The term ‘cybersecurity’ has become a part of our everyday vernacular. Cybersecurity refers to frameworks, tools and practices to keep technology systems and information secure. When we think of the emergence of cybersecurity we tend to think that it became ‘a thing’ with the existence of the Internet. Although todays cyber risks have substantially increased, the need to protect data residing on networks was always a concern. Insider threats and miscoding of software were the main issues, whether purposeful or accidental.
Slowly, as development in technology began to grow, so too did the cyber attack. One of the earliest infections in 1971 was known as the Creeper. This was a computer program that would move across a network and print a message “I’M THE CREEPER: CATCH ME IF YOU CAN”. Later, this malware was modified to replicate instead of just moving. Following this, a program called Reaper was created in order to move across the network and remove all instances of Creeper. These are generally recognized as the first virus and anti-virus programs and the birth of cyber attacks.
The late 1980s found reason to begin developing anti-virus scanners in an effort to identify and eliminate malware on computer systems and networks. Most of the products were signature based. This involved searching for a list of strings that would typically be found in the malware. The early versions were found to produce many false positives and were resource hogs, interfering with the user’s productivity. Malware samples started to multiply and soon became overwhelming for legacy anti-virus solutions, unable to keep up with the signatures.
Despite the anti-virus programs and endpoint protection platforms, the need for more defenses in hardware, software and personnel increased significantly in the 1990s. More systems were going ‘online’ and becoming accessible and vulnerable.
Very quickly, the attackers began to expand into a variety of attack modes.
- Lateral movement allows the attacker to run code and commands that can spread throughout the network.
- Fileless malware that does not rely on an executable file on the endpoint to trigger an malware injection. Instead, it wil user running processes and execute in RAM. This makes it very difficult to detect by anti-virus and endpoint security.
- Exploitation of known vulnerabilities is a way for miscreants to enter and spread malware throughout the system.
- Phishing by using social engineering can enable the attacker to gain entry without having to hack into the network.
- Data breaches continue to be a target for aggressors. Stealing, deleting or encrypting databases can lead to ransomware and costly recovery efforts.
- Supply chain attacks target a company’s vulnerabilities within their supply chain in order to gain access to the company’s assets or disrupt operations.
Cyber threats have become more sophisticated and persistant. To counter the threats, more protections and defenses are needed. Next generation firewalls and endpoint protection systems can assist with defending against some of these intrusions. Follow security best practices like strong passwords, MFA, patching and updating hardware and software. Protect your data with the use of encryption and back up procedures. Develop an incident response plan to help with recovery and business continuity. And don’t forget about end user education. Awareness of the cyber threats, what they can do and how to avoid them can fortify your overall security posture.
Cyber security is critical for protecting organizations, data and users. The cyber attackers have gotten more ruthless and have formed huge businesses out of their evil crafts. There is big money in cyber crime and therefore it is essential to develop a cyber defense workforce that can shield and safeguard legitimate businesses. The necessity to expand resources to develop processes and personnel is vitally important to a secure posture.