Since our way of life depends on computer infrastructure and the digital technology that operates it, cybersecurity has become the talk of the town. It’s been reported that Americans worry far more about identity theft or theft of their financial details than they do about being shot or otherwise injured.
In a 12 month period between 2013 and 2014, the FBI revealed that a staggering total of 519 million financial records were stolen by hackers in the US alone. The financial impacts of these cybersecurity attacks are of course enormous; cyber crime is estimated to have cost the global economy more than $445 billion.
Large data breaches and even the vulnerabilities which might lead to them have been highly publicised in recent years. The issue of cybersecurity is becoming increasingly important to governments, businesses and individuals alike. However, while people have certainly heard of the term cybersecurity, many are confused about what should be done.
So what can you do to prevent coming under a cybersecurity attack?
- Automatic software updates: Many software programs automatically connect and update to defend against known risks. While this might be irritating, having updated protection is very important.
- Get a firewall: an efficient firewall will block against most viruses, malware etc.
- Maintain your computer: Keep your security software, web browser and operating system updated.
- Filter for spam: Spam emails can carry malicious software and phishing scams, some aimed directly at businesses. A good spam filter will block most of it, making your email system safer.
- Scan all devices: Make sure to scan any devices such as USB sticks to ensure no viruses or malware are introduced.
Use a web vulnerability scanner: Regularly scan your website with a web vulnerability scanner to detect vulnerabilities which would allow hackers into your site
What cyber criminals are particularly after are people’s personal and financial data … the greater the customer database the greater the prize for them. Therefore, website owners need to make sure that their website is able to withstand attacks. Hackers use a variety of methods including:
- SQL injection; which basically modifies SQL queries in order to gain access to data in the database.
- Cross-site Scripting attack; whereby a hacker executes malicious scripts on your visitor’s browser.
- Cross Site Request Forgery (CSRF); a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts.
- Distributed Denial of Service attack (DDOS), where a website is overloaded with requests in an attempt to make a machine or network resource unavailable to its intended users. This can also distract the owners of the website while a separate attack is carried out.
Once a website is already built the best way to check if it’s vulnerable to any of these cybersecurity attacks is to run a web vulnerability scanner, such as Acunetix WVS which identifies all variants of the possible vulnerabilities and offers advice on how to fix them.