- Most cyber security threat comes from corporate spies, lone hackers, or disgruntled employees.
Different types of Cyber security attacks¶
- Malware Attack
- Most common type of cyberattack/threat
- Malicious software is installed into the central computer system
- Versions of malware include
- worms
- spyware
- ransomware
- viruses
- trojans
- Phishing Attack
- Man in the Middle attack
- aka eavesdropping attack
- Attacker aims to gain access to critical business or customer data.
- SQL Injection attack
- Attacker hacks into DB or the company and uploads malicious SQL codes
- Attacker thus gets access to view, edit and delete tables and may even access business sensitive data.
- Denial of Service Attack
- Hackers flood company servers with requests to exhaust resources.
- Insider Threat
- A malicious attack on a company's network or computer system by a person with authorized system access.
- Cryptojacking
- is a cybersecurity threat that involves breaking into a company's network or computer for mining cryptocurrency.
- This attack is aimed to make a profit by mining off on victim's resources
Avoiding Security Threats¶
- Regularly changing passwords
- Using Two-Factor/Multi-factor Authentication
- Not using public Wi-fi without a VPN
How can businesses manage Cyber security risks¶
- Implement a risk management process to detect, assess, and manage risks
- A robust Cyber security architecture that complies with the current security standards and best practices.
- Identify risk metric that indicates the organisation's current level of cyber threat.
- How much will it cost the organisation to mitigate the risk?