Cyber Defense eMagazine August Edition for 2021

More documents

Recommendations

Info

State-Sponsored Actors A similar but separate class of cybercriminals is state-sponsored actors. As governments around the globe rely more heavily on digital technologies, cyberattacks have emerged as a new type of warfare. Enemy nation-states can employ hackers to cripple critical infrastructure, spread misinformation or uncover government secrets. State-sponsored cyberattacks may seem like something out of sci-fi, but they’re already a reality and are becoming more common. In May, North Korean hackers ran a phishing campaign against South Korean government officials to steal confidential information. Many experts also suspect that the cybercriminals behind the massive SolarWinds attack were operating under the Russian intelligence service. Government organizations and contractors, as well as critical infrastructure, are the most at-risk of these attacks. Cybercriminals typically use sophisticated techniques, so these operations should adopt high standards. Tight restrictions like zero-trust security models and vetting all business partners are ideal. Continuous monitoring is also a good idea since cyber espionage campaigns aim to be as stealthy as possible and could otherwise slip past defenses. Fun and Notoriety Not all cybercriminals are after something significant, be it money or making a statement. As hacking has risen in prominence, some people have started doing it simply for the fun of it. For these cybercriminals, infiltrating a system is about the challenge, about accomplishing something they can impress other hackers with. Studies show that the brain’s reward systems can react similarly to internet use as they do to drugs. This phenomenon is the driver behind internet addiction, and it likely plays into this type of cybercrime, too. For some people, a successful hack gives them a sort of high that they’ll keep chasing. As technology addictions rise, this type of cybercrime will likely grow, too. Unfortunately, given its lack of a clear goal, it’s often unpredictable. While these attacks typically don’t cause much damage, they’re near-impossible to predict but highlight the importance of constant vigilance. The Psychology of Cyberattack Victims Understanding the psychological profile of cybercriminals isn’t the only way psychology plays into cybersecurity. Security professionals must also understand the minds and motivations of those they’re protecting. That’s because the most successful cyberattacks are often those that take advantage of their victims’ psychology. Cyber Defense eMagazine – August 2021 Edition 50 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
A 2019 study revealed that 91% of enterprise data breach victims said that social engineering was part of the attack. To help patch these behavioral vulnerabilities, companies need to understand why employees behave the way they do. Ignorance is a significant factor behind these attacks. Providing thorough training for all employees is crucial, but complacency is just as prevalent and dangerous. If workers don’t see security as a relevant issue to them, they won’t bother engaging in best practices. People tend to prefer convenience over security. Cybersecurity training should communicate how breaches affect employees on a personal level. No amount of exercise will eliminate all complacency, though. Since people will always make lapses in judgment, cybersecurity professionals should anticipate this and prepare accordingly. Companies should review who has the most potential for damage, which is often whoever has access to the most sensitive information. These workers should receive the most attention, be that in monitoring, extra training or tighter access controls. Keeping an eye on how employee behavior shifts is also crucial to preventing psychology-based attacks. Thorough Cybersecurity Considers Psychology The best cybersecurity strategies cover more than just technical considerations. Psychology, both in cybercriminals and their victims, drives cybercrime, so it should be at the center of cybersecurity too. When security teams understand how their attackers and clients think and behave, they can act more effectively. About the Author Martin Banks is the founder and Editor-in-Chief of Modded. You can find his writing all over the internet. He covers tech, gear, cars, and more. Cyber Defense eMagazine – August 2021 Edition 51 Copyright © 2021, Cyber Defense Magazine. All rights reserved worldwide.
Page 1 and 2: Understanding The Importance of Des
Page 3 and 4: From Security-Enhanced 5G Networks
Page 5 and 6: @CYBERDEFENSEMAG InfoSec Knowledge
Page 7 and 8: Cyber Defense eMagazine - August 20
Page 33 and 34: Understanding The Importance of Des
Page 35 and 36: 4. Is there some sort of final secu
Page 37 and 38: Evaluating Security Practices in Re
Page 39 and 40: After answering these questions and
Page 41 and 42: • Microsoft released patches for
Page 43 and 44: Four Ways Smart Cities Can Stay Saf
Page 45 and 46: From the technology perspective, th
Page 47 and 48: The Psychology of a Cybercriminal M
Page 49: Hacktivism One often-overlooked cyb
Page 53 and 54: • Regularly check and update your
Page 55 and 56: ● ● Regulatory fines and penalt
Page 57 and 58: But how can leaders prepare for a r
Page 59 and 60: Black Market as Sustainable Ecosyst
Page 61 and 62: shopping centers, trade malls and t
Page 63 and 64: PKI Rises to the Challenge Using X.
Page 65 and 66: 7. Application Code Signing Code si
Page 67 and 68: Greater IT Freedom with Tighter IT
Page 69 and 70: Ninety percent of respondents say e
Page 71 and 72: A PETs-Enabled Path to Secure & Pri
Page 73 and 74: is important that all internal stak
Page 75 and 76: Automated scanning is not enough Ma
Page 77 and 78: continuous game of catching up each
Page 79 and 80: Top Tips Every SMB Must Know to Saf
Page 81 and 82: where hackers will either change a
Page 83 and 84: From Security-Enhanced 5G Networks
Page 85 and 86: of intelligence, the latter being d
Page 87 and 88: About the Author David Soldani rece
Page 89 and 90: The unpredictability component in c
Page 91 and 92: anticipating the blind spots of the
Page 93 and 94: Cybercrime is constantly on the ris
Page 95 and 96: How Much Will You Have to Pay to Be
Page 97 and 98: and California Consumer Privacy Act
Page 99 and 100: It’s Time to Issue Company Passwo
Page 101 and 102:
Non-Enterprise Grade Communication
Page 103 and 104:
How to Communicate with your employ
Page 105 and 106:
Security Issues of Working Remotely
Page 107 and 108:
Another way a leak or theft can hap
Page 109 and 110:
However, new research finds almost
Page 111 and 112:
To Reduce Risk, Feds Need To Reeval
Page 113 and 114:
environment, designed to address wo
Page 115 and 116:
A penetration test has two typical
Page 117 and 118:
Black Box In the event of a real cy
Page 119 and 120:
which represent the highly polarize
Page 121 and 122:
5 Tips to Prevent a Security Breach
Page 123 and 124:
Secrets detection can be added in t
Page 125 and 126:
when it reaches its destination. Th
Page 127 and 128:
Maturity-Based Approach vs. Risk-Ba
Page 129 and 130:
To be successful in using a risk-ba
Page 131 and 132:
About eSentire eSentire Inc., is th
Page 133 and 134:
adjust score weights to ensure fina
Page 135 and 136:
Hostname-based pattern model Traffi
Page 137 and 138:
Cyber Defense eMagazine - August 20
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
You asked, and it’s finally here
Page 145 and 146:
9 Years in The Making… Thank You
Page 147 and 148:
show all

Cyber Defense eMagazine August Edition for 2021

Create successful ePaper yourself

Delete template?

Save as template?