Cyber security rose from an ancillary concern to a priority as the world’s top industries increasingly rely on information technology, artificial intelligence, and the internet to meet their demands. Cyber security engineers specialize in protecting information, using their skills and knowledge of hardware, software, and computer networks to defend systems against threat actors and cyber attacks.
Here are five of the most significant threats and challenges today’s cyber security engineers face, why they are relevant, and what they can do to address them.
Ransomware Attacks
Ransomware attacks involve specific types of malware being used to encrypt the victim’s data, threatening deletion or permanent encryption if the victim doesn’t pay a ransom to the hackers.
Ransomware is among the oldest types of security threats. One of the earliest known examples was the AIDS Trojan in 1989. Initially, most ransomware threats targeted individual users on privately-owned PCs, using encryption algorithms to lock the user from accessing their files.
However, ransomware attacks increased in frequency and intensity starting in the early 2010s, with several high-profile cases, such as WannaCry (over 230,000 computers infected in 150 countries) or DarkSide, well-known for causing the Colonial Pipeline cyberattack in May 2021.
Typical ransomware attacks occur when the user visits a malicious website or downloads attachments from legitimate-looking emails, causing a phenomenon known as a drive-by download (the unintentional, hidden downloading of a file) of an infected file.
Once spread on the user’s machine, the malware proceeds with encrypting all data on the computer, locking access, and demanding payment.
Preventing Ransomware Attacks
Ransomware incidents typically occur by exploiting the individual users’ ignorance, making it one of the most dangerous cyber threats today. Security professionals worldwide recommend specialized security awareness classes to prevent becoming a ransomware victim.
DDoS Attacks
Distributed Denial-of-Service (DDoS) attacks are among the most common types of cyberattacks worldwide. Over 10 million DDoS attacks occurred in 2020, representing an all-time high and a 20% increase from 2019.
Each computer network has a finite bandwidth, the maximum number of simultaneous connections it can support.
DDoS attacks are a type of denial-of-service (DoS) attack, which aims to render a specific network unavailable, disrupting access to its content or services (e.g., a website) by artificially flooding the bandwidth. The distributed part of a DDoS attack comes from using various computers to carry out the attack. This array is known as a botnet (a portmanteau of robots and networks).
The computers used to perform DDoS attacks are typically regular systems infected with a specific type of malware known as a malicious bot (an automated program). This bot then abuses the infected computer and its internet connection to perform a DDoS attack, steal data, or send spam.
Preventing DDoS Attacks
Like ransomware, malware designed to carry out DDoS attacks infiltrates computers by exploiting security issues or the user’s ignorance. The same security risk awareness practices remain the best way to avoid becoming a victim.
Because DDoS attacks usually target company websites and corporate networks, security teams typically conduct attack simulations and risk management programs to test the network’s resilience to such attacks and develop a DDoS incident response plan.
Cloud Computing Vulnerabilities
Companies worldwide increasingly rely on the cloud for data storage and networking, as they offer many convenient services accessible from various devices. However, cloud services are not immune to attacks. McAfee estimated that 3.1 million attacks on cloud computing accounts occurred in 2020.
High-profile cloud security breaches include the 2019 Capital One data breach, where a single hacker gained unauthorized access to the accounts and credit card information of over 100 million customers. All the stolen data was stored on Amazon servers as part of the company’s cloud computing Amazon Web Services (AWS).
How to Avoid a Cloud Data Breach
Relying on cloud services means entrusting your data to another company. However, the Capital One incident proved that no matter how reputable the cloud computing service is, no company is immune to security breaches.
Security experts recommend using cloud services that encrypt your files both on the cloud and on each user’s machine, ensuring that your data remains safe even in case of a breach.
Third-Party Software Vulnerabilities
Although not as well-known as other forms of security vulnerabilities, the prevalence of third-party security breaches is another critical security risk for individuals and companies.
According to a 2020 report, as many as 83% of the top 30 U.S. retailers use vulnerable third-party software and assets, 43% of which possess serious vulnerabilities with an immediate risk.
Although it may not be feasible for most companies to rely exclusively on internally developed software and applications, most of the weak points come from users installing untested or non-approved programs and browser extensions. Such attacks can even infect Internet of Things (IoT) devices, from security cameras to smart home devices.
When hackers exploit these vulnerabilities to carry out an attack, it results in what is known as a supply-chain attack. A recent high-profile example is the NotPetya attack, which exploited compromised Google Chrome browser extensions.
How to Prevent Third-Party Attacks
Cyber security engineers recommend implementing strong company security guidelines, including establishing a list of approved software and applications and disallowing users from working with unapproved or untested programs.
Social Engineering
Some of the most successful data breaches in history did not use specialized malware or cyber-attacks, relying instead on the simplest and oldest hacking technique: social engineering.
Social engineering is a form of psychological manipulation, where the hacker cons a victim into revealing sensitive data or information. A 2021 PurpleSec report estimated that virtually all cyber attacks (98%) rely on some type of social engineering to be successful.
The most popular type of social engineering attack is phishing: fraudulent emails designed to trick random members of the public into revealing information (usually credit card information). Spear-phishing is a more dangerous form of phishing, as it usually targets a specific organization. Hackers put more effort into spear-phishing emails, designing them to be indistinguishable from regular internal emails.
How to Combat Social Engineering
The key to avoiding falling victim to social engineering attacks is to develop good general security practices, including avoiding disclosing passwords or personal information, not using unknown USB drives, and not downloading file attachments or clicking links from suspicious emails.
Cyber security engineers are trained to recognize these threats. They can provide the training and education necessary to help company employees become more knowledgeable about information security.
Meet Fellow Engineers in Ontario
The Ontario Society of Professional Engineers represents the engineering community in the province. OSPE offers networking and education opportunities for engineers of all backgrounds and skill levels, from students and graduates to interns and experienced professionals.
Become an OSPE member today to invest in your engineering career, develop your network, and support your profession.
