
overwhelm systems in a distributed-denial-of-service attack
(DDoS) attack.

Common types of cyberattacks


Malware
Malware is a term used to describe malicious software, including
spyware, ransomware, viruses, and worms. Malware breaches a
network through a vulnerability, typically when a user clicks a
dangerous link or email attachment that then installs risky software.
Once inside the system, malware can do the following:

 Blocks access to key components of the network (ransomware)

 Installs malware or additional harmful software

 Covertly obtains information by transmitting data from the hard


drive (spyware)

 Disrupts certain components and renders the system inoperable

Phishing
Phishing is the practice of sending fraudulent communications that
appear to come from a reputable source, usually through email. The
goal is to steal sensitive data like credit card and login information
or to install malware on the victim’s machine. Phishing is an
increasingly common cyberthreat.

What Is Phishing?

Man-in-the-middle attack
Man-in-the-middle (MitM) attacks, also known as eavesdropping
attacks, occur when attackers insert themselves into a two-party
transaction. Once the attackers interrupt the traffic, they can filter
and steal data.

Two common points of entry for MitM attacks:

1. On unsecure public Wi-Fi, attackers can insert themselves


between a visitor’s device and the network. Without knowing, the
visitor passes all information through the attacker.

2. Once malware has breached a device, an attacker can install


software to process all of the victim’s information.

Denial-of-service attack
A denial-of-service attack floods systems, servers, or networks with
traffic to exhaust resources and bandwidth. As a result, the system
is unable to fulfill legitimate requests. Attackers can also use
multiple compromised devices to launch this attack. This is known
as a distributed-denial-of-service (DDoS) attack.

SQL injection
A Structured Query Language (SQL) injection occurs when an
attacker inserts malicious code into a server that uses SQL and
forces the server to reveal information it normally would not. An
attacker could carry out a SQL injection simply by submitting
malicious code into a vulnerable website search box.

Learn how to defend against SQL injection attacks.

Zero-day exploit
A zero-day exploit hits after a network vulnerability is announced
but before a patch or solution is implemented. Attackers target the
disclosed vulnerability during this window of time. Zero-day
vulnerability threat detectionrequires constant awareness.
What is cybersecurity all about?
A successful cybersecurity approach has multiple layers of
protection spread across the computers, networks, programs, or
data that one intends to keep safe. In an organization, the people,
processes, and technology must all complement one another to
create an effective defense from cyber attacks.

People
Users must understand and comply with basic data security
principles like choosing strong passwords, being wary of
attachments in email, and backing up data. Learn more about basic
cybersecurity principles.
Processes
Organizations must have a framework for how they deal with both
attempted and successful cyber attacks. One well-respected
framework can guide you. It explains how you can identify attacks,
protect systems, detect and respond to threats, and recover from
successful attacks. Watch a video explanation of the NIST
cybersecurity framework.
Technology
Technology is essential to giving organizations and individuals the
computer security tools needed to protect themselves from cyber
attacks. Three main entities must be protected: endpoint devices
like computers, smart devices, and routers; networks; and the cloud.
Common technology used to protect these entities include next-
generation firewalls, DNS filtering, malware protection, antivirus
software, and email security solutions.

Why is cybersecurity important?


In today’s connected world, everyone benefits from advanced
cyberdefense programs. At an individual level, a cybersecurity
attack can result in everything from identity theft, to extortion
attempts, to the loss of important data like family photos. Everyone
relies on critical infrastructure like power plants, hospitals, and
financial service companies. Securing these and other organizations
is essential to keeping our society functioning.

Everyone also benefits from the work of cyberthreat researchers,


like the team of 250 threat researchers at Talos, who investigate
new and emerging threats and cyber attack strategies. They reveal
new vulnerabilities, educate the public on the importance of
cybersecurity, and strengthen open source tools. Their work makes
the Internet safer for everyone.

Types of cybersecurity threats


Ransomware
Ransomware is a type of malicious software. It is designed to extort
money by blocking access to files or the computer system until the
ransom is paid. Paying the ransom does not guarantee that the files
will be recovered or the system restored.
Watch how an attack unfolds

Malware
Malware is a type of software designed to gain unauthorized access
or to cause damage to a computer.
Learn more about malware protection

Social engineering
Social engineering is a tactic that adversaries use to trick you into
revealing sensitive information. They can solicit a monetary
payment or gain access to your confidential data. Social engineering
can be combined with any of the threats listed above to make you
more likely to click on links, download malware, or trust a malicious
source.

Learn more about social engineering tactics

Phishing
Phishing is the practice of sending fraudulent emails that resemble
emails from reputable sources. The aim is to steal sensitive data like
credit card numbers and login information. It’s the most common
type of cyber attack. You can help protect yourself through
education or a technology solution that filters malicious emails.
Learn how technology can help

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy