HOME CYBERSECURITY GUIDE

INTERNET SECURITY - FREQUENTLY ASKED QUESTIONS ON CYBERSECURITY

This page aims at providing a basic guide on the most frequently asked questions regarding Cybersecurity.


What is Cybersecurity?

Cybersecurity is the field of action that intends to ensure the security and protection of information and of the corresponding technological infrastructures that are usually associated with Internet Security. This technology can be of corporate nature, such as servers, databases, routers, firewalls, etc., as well as information of individual nature, such as computers, mobile devices, or even IoT (Internet of Things) devices.

Data protection is becoming a considerably important area, not only for companies but also from a personal point of view, as the use of information technologies is growing exponentially, thus intensifying the need and risks related with the security of information.

Cybersecurity is a comprehensive area of ​​activity. It is not limited to information technologies but its application also encompasses processes and people (users), as they are equally potential vectors of attack and targets for the exploitation of potential vulnerabilities with techniques such as Social Engineering.

Cybersecurity consists on working consistently to assess risk and to make management decisions and a structured mitigation of risks in order to minimize them to an acceptable level, given the benefits of such actions.

Who are the attackers?

Approximately 70% of the attackers have cybercrime as their exclusive purpose, the rest being composed of Online Activists (Hacktivism), espionage, among others.

Within the setting of Cybercriminals there is a growing trend of organised, structured and financed groups with the purpose of obtaining financial gains. These groups act as an actual company, with professionals dedicated to Computer Crime and specialization areas according to the different types of cybernetic attacks and targets.

What types of cybernetic attacks are there?

Imagine a scenario in which there is a house robbery with the goal of stealing your material belongings. In common language, the attack would be described as a “house robbery”. However, the house robbery had an entry way, such as the breaking of the lock.
Following this line of thought, in terms of cyberattacks, the attack vectors are typically:

- The exploitation of Technological Vulnerabilities (well-known and vulnerabilities that could be solved with a system updating, or unknown and called 0-Day)
- The exploitation of authentication weaknesses
- The exploitation of an insecure design of architectures and systems
- The exploitation of weak processes
- The exploitation of flaws in the means that access the Internet
- The exploitation of codes/applications without security
- The exploitation of protocols without security
- The exploitation of non-existent technological controls
- Exploiting the users' lack of knowledge, or scarce preparedness, by way of social engineering attacks
- Other

The terms used to describe typical attacks, namely Ransomware, Phishing, Malware, Eavesdropping, Sql Injection, Zero-Day, among others, always relate to one or more of the previously indicated attack vectors.

What are the possible consequences of a Cyberattack?

The direct consequences of a cyberattack are frequently related to the breach of confidentiality, integrity or availability of the resources in question. The indirect consequences can be of different types, depending on the context. For example: financial loss, loss of competitive advantage, reputational damage, loss of digital information, identity theft, incapability to produce or work, as well as examples of companies subject to insolvency procedures due to successful Cyberattacks.

How can we protect ourselves?

Such protection entails a set of measures that must be selected in accordance with the specific context, that is, depending on what and who we want to protect.

It is essential to carry out a transversal risk analysis, identify the threats and respective vulnerability level and, considering the potential impact, implementing mitigation measures. From a corporate perspective, the adoption of the Internacional Standard ISO 27001 is an excellent starting point, while from a personal point of view, users should seek to increase their knowledge and level of resilience by acquiring an overall knowledge on the subject or through training courses on Information Security awareness.

What is the expected evolution of Cybercrime?

It is expected that with the increasing use of information technologies that we have been observing, cybercrime will also follow this growing trend.

In addition to the growing pattern of cybercrime, it is also expected that attackers will become increasingly organised, structured and specialized, as it happens with traditional crime.

During the 90s and the 2000 decades, the preferred targets were the corporate, banking and insurance sectors. Currently, Cybercriminals have been diversifying their practices far beyond those target areas, and presently any entity or person can be a Cybercrime target.

