1 Online, the new frontline
We shop online. We work online. We play online. We live online. More and more, our lives depend on online, digital services. Almost everything can be done online – from shopping and banking to socialising and card making – and all of this makes the internet, also known as cyberspace, an attractive target for criminals.
Large-scale cyber security breaches often make the headlines but about 70% of organisations are keeping their worst security incidents under wraps, so what makes the news is just a small proportion of the breaches that are actually taking place. Computers and their users in Britain are being targeted by many thousands of cyber attacks every hour.
We all have a responsibility to protect services from being maliciously disrupted or misused, through our vigilance, through our own security measures and through reporting events when they arise.
The knowledge, tools and best practices relating to protecting the computers, communications networks, programs and data that make our digital lives possible are collectively referred to as cyber security, or information security. For the purposes of this course, we use the two terms interchangeably.
Behind the numbers
Cyber security is definitely one of those areas where you need to evaluate the validity of any information you find online before accepting it. The UK government regularly publishes surveys of cyber security breaches. In 2019, 32% of businesses identified cyber security breaches or attacks in the previous 12 months. Medium (over 50 employees) and large businesses (over 250 employees) were particularly at risk with 60% reporting attacks. The report also notes that attacks may be under reported and the true cost and impact of cyber security breaches may be undervalued. It also notes that some businesses may not be aware that they have been attacked (Department for Digital, Culture, Media and Sport, 2019).
By far the largest number of attacks reported are fraudulent emails, or fraudulent websites. Phishing attacks have resulted in the most disruptive and expensive breaches in the past 12 months. Specialist security firms also publish regular reports on the current cyber security situation. TrendMicro reports blocking 26,804,076,261 threats in the first half of 2019 (TrendMicro, 2019). Again, the largest proportion contained in emails. Sophos also reports spam emails as the biggest source of attacks and warns that ransomware is increasing and can be the most destructive (Sophos, 2019).
Statista is a business that focuses on collecting and presenting statistics on a huge variety of subjects. Some of these reports are free of charge. For example, it reports that over 446.5 million records were exposed by data breaches in the United States in 2018 (Statista, 2018).
Let’s get started by learning some of the basic terminology used when discussing cyber security.