The impact of a cyber security breach is increasingly apparent in business today because of our dependency on a secure connection throughout the workday. For example, in our everyday routines, we rely on a secure connection when conducting business tasks involving:
- Email Correspondence
- Networking
- Financial Transactions
- Collaborative Work Documents
- Storing Information
Whenever one of those lines of communication is insecure, new risks and problems emerge, one of which is the threat of a cyber security breach.
This post will explain how cyber attacks can impact your organization’s confidentiality, integrity, and availability. Our discussion will also include the four ways cyber attacks are executed in those areas.
After reading through this post, you’ll have a clear 360 view of cyber threats and full awareness of the cyber war zone.
The CIA Triad
In the world of technology, there is a model known as the “CIA triad” designed to guide policies for information security within an organization. The principles in the triad consist of the three most critical components of security:
Confidentiality
Only authorized individuals have access to secure information.
Integrity
Secure systems and information are always accurate and complete.
Availability
Access to secure information is always available to those who need it.
All three principles of the CIA Triad must be implemented through security controls in order to maintain sustainability, such as:
Administrative Controls
Administrative controls refer to policies or procedures that define personnel or business practices according to the security goals of an organization.
Examples of administrative security controls include:
- Bring Your Own Device Policies
- Incident Response Plans
- Security Awareness Training
- Password Management Policies
Physical Controls
Physical controls implement security measures in a defined structure intended to prevent unauthorized access to sensitive information.
Examples of physical security controls include:
- Biometrics (Face Recognition, Fingerprint, Voice Recognition)
- Closed-Circuit Surveillance Cameras
- Motion Alarm Systems
- Picture IDs
- Security guards
Technical Controls
Technical controls use technology to reduce vulnerabilities in hardware and software.
Examples of technical security controls include:
- Antivirus Software
- Encryption
- Firewalls
Below is an in-depth look at three principles of information security and the potential impact cyber security attacks may have on them.
Impact on Confidentiality
The goal of confidentiality is to keep data private.
It is important that measures are taken to maintain confidentiality in order to protect personal, sensitive, and valuable information from being accessed or manipulated by unwarranted people.
Stealing or copying a target’s confidential information is how many cyber attacks begin, including criminal attacks like:
- Credit Card Fraud
- Identity Theft
- Stealing Bitcoin Wallets
For example, nation-state threat actors make confidentiality attacks a major portion of their work, seeking to acquire confidential information for political, military, or economic gain.
Two-factor authentication (2FA), security tokens, soft tokens, and data encryption are common ways to ensure confidentiality stays intact.
Impact on Integrity
Also known by its common name, sabotage, integrity attacks seek to corrupt, damage, or destroy information or systems and the people who rely on them.
Integrity attacks can be as simple as a subtle typo for the purpose of sabotaging a target.
Sustaining integrity involves maintaining the accuracy, reliability, and consistency of data while preventing unauthorized users from altering or misusing it in transit.
Methods to maintain integrity include:
- File permissions
- Access controls
- Version control
Impact on integrity can also result from non-human caused events and can be prevented through performing a backup copy of your data.
Impact on Availability
Availability is the guarantee of reliable access to sensitive data by authorized users, which requires proper and rigorous maintenance of hardware and software.
Performing hardware repairs and maintaining a running operating system environment free of software conflicts is key to safeguarding the availability of sensitive data.
Preventing a target from accessing data is most frequently seen today in the form of ransomware, distributed denial-of-service (DDoS) attacks, and network intrusions.
For example, ransomware encrypts a target’s data and demands a ransom to decrypt it. A DDoS attack floods a network resource with requests, making it unavailable.
To prevent data loss and sustain availability, security software such as proxy servers and firewalls can guard against the availability of your data from a DDoS.
Special Cyber Security Intel from our CEO, Matt Rosenthal
Click here to schedule your free 30-minute cybersecurity consultation with Matt.
Top 4 Ways Cyber Attacks are Carried Out
Social Engineering
Sometimes the best way to steal someone’s password is to trick them into revealing it, which accounts for the remarkable success of social engineering attacks.
Social engineering refers to the psychological manipulation of people to trick them into revealing confidential information through a broad range of malicious activities.
Cyber attackers will not hack a computer if they can hack a human instead. Humans are a hacker’s preferred target of choice since we tend to make mistakes more often than a machine.
