Cybersecurity Awareness Month

Have you ever received a phishing email? If so, you have experienced an attempted cyber-attack.

Cyber threats are a very real and persistent risk to us all, both personally and professionally. Cyber-attack attempts happen every single day. They are low-risk, potentially high-reward, and advances in technology have made it easier than ever. No one is immune to a cyber-attack and everyone is a target.

Understanding Cyber Threats and Attacks

A cyber-criminal is any individual or group that uses technology to commit illegal acts, such as stealing data, conducting fraud, or disrupting services. They can be petty criminals, hackers, terrorists, foreign intelligence agents, or even a compromised insider.

A cyber-threat is any malicious act with the intent to steal data, disrupt digital systems, damage information, or gain unauthorized access to a computer network or sensitive data.

A cyber-attack is any deliberate attempt to access, damage, or disrupt a computer system, network, or digital device.

Common Types of Cyber-Attacks

  • Phishing/Spear Phishing/Spoofing: Deceptive emails, messages, or websites designed to trick individuals into revealing sensitive information.
  • Malware: Malicious software like viruses, worms, and spyware that can steal data, disrupt systems, or gain unauthorized access.
  • Ransomware: A type of malware that encrypts a victim’s files and demands a ransom for the decryption key.
  • Man-in-the-Middle (MitM) attacks: An attacker secretly intercepts and possibly alters communications between two parties.
  • Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS): Attacks that overwhelm a server or network, making it unavailable to its intended users.
  • SQL Injection: A technique where attackers insert malicious code into a server’s database.
  • Zero-Day Exploit: An attack that targets a vulnerability in software before the developers are aware of it.
  • Password Attacks: Attempts to gain access to accounts by guessing passwords or using brute force methods.

What is the Goal of a Cyber-Attack?

Ultimately, cyber-criminals want to obtain or steal information that can be sold or used to exploit an individual or organization. High value targets include:

  • User login IDs and passwords
  • Personally Identifiable Information (SSN, date of birth, addresses)
  • Financial and Banking information
  • Sensitive organizational documents
  • Proprietary information
  • Information regarding U.S. government funded contracts
  • Classified, CUI, Sensitive, and Export-Controlled information and technology

Spotting a Cyber-Attack

Phishing/Spear Phishing indicators:

  • Emails or messages that seem to be from a trusted source but are not
  • Urgent and suspicious requests asking you to take immediate action
  • Significant spelling or grammatical errors

Unusual System and Performance Issues:

  • Slow performance, freezing, or frequent crashes
  • Disabled security software
  • Unknown software or browser toolbars appearing
  • Constant pop-ups

Suspicious Network and Internet Activity:

  • Abnormal network traffic or unexplained spikes in activity
  • Your browser redirects you to unfamiliar websites
  • Your contacts report receiving strange emails from your account
  • Unauthorized access to systems or unauthorized data transmission

Applying Countermeasures to Protect Against a Cyber-Attack

All Personnel:

  • Never use default passwords. Make your passwords complex, change them regularly, and don’t reuse them.
  • Never share your passwords with anyone.
  • Never open emails, attachments, or click links from unfamiliar sources.
  • Report any suspicious or unusual issues with equipment or devices to your IT department immediately.
  • Know what to report and who to report it to within your organization.

Management and IT Departments:

  • Implement Defense-in-Depth: a layered defense strategy including technical, organizational, and operational controls.
  • Update anti-virus software daily and download vendor security patches as soon as they are available.
  • Monitor, log, analyze and report attempted and successful intrusions to your systems and networks.
  • Train all personnel on proper cybersecurity procedures.
  • Conduct frequent computer audits — ideally daily, at minimum weekly.

Why Reporting is Critical & How to Report Concerns

Personnel should report any suspected cyber-attack to the company’s IT department and their FSO immediately. Organizations that do business with the U.S. Government must report any cyber intrusion or attempted intrusion through proper USG channels. Cyber intrusions must be reported within 24 hours of occurrence!

Resources and Additional Learning

As always, if you have any questions about whether or not a situation requires reporting, ask your FSO!

Related Articles

Learn how FSO PROS® can help
support your security program

Let’s discuss how we can help support your security and compliance needs.
Secret Link