With the emergence of the Internet, we have found ourselves in a “new digital world” which, in truth, is increasingly an essential element in everyone’s daily life. And today, Safer Internet Day, we take this opportunity to talk about it.
We can shop online for clothes, food, books, appliances, cars, motorcycles, among many other things, access our bank via homebanking or app, and schedule a teleconsultation with the doctor. If we think about it, even the renewal of the citizen card can be done 100% online, without the need to go in person.
However, this growing digitalization that has allowed us to break down barriers such as distance, language and time zones, also has its less positive aspect that forces us to have an increased responsibility in the use of the internet and data.
Recalling some topics covered in our last Talkin Tech, where we talked about the types of threats to be alert for, we explain below some important concepts:
- Malware, or malicious software, disguises itself as a trusted email attachment or program (for example: document folder or encrypted files) to exploit viruses and allow hackers to enter a computer network. This type of cyberattack often disrupts an entire IT network. Some examples of malware are trojans, spyware, worms, viruses and adware.
- DDoS (Denial of Service) attacks is when multiple hacked computer systems target a website or network and deny the user experience on it. For example, hundreds of pop-ups, ads, and even a faulty website can contribute to a DDoS attack on a compromised server.
- Phishing is the act of sending fraudulent emails or SMS in the name of reputable companies. Hackers use phishing to gain access to data on a personal or business network.
- SQL injection attacks is when a cybercriminal exploits software by taking advantage of applications (e.g. LinkedIn, Target) to steal, delete, or gain control over data.
- Cross-site scripting (XSS) is when a cybercriminal sends a “script-injected” link or link to a spammy website to your inbox and when it is opened, obtains the victim’s personal information.
- Botnets are when several computers, usually on a private network, are infected with viruses and other forms of malicious software, for example pop-up messages or spam.
As can be easily seen, the hackers’ main goal is to gain privileged access to corporate data to gain financial advantage (ransomware) or to cause infrastructure damage in order to render the company inoperable. In addition, gain access to personal data to carry out financial fraud (stealing credit card data or bank access credentials) and digital identity theft (Linkedin, Facebook, Instagram, etc.).
The best way to combat this type of threats is clearly through risk prevention and mitigation, both at individual and corporate level, being essential to invest in training, but also in Cybersecurity.
That said, to avoid possible cyber attacks companies should resort to entities or companies with specialized services and properly certified. At Integer we have ISO 27001 certification, and specialists who perform Infrastructure Assessment (Network, Database, Applications and Protocols), Penetration Testing (pentesting Black Box, White Box and Grey Box) and active prevention as our cyber intelligence solution – Cybersonar.