Unmasking cyber security
Data loss, ransomware, denial of service attacks. Cyber security has certainly been thrust from the windowless rooms of data centres into the headlines in recent years. If you’re not an IT professional, it can all seem a little overwhelming, so what exactly is cyber security?
Cyber security uses technology and techniques to protect against attackers. We do this by designing systems with multiple layers of defence to protect against vulnerabilities and weaknesses in an application.
Where do these vulnerabilities come from?
The software running on the device you are reading this article on has up to 50 million lines of code. Code written by thousands of people in multiple teams. That’s a lot of room for errors. Attackers, or Black Hats, and security researchers, known as White Hats, spend their time analysing systems and finding vulnerabilities.
Black Hats then use this information to create viruses or malware. White Hats report this information to software developers who create patches, which are small pieces of code, that fix these vulnerabilities.
Often, viruses or malware exploit known vulnerabilities. For example, the ransomware WannaCry took advantage of vulnerabilities that had patches available for several months. Yet many businesses hadn’t yet applied them. Applying patches to applications and infrastructure is one of the simplest and most effective ways to protect your business, but is often overlooked.
Patches only work when dealing with a known problem. Sometimes Black Hats find a vulnerability first. And sometimes, people can unwittingly introduce vulnerabilities through misconfiguration of systems. It is for this reason we use multiple layers such as firewalls and intrusion detection tools when designing a system. Anti-virus applications can also help provide protection.
Attackers don’t always use vulnerabilities to gain access to a company or cause disruption. They can also use techniques known as social engineering where the attacker ‘hacks’ your employees. They spend time researching your organisation or an individual to trick employees into installing malicious software or giving away sensitive information such as passwords.
One of the most common social engineering methods is phishing emails. These are crafted emails designed to trick you into clicking on a malicious link or opening a document which installs malware. For this reason, it’s important to make sure your employees are educated on techniques attackers use. You can also disable their ability to install applications, which can help prevent the installation of malware.
Lastly, your supply chain is often overlooked. Your suppliers may have access to your sensitive data such as information you hold about your customers. In the event of an incident, your reputation is at stake, not necessarily the supplier’s. To ensure they take cyber security seriously, you need to ask partners the same questions you do of your own IT team and build conditions into the contract. This is usually done as part of a third-party or supplier security assessment.
So where should you start?
Security is an ongoing challenge but there are some basic questions you should ask yourself right now:
- How are we making sure we consider cyber security? Who is responsible for making sure it happens? Consider bringing in cyber security specialists to help you, especially if you have a web presence.
- How often are we applying patches? Are we applying them on our applications and infrastructure?
- Have we changed all the default passwords on applications and infrastructure? Have we made sure the right people have access to our systems? Ensuring the right access can help limit the impact of attackers.
- How often do we back up our data and when did we last test it? If something does go wrong, you need a clean back up to restore from.
- How do our supply chain providers manage security? Ensure you review your providers as part of their onboarding.
It’s important to remember that it’s not a matter of if you’ll be targeted by cyber criminals, but when. Taking care of your cyber security basics can be the difference between being devastated by an attack, or being able to deflect it all together
Kate Healy is Principal Cyber Security Consultant with Aleron.
Kate is a cybersecurity professional with more than 17 years’ global experience. She is currently Principle Cyber Security Consultant at Aleron. Her skills in cybersecurity, infrastructure, risk management and stakeholder management have helped companies such as Westpac, Qantas, Standard Chartered Bank and Commonwealth Bank of Australia better understand and reduce their cyber risk. Kate believes organisations need to move beyond traditional approaches to cybersecurity and embrace new ways of thinking to get ahead of increasingly-sophisticated cybercriminals.
Kate has held cybersecurity roles at major financial institutions including Commonwealth Bank of Australia, Standard Chartered Bank, MLC Australia, National Australia Bank and Westpac, as well as roles at Telstra and IBM.
She has a Bachelor of Computer Science from University of Wollongong.
Alan Douglas
September 16, 2017 at 12:15 pm
People around the world like Kate work hard to protect our systems from viruses and malware intrusions. The companies which produce the software we use also do their best to make their systems foolproof, although with so many programmers and systems analysts this is difficult. Once again we become the weak link in the chain, that is the average user – people who take shortcuts, don’t keep their software up-to-date or who click on too-good-to-be-true offers. It just goes to show that we can’t be adequately protected from ourselves.
Maybe this is a good time to remind readers that you can see the sender’s address on an email by simply resting the cursor on the comment for a second or so. If you (generally) don’t recognise the country of origin, it’s probably a nasty.
Anti virus programs generally need to be run manually on a daily basis to be effective. The reason for this is that viruses can be planted in sections, each of which is harmless in itself and therefore invisible to the anti virus program. It is only when the last section is installed that the whole program becomes active.