Cybersecurity is the area of action that aims to guarantee the security and protection of information and the technological infrastructure generally associated with Internet Security. This technology can be corporate in nature, such as servers, databases, routers, firewalls, among others, but it also focuses on individual information, such as computers, mobile devices or even IoT (Internet of Things) devices.
Data protection is increasingly an area of vital importance not only for companies, but also from a personal point of view, since the use of information technologies grows exponentially, thus increasing the need and risk of information security.
Cybersecurity is a very broad area of action with application not only limited to information technologies, but also to the components of processes and people (users), since these are also potential vectors of attack and exploitation of potential vulnerabilities with techniques such as social engineering.
Cybersecurity is the practice that works consistently to assess risk and make structured risk management and mitigation decisions, in order to minimize them to an acceptable level, taking into account their benefit.
Who are the attackers?
Around 70% of attackers have the sole intention of cybercrime, and the rest are made up of online activists (hacktivism), espionage, among others.
In the context of cybercriminals, there is a growing trend of organized, structured and financed groups, with the purpose of obtaining economic gains. These groups act as a real company, with professionals dedicated to cybercrime and with areas of specialization, according to the different types of cyberattacks and objectives.
What types of cyber attacks exist?
Imagine a scenario in which there is a burglary in a house with the aim of taking your material goods. In common language, the attack would be described as a “home robbery”, however, the home robbery had an entry vector, imagine that it had been the breaking of the lock.
Thus, in terms of cyber attacks, the following attack vectors are very common:
- Exploitation of technological vulnerabilities (known and that could be solved with an update, or unknown and called 0-Day) - Exploitation of authentication weaknesses - Exploitation of insecure design of architectures and systems - Exploitation of weak processes - Exploitation of flaws in the means of access to the Internet - Exploitation of insecure code/applications - Exploitation of insecure protocols - Exploitation of absence of technological controls - Exploitation of the lack of knowledge or preparation of the human vector through social engineering attacks - Among others
The terms used to describe the most common attacks, specifically, Ransomware, Phishing, Malware, Eavesdropping, Sql Injection, Zero-Day, among others, always leverage one or more of the attack vectors detailed above.