Thursday, February 26, 2015

From the basics to advance digital security

"Let's begin the lesson 1." Sometimes we forget to start from the beginning and jump straight to the point. We also do that in computer security. But what is computer security? What are the threats we should protect ourselves against? Today we will try to begin from the basics and move ahead to the increasing complexity of the security sector.

What is a 0-day? It is a term usually used to name those vulnerabilities that allow an attacker to obtain some kind of advantage. Actually they are called 0-days because they are detected for the first time, so the manufacturer, the developers or the community have not yet released a patch to address it.

Even before talking about vulnerabilities, we should look at the weakest computer element, which is the one between the screen and the chair. Yes, you got it! Users are highly vulnerable in most situations. At this extend, the user would be a 0-day that that can be tricked by social engineering, one of the most common techniques to get into the “kitchen" of computer systems. In fact, social engineering does not require advance technical knowledge but talent for deception. There are 6 basic principles to fool the user.

Leveling up, we get to the subject of "business security" and the economic impact of these vulnerabilities. According to one of the latest reports by GFI Software, 47% of workers were victim of some type of cybercrime attack at least once. Although 90% of them are aware of the danger, the number of users who take any measure to minimize the risk goes below 50%.

What are the most common attacks on companies? Very simple: phishing, exploits and botnets. The first one is usually performed along with social engineering. For example, it is the case of that email you supposedly receive from the IT department where they ask you to change your password on a deceptive website very similar to the company’s one. On the other hand, exploits are security holes that can be used by cybercriminals to access information. Finally botnets are compounded of devices already infected, that cybercriminals can used to launch attacks to the online services of a company.

In between, we find cell phone which are increasingly targeted by cybercriminals. Android malware techniques are becoming more sophisticated. They are able to bypass security controls at official app markets, which represent a threat to your privacy, and above all, to your wallet.

So, it is time to pray for industrial control systems to take care of what INCIBE said, and implement appropriate security measures. The cases above mostly have economic consequences, but when the attacked system controls a water-treatment plant, the situation endanger the lives of many people.


Post a Comment