What is Social Engineering?

Social Engineering is the designation given to the set of persuasion techniques which purpose is getting users to execute or leverage actions in line with the attackers' goals.

Social engineering attacks are applicable in the context of cybersecurity as they can be applied in combination with attacks of technological nature. An example of this is the Phishing attack, in which a given user is induced to provide information or access to resources, under the illusion of being in contact with a trustworthy entity.

What is the connection between Cybersecurity and the GDPR?

The General Data Protection Regulation (GDPR) is the European regulation that addresses the privacy and protection of personal data. In addition, it has the purpose of safeguarding the citizens' rights and protect them from risks and threats related to the provision or misuse of their data.

Therefore, this regulation legislates several rights in defence of the holders of personal data, specifically, the right to transparency, information, access, rectification, erasure ('right to be forgotten'), among others.

Therefore, the entities to which the regulation is applicable have the legal responsibility to provide resources to safeguard such rights, in addition to implement the necessary measures to ensure the adequate protection of the holders' data.

This adequate protection, which is specified in article 32 of the regulation, mentions “The capability to ensure the permanent confidentiality, integrity, availability and resilience of data processing systems and services”, and it is precisely here where there is a strong connection between the GDPR and Cybersecurity.

It is therefore crucial to apply the practices and controls associated with Cybersecurity, namely as regards Access Control, Data Encryption, Backups, Resilience, Tests, among other fundamental procedures, in order to guarantee the purpose of personal data protection measures.

Accordingly, there is a considerable intersection between these two areas, Privacy and Cybersecurity, although they may have different goals, as a considerable part of the controls to ensure Data Privacy involves the implementation of Information Security controls. For these reasons, the GDPR has effectively reinforced the importance of Cybersecurity.

Does the padlock on a website mean that it is secure?

The padlock on a website provides users a guarantee on the authenticity of the website they are visiting, regarding the internet domain of the page in question, also guaranteeing the encryption of the data transmitted and received from that page, being this the effective function of the digital certificate. which is represented by the padlock. Despite these security properties (domain authenticity and data encryption), the certificate does not guarantee, among other risks, whether the site is secure to manage the users' data or whether the site is reliable for carrying out financial transactions.

As an example, imagine that you are going to buy an item from a store that you do not know. In fact, if the store has a guard at the door, it will certainly provide you with a higher level of reliability, but then again, it does not necessarily mean that the items you will buy in that store are not, for example, defective or counterfeit.

What is phishing?

Phishing is a means of cyberattack in which attackers try, through email, applications or websites, to illicitly acquire users' data, i.e., passwords, financial or bank data, credit card numbers and other confidential information. The aim is to manipulate users and obtain such private data for identity theft, bank accounts theft, etc.

Phishing attacks are frequently carried out on a large scale, which means that attackers send an email (apparently coming from a legitimate entity in the market) to thousands of users, instead of spear phishing, which is directed at specific targets, whether they be individuals or companies.

To avoid being victims of this type of attack, users should be alert to emails sent by unknown persons or entities; they should not open suspicious attachments or attached files that they are not expecting to receive and, before opening any link, they should always check if it is trustworthy.

For protection against new phishing scams, users must also install and always keep their protection software updated and shielded from viruses, malware, and other that may be applicable. Saiba mais More information here.

What is vishing? And smishing?

Vishing (combination of Voice and Phishing) is a variation of phishing but carried out through voice calls in which the attacker calls the victim, impersonating another person or entity with the aim of acquiring confidential information or induce actions with a view to acquiring this data. These telephone calls can be made either by a single person or by an automated system.

Smishing, in turn, represents an attack that is similar to phishing or vishing, but this one is made by SMS messages and with the same intent - persuade the user to perform a certain action in order to obtain data or illicit accesses.