The number one method of attack is socially engineered malware, which is commonly used to deliver ransomware.
Other social engineering attack methods are:
- Baiting
- Scareware
- Pretexting
- Phishing
Even smart users, well-trained in security, can fall for one of these attacks.
That’s why the best defense is ongoing user security awareness education. You should train your employees to refrain from opening suspicious emails and attachments from suspicious sources and to be cautious of tempting offers.
Also, you can use two-factor authentication (2FA). A stolen password is worthless to an attacker without a second factor, such as a hardware security token or soft token authenticator app on the user’s phone.
Unpatched Software
Unpatched software is a term used to define a computer code with known security vulnerabilities.
When security weaknesses arise in computer code, software vendors write additions to the code known as “patches” to cover up security “holes” in the code.
Running unpatched software is risky because hackers are well-aware of vulnerabilities once they emerge.
Consider this example:
In 2017 Equifax failed to update the vulnerability in a Java virtual machine for two months causing hackers to access over 145 million credit reports.
This lack of due diligence resulted in the company’s stock dropping by 31%, erasing $5 billion in market cap, and costing the CEO his job.
If weeks, months, or years pass after disclosure of a vulnerability and your enterprise has not applied a security patch, you open yourself to major risk and accusations of negligence.
Keeping your software up-to-date and patched is the best countermeasure against this attack.
Social Media
Social media is no longer just for connecting with family and friends, sharing photos, or picking the top trending hashtags. It has now become a cyber-criminals playground and a risk for your business.
Specifically, a study by Nordic Backup reported that:
One in eight major enterprises will have security breaches due to social media hackers this year.
Popular social media networks like Facebook, LinkedIn, and Twitter are the top 3 victims of scams.
For example, the biggest attack in Facebook history happened in 2018 when up to 50 million accounts were exposed to hackers. A vulnerability was found in Facebook’s ‘view as’ feature, which lets users see how their accounts look to other users.
Hackers were able to steal users’ access tokens which are equivalent to digital keys that keep people logged in to their accounts without the need to re-enter their password when signing in. Users’ private information was obtained, giving hackers the ability to log into accounts on other sites that users access via Facebook.
Exposing personal information on your account can give hackers easy access to use your information to launch targeted phishing emails containing malware links.
Also, catfishing isn’t just for the dating scene. Believable sock puppet accounts, or online identities created to deceive, can worm their way through your network.
A way to prevent social media espionage is to reinforce your privacy setting and refrain from publically posting personal notes or photos.
Advanced Persistent Threats
An advanced persistent threat (APT) is a term used to describe a cyber attack in which a hacker gains access to a network and goes unnoticed for an extended period.
Rather than causing damage to a business’s network quickly, the main goal of an APT attack is to steal data over a long period of time by monitoring ongoing network activity.
Typically, APT attacks target enterprise organizations with high-value information such as:
- Manufacturing
- Financial
- National Defense
Methods such as spear phishing and other social engineering techniques gain access to a targeted network. Some APTs are so complex that a full-time administrator is required to monitor and maintain the systems and software in the network.
There are specific warning signs to look out for after a network has been a target of an APT:
- Unusual Database Activity and Data Files
- Increase in Quantity of Data
- Uncharacteristic Activity on User Accounts
If you are involved in a major corporation, don’t be surprised if multiple APTs are playing hide-and-go-seek on your corporate network.
If You’re in Business, You’re at Risk – No Matter the Size
Even though warnings about cyber attacks are all over the news, many businesses still believe a breach won’t happen to them, and small businesses tend to assume they’re not a target at all.
It’s important to understand that cybercriminals don’t discriminate against size.
A study done by Small Business Trends reported that 43% of cyber attacks target small businesses!
The reality is that every business, small or large, will eventually have a breach.
The impact of a breach will vary depending on how your company answers the following questions:
- Do we have preventative measures in place to minimize the impact of a breach?
- After a breach, do our preventative measures enable us to get back to business as quickly as possible?
Contact a Mindcore Cyber Security Specialist
If you’re unsure of the answer to the above two questions, contact a trusted IT provider to run through what you’ve learned in this article.
It’s always a good time for your business to tighten security by evaluating how your company is handling its data.
Don’t forget to pick your provider with care! Learn more about cyber security solutions by scheduling a consultation with Mindcore Security Specialist!
