Before PCs were linked via the Internet, we all felt blissfully safe from computer viruses and malware. Only people who trafficked in pirated software or who used floppy disks from unknown sources were vulnerable to the original types of malware.
Now, hackers and cybercriminals from around the globe can try to gain access to our PCs, to either vandalize or steal and sell our data and personal information or harness our computer’s power by enslaving it to serve as a remotely controlled node in a botnet. Somewhere in between the two extremes lies ransomware, which cybercriminals use to encrypt a user’s hard drive until the user pays a quoted ransom—in untraceable bitcoin cryptocurrency.
As the variety and severity of cyberattacks has changed, the profile of the average hacker has become more complicated as well. Previously, many hackers were high school or college students just testing systems to find their weaknesses. Now, hackers often work in concert with foreign governments or organized crime syndicates to steal information and peddle it in the deepest and darkest corners of the Internet, such as the Dark Web, which consists of websites that can only be accessed through special software, ensuring anonymity and untraceability for users and operators. These new hackers are more sophisticated, and they use state-of-the-art tools that are often obtained from network security companies or government agencies.
How can law-abiding corporate IT users protect themselves?
One of the best defenses is basic network hygiene. This simply means keeping all software up to date by ensuring that all of the latest patches and security updates have been installed on each machine. In one well-known hacking case, a number of companies continued to run an old version of enterprise-resource planning (ERP) software from SAP, even though vulnerabilities in the software had long been identified and patches made available for download. (ERP software is used to control manufacturing, accounting and financial operations.) Many of the systems that had not been updated with the new patches ended up being hacked.
Given the number and sophistication of hackers and cyberthieves, most enterprises with valuable data will be hacked at one time or another. Unfortunately, many companies discover an invasion only long after it occurred and their data were stolen. They then have to scramble to determine when they were hacked and who took what data, and try to find a way to ensure that it does not happen again.
These issues have spurred the emergence of specialized cybersecurity companies in the following areas:
- Protection: First, there are companies that specialize in protection. They offer lists of websites known to contain viruses and malware and prevent users from visiting them. The cybersecurity companies can also scan file attachments to determine if they contain known viruses or malware.
- Intrusion Detection: There are also companies that specialize in intrusion detection by monitoring what files and resources programs and users access within a network and judging whether their activities are normal.
- Response: A third group of cybersecurity companies specialize in responding after a system has been invaded, offering tools that enable IT managers to determine the extent of the damage and stolen data.
- Recovery: Finally, there are companies that specialize in recovery, offering tools that help IT managers restore a system or network to a prior, unadulterated state.
Companies are also increasingly using artificial intelligence (AI) to determine which activities are normal and which are aberrant. There are many activities and processes occurring within a network at any given time, and each generates a variety of alerts. It is often difficult for software to distinguish between false alerts and true emergencies. That is where AI steps in, as it is able to determine which behavior is normal and which suspicious.
Although the advent of the Internet has given a multitude of bad actors potential access to our PCs and our data, the threat they pose has spurred a host of good actors to develop intelligent systems that can protect us from the consequences of someone inadvertently clicking on a malicious e-mail attachment or link.
Other pieces you may find interesting include;
If you like what you are reading, subscribe to our daily news and analysis of retail, technology and fashion here.