All articles in the "Introduction to Cyber Security" series
- Cyber Security. Not What I thought
- Basics of Cyber Security Requirements
- The CIA Triad
- Introducing the ASD
- Introducing the Essential 8
- Mapping Strategies to controls
- Threats, Vulnerabilities, and Risks
- Introduction to Risk and Risk Management
- ICT Assets and Asset Registers
- Cyber Threat Awareness
- Introduction to Cyber Incident Response Plan
- Risk Management and Cyber Controls
- Risk Mitigation Plans
- Implement Security Controls
- Measuring Security
- Exploring Implementation Discrepancy
- CIRP as a Mitigation Strategy
Foundations of Threat Awareness
To truly manage cyber risk, you must first understand the landscape of threats you’re up against. A cyber threat isn’t just a technical problem; it’s any potential malicious act designed to damage or gain unauthorised access to an organisation’s systems, network, or data.
Developing threat awareness is the first step in building a proactive defences, allowing you to anticipate and prepare for attacks rather than simply reacting to them.
Here are some of the most common threats that every organisation should be aware of:
- Network Intrusion: This is when an attacker gains unauthorised access to a network. The goal is often to move around undetected, steal data, or plant malware.
- Phishing: One of the most common and effective attacks, phishing uses deceptive emails, text messages, or websites to trick individuals into revealing sensitive information, like passwords, credit card numbers, or other personal details.
- Ransomware: This malicious software locks a computer or encrypts your files, making them inaccessible. The attacker then demands a ransom payment, usually in cryptocurrency, in exchange for a key to unlock the data.
- Rootkits: A sophisticated type of malware, a rootkit is designed to hide its presence and the presence of other malicious software on a computer, giving the attacker long-term, unrestricted control.
- Spyware: This malware is secretly installed on a computer to monitor and record a user’s activities. It can capture everything from keystrokes to personal data and browsing history.
- Trojans: Named after the Trojan Horse of Greek mythology, this type of malware is disguised as a legitimate piece of software. Once downloaded and installed, it creates a hidden backdoor that allows an attacker to gain control of the system.
- Virus: A virus is a malicious piece of code that attaches itself to other files. When a user opens the infected file, the virus replicates and spreads to other files and systems, causing damage or disrupting operations.
- Zero-day exploit: (scary)This refers to a software vulnerability that is not publicly known or patched. Attackers can exploit this “zero-day” window to launch attacks before the software vendor even knows about the flaw, making these attacks particularly dangerous and difficult to defend against.
In cybersecurity, a strong defence is built on understanding the threat landscape. Understanding these threats is amongst the first and most critical steps in protecting an organisation. It’s the foundational knowledge that informs every subsequent decision, from risk assessment to the prioritising specific security controls. By moving beyond a reactive posture and staying current with the tools, tactics and procedures that threaten data and infrastructure confidentiality, integrity and accessibility (CIA), an organisation can begin to proactively anticipate and defend against potential attacks.