Tech Explained: Cybersecurity

ga(‘send’, ‘event’, ‘Uncategorized’, ‘article’, ‘article-industry-impression’, {nonInteraction: true});

Cybersecurity is the practice of protecting computer hardware, software and networks from digital attacks. These attacks may be aimed at accessing personal information, extorting money from users, interrupting business processes or destroying information. Today, with digital pervading in every corner of our lives, it is more important than ever to protect against digital attacks. This is especially true as attackers are constantly becoming more innovative. So, how does cybersecurity work?

First, what are the threats from cyber attackers? Ransomware is a program that locks the victim’s computer system files, often through encryption. The hacker then demands payment to unlock the files. Malware is any type of software used to harm a computer network. Worms, viruses, Trojan horses and spyware are all forms of malware. Social engineering relies on human interaction to trick victims into giving out their passwords. This may include callers pretending to be the victim’s bank or utility company. Phishing is the sending of fake emails that are designed to look like they are from a reliable source, such as a credit card company. The intention of the emails is to get the victim to give out their security information.

One of the most basic and easiest forms of cybersecurity is the use of random and non-intuitive passwords. Best is to use a random string of letters and numbers, mixing upper and lower case. Users should also implement 2-factor authentication for all sites that offer it. This often requires an SMS message or code from your phone when someone tries to log in from an unknown device. Password managing software can help with this.

In the future, facial recognition may be commonly used in addition to, or instead of, passwords. In 2017, Apple announced that some of its new iPhone models will use a facial recognition security technology called Face ID in place of a fingerprint or numerical password. Before this, in 2015, credit card company MasterCard began testing a technology called Identity Check, which allows cardholders to authenticate payments by taking a selfie with their phones and transmitting it to the credit card company, which then runs it through facial recognition software. Advances in AI and facial recognition software may make this type of security feature more commonplace.

Another important element of cybersecurity is application security. Many people allow applications on their phone to access their location and contacts. This can be used to collect personal information on the user. One way to add security to this is to use in-app passcodes. This prevents people from accessing both your phone and your app.

In a business context, information security can be achieved by having in place info-security procedures that meet the ISO 27001 standards. At their most basic, these include anonymising of sensitive data, changing passwords when employees leave and creating layers of access to data within the company.

Many companies are also developing innovative ways to fool or foil cyber attackers. In 2017, the Macron campaign successfully foiled Russian cyber attackers by stuffing their servers with phoney documents and made-up passwords. They created false accounts, with false content, so that the hackers had to verify every account, wasting a huge amount of time. A number of companies have developed products designed to lay down breadcrumbs for unwitting hackers to follow, leading them into decoy servers that are rigged to alert the security team. Other active defence tools include the ‘honey badger’ – a live server with no real use, complete with administrative controls. If it is hacked, it locates the source of the cyber-attack and tracks its location with a satellite picture. Another tool is to place electronic ‘beacons’ in documents that detect when and where data is accessed.

Springwise has covered a number of other companies that offer innovative ways of increasing security. These have included a platform that prevents theft of online images, an app that can shield the users’ identity, and a robot lawyer that uses algorithms to protect personal data.

Takeaway: As more and more information becomes stored in all types of devices, it will be increasingly urgent for people and businesses to be able to protect themselves. This will require that users constantly update themselves on the latest cybersecurity features. It may also require new types of business, designed around helping people protect their data. What types of business models could help improve cybersecurity?

Source: New feed 1