Log4j. You don’t have to be a security expert to have heard of it. It’s been in the news recently – quite prominently too. Threats like these are numerous and constantly evolving, often abused for nefarious means by criminals. But you haven’t been robbed of everything you own from reading this article, or from checking social media, or downloading email attachments. Is the threat really that serious?
Lets talk about that.
End-to-End Encryption. Malware. 2-Factor Authentication. Ransomware. A lot of jargon is thrown around in security. You might know exactly what they all mean, you might be completely lost when someone tells you a DDoS attack brought down your favourite site. If you’re the latter, then perhaps here at JoMo we can demystify some of these topics; if you don’t fall under this category, you might still learn something new.
So what is Cyber-security?
Sometimes referred to as Computer Security, or Info-Tech Security; Cyber-sec is a field of study that focuses on the protection of systems and networks vulnerable to malicious attacks, that is to say, every system and network on the planet (and out of the planet, too). These attacks tend to focus on gaining something over an individual or corporation, be it theft or damages. A lot of very smart people are dedicating themselves to taking from others, but many others spend their careers protecting you from them.
I’ve never been hacked in my life. Is Cyber-security really that important?
It is unlikely that you as an individual would be purposefully targeted for a cyber attack. According to research done by the UK government, in 2020 roughly 39% of UK businesses, and 26% of charities, had been victims of some sort of cyber crime. Even more damning, Cyber crime has seen a steady increase due to COVID-19 throwing a wrench into most workplace systems. However, a staggering 84% of businesses have not placed a higher importance on security, even with their data at a higher risk than ever. Criminals will exploit every vulnerability they can find to reach the systems of their target. If necessary, they will go through your device first, and use that as a gateway to your company’s private data. Ransoms and theft soon follow.
You might remember some big cyber-sec headlines in 2017 with the WannaCry attacks to the healthcare sector. Although not specifically targeted at the NHS, here in the UK thousands of systems were victims to this outbreak, 200,000 globally. Patient records were locked out, delaying urgent care for those who needed it, costing the UK around £92 million, and a global cost of roughly £6 billion. And what did it take to cause this amount of damage? Phishing scams.
Speaking of: what is Phishing? And Ransomware? You mentioned DDoS?
There are many kinds of cyber attacks, mostly done through exploiting some system flaw or security oversight, ranging from targeting systems not up to date with their security patches, or attempts at stealing personal information from individuals that could be used to in turn access bigger, more profitable systems. Lets break down the most common:
Still one of, if not the, most common cyber crime on the Internet. Phishing involves fraudulent communications or the impersonation of a legitimate company/individual with, typically, the goal of stealing information from a user. This can be bank information, login details, etc. According to the same government survey, 83% of security breaches for businesses in 2020 were phishing attacks.
Another incredibly common type of cyber attack, this one is a catch-all for a variety of other attacks. Malware defines malicious software which infects a target system for a variety of goals. It tends to be downloaded through email attachments or downloads. It can often include:
- Ransomware: Which lock out a machine or encrypt files in such a manner that the user can no longer access important data, with the promise of returning control or said data if a specified condition is met (usually a payment).
- Adware: Specialized in generating unwanted advertisement and logging personal user information.
- Spyware: Targeting user’s sensitive information, attempting to gain passwords, bank details, browsing data, and sensitive material one might have on their device.
- Trojans: Software that disguises itself as legitimate programs or files in order to freely execute more malicious malware.
And many more.
A very common tactic for cyber criminals to gather data on users; it usually involves a criminal intercepting communications between a user and a web-hosted server. For example, if you were to sign in to your favourite social media or blog, your login details have to be sent across the web to the server hosting that website. A man in the middle would attempt to intercept those packages and read their information.
A distributed denial-of-service (DDoS) attack is a targeted, highly disruptive exploit which allows criminals to route a lot of traffic towards a page, more than it can handle. In essence, a very costly traffic jam. This can be done through uses of bots, or by forcing previously infected PCs to route traffic towards the target, disrupting normal user operation, or taking servers down.
Vulnerabilities: eg, Log4J
No system is perfectly immune to every attack. The myriad of components used to operate a website can lead to exploits and vulnerabilities being found. A recent, and highly critical vulnerability targets Log4j, a simple logging tool designed for sites to monitor and log various information about what happened on a given situation, how it happened, and help system administrators diagnose issues on their servers. Unfortunately a vulnerability was found which allowed hackers to exploit the way it sends logs back to the server, and what code is being executed with those logs. The problem then, is twofold; 1) The scope for the vulnerability is huge – it allows for any code to be executed on a remote server without physical access, it bypasses a huge amount of security. 2) It’s a really useful little utility and so is part of tens of millions of web-facing websites, apps and devices. This and many other vulnerabilities are found often, some more serious than others.
These are only some of the more common tactics used by cyber criminals, and without proper prevention, can cause serious damage.
This all sounds terribly serious! What do I do?
It might all sound very scary, but this is why cyber security experts are so important. The first line of the defence, their job is to find these vulnerabilities and exploits, keep up to date with the latest digital threats out there, and keep end-users safe. Cyber safety is everyone’s responsibility, however; so it is important to always be mindful and aware of the threats, and do our best to prevent falling for certain trappings. Below we’ll details some steps that you as a user can take to ensure you’re keeping yourself and others safe on the web.
- Keep your devices updated: Your phone or PC are always asking you to update. You might think to yourself, why not just skip this one, or select the usual “remind me tomorrow”. Security updates are released often because that’s simply a necessity in such data-driven environments. Criminals are always looking for new ways to get to user’s information and data, so experts have to push more updates, and often, to combat the threat. A small 15 minute update might mean the difference between your data being safe, and it being gone.
- Watch out for odd requests: Saudi prince wants to give you untold riches, just have to give them your bank details? That’s probably an offer you want to pass. Kidding aside, sometimes hackers might impersonate legitimate companies. Perhaps you got a security alert from Google or Amazon, and they ask you to click a link. Check the sender, make sure it’s a trusted address.
- Watch out for dangerous or suspicious links: It might look like grandma is just sending you another quote image, but dangerous code could be embedded in this type of email chain. Likewise, a blog on the internet might be asking you to click on a link that sends you to www.definitelyNotAVirus.com. If it looks suspicious, chances are you’re better off not opening it.
- Update your passwords: We’ve all done it. Why remember 50 different passwords for everything when you can just use the same password on all your logins? Well, doing that alone creates 50 different opportunities for a hacker to get your password and compromise all your other accounts. Always create strong, varied passwords. Firefox can generate secure passwords for you, and many password managers will do the same, so you won’t even have to remember them.
- If you don’t need it, delete it: A general spring cleaning of your systems once in a while means less potentially sensitive data laying about. Backup your most valuable data to an external hard drive, and only use it when you need it.
- And most importantly – be aware: Don’t leave things to chance without understanding the consequences. You don’t have to live in constant fear completely unplugged from the internet; but some basic understanding of what potential dangers are out there, and how you can keep yourself safe will go a very long way. The security professionals of the world will do most of the heavy lifting. But how you handle your data matters just as much.
JoMo and Cyber-security
We believe that cyber-security is something that will always be worth knowing more about. It should be as transparent and clearly understood as wearing a seatbelt when driving, or wearing a helmet when out for a bike ride. We all know what the helmet is for. We don’t go out expecting to fall off our bike, but we still keep ourselves protected, and if the worse does come to pass, we know we did everything in our power to stay safe.