Did you know that October is the National Cyber Security Month? Well, now you do. Thank me later. Today, we will be looking in depth at the elements of cyber security. Without further ado, let’s dive straight into it:
Types of Cyber Security
Earlier on, I mentioned the principles of cyber security which included confidentiality, integrity and availability. Those are not to be confused with the types or elements of cyber security that we will indulge into. The types are grouped according to the specific entity that should be protected. These are:
- Network security
This refers to the policies and procedures applied by network administrators for the protection and monitoring of network accessible and interaction related resources against unauthorized intrusion with malicious intent, modification and exploitation. Recently, they have adapted the use of machines that flag irregular traffic and alert to threats in real time.
Users are subjected to password, ID or other forms of authentication checks which subsequently allow access and utilization of the given domain. This can be done in three ways. First, password only validation, which is termed as one factor based. A password plus either a card, mobile phone, security dongle or token termed as the two factor based. The three factor based compromises of any two factor based pair in addition to fingerprint or retinal scan.
Popular examples include:
- Monitored internet access
- Antispyware software
- Extra logins
- New passwords
- Antivirus programs
- Application security
To avert denial-of-service attacks, an anomaly-based intrusion detection system is used which monitors network traffic. Trojans and worms are detected by antivirus programs and other intrusion prevention systems. Access policies are dictated by firewalls. Communication between two parties is encrypted and individual events within the system subjected to top notch scrutiny and audit later on.
Other attacks associated with network security include:
- SQL injection
- Heap overflow
- Idle scan
- DDoS attack
- ARAP poisoning
- Port scanner
- Format string attack
- Smurf attack and wiretapping
- Application security
Application are easily accessible over networks, making the adoption of security at the development stage critical. This is where application security come in. It constitutes of both software and hardware systems that mitigate any external threats incurred at the development stage.
Mostly utilized systems include firewalls, encryption and antivirus programs. It involves identifying the potential threats, effectively enhancing the existing security of the application itself, the network involved and the host and finally embedding the security at this development stage. Common application threats include:
- Cryptography related like weak encryption and poor key generation
- Authentication related like dictionary assaults and network eavesdropping
- Configuration management related like illegitimate access to administration controls and entry to configuration stores
- Sensitive information related like tapering with data and eavesdropping network lines
- Logging and auditing related like exploitation of an application
- Authorization related like tampering with sensitive data and inviting attacks
- Input validation related like buffer overflow and SQL injection
- Session management related like replaying and hijacking sessions
- Parameter manipulation related like query manipulation
- Exception management related like denial-of-service.
3. Internet of things (IoT) security
This deals with physical systems like wifi routers, sensors, printers, televisions and other appliances. Their market is set to grow to about $520 billion by 2021. They are very vulnerable and offer little to no security patching. However, according to McKinsey calculation on the total impact of IoT on the world economy by 2025, the opportunities generated outdo the risks by a landslide. The major vulnerabilities associated with IoT include:
- Insecure network services
Hackers exploit vulnerable network services to attack the devices themselves and subsequently use those compromised devices to attack others
- Insecure web interface
Here, attackers utilize weak credentials or capture plain text credentials to access web interface. This might cause total take over, data loss or denial of services.
- Lack of transport encryption
This allows third parties to see data transmitted over networks. Upon exposure of such data, a device or user account can be compromised.
- Insufficient authentication or authorization
Such an attack compromise the device and cause denial of services. A hacker uses brute force to access a target interface, especially one with weak passwords or poorly protected credentials.
- Privacy concerns
This attack is solely for the acquisition of personal user data that can then be used to do other cyber attacks. Hackers use vectors to view, and in other cases collect poorly protected user information.
- Cloud security
It is no doubt the cloud is taking over. This can be attributed to the effective and improved security systems in place. Users trust the cloud because their privacy is always guaranteed and their data safe thanks to the always advancing security. It uses a software that monitors and protects all the data in the service provider environment.
Alerts’s Logic Cloud Security report found that in comparison to attacks on-premise environment users which stood at average of 61.4, a cloud user or service provider environment user experience about 27.8. This evidently makes the risk of a security breach minimal.
- Critical infrastructure security
Examples of critical infrastructure include hospitals, traffic lights, electricity grids, shopping centers etc. These are the pillars modern societies fully rely on to run smoothly. Imagine how vulnerable it would be if traffic lights control data was on the internet, easily accessible to attackers. If compromised, traffic would come to a stand still, a snarl up here, an accident there.
This is why organizations responsible have to thoroughly investigate and identify all the possible threats and risks involved and proactively protect their business against them. Organizations indirectly associated with critical infrastructure also need to exhaustively assess how a compromise would affect their own business and come up with a contingency plan.
These are just some of the elements of cyber security, there are others like Endpoint security, Data security, Mobile security, Identity management and End user education. The End user education is a pivotal element that focuses on the human aspect of cyber security, which we will look at in a subsequent article.