When we talk about cybersecurity or information security, we refer to the sector focused on the protection of network infrastructure, not only at the enterprise level but also at the individual user level. Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks and data from malicious attacks.
Nowadays, we are exposed to many types of threats that every day act in search of a vulnerable system or network. Information from the INE states that at the end of 2020 in Spain there were 31,980,000 regular internet users, that is, more than 85% of the population between 15 and 80 years of age accesses the internet at least two or three times a week. Moreover, according to state information extracted from the media, Spanish companies receive an average of 500 cyber attacks a week with an average cost of 162,300€. This is a rather worrying fact as these attacks become more frequent as time goes by.
Cybersecurity has become part of our daily lives and is within the reach of all of us. Understanding it does not require a great deal of knowledge, but rather an interest in knowing how to act and protect oneself against the different threats to which we are exposed when we use our devices and surf the Internet.
But not all cybersecurity is the same; cybersecurity threats can manifest themselves in different ways. There are three main threats facing cybersecurity:
o El dCybercrime is based on attacking systems for financial gain or disruption.
o Cyber-attacks are often associated with the objective of information gathering for political purposes.
o Cyberterrorism aims to weaken electronic systems in order to cause panic or fear.
But how do they gain control of computer systems?
These are some of the main methods used to threaten cyber security:
1. Malicious software
This refers to malicious software that a cybercriminal has created to disrupt or damage a user's computer. It is one of the most common cyber threats.
There are different types of malware, including the following:
- Virus: a program capable of reproducing itself, which embeds itself in a clean file and spreads throughout the computer system and infects files with malicious code.
- Trojans: a type of malware that masquerades as legitimate software. Cybercriminals trick users into loading Trojans onto their computers, where they cause damage or collect data.
- Spyware: a programme that secretly records what a user does so that cybercriminals can make use of this information.
- Ransomware: malware that locks a user's files and data, threatening to delete them unless a ransom is paid.
- Adware: advertising software that can be used to spread malware.
- Botnets: networks of malware-infected computers that cybercriminals use to perform online tasks without the user's permission.
2. SQL code injection
SQL (Structured Query Language) injection is used to take control and steal data from a database. Cybercriminals insert malicious code into a database using a malicious SQL statement. This gives them access to sensitive information contained in the database.
3. E-mail spoofing
This is when cybercriminals attack their victims via an email platform posing as a legitimate company requesting confidential information.
4. Man-in-the-middle attacks
A man-in-the-middle attack is a type of cyber threat in which a cybercriminal intercepts communication between two individuals to steal data.
5. Denial of service attack
It is based on making the system unusable and preventing an organisation from performing vital functions by overloading networks and servers with traffic.
And how can businesses and individuals protect themselves against cyber threats?
- Do not click on links in emails from unknown senders or websites: this is a way for malware to spread.
- Avoid using unsecured Wi-Fi networks in public places.
- Update your software and operating system to take advantage of the latest security patches.
- Use antivirus software to detect and remove threats. Also keep updating to get a better level of protection.
- Use strong passwords, i.e. passwords that are not predictable or easy to guess.