Do we know what we are dealing with here? I mean cyber crimes. I and my co-author have consistently written about this matter and I want to discuss cyber security this time.
Cyber security is a shared responsibility and users should be a part of the detection process by checking out for telltale signs of a cyber-attack. The 2016 Cisco Midyear Cybersecurity Report indicates that the average time for detecting threats is 100 to 200 days in this industry, which should take less time, compared to the malicious network activity.
An effective and efficient cybersecurity plan is necessary to counter the constantly evolving security risks. The program requires implementation of effective IT security tools, a strategy for imminent threats and include staff education programs because human error causes the majority of cyber-attacks.
Slow internet and local network access is a hint of a cyber-attack which results from the denial of service(DoS) and distributed denial of service (DDoS)attacks. They target systems with a lot of data requests which overload the servers to follow request leading to a system crash. The server can be fortified with secure permissions, active monitoring of records, use of encrypted protocols and paring down the server to only host the necessary applications can help strengthen its security.
Increased popups due to malware
Users get many popups which are a sign of malware attack thus experiencing slowness or stalling and sudden crashes. With advancements in cyber attacks, some can navigate around existing firewalls to target unprotected systems. Practice safe web browsing by avoiding clicking on links in pop-up windows.
Internal phishing scams to target employees
Phishing mostly applies to large institutions where emails are sent to staff posing as human resource personnel to acquire personal information. Convincing emails with malware attachments are downloaded onto computers by unsuspecting staff. Hackers spoof the sender’s name to appear as originated from a trusted source to beat email firewalls which show the great lengths attackers go to ensure successful attacks. Practice safe email protocol and be wary of online links from unknown sources or when opening email attachments.
Malware in a cyber-attack is revealed in similar computer language used on the site which makes it a quick, effective way for IT professionals to identify code inconsistencies. They differentiate simple advertisement code from language containing malware which mostly uses spam words which are usually red flags, warnings of an underlying security breach. Code threats are categorized into four main areas, based on origination and destination; Backdoors, Viruses, Worms, Trojans. Use of antimalware software that updates in real-time without necessitating any diagnostic prompts.
Early evidence of a cyber-crime can show up in administrative logins where attempts to access management functions that allow content control are met with error messages regarding wrong passwords or nonexistent usernames. The URL to the administrative portal can be missing as part of a hacker’s attempt to eliminate the ability to combat the attack.
A visible sign of cyber tampering shows through a hacker’s sense of humor due to the capability of fully changing a website’s design. This form of cyber-attack involves layout rearrangement, content addition or even deletion of entire pages.
Cyber-attacks impact organizational operations negatively. Be wary of abnormal shifts such as the inability to load pages on your website, connectivity to unusual multiple systems, sudden new services, slower than regular loading speeds, as these can be indicators of malicious activity. Best practice in security is by ensuring employees create a strong email password and updating networks every six months.
Being alert to the cyber-attack signals and taking proactive measures doesn’t eliminate websites or networks as targets, but it provides the information security skills to adequately combat them.
Editor’s Note: Lucy Wangechi Katende contributed to this article.
Nicholas Katende is pursuing PhD IT, Msc Data Communication, and BCSIT. He is an Associate Dean For Evening and Weekend Programmes at the University of Kigali