Everything about Cybersecurity

A cyber security threat refers to any possible malicious attack that seeks to unlawfully access data, disrupt digital operations or damage information. Cyber threats can originate from various actors, including corporate spies, hacktivists, terrorist groups, hostile nation-states, criminal organizations, lone hackers and disgruntled employees.

Industry

  • The global cybersecurity market is predicted to grow from $167.1B in 2019 to $248.26B by 2023, attaining a 10.4% CAGR
  • Enterprise spending on cloud security solutions is predicted to increase from $636M in 2020 to $1.63B in 2023, attaining a 26.5% CAGR.
  • Endpoint security tools are 24% of all I.T. security spending, and by 2020 global I.T. security spending will reach $128B
  • Spending on Infrastructure Protection is predicted to increase from $18.3B in 2020 to $24.6B in 2023, attaining a 7.68% CAGR.
  • 70% of all breaches still originate at endpoints, despite the increased I.T. spending on this threat surface
  • 87% of enterprises are seeing mobile threats growing the fastest this year, outpacing other threat types
  • The global cyber insurance market, as measured by gross written premiums, is forecast to be $8B by 2020, compared to a $124B global cybersecurity market
  • Endpoint security tools are 24% of all I.T. security spending, and by 2020 global I.T. security spending will reach $128B
2020 Roundup of Cybersecurity Forecasts And Market Estimates

Types of Cybersecurity Threats

  • Malware: Malware is malicious software such as spyware, ransomware, viruses and worms. Malware is activated when a user clicks on a malicious link or attachment, which leads to installing dangerous software
  • Emotet: An advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware.
  • Denial of Service: A denial of service (DoS) is a type of cyber attack that floods a computer or network so it can’t respond to requests. A distributed DoS (DDoS) does the same thing, but the attack originates from a computer network. Cyber attackers often use a flood attack to disrupt the “handshake” process and carry out a DoS.
  • Man in the Middle: A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a two-party transaction. After interrupting the traffic, they can filter and steal data. MITM attacks often occur when a visitor uses an unsecured public Wi-Fi network. Attackers insert themselves between the visitor and the network, and then use malware to install software and use data maliciously.
  • Phishing: Phishing attacks use fake communication, such as an email, to trick the receiver into opening it and carrying out the instructions inside, such as providing a credit card number.
  • Spoofing is the act of masking or forging a website, email address, or phone number to appear as if it originates from a trusted source
  • SQL Injection: A Structured Query Language (SQL) injection is a type of cyber attack that results from inserting malicious code into a server that uses SQL. When infected, the server releases information. Submitting the malicious code can be as simple as entering it into a vulnerable website search box.
  • Password Attacks: With the right password, a cyber attacker has access to a wealth of information. Social engineering is a type of password attack that Data Insider defines as “a strategy cyber attackers use that relies heavily on human interaction and often involves tricking people into breaking standard security practices.” Other types of password attacks include accessing a password database or outright guessing.
  • Adware is short for advertising software and its main objective is to generate revenue by delivering tailored online advertisements. As such, browser-based and application-based adware tracks and gathers user and device information, including location data. Adware can lead to exploitation of security settings, users, and systems.
  • Backdoor is a point of entry into a user’s system or computer, bypassing authentication measures, encryption, or intrusion detection systems. Once threat actors have this remote access, they can steal information, install malware, or control the device’s processes and procedures. Backdoors are often deliberately created for troubleshooting, software updates, or system maintenance
  • Cryptojacking is when a threat actor covertly exploits a victim’s device (e.g., computers, mobile, and Internet of Things devices) for the unauthorized mining of cryptocurrency.
  • Drive-by exploit refers to malicious code that a cyber threat actor has placed on a website without the website host’s knowledge; the malicious code attempts to compromise the devices of any user who visits the website
  • Pharming is a technique used to redirect traffic from a legitimate website to a malicious one. This deception can be achieved by modifying the user’s system settings or by exploiting vulnerabilities in the domain name system (DNS) server software, which is responsible for resolving URLs into IP addresses
  • Ransomware is malicious software that, in many cases, restricts access to a computer or a device and its data by encrypting its content and demanding that a ransom be paid, usually via a cryptocurrency such as bitcoin, in order for the victim to regain access to systems and information
  • Spyware is malicious software used to track a user’s digital actions and information with or without the user’s knowledge or consent. Spyware can be used for many activities, including keystroke logging, accessing the microphone and webcam, monitoring user activity and surfing habits, and capturing usernames and passwords.

Cyber Threat Actors

  • Nation-states are frequently the most sophisticated threat actors, with dedicated resources and personnel, and extensive planning and coordination.
  • Cybercriminals are generally understood to have moderate sophistication in comparison to nation-states. Nonetheless, they still have planning and support functions in addition to specialized technical capabilities that affect a large number of victims.
  • Hacktivists, terrorist groups, and thrill-seekers are typically at the lowest level of sophistication as they often rely on widely available tools that require little technical skill to deploy.
  • Insider threats are individuals working within their organization who are particularly dangerous because of their access to internal networks that are protected by security perimeters.

Other Notes

  • To deal with the increase in monetary bandwidth costs, the VPN configuration that most organizations use most often is a “split-tunnel” configuration. In this configuration, a VPN client only connects a user to an organization for the resources it needs from that organization and will connect the user directly to the Internet for everything else, accessible only through an Internet connection
  • With most of the workforce telecommuting, DDoS attacks have strong potential to cause operational downtime issues for organizations
  • Several governments are opting for a centralized approach to data collection based on a cloud-hosted infrastructure. This centralized approach is a concern due to practices by insecure cloud hosting providers and misconfigurations which can lead to a data breach
  • Some privacy advocates have raised concerns over who owns the data centers, where the physical data centers are located, and which third parties may gain access to sensitive information stored there

Resources

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Hi! I'm

Ricky Young

My belief is that financial freedom cannot be obtained by just a 9-to-5, but a combination of smart investing and passive income. This is my journey to achieve financial freedom.

Disclaimer: The Content is for informational purposes only, you should not construe any such information or other material as legal, tax, investment, financial, or other advice. To learn more, read our Terms of Use.