Skip to content

Trending tags

Avoiding cyber threats can feel like an endless task. An attacker only needs one successful attempt to gain access to a network. Defenders must succeed one hundred percent of the time if they want to keep the attackers out. In practice, it’s just not possible to be perfect 100 % of the time. And often incidents start with unintentional human mistakes. What can companies do to detect and respond to cyber attacks at the earliest possible stage?

History of cyber crime

The world of cyber security has evolved quite a bit from the innocent beginning when kids were spreading viruses on floppies for fun and academics were sending each other worms. Attackers today are highly skilled. They are motivated by financial gain, access to sensitive information or damage to a brand. What started as a hobby has evolved into crime with severe consequences.

history of cyber threats, floppy, virus

A motivated attacker will find the keys to the kingdom

The traditional defenses, such as firewalls and endpoint protection, do a good job at what they’re meant to do – namely detecting and blocking commodity threats. But you can’t expect these solutions to stop advanced threats and targeted attacks. A modern attackers’ goal is to get access to the network and they need to find the keys to the kingdom – the passwords to critical systems. They will not stop until they reach their target.

advanced threats, targeted attacks, social engineering, phishing

Advanced attacks are not about the code – they are about the humans

Skilled attackers rarely, if ever, use malware. The attacker’s first goal is to identify potential targets for their mission. The attacker may collect information about the target company, set up a fake company, register domains and create fake profiles for social engineering purposes.

Once the attacker determines what defenses are in place, they choose their weapon. The selected vector is often impossible to prevent or detect. It can be a zero-day exploit, a spear-phishing campaign or bribing an employee.

Social engineering is effective because it exploits trust. Thus, the human factor is often the weakest link in cyber security. The best weapon to fight back the risk of human error is increasing security awareness.

Our Cyber Security Crash Course series helps you and your employees understand the current threats out there, why they are so difficult to spot and stop, and what you can do to detect and respond to modern cyber attacks. Linda Liukas** meets the brightest minds working in the field of cyber security to find simple answers to complex questions.

 

* 2017 Cost of Data Breach Study, Ponemon Institute LLC (sponsored by IBM Security)

** F-Secure Cyber Security Crash Course explains in simple terms what kind of threats are out there and how they can be spotted and stopped. Linda Liukas, a programmer, children’s book author and TED speaker, explores the wonders of cyber security with the best talent in the industry. She even agrees to let F-Secure’s experts hack her. Watch the six short videos to learn what you can do to detect and respond to advanced cyber attacks. Include the Cyber Security Crash Course videos in your security training programme to foster awareness within your organization.

Taija Merisalo

21.02.18 3 min. read

Leave a comment

Oops! There was an error posting your comment. Please try again.

Thanks for participating! Your comment will appear once it's approved.

Posting comment...

Your email address will not be published. Required fields are marked *

Related posts

Newsletter modal

Thank you for your interest towards F-Secure newsletter. You will shortly get an email to confirm the subscription.

Gated Content modal

Congratulations – You can now access the content by clicking the button below.