A layman's introduction to cybersecurity
Correspondent | Friday June 5, 2020 12:42
The post COVID-19 era is bringing in a ‘new normal’.
Part of this new normal is increased digital interconnectedness. In the new normal, people are expected to fulfill their professional and life vocations remotely through the use of cyber technology.
Communications networks will be right at the centre of this transformation.
As handy as it is becoming, cyber technology requires a high sense of enlightenment and caution on the part of the user for impact to be made.
Cyber space is infested with all kinds of security threats that, if not tackled appropriately, can cause damage to data, networks, computers or any gadgets used to access technology.
Cybercrime, cyber terrorism cyberbullying and misinformation are amongst the leading threats to sustainable use of the internet.
As many are expected to increase their usage of communications networks through remote connectivity, either at homes or mobile, it is crucial that one applies the necessary measures to prevent cyberattacks. Computer and network security should longer just the preserve of institutional settings anymore.
Home networks and mobile gadgets are and will increasingly become targets, particularly in the anticipated highly digitalised ‘new normal’.
This article therefore seeks to raise awareness on cybersecurity threats and outline measures that one can apply to protect their networks and gadgets
What is cybersecurity?
Cybersecurity, which is sometimes referred to as Information Security, is the practice of protecting Systems, Applications and Networks from Digital Attacks. The approach to Cybersecurity is multi-layered and in organisations the People, Process and Technology must all work together for a successful defence against Cyber Attacks. At the core of Information Security is Confidentiality, Integrity and Availability more commonly known as the CIA triad, these three elements are essentially the goals for information Security.
Common cyberattacks in Botswana?
(Home networks and office networks)
In general, the most common cyber-attacks in Botswana are Social Engineering related type of attacks, (One way or another we have all come across this type of attack, as you will come to realise). As the name suggests Social Engineering is the psychological manipulation of someone into performing actions or divulging confidential information or information they wouldn’t otherwise share publicly. The attacker lures an unsuspecting victim into clicking a link or visiting an infected website with the goal of infecting or inserting malware on the victim’s endpoint.
There are several ways that a Social Engineering attack can be carried out from Phishing, Vishing, Smishing, Pretexting, Waterholing etc but the most common way that a social Engineering attack is carried out and the method that I will be covering here is through a method referred to as Phishing.
Phishing – Which is typically carried out via email is a technique where the attacker tries to fraudulently get hold of personal or private information or it could just be to trick the victim into clicking a link that could install some malware into your machine- leading to other type of attacks.
There are several types of Phishing and ironically, they also have specific names attached to them beyond the general term of “Phishing”. I will just touch on only two types being Spear Phishing and Whaling.
To give further context to the two types mentioned above- In general Phishing is usually a broadcast or an email sent to a large number of people by the Attacker also known as the Phisher. At one point we have all received an email purportedly from a legitimate or known source asking as to claim a prize, to follow a link to get freebies or fill out a questionnaire and stand a chance to win a fancy gadget.
Spear Phishing is a targeted type of Phishing attack, usually targeted towards someone who handles data or a function of interest, this could be someone who makes payments or handles the payroll or just anyone in relation to what the attacker is trying to achieve.
Whaling on the other hand is the same as Spear Phishing except that the target is a high-profile individual, this could be the CEO, CFO or even a board member as these individuals usually have access to classified information.
Other Common cyber-attacks that have been around for a long time are Malware and Ransomware Attacks briefly described below.
Malware which is a word derived from malicious software is software code which is written specifically for the purpose of malicious intentions, this could be delivered to a victim through Phishing or just by a user clicking on random links on the internet and sometimes it comes hidden in free applications which users usually download to avoid paying for software.
Ransomware In its basic form just lures a user into clicking a link that will install some malicious ware on your machine inevitably encrypting all your data and “holding you at ransom”. If payment is not made the attacker doesn’t give you the key to unencrypt your data and you end up losing your data.
With digital currency around these days the attacker may demand payment in bitcoins as it is faster and could be quite difficult to trace the destination of the funds.
Common ways computers and networks become exposed
The most common ways Computer systems become exposed is because of lack of security updates/patches. Criminals are constantly looking for loopholes to take advantage of and application owners and software developers need to be on their toes, whenever a vulnerability is discovered in their software/application they need to act fast and release a patch to protect their integrity and their users. More often than not attackers gain control of a server or computer system through an existing vulnerability, this could be delivered by means of malware which is installed on a computer system by means of a Phishing attack.
How to ensure protection against each of these and other forms of cyberattacks
In the context of organizations protecting a network is a whole topic in itself as a layered approach is required where security is concerned, there is no one thing that will protect you from all types of attacks- but making reference to the type of attack mentioned above called Phishing I will highlight on the need for user security awareness training for all staff members from the cleaners to the CEO as this is the cheapest form of defence and yet can defend against the most common type of attack, it’s common knowledge that the weakest link in Security is “The human element” technology can only do so much which is why Phishing is very common because in essence it’s easier to “ask” someone to install malware for you than it is to break/hack into a computer system and install it yourself.
If you are working from home always use VPN software to connect to the Office Network.
In Home Networks, which are generally very small, usually with just a modem connecting you to the outside world – it’s imperative that you protect your endpoints - this being all laptops, computers and cellphones connecting on your home network. Firstly, you need to have some form of antimalware or endpoint protection software on all your home machines or commonly referred to as an antivirus. You could get good antivirus software to share with your family members for an annual subscription of P400-P500 which is a small price to pay for the risks of not having one or if you are really low on budget, at least install a free version, but like they say - there is no such thing as free but better to have something rather than nothing.
Ensure that your Operating System is patched to the latest software/security patches. It’s just best to set your computer to auto install the latest updates whenever they are available. Also ensure that your antivirus software is updated regularly as well, which is what you get from the annual subscription.
Backing up your data is best practice everywhere, invest in a portable hard drive and keep all your important data backed up on a hard drive not only to protect yourself should your computer crash but to also to protect yourself from ransomware attacks- because if you have the data backed up you do not need to pay any ransom should your computer be attacked and its data is encrypted.
On your home Wi-Fi modem – change your password regularly so the device itself is not hacked and have an attacker sniffing all your personal data. Always insist in entering the Wi-Fi password for your friends and family. Don’t just give them the password.
Most modems have some basic firewalling features so if you are feeling adventurous you can read up and play around with these. You can also ask someone with basic IT knowledge to help you set up the modem such that only devices that you know can connect to the Wi-Fi by using MAC filtering. Always use strong passwords for everything that you access. There are arguments both for and against password manager applications like LastPass or Vault etc, but personally I use a password managers except for my online banking passwords which are always stored in my head because honestly it’s a little impractical to use unique passwords for everything that you access and to change these passwords regularly and still be expected to remember ALL these unique passwords, so rather remember one really strong password for your password manager that you change regularly which encrypts and stores all you other passwords except your banking passwords. But never ever write these passwords down, whether on your phone or in your diary.
Where possible always use Two Factor Authentication if it’s supported by the site you are accessing.
*Theo Bogatsu is a Network Security Engineer with BOFINET
THEO BOGATSU*