Cybersecurity education must be treated as an organizational imperative. Everyone must be involved in protecting your organizational data, applications, and networks.
Executives have a unique responsibility in setting the tone for how companies treat cybercrime. If the executive cares about stopping cyberattacks, the company as a whole will be more focused about stopping cyberattacks. Part of that imperative lies in educating executives about cybercrime and cybersecurity.
To that end, we’ve put together a guide for here’s our non-technical primer for teaching executives and other staff about cybersecurity, covering these four essential cybersecurity topics:
- What are cyberthreats, cyberattacks, cybercrimes, and cybersecurity?
- What types of cyberthreats are there and how can cyberattacks hurt us?
- What methods do cybercriminals use to threaten our organizations?
- What cybersecurity practices can you employ to stop cybercrime?
Cyberthreats, cyberattacks, cybercrimes, and cybersecurity
The first step in cybersecurity awareness is knowing the difference between cyberthreats, cyberattacks, cybercrime, and cybersecurity. These terms can be defined as follows by the security experts listed here.
A cyberthreat is “The possibility of a malicious attempt to damage or disrupt a computer network or system.” (Lexico). A cyberthreat is not necessarily an attack. It’s a hole in your systems (a vulnerability) that can be attacked.
A cyberattack is “…a strike against a computer system, network, or Internet-enabled application or device.” (Checkpoint software technologies). A cyberattack occurs when someone or something has reached or changed your systems, possibly committing a crime.
A cybercrime is a “…crime in which a computer is an object of the crime (hacking, phishing, spamming) or is used as a tool to commit an offense…” (Technopedia). A cybercrime means an actual crime has been committed against your systems.
Cybersecurity is “…the practice of protecting systems, networks, and programs from digital attacks.” (Cisco). Cybersecurity is what you do to protect your systems from cyberattacks and cybercrimes.
Put simply: Bad guys identify and exploit cyberthreats to launch cyberattacks and commit cybercrimes. Cybersecurity encompasses all the practices and techniques organizations use to avoid and stop cybercrime or to mitigate the effects of a cybercrime.
Types of cyberthreats and their consequences
Although cyberthreats involve hacks, breaches, exploitations, and business disruptions, cybercriminal motives are no different from those of everyday criminals. Cybercriminals include con men, traitors, common criminals, organized crime, terrorists, activists, and enemy soldiers. Figure 1 shows some of the most common types of cybercrimes and their effects on an organization. These crimes include:
Robbery, theft, and fraud—Cybercriminals divert revenue from organizational accounts by taking control of systems and redirecting funds. They also seek organizational and personal information in order to steal funds directly or to obtain goods and services by using another person’s identity.
Espionage—Cybercriminals steal corporate information such as trade secrets, personal information, financial information, and other data that can hurt your organization, if disclosed. Stolen information and processes can benefit competitors, activists, domestic and foreign entities, terrorists, and other groups.
Extortion and hostage-taking—Cybercriminals frequently take corporate information hostage, encrypting files through ransomware attacks and demanding bitcoin payments for the files safe return.
Sabotage—Cybercriminals can sabotage organizations in many different ways, including:
- Disrupting and destroying plant and equipment and taking control of Internet connected machinery and processes. This will become more prevalent as more equipment is Internet-enabled through the Internet of Things, IOT.
- Damaging, altering, or deleting informational objects, including data and server operating systems objects.
- Extreme cybernetic sabotage (where hackers can cause critical digital components in systems such as power grids and power plants to fail) can endanger production capabilities, customer engagement, and even lives.
Insider betrayal, revenge, and embezzlement—Organizational traitors and embittered employees can also commit cybercrime. Their knowledge about and access to system resources allows them to commit the other crimes on this list.
Legal and compliance damages—Legal and compliance damages are caused by a willing or unwitting failure to comply with applicable local, state, and federal laws. Damages can include fines, criminal charges, and lawsuits. Failure to comply with laws and regulations can also cause loss of licensing or privileges needed to do business.
Reputation destruction—Cybercriminals can destroy an organization’s reputation after a data breach, losing customers who no longer want to work with an unsecured organization. The personal reputation of executives, managers, and employees can also be destroyed based on their actions during a security breach.
Figure 1:Some common types of Cybercrime and their consequences
Methods cybercriminals use to threaten organizations
Figure 2 shows the most popular methods used to commit cybercrime. These methods exploit cyberthreats that bad actors can use to launch cyberattacks.
Figure 2: Common types of cyberattacks
Hacking is any activity that finds and exploits weaknesses to gain access to applications, data, devices, or networks. Hacking methods include cracking passwords, scanning equipment for weaknesses, capturing data packets, taking over an operating system, planting a trojan horse backdoor to allow access, infecting computers with viruses or malware, and recording computer keystrokes in order to replicate access later.
Malware is a blended word for “malicious software.” Malware is computer code that infects and damages devices. Malware is a general term that covers many different threats, including viruses, ransomware, worms, trojans, rootkits, spyware, and more. Malware can damage computer objects, take control of computers, steal information, and more.
Denial of Service attacks (DOS) uses coordinated attacks to shut down machines, applications, or networks, making them unusable.
Phishing attacks deceive users into revealing sensitive information or surrendering assets. A hacker uses phone calls, email, text messages, and other means to trick people into revealing organizational and personal information, compromising an organization. Posing as a trusted individual, the cybercriminal may obtain passwords, bank account numbers, credit card numbers, and other personal and corporate information. A special type of phishing attack called a business email compromise (BEC) uses social engineering tactics to convince individuals to send wire transfer payments to outside accounts.
Unsecured access and open ports allow hackers to enter your network through a firewall or other gatekeeper device. The cybercriminal probes your network looking for entry points (ports) that have not been secured. When the criminal finds an open port, they use it to infiltrate your network and reach the machines inside your organization.
Exploiting operating system and firmware flaws: Firmware is the software embedded in a piece of hardware that allows the machine to access its processor, read hard drives, process graphics, and more. An operating system is installed code that users use to run applications and process data. Operating systems run on top of firmware. For example, Hewlett Packard (HP) provides firmware to run computer hardware; Microsoft provides Windows operating systems to run applications on HP hardware. If not refreshed with occasional updates, firmware and operating system software can contain holes that can be exploited by a cybercriminal to perform damaging acts on a computer system.