What is Cybersecurity?
Learn how malicious hackers gain unauthorized access to computerized data. Discover the techniques hackers use, such as denial of service, phishing and social engineering.
- Dark web
URGENT: Your important files have been encrypted. Your photos, videos, databases and other files are no longer accessible. We control your data.
That’s a rough message to wake up to, but it happens all too often as hackers sneak their way into our lives through various digital means, such as email, phones and apps. How bad is the problem? Bad enough for the U.S. government to spend more than $15 billion on cybersecurity in 2019 alone.
Much of modern life takes place online now. We’re constantly connected to the internet, whether by our phones or through the myriad devices that make up the internet of things (IoT), which includes everything from smart thermostats in your home to the sensors in your town’s traffic lights. And we frequently share our personal information—contact information, credit card numbers, health history and more—often without thinking twice.
Cybersecurity is the effort to safeguard all of that digital information.
Cybersecurity is the effort to safeguard all of that digital information, as well as the hardware and software that store and use it. It includes steps you take in your personal life, such as setting up complex passwords and two-step authentication, as well as large-scale efforts such as a hospital security system that encrypts patient data and artificial intelligence software that scans bank accounts for irregular activity.
Hackers want that information because it’s immensely valuable. They can sell it, monitor it, hold it for ransom or even render massive systems such as energy grids inoperable.
Cybersecurity is extremely complicated because so much computerized information about our lives has to be readily accessible—but only to the right people. In addition, most people lack the skills to plumb the depths of a device’s software, hardware or operating system, where many cybersecurity threats are deployed. This makes cybersecurity one of the major challenges of our time.
IncorrectHow a Hack Happens
Types of Attacks
Just as physical security violations can happen in many ways—a robber climbing in through a window, a thief nabbing an item from a store shelf—so too can cybersecurity breaches. And just like physical threats, each type of cybersecurity attack serves its own purpose and is used to achieve certain goals.
Let’s take a look at a few of the most common cyberattacks:
Denial of Service
This type of attack overwhelms system resources, rendering it incapable of responding to service requests. Hackers in this type of attack don’t gain any information or benefit directly, but they do get the satisfaction of interrupting a service and likely causing confusion and chaos. They also can use this attack to take a system offline so they can launch another type of attack.
When hackers get physical access to a computer, they can obtain data, install malicious software or perform other functions that make the computer vulnerable.
Chances are you’ve been on the receiving end of this type of attack before. Hackers behind phishing attacks send emails that look like they’re coming from a person or company you trust in order to get something from you—usually either personal information or an action. For instance, you may receive an email that looks like it’s from Gmail, asking you to reset your password, or an email that appears to be from a friend that includes a link to download a document.
In the first case, resetting your password gives the hackers access to your account. In the second, the download is actually malware that infects your computer. Either way, a successful phishing attack gives hackers access to your information.
Tampering involves subtly changing parameters in a URL. To the unsuspecting user, the URL appears the same, but the altered parameter then enables hackers to access information the user provides to a website.
Unlike most other forms of cyberattacks, social engineering involves human interaction.
Unlike most other forms of cyberattacks, social engineering involves human interaction. In this case the attacker is a con artist who attempts to get targets to deviate from security practices. This typically involves psychological manipulation as well as outright lying. Hackers who make social engineering attacks use information they glean from sleuthing via social media. Typically, the attacker wants people to share confidential information or perform certain actions.
Exploiting a Backdoor
By using a backdoor—an application or program that enables remote access to software, a system or a network—unauthorized users can install malware (such as a program that monitors keystrokes in order to steal passwords), hijack data or take over a device themselves.
