Cybersecurity For Dummies. Joseph SteinbergЧитать онлайн книгу.
Add to the mix that many people today work from home — often at the same time during which their children attend school remotely from the same location — and the possibility of human errors made either due to interruptions mid-task, or due to the inability to speak in-person with a colleague, grow dramatically.
The bottom line: You must internalize that human error poses a great risk to your cybersecurity — and act accordingly.
Social engineering
In the context of information security, social engineering refers to the psychological manipulation of human beings into performing actions that they otherwise would not perform and which are usually detrimental to their interests.
Examples of social engineering include
Calling someone on the telephone and tricking that person into believing that the caller is a member of the IT department and requesting that the person reset their email password
Sending phishing emails (see Chapter 2)
Sending CEO fraud emails (see Chapter 2)
While the criminals launching social engineering attacks may be malicious in intent, the actual parties that create the vulnerability or inflict the damage typically do so without any intent to harm the target. In the first example, the user who resets their password believes that they are doing so to help the IT department repair email problems, not that they are allowing hackers into the mail system. Likewise, someone who falls prey to a phishing or CEO fraud scam is obviously not seeking to help the hacker who is attacking them.
Other forms of human error that undermine cybersecurity include people accidentally deleting information, accidentally misconfiguring systems, inadvertently infecting a computer with malware, mistakenly disabling security technologies, and other innocent errors that enable criminals to commit all sorts of mischievous acts.
The bottom line is never to underestimate both the inevitability of, and power of, human mistakes — including your own. You will make mistakes, and so will I — everyone does. So on important matters, always double-check to make sure that everything is the way it should be. It is better to check many times when there was, in fact, no social engineering attack, than to fail to check the one time that there was such an attack.
External disasters
As described in Chapter 2, cybersecurity includes maintaining your data’s confidentiality, integrity, and availability. One of the greatest risks to availability — which also creates secondhand risks to its confidentiality and integrity — is external disasters. These disasters fall into two categories: naturally occurring and man-made.
Natural disasters
A large number of people live in areas prone to some degree to various forms of natural disasters. From hurricanes to tornados to floods to fires, nature can be brutal — and can corrupt, or even destroy, computers and the data that the machines house.
Continuity planning and disaster recovery are, therefore, taught as part of the certification process for cybersecurity professionals. The reality is that, statistically speaking, most people will encounter and experience at least one form of natural disaster at some point in their lives. As such, if you want to protect your systems and data, you must plan accordingly for such an eventuality. It is not surprising that organizations with proper continuity plans in place often fared far better than their unprepared counterparts when the COVID-19 pandemic hit and forced people to work from home.
A strategy of storing backups on hard drives at two different sites may be a poor strategy, for example, if both sites consist of basements located in homes within flood zones.
Pandemics
One particular form of natural disaster is a pandemic or other medical issue. As people around the world saw clearly in 2020, the arrival of a highly contagious disease can cause a sudden shutdown of many in-person working facilities and schools, and cause a sudden migration to online platforms — creating all sorts of cybersecurity-related issues.
Man-made environmental problems
Of course, nature is not the only party creating external problems. Humans can cause floods and fires, and man-made disasters can sometimes be worse than those that occur naturally. Furthermore, power outages and power spikes, protests and riots, strikes, terrorist attacks, and Internet failures and telecom disruptions can also impact the availability of data and systems.
Businesses that backed up their data from systems located in New York’s World Trade Center to systems in the nearby World Financial Center learned the hard way after 9/11 the importance of keeping backups outside the vicinity of the corresponding systems, as the World Financial Center remained inaccessible for quite some time after the World Trade Center was destroyed.
Cyberwarriors and cyberspies
Modern-day governments often have tremendous armies of cyberwarriors at their disposal. Such teams often attempt to discover vulnerabilities in software products and systems to use them to attack and spy on adversaries, as well as to use as a law enforcement tool. Doing so, however, creates risks for individuals and businesses. Instead of reporting vulnerabilities to the relevant vendors, various government agencies often seek to keep the vulnerabilities secret — meaning that they leave their citizens, enterprises, and other government entities vulnerable to attack by adversaries who may discover the same vulnerability.
In addition, governments may use their teams of hackers to help fight crime — or, in some cases, abuse their cyber-resources to retain control over their citizens and preserve the ruling party’s hold on power. Even in the United States, in the aftermath of 9/11, the government implemented various programs of mass data collection that impacted law-abiding U.S. citizens. If any of the databases that were assembled had been pilfered by foreign powers, U.S. citizens may have been put at risk of all sorts of cyberproblems.
The dangers of governments creating troves of data exploits are not theoretical. In recent years, several powerful cyberweapons believed to have been created by a U.S. government intelligence agency surfaced online, clearly having been stolen by someone whose interests were not aligned with those of the agency. To this day, it remains unclear whether those weapons were used against American interests by whoever stole them.
The impotent Fair Credit Reporting Act
Many Americans are familiar with the Fair Credit Reporting Act (FCRA), a set of laws initially passed nearly half a century ago and updated on multiple occasions. The FCRA regulates the collection and management of credit reports and the data used therein. The FCRA was established to ensure that people are treated fairly, and that credit-related information remains both accurate and private.
According to the Fair Credit Reporting Act, credit reporting bureaus must remove various forms of adverse information from people's credit reports after specific time frames elapse. If you don't pay a credit card bill on time while you’re in college, for example, it’s against the law for the late payment to be listed on your report and factored against you into your credit score when you apply for a mortgage two decades later. The law even allows people who declare bankruptcy in order to start over to have records of their bankruptcy removed. After all, what good would starting over be if a bankruptcy forever prevented someone from having a clean slate?
Today, however, various technology companies