Incident Response
.
DIGITAL FORENSIC AND INCIDENT RESPONSE:
The field of cybersecurity is concerned with identifying, investigating, and remediating cyberattacks. In today’s world, cybersecurity is more important than ever. From businesses being knocked out of operation by cyberattacks to politicians and celebrities being targeted by hackers looking for financial gain, the need for protection is paramount.
With so much talk about cybercrime, it’s important to remember just what a cyberattack is and isn’t. A cyberattack is a malicious act committed against a computer system or network that could potentially harm the system or network. The harm may be physical, such as a system malfunction causing lost data or equipment, or it could be financial, such as unauthorized transactions resulting in financial loss.
This is important to keep in mind, as it could lead you to believe that any attack that involves a computer is a cyberattack. This, however, is not necessarily the case. There are many different kinds of attacks that exist, and although some of them are perpetrated by hackers, none of them necessarily are. For instance, someone could leave a bomb in a restaurant, which would be a sort of hybrid between a traditional crime and a cyberattack. The system could be damaged, but the perpetrator didn’t necessarily intend it to be. This is also why it’s important to be aware of the difference between a ransomware attack and a Trojan horse attack. Let’s take a look at each one.
Ransomware attacks
Ransomware is a type of malicious software that infects your computer and then demands a ransom to be paid in order to recover your files. The malware author (also known as the ransomware hacker) encrypts your files and then pops up a message on your screen, demanding a ransom.
The most common type of ransomware attack occurs when you open a link in an email or online document that contains a virus. The virus will then infect your computer and encrypt your files. The encryption of your files makes it difficult (if not impossible) for you to access your data unless you pay the ransom. Some ransomware attacks also come with additional threats, such as web pages that try to trick you into paying the ransom or web pages that try to get you to reveal personal information.
Trojan Horse Attacks
A Trojan horse is a software program that appears to do one thing but actually does another. It gains access to your computer system without your permission and then does something malicious with your data. A common example of a Trojan horse program would be a program that asks you to enter your username and password, but in reality it’s logging your information and sending it to another location for nefarious purposes.
The harm from a Trojan horse can be much more serious than that from a simple ransomware attack. For example, imagine if a Trojan horse was set to delete all of your files and then demand a ransom from you. You wouldn’t be pleased when you found out what your computer was doing without your knowledge, and you’d have to deal with the fact that you’re unable to access your data without paying a ransom. It’s also worth noting that some Trojan horses are designed to give the appearance of something innocuous but actually contain hidden malware that can damage your system without your knowledge.
SIM swapping
SIM (Subscriber Identity Module) swapping is when a thief uses your phone number to get service from a different carrier. As long as you use the same email address and password for all of the carriers, your personal information isn’t at risk of being stolen. However, since the carrier doesn’t know that you’ve been hacked, they may not offer the best customer experience, and you could end up with a tarnished brand reputation.
Phishing:
Phishing is a type of scam where fraudsters attempt to obtain personal information (such as passwords or credit card details) from users by pretending to be a trustworthy entity. They might send an email that looks like it’s from your bank, for example, asking you to log in and view your recent transactions. When you click on a link in the email and login to your bank account, you’ve been tricked into providing personal information to a nefarious entity.
Beware of any email that tries to get you to provide your personal information. If you receive an email that looks like it’s from your bank and you’ve never heard of the organization, it could be a scam. The email could contain a link that takes you to a website that looks like the bank’s but is actually some other organization’s site. Never, ever give out your personal information to anyone unless you know and trust them.
Data breaches
A data breach is when there is an accidental disclosure of your personal data. This could happen when an employee accidentally drops a USB stick with your personal information on it in a car park or when a hacker discovers a weakness in an online database that compromises your private information. In these cases, you have no say in the matter and your data is effectively stolen.