That’s not even half of the ways hackers can make their way into our digital lives. Other types of common attacks include:
- Eavesdropping: intercepting passwords, credit card numbers and other information that users send over a network
- Multivector: a range of threats at various stages and across different points of entry
- Polymorphic: malware that avoids detection by changing identifiable features, such as filenames and encryption keys
- Privilege escalation: a network intrusion that gives the hacker access to the network via programming errors and design flaws
- Spoofing: imitating a device or user—e.g., sending an email with a false “From:” address—to launch attacks or gain access to data
Systems at Risk
Some hackers target individuals to gain passwords or financial information, but they stand to get more for their efforts by going after entire systems:
- Energy and other utilities
- Internet of things
Some of these attacks are made on behalf of governments, such as the U.S.’s digital attacks against Russia’s power grid in response to evidence that Russia had inserted malware into the computer systems of U.S. energy and water utilities. U.S. officials say they want to send Russia a message, and the FBI reports that Russia put the malware in place to use in case of a major conflict. If that’s not enough to put you on edge, some cyberattacks can even change who’s in government, as an 11-year-old proved when he hacked into a replica of Florida’s Secretary of State website and changed election results. He gained access in only 10 minutes as part of a hacking conference.
Attacks can happen for less obvious reasons, too. When the Equifax data breach occurred in 2017, hackers stole the data of more than 140 million Americans—almost half of the country’s population. And then the data disappeared.
It didn’t turn up on any of the hundreds of dark web sites that traffic in stolen information, and it hasn’t been used to impersonate the victims or access other sites. This has led data hunters and cybersecurity experts to theorize that a foreign government is using it to identify and recruit spies. But we don’t yet know for certain.
Meanwhile, retail and financial attacks tend to be more direct. The goal is clear: money. Hackers targeted retail giant Target in 2013, stealing credit card data from 40 million accounts. The attackers then sold the names, card numbers, expiration dates and CVVs on the dark web. In response, financial institutions dedicated extra resources to monitoring customer accounts and limiting the amount people could take from ATMs. The breach cost Target more than $200 million.
The health care industry also deals with its share of cyberattacks.
The health care industry also deals with its share of cyberattacks. In 2019, Rush System for Health in Chicago announced that a data breach had exposed the names, contact information, Social Security numbers, birth dates and health insurance information of 45,000 patients. Thieves can use that information for fraudulent billing and prescriptions, as well as general identity theft.
Unfortunately, Rush isn’t an anomaly. If digital attacks continue at this pace, hackers will have compromised every American’s health data by 2024. It sounds scary, but even as the unscrupulous keep trying to gain unauthorized access to your data, others are fighting to keep it secure.
Protecting Digital Assets and Systems
By now you have an idea of how security attacks happen and who attackers are targeting. Let’s take a look at what people are doing to prevent attacks—and how they respond if attacks do happen.
Digital security relies mainly on three processes: prevention, detection and response.
Digital security relies mainly on three processes: prevention, detection and response. Prevention uses such measures as passwords and firewalls to prevent hackers from gaining direct access, whether to networks, data, systems or computers.
However, if attackers do gain access, it’s vital that the person or organization under attack elevates to the second level: detecting the attack. Computer and system activity logs provide clues to how the attack happened and what’s been compromised, enabling the victim to decide what to do next.
That moves us to the third level: response. A response to a digital attack can vary in severity, from upgrading protections to notifying law enforcement to launching counterattacks, depending on the nature of the attack.
Although every IT device and information system is vulnerable to attack, a “security by design” approach can create stronger defenses. In this approach, a formalized infrastructure design automates security controls and streamlines auditing. Engineers spend more time up front developing software to control system security consistently, instead of patching servers as issues come up.
Regardless of how a system is built, vulnerability management is key to protecting data and maintaining security. Companies often hire outside security auditors to test their systems looking for vulnerabilities. For example, a bank may hire a white-hat hacker to try to break into its information system to discover security weaknesses.
In addition, software packages called vulnerability scanners can assess computers, networks and applications for known vulnerabilities such as open ports, insecure software and malware susceptibility.
These measures are examples of security architecture—the practice of designing networks, programs and systems to minimize risk.
Cybersecurity’s purpose is clear: to keep people and data safe while saving companies from financial loss. Digital pirates are out there, and we all have to be smart in assessing our digital interactions. But we also expect companies to safeguard the information we so readily share.