Cybersecurity For Dummies. Joseph Steinberg
Чтение книги онлайн.

Читать онлайн книгу Cybersecurity For Dummies - Joseph Steinberg страница 18

СКАЧАТЬ an attempt to disguise the fact that the data is being intercepted. Proxying in such a case refers to the man-in-the-middle intercepting requests and then transmitting them (either in modified form or unmodified) to their original intended destinations and then receiving the responses from those destination and transmitting them (in modified form or unmodified) back to the sender. By employing proxying, the man-in-the-middle makes it difficult for senders to know that their communications are being intercepted because when they communicate with a server, they receive the responses they expect.

      For example, a criminal may set up a bogus bank site (see the earlier “Phishing” section) and relay any information that anyone enters on the bogus site to the actual bank site so that the criminal can respond with the same information that the legitimate bank would have sent. Proxying of this sort not only helps criminals avoid detection — users who provide the crook with their password and then perform their normal online banking tasks may have no idea that anything abnormal occurred during the online banking session — but also helps the criminals ensure that they capture the right password. If a user enters an incorrect password, the criminal will know to prompt for the correct one.

      Many cyberattacks involve stealing the victim’s data. An attacker may want to steal data belonging to individuals, businesses, or a government agency for one or more of many possible reasons.

      People, businesses, nonprofits, and governments are all vulnerable to data theft.

      Personal data theft

      Criminals often try to steal people’s data in the hope of finding items that they can monetize, including:

       Data that can be used for identity theft or sold to identity thieves

       Compromising photos or health-related data that may be sellable or used as part of blackmail schemes

       Information that is stolen and then erased from the user’s machine that can be ransomed to the user

       Password lists that can be used for breaching other systems

       Confidential information about work-related matters that may be used to make illegal stock trades based on insider information

       Information about upcoming travel plans that may be used to plan robberies of the victim’s home

      Business data theft

      Criminals can use data stolen from businesses for a number of nefarious purposes:

       Making stock trades: Similar to the criminals mentioned earlier in this chapter who tamper with data in order to manipulate financial markets, criminals may also seek to steal data in order to have advance knowledge of how a particular business’s current and yet unreported quarter is going. They then use that insider information to illegally trade stocks or options, thereby potentially making a significant profit.

       Selling data to unscrupulous competitors: Criminals who steal sales pipeline information, documents containing details of future products, or other sensitive information can sell that data to unscrupulous competitors or to unscrupulous employees working at competitors whose management may never find out how such employees suddenly improved their performance.

       Leaking data to the media: Sensitive data can embarrass the victim and cause its stock to decline (perhaps after selling short some shares).

       Leaking data covered by privacy regulations: The victim may be potentially fined.

       Recruiting employees: By recruiting employees or selling the information to other firms looking to hire employees with similar skills or with knowledge of competitions’ systems, criminals who steal emails and discover communication between employees that indicates that one or more employees are unhappy in their current positions can sell that information to parties looking to hire.

       Stealing and using intellectual property: Parties that steal the source code for computer software may be able to avoid paying licensing fees to the software’s rightful owner. Parties that steal design documents created by others after extensive research and development can easily save millions of dollars — and, sometimes, even billions of dollars — in research and development costs. For more on the effects of this type of theft, see the nearby sidebar “How a cyberbreach cost one company $1 billion without 1 cent being stolen.”

      Data exfiltration

      Data exfiltration is a somewhat complicated term for a simple concept, and refers to situations in which a party, through the use of malware or other automated means, or by manually issuing commands to a remote computer, causes data to be transferred without authorization from some information system or repository to somewhere else.

      Anytime you hear of a data breach in which sensitive data has been copied by criminals, that is an example of data exfiltration. Depending on what data leaks and from whom, data exfiltration can easily harm the confidence of a business’s customers, reduce trust in a government entity, undermine the confidentiality of proprietary information, and/or undermine national security.

      Compromised credentials

      Likewise, use by a rogue employee of another employee’s credentials for any nefarious purpose (and even for most non-nefarious purposes) is also an example of such an attack.

      Forced policy violations

      Any attack in which a user or device is forced to violate cybersecurity policies is considered a forced policy violation attack.

      Malware, or malicious software, is an all-encompassing term for software that intentionally inflicts damage on its users who typically have no idea that they are running it. Malware includes computer viruses, worms, Trojans, ransomware, scareware, spyware, cryptocurrency miners, adware, and other programs intended to exploit computer resources for nefarious purposes.

      Viruses

      Computer viruses are instances of malware that, when executed, СКАЧАТЬ