5 Types of Security Incidents You Should Know
From the router that provides access to the Internet in the home to the infrastructure of the top modern cities, the best security practices should be applied to protect data, information and privacy.
The threat of cyber-attacks on infrastructure is increasing, whether from terrorists, commecial hackers seeking valuable information, or simply bored people seeking a new thrill or challenge.
This is why it is important to have some knowledge about security incidents and how it can impact each one of us.
A malware is a general term that describes any virus. It’s what you get when you combine malicious intent with software: malware.
Trojans and worms are famous versions of malware. Risk management firms will always recommend not clicking on links or attachments in emails you don’t recognize.
APT/Advanced Persistent threat :
An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization. APT attacks target organizations in sectors with high-value information, such as national defense, manufacturing and the financial industry.
Example of APT : Deep Panda
In 2015, an APT attack affected the US Government’s Office of Personnel Mannagement. It was attributed to what is being described as an on-going cyberwar between China and the U.S. The attack compromised over 4 million US personnel records with fear that information pertaining to secret service may also have been stolen.
Ransomware is a malware which restricts access to the infected computer system, usually by encrypting les on a hard drive in order for the criminals responsible to extort a ransom for restoring access.
In recent years, the seizure of information stored by users and companies on various platforms has become one of the most important trends. The impact it can have on users, by preventing them from accessing all their information due to the action of malicious code, is very concerning.
It is one of the most important types of security incidents, as it takes full advantages of cases where a company’s lack of an effective backup strategy and ineffective security implementation exposes it to risk.
Example : WannaCry ransomware
The Wannacry ransomware attack was a worldwide cyberattack which targeted computers running the Microsoft operating systems by encrypting data and demanding ransom payments in the Bitcoin currency.
Cyber risk modeling firm estimated the potential costs from the hack at $4 billion, while other groups predict losses would be in the hundreds of millions. Here is a list of some companies that were affected by the global WannaCry ransomware attacks : NHS, Telefonica, Renault, FedEx, Nissan, Hitachi, Russia Central Bank, Russian Interior Ministry.
Crimeware or Phishing kit
Crimeware is any computer program or set of programs designed expressly to falicitate illegal activity online. Many spyware programs, browser hijackers and keyloggers can be considered crimeware.
One common type of crimeware is the phishing kit, a collection of tools assembled to make it easier for people with little technical skill to launch a phishing exploit. Phishing kits and other types of crimeware are readily available on the internet.
It is important to stress that these campaigns affect not only home users, but « small businesses, medium-sized companies, and even large enterprises.
According to the latest report by the Ponemon Institute, the average cost of these incidents was USD 7.7 million for the first half of 2015. Some of the companies cited in the report lost up to USD 65 million as a consequence of security incidents.
It is a combination of criminal data theft via hacking and public exposure of internal secrets that represents an emerging threat.
Example : The Ashley Madison case
A group calling itself Impact Team published a subset of account data stolen from Canadian firm Avid Life Media that operates the Ashley Madison website which promises to connect men and women who want to have an affair.
They posted personal information like e-mail adresses and account details of 32 million of the site’s members.
The hackers demanded the website to be shut down. When that didn’t happen, they released gigabytes of internal data in August, causing embarrassment to some individuals, and providing evidence for lawsuits against the company.
A simple security breach led to the exposure of secrets that were damaging to the reputation and business model of the organization.