Cyberecurity Pros Wanted

Take a glance at the most discussed topics of the week.

Professionals in demand

TechRepublic on June 28, 2018

While protecting sensitive information and avoiding GDPR fines and risks described in the previous Cyber Insights in case of non-compliance, organizations are eager to employ cybersecurity professionals. Five most demanded cybersecurity roles were determined based on job postings and job searches in the US per million from March 2017 to March 2018:

1. IT security specialist
2. Information security analyst
3. Network security engineer
4. Security engineer
5. Application security engineer

The top five are not a great surprise taking into consideration the ongoing cyber threat in all industries and recent data breaches as well as increasing interest in network and application security.

What if hack your holiday

Conversation on June 28, 2018

Hackers are just around the corner and continuously threaten to evolving technology related to artificial intelligence, automation, biometrics and Internet of Things. All they need initially is the weakest link and they do not care which industry is in the way. Last year, the tourism market met an incredible 3.9 billion malicious login attempts against sites of airlines, cruise lines, hotels, online travel, automotive rental and transport organizations. It seems hackers strived for vacations. And their attacks are growing in frequency and strength.

More work is required to map cybercrime and understand the complex criminal networks that underpin it.

A-Z terms for cyber threat types

In the Black on July 1, 2018

“Your guide to cybersecurity threats and how to deal with them” provides common cybersecurity terms related to different types of cyber threat. If you want to launch Security Awareness in your educational organization, here are some frequently used A-Z terms and their definitions that help you understand everything from APT to zero-day exploits.

• Advanced Persistent Threat (APT) is a series of top-notch attacks that target a certain organization that has high-value data.
• Brute force attacks are a trial-and-error method of gaining credentials usually by using software to facilitate the process.
• Crime-as-a-service is a collective term that refers to ransomware, DDoS (distributed denial of service), hacking tools to perpetrate online and offline crimes.
• DDoS attacks are targeted attacks designed to take down a computer network or servers by flooding them with data sent simultaneously from many individual devices. In one 2016 case, a hacker purportedly configured his website to automatically make 911 calls, inundating emergency services in three US counties with fake calls.
• Hacktivism is the use of hacking techniques to promote a political agenda or a social change.
• IoT (Internet of Things) vulnerabilities are security issues in the connected devices and sensors of manufacturing plants, farms, mines and even whole cities.
• Keyloggers are tools that record every keystroke made on the systems on which they are installed.
• Potentially unwanted programs (PUPs) include programs that have been installed deviously such as spyware, adware, and browser toolbars and may not be as dangerous as malware but difficult to get rid of.
• Ransomware is among the most dangerous malware that encrypts all files, requiring to pay a ransom for the decryption key.
• Rootkit is malicious software designed to gain privileged access to a computer or operating system while hiding its presence.
• Whaling (or spear-phishing) is a type of targeted phishing designed to trick executives into providing confidential company information.
• Zero-day exploit is a vulnerability exploit that occurs in the period before the day on which a vendor learns of it and after cybercriminals discover and exploit the flaw, typically with malware.

These are just some of the cyber threats that can be prevented with the help of particular standard measures like updating, backupping, and educating oneself.

These summaries have shed light on what is discussed in the cybersecurity realm up to now providing useful information for those who are interested in technology. Worth highlighting is the point that securing information will remain a top priority, that is why cybersecurity professionals are in great demand today.