In an ever-more digital world, cyber threats become more common and dangerous. Any action, event, or set of circumstances that threaten to breach or damage a data storage system can be considered a cyber threat. This includes both intentional circumstances (such as cyber attacks committed by individual hackers, criminal organizations or hostile governments) as well as accidental circumstances (e.g. an unintentional computer malfunction, or physical damage caused by a natural disaster).
What Is A Cyber Attack
A cyber attack can be distinguished as either passive or active. Simple data theft is an example of a passive attack, as a hostile actor is attempting to acquire or make use of sensitive information without that theft being detected. An active attack, meanwhile, attempts to alter system resources or directly affect operations – such as a hacker changing the passwords in order to hold a database or operating system ransom.
It can also be difficult to identify the party responsible for a cyber attack, as these can be further distinguished as inside or outside attacks.
Inside Cyber Attacks
Most people are probably familiar with outside attacks, as these are unauthorized or illegitimate uses of a cyber system by a hostile actor who penetrated the system’s security protocols. As alluded to earlier, these antagonists can range from amateur Internet pranksters to international terrorists, or even agents of a hostile foreign government. However, just as dangerous and sometimes more difficult to detect are inside attacks initiated by a trusted entity who can bypass security protocols, rather than make the difficult effort to penetrate them.
A good example of an inside attack would be the 2014-15 data breach suffered by Anthem Blue Cross. 18,000 of its Medicare members saw their sensitive data, under the care and storage of Anthem Blue Cross, to be stolen or otherwise compromised. It was later found that the culprit for data theft was a rogue employee of Anthem.
An organization should endeavor to take the necessary steps to detect, classify and manage security incidents. The first logical step is to set up an incident response plan and eventually a computer emergency response team. Observe IT is a form of threat management software that can assist with data security detection and management, as they regularly and carefully monitor any data anomalies that might indicate the possibility of a potential threat before any hostile actors can take advantage of it.