Blog/Expert Analysis/

What is cybersecurity?

Apr 24, 2020

what is cybersecurity

Cybersecurity refers to the protection of computer networks, servers, devices, and data from unauthorized access. It applies both for regular users and organizations with bulk infrastructures. Cyberattacks take many forms, such as malware, ransomware, phishing, adware, and others.

In this article, we’ll have a look at what is cybersecurity, how it has evolved and see what areas it covers today.

A brief history of cybersecurity

The term cybersecurity was coined in 1989, but the concept actually came into existence in the early 70s with the creation of the first computer virus, Creeper, and the first tool to catch it, Reaper. Creeper was not a malicious program and caused no damage — all it did was leave the message “I’m the Creeper, catch me if you can!” on your computer.

In 1986, the Russians became the first ones to use cyberattack as a weapon and employed a hacker to steal the US military secrets. He hacked 400 computers, but was caught before handing secret information to the soviets.

With the rise of the internet, criminals discovered new opportunities to get rich through stealing data. By the mid 90s, cyber attacks were so common that firewalls and antivirus software — dedicated cybersecurity tools — were developed in response. The first ever firewall was created by NASA researchers following a virus attack on their California branch.

Cybersecurity has grown to be increasingly sophisticated as the years went by — but so did viruses. This forced governments to tighten the laws and penalties for cybercrimes.

What is cybersecurity and what areas does it cover?

Network security

Every company keeps plenty of vulnerable information: consumer data, financial reports, employment records, legal documents, and so on. If leaked, this information could destroy the company's reputation and even lead to bankruptcy.

To prevent this from happening, networks have to be monitored, secured with a firewall, and protected with antimalware at all times. It’s also important to use a VPN to encrypt your connection to the company’s network when working from home.

Cloud security

Cloud security is the protection of data, applications, and infrastructure of cloud computing. It’s a dynamic environment where everything is highly connected — the data has to be secured both at rest and in transit. The ability to log in to your cloud storage from anywhere in the world brings additional risks.

Responsibility for the security of the cloud is shared between the storage provider and the user: cloud service providers must secure the storage itself, while users have to manage who gets to access it, control the data, and use secure configurations. The cloud analyzes traffic before redirecting it to the server, only then granting legitimate users access.

Cloud storage relies on trust and reputation — once data’s been uploaded to the service provider’s servers, it is very hard to check if the latter (or anyone else) had accessed it.

Application security

Android users can choose between 2.57 million apps on Google Play. Apple’s App Store offers 1.84 million apps to download. These apps are always asking for access to our location, camera, contacts, or gallery. Many of us agree without ever questioning their requests — and that’s a big mistake.

It might come as a surprise that some of the apps on Google Play and App Store are malicious. What you thought was a simple photo editor could in fact be malware intent on harming your phone and stealing credit card details. It’s important to check the reviews of every app before installing it and to review the permissions they are asking for carefully.

The apps authenticate users to authorize access, keeping logs to track actions in case of unauthorized entry. In cloud-based applications, sensitive information is also encrypted for an additional layer of security.

IoT security

The internet of things (IoT) connects devices and machines to the internet, including ATMs, vehicles, smart meters, traffic lights, retail systems, and CCTV cameras. Most of the information gathered by IoT devices and sent to the cloud is very sensitive, as it tracks our behavior.

Let’s say you have a system that records your movement in the house and lowers the temperature when you’re not around to reduce heating bills. This information would be very valuable to burglars looking for a chance to break in.

Since the IoT market is steadily growing, it’s no wonder that cyber attacks on IoT devices are also increasing — they jumped by 300% in 2019 alone.

Manufacturers now design IoT devices with VPN tunnel functionality, firewalls, and the latest security protocols. Many companies manage thousands of devices on cloud-based IoT platforms: they can extract information, change settings and passwords, monitor devices, and reboot the system. It’s no wonder, then, that two-factor authentication and fingerprint scanning are often used to identify users.

What is the scale of data breaches?

A recent report found that 2019 was the worst year for cybersecurity, with more than 7,000 data breaches and 15.1 billion records exposed. 93.5% of those leaked records were exposed in four major incidents, all of which happened because of poorly configured databases.

Companies lose millions of dollars every year to cyber attacks, although data breaches hit the information, finance, and healthcare sectors the hardest.

How to stay safe

Avoid using unsecured public Wi-FI networks

A public Wi-Fi is less secure than your personal one, because you never know who else is using it — hackers might steal your credentials and sensitive information if you’re not careful. Avoid using internet banking, online shopping, and other services where you need to share your financial details when connected to a public network.

Turn off the public Wi-Fi when not in use — the less time you spend connected, the better.

Always update your software and operating system

Tech companies release updates for a reason: they fix the bugs, add new functions, and increase security. It’s not a good idea to ignore update requests on your laptop or mobile, since you might be leaving gaps in your security that were already fixed by the developers months ago.

Use a strong password

123456, password, qwerty, 123123 — these are extremely weak passwords, yet millions of people use them anyway. If you want to stay safe online, your password must contain lower and upper case letters, special symbols, and numbers. The best way is to scramble a password, as a bunch of random text is much more secure than something like [email protected]. For even more security, enable two-factor authentication.

Do not click on suspicious email attachments or links

If you've ever received an email with a suspicious link or attachment, congratulations — you’ve faced phishing. It’s important to double-check the address of every email you get as hackers send malware from accounts that might look very similar to the original ones.

Be cautious about every email from your bank, internet service provider, local authorities, or any other institution you trust. If you don’t take precautions and click on a malicious link, you could wake up with an empty bank account one day.

Encrypt sensitive data before storing it or moving it to the cloud

While antimalware programs and cloud storage provider precautions are important, you can also protect your files from unauthorised access with NordLocker. It’s an easy-to-use app that encrypts your data and lets you securely share files with other users.

You can encrypt files before moving them to the cloud, or keep them on your hard disk — just drag and drop the items to your digital locker. The files will be encrypted automatically and no prying eyes will be able to access them.

Cybersecurity works best when everyone does their part — NordLocker can help you do yours.

John Sears

John Sears

Verified author

John believes that the best things in life are simple. He uses the same approach when he’s writing about online security. John says that his #1 pet peeve is phishing scams. Ironically, his favorite non-work related activity is fishing.