The impact of a cyber-security breach is increasingly apparent in business today because of our dependency on a secure connection throughout the workday.
For example, in our everyday routines, we rely on a secure connection when conducting business tasks such as:
- Email correspondence
- Financial transactions
- Collaborative work documents
- Storing information
With that, new risks and new problems arise, one of the most widespread today being the threat of a cyber-breach when one of the above lines of communication aren’t secure.
In this post, we will run through how cyber-attacks can impact your organization’s confidentiality, integrity, and availability. We’ll also cover the four ways cyber-attacks are executed in those areas.
After reading through this post, you’ll have a clear 360 view on cyber threats and full awareness of the cyber war-zone.
The CIA Triad
In the world of technology, there is a model known as the ‘CIA triad’ designed to guide policies for information security within an organization.
The elements in the triad consist of the three most critical components of security such as confidentiality, integrity, and availability.
To maintain the sustainability of all three components requires implementation through controls with examples, such as:
- Administrative controls: security awareness training
- Technical controls: setting up firewalls, encryptions, etc.
- Physical controls: motion or thermal alarm systems, or closed-circuit surveillance cameras
Below are the three components explained in detail, and the impact cybersecurity attacks can have on each of them.
Impact on confidentiality
In this context, confidentially is used to keep data private or in secrecy.
Measures must be taken to ensure confidentiality is created to prevent unwarranted people from accessing and compromising important and personal data.
Stealing, or rather copying, a target’s confidential information is how many cyber-attacks begin, including criminal attacks like:
- Credit card fraud
- Identity theft
- Stealing bitcoin wallets
For example, nation-state spies make confidentiality attacks a major portion of their work, seeking to acquire confidential information for political, military, or economic gain.
Two-factor authentication (2FA) and security tokens are common ways to ensure confidentially, as well as data encryption and soft tokens.
Impact on Integrity
Also known by its common name, sabotage, integrity attacks seek to corrupt, damage, or destroy information or systems, and the people who rely on them.
Integrity attacks can be as simple as a subtle typo for the purpose of sabotaging a target.
Sustaining integrity involves maintaining the accuracy, reliability, and consistency of data while refraining unauthorized users from altering or misusing data in transit.
Methods to maintain integrity include:
- File permissions
- Access controls
- Version control
Impact on integrity can also be a result of non-human caused events and can be prevented through performing a backup copy of your data.
Impact on availability
Availability is the guarantee of reliable access to sensitive data by authorized users. This requires proper and rigorous maintenance of hardware and software.
Performing hardware repairs and maintaining a running operating system environment that is free of software conflicts is key to safeguarding the availability of sensitive data.
Preventing a target from accessing data is most frequently seen today in the form of ransomware, distributed denial-of-service (DDos) attacks and network intrusions.
For example, ransomware encrypts a target’s data and demands a ransom to decrypt it. A DDoS attack floods a network resource with requests, making it unavailable.
To prevent data loss and sustain availability, security software such as proxy servers and firewalls can guard against the availability of your data from a DDoS.
Special cybersecurity intel from our CEO, Matt Rosenthal…
Top 4 ways these attacks are carried out:
Sometimes the best way to steal someone’s password is to trick them into revealing it. This accounts for the remarkable success of social engineering attacks.
Social engineering refers to psychological manipulation of people to trick them into revealing confidential information through a broad range of malicious activities.
Cyber attackers aren’t going to hack a computer if they can hack a human instead. We are a hacker’s preferred target of choice since we tend to make mistakes more often than a machine.
Socially engineered malware often used to deliver ransomware, is the number one method of attack.
Other social engineering attack methods are:
Even smart users, well-trained in security, can fall for ones of these attacks.
That’s why the best defense is ongoing user security awareness education. You should train your employees to refrain from opening emails and attachments from suspicious sources and to be wary of tempting offers.
Also, you can use two-factor authentication (2FA). A stolen password is worthless to an attacker without a second factor, such as hardware security token, or soft token authenticator app on the user’s phone.
Unpatched software is a term used to define a computer code with known security vulnerabilities.
When security weaknesses arise in computer code, software vendors write additions to the code known as “patches” to cover up security “holes” in the code.
Running unpatched software is risky because hackers are well-aware of vulnerabilities once they emerge.
Consider this example:
- In 2017 Equifax failed to update vulnerability in a Java virtual machine for two months causing hackers to access over 145 million credit reports.
This lack of due diligence resulted in the company’s stock to drop by 31%, erasing $5 billion in market cap, and costing the CEO his job.
If weeks, months, or years pass after disclosure of a vulnerability, and your enterprise has not applied a security patch, you open yourself to major risk as well as accusations of negligence.
Keeping your software up-to-date and patched is the best countermeasure against this attack.
Social media is no longer just for connecting with family and friends, sharing photos, or picking the top trending hashtags. It has now become a cyber-criminals playground and a risk for your business.
Specifically, a study by Nordic Backup reported that:
- One in eight major enterprises will have security breaches due to social media hackers this year.
Popular social media networks like Facebook, LinkedIn, and Twitter are the top 3 victims to scams.
For example, the biggest attack in Facebook history happened last year when up to 50 million accounts were exposed to hackers.
A vulnerability was found in Facebook’s ‘view as’ feature. This feature lets users see how their accounts look to other users.
Hackers were then able to steal users access tokens which are equivalent to digital keys that keep people logged in to their accounts without the need to re-enter their password when signing in. Users’ private information was obtained, giving hackers the ability to log into accounts on other sites that users access via Facebook.
Exposing any personal information on your account can give hackers easy access to use your information to launch targeted phishing emails containing malware links.
Also, catfishing isn’t just for the dating scene. Believable sock puppet accounts, known as an online identity created to deceive, can worm their way through your network.
A way to prevent social media espionage is to reinforce your privacy setting and refrain from publically posting personal notes or photos.
Advanced persistent threats
An advanced persistent threat (APT) is a term used to describe a cyber attack in which a hacker gains access to a network and goes unnoticed for an extended period.
Rather than causing damage to a business’s network in an instant, the main goal of an APT attack is to steal data over a long period of time by monitoring ongoing network activity.
Typically, APT attacks target enterprise organizations with high-value information such as:
- National defense
Methods such as spear phishing and other social engineering techniques are used to gain access to a targeted network. Some APTs are so complex that a full-time administrator is required to monitor and maintain the systems and software in the network.
There are specific warning signs to look out for after a network has been a target of an APT, such as:
- Unusual database activity and data files
- Increase in quantity of data
- Uncharacteristic activity on user accounts
If you are involved in a major corporation in one of the sectors mentioned above, don’t be surprised if multiple APTs are playing hide-and-go-seek on your corporate network.
If you’re in business, you’re at risk- no matter the size
Even though warnings about cyber-attacks are all over the news many businesses still believe a breach won’t happen to them, and small businesses tend to assume they’re not a target at all.
It’s important to understand that cybercriminals don’t discriminate against size.
A study done by Small Business Trends reported that:
- 43% of cyber-attacks target small businesses.
The reality is that every business, small or large, will eventually have a breach of some sort.
The impact of a breach will vary depending on the answer of the below two questions businesses should ask themselves:
- Do we have preventative measures in place to minimize the impact of a breach?
- After a breach, do our preventative measures enable us to get back to business as quickly as possible?
If you’re unsure of the answer to the above two questions, contact a trusted IT provider to run through what you’ve learned in this article.
It’s always a good time for your business to tighten security by evaluating how your company is handling its data.
Don’t forget to pick your provider with care! Learn more about cybersecurity solutions by scheduling a call with a Mindcore Security Specialist HERE.