To avoid this type of attack, users must be careful whenever answering unknown numbers. It is better to write down the name of the calling entity, look up the number on the Internet and call directly. One should never assume that the call is genuine just because they have the correct personal data; sensitive data (namely financial or access data by this means) should never be made available; you should never make certain actions or payments during the call, and it is always best to be suspicious and request technical information (to which only a reliable employee would have access) or, if the doubt persists, even hang up the phone and seek the contact of the entity and validate that the number is, in fact, reliable. More information here.

How can we create a strong password?

Most websites and services require or advise users to use strong passwords so that attackers cannot crack them.

In fact, there are so many websites asking for passwords that sometimes it would be more practical to use always the same password, although this is a huge mistake, as anyone who can guess the password of a service will be able to access all others.

One of the techniques used by attackers to guess passwords is called Dictionary Attack, in which the dictionary is automatically used with the purpose of identifying the password. Therefore, you should never use names, sequences or obvious things; you must use long and complex passwords, mix uppercases with lowercases and symbols; be careful and change passwords frequently; never disclose them to anyone and avoid repeating previously used passwords. More information here.

Are all Wi-Fi networks secure?

A Wi-Fi network is generally a means of accessing the Internet. With the proper security settings, a Wi-Fi network has an adequate protection, which is usually the scenario of the personal Wi-Fi networks we have in our homes. However, in many contexts we end up using Wi-Fi networks that do not belong to us or whose configuration has not been effectively validated. In those contexts, we are accessing resources through a means that cannot be completely reliable, resulting in multiple risks for users, namely the possibility that someone with malicious intent may, at the limit, intercept or monitor the content of your connection while using this means of access.

Therefore, not all Wi-Fi networks are secure, and we should consider very carefully whenever we connect to a public Wi-Fi network, and the kind of transactions and applications we use in such context.

Another important risk is that, by connecting to this Wi-Fi network, our equipment will become more exposed to all other users of the same Wi-Fi network. This should also be taken into account as it may cause a probable intrusion or the infection of your equipment with malicious software.

How can we buy online with security?

In recent years, online shopping has skyrocketed given the convenience and speed it offers; however, it is important for users to know how to protect themselves. First, they must check if the website address has the protocol sign HTTPS in the URL, as this guarantees the legitimacy of the e-commerce as well as the encryption of the exchanged data, and therefore, transactions can be carried out with security (you can also read the Privacy Policies). You should also avoid carrying out online purchases using public Wi-Fi networks as it is always safer to do it using private networks, which are known in advance to be secure. However, if you are shopping in a public access spot, choose well-known networks, even if they are free of charge. It is also convenient to enter directly the official website address, instead of accessing it from a link and, if you suspect a website, do not forget carrying out the competent due diligence.

It is also important to create secure and strong passwords, changing them often, as well as checking your statements of account.

Make regular updates of your security software and put the update settings into automatic mode.

Regarding payment, before doing so, you should always read the terms and conditions and the terms of sale. As for the payment method, you should choose the one that provides the most security, and it should be noted that if you choose cards, the safest ones are those that require additional authentication.

Finally, if you're going to buy gift cards, make sure the site has a solid warranty policy.

In any case, it is important to be informed about consumer rights: Shopping: consumer rights in the EU - Your Europe (europa.eu)

What is formjacking?

Formjacking is another means of cyberattack. It occurs when attackers inject malicious JavaScript code with the aim of tampering a website and being able to modify the functioning of its payment page. This type of attack represents a serious threat to both companies and users, as it is used to steal data of credit cards and the users' personal and confidential data.

To avoid this type of threat, users can take some measures such as: choosing to shop in websites they already know; seek information on the previous experience of other users; check the page URL and verify if the address bar indicates 'HTTPS', and not 'HTTP', and provide the strictly necessary information in order to proceed with the transaction. More information here.

Would you like us to add more topics to this Cybersecurity Guide?
Send your suggestions to info@integrity.pt.

x

Cookie Consent X

Integrity S.A. uses cookies for analytical and more personalized information presentation purposes, based on your browsing habits and profile. For more detailed information, see our Cookie Policy.