2 Understanding current threats
Now you know what information assets you have, you’ll look at how those assets can be compromised.
You will learn about some different kinds of threat, the vulnerabilities that they exploit and some countermeasures that can be put in place to guard against them. When we use those terms we mean:
- vulnerability – a point at which there is potential for a security breach
- threat – some danger that can exploit a vulnerability
- countermeasure – action you take to protect your information against threats and vulnerabilities.
Threats can take many different forms, including unauthorised access to data with the intent of committing fraud against individuals or businesses. At its most extreme, there is the potential for the systematic disruption of computer networks and services, putting cyber security threats on a par with those associated with terrorism. The UK government set up the National Cyber Security Centre to act as the UK government’s single authority on cyber security – improving our understanding of the threat, reducing the harm from cyber attacks and providing a unified source of advice and support.
In a 2018 report, the UK government’s National Cyber Security Centre highlighted that cyber security threats to UK businesses continue to grow, with particular emphasis on ransomware and distributed denial of service (DDoS) attacks.
New threats are being discovered all the time and they can affect any and every operating system, including Windows, Mac OS, Linux, Android and iOS. Additionally, there are growing threats due to potential vulnerabilities in the growing number of Internet of Things devices being connected to our networks. To protect ourselves it is important to keep ourselves up to date with the latest cyber security news.
Next, you will explore how vulnerable systems can be identified using the Shodan search engine.