How To Detect, Deter Or Deflect Cyber Attacks

Founder and CEO, uCodeGirl | Bush Foundation Leadership Fellow | PhD Candidate | Lecturer of Computer Science  | YWCA Woman of the Year in Science and Technology

Over the weekend, I received an email saying, “We are writing to let you know of a data security incident at a third-party service provider that may have involved some of your personal information.” Not good. Chances are you have heard this before, to the point where you might be desensitized to news citing a data breach, ransomware attack, hacks, information leaks and other cyber attacks. Coincidentally, I am taking a course called the Principles of CyberSecurity as part of my Ph.D. in Software Engineering at NDSU. So, I tried to decipher the email report with a cyber analyst hat. “Which part of the C-I-A (breach of Confidentiality, data Integrity, Availability of services) did the threat agents compromise?” I wondered. “What was the nature of the ransomware attack?”,”What were the vulnerabilities that led to this incident?”, “What control measures were in place before the hacker intruded and what mitigation efforts followed?” I understand that risk is a factor of life. Compromised data is a subject that ought to demand our full attention. Maybe we didn’t necessarily translate data into value. But remember, the cyber attackers do put a huge sticker price on it.

As technology races forward with smart products, so does the threat of cyber attacks in products, systems, protocols, algorithms, programs, interfaces and designs. Even though the field of Computer Security has been around since the 1960s, the effective protection of assets involving hardware, software, data, people, processes or the combinations of these remains a top concern and challenge among IT leaders. The global pandemic and the move to a virtual computing environment has only intensified the cyber attacks in every industry, and as a result, has gravely exposed the ill preparedness of systems. 

With the rush to use technology for teaching, learning and continuing school operations in today’s remote environment, higher institutes as well as K-12 schools have become much more vulnerable. According to Microsoft Security Intelligence, 61 percent of nearly 7.7 million enterprise malware encounters reported in May 2020 came from those in the education sector, making it the most affected industry. 

Introducing new technologies and workflow with limited infrastructural resources, knowledge and experience gaps as well as low funding may have all contributed to the schools being seen as easy targets for unauthorized data access and identity theft.

How do we identify threats and vulnerability in order to successfully detect, deter or deflect cyber attacks?

Problem: Social Engineering Attack (includes phishing) – The cybercriminals research and identify weaknesses in the organization’s security (people, systems or network). Phishing involves tricking or baiting users into giving them confidential information such as passwords and network credentials or installing malicious software through criminal fraudulent downloads or attachments. 

Counter measures: Filter emails for phishing threats, implement two-factor authentication mechanisms, regularly update client-side operating systems, software, and plug-ins, educate your employees on security awareness and put in place an incident response plan

Problem: Malware Attack (includes ransomware) – malware or “malicious software” is unwanted software in your computer/network system. The cybercriminals encrypt users’ files of an organization and hold it hostage until a ransom is paid to restore access to the data. Stolen data, financial loss due to ransom, lost productivity, IT costs, legal fees, and network modifications. 

Counter measures: restrict access privileges to installed software, keep your operating system patched and up-to-date, install antivirus software which detects and whitelists such malwares from accessing systems, backup your files, frequently and automatically

Problem: Denial-of-Service (DoS) Attack – The cybercriminals overwhelms an organization’s system’s resources so that it cannot respond to service requests. Unlike the other attacks mentioned above which gives the attacker increased access, the DoS doesn’t provide direct benefits to the attacker but takes the system offline. 

Counter measures: Secure Your Network Infrastructure, Develop a Denial of Service response plan, practice basic network security, understand the warning signs.

Problem: Password attack, SQL injection attack, Cross-site scripting (XSS) attack, man-in-the-middle (MitM) attack, etc 

Counter measures: Implement an account lockout policy that will lock the account after a few invalid password attempts, least privilege model of permissions in your databases, developers can sanitize data input by users in an HTTP request before reflecting it back.

Cyber Security should be a practiced culture at every organization, much more than the job of an IT administrator. Needed mitigation efforts include individuals’ behaviour, continuous training, policy and procedures, strong passwords, multi-factor authentication, educating students until cyber lingos such as ransomware attacks, denial-of-service attacks, two-factor authentication, etc can easily roll off their tongue.

The vision of uCodeGirl is to inspire and equip young women to become the future face of innovation in technology.  uCodeGirl is uniquely designed to inspire, engage and equip young women with computational design thinking skills, leadership traits, and an entrepreneurial mindset.  uCodeGirl strives to remove roadblocks and bridge the gender gap in technology so that young women can confidently pursue opportunities suitable for the 21st century.  By building confidence, enhancing skill sets and tapping into their intellect and curiosity, uCodeGirl helps young women chart a pathway to the T of STEM careers.