Joseph Steinberg - Cybersecurity For Dummies

A cryptominer, in the context of malware, refers to software that usurps some of an infected computer’s resources in order to use them to perform the complex mathematical calculations needed to create new units of cryptocurrency. The currency that is created is transferred to the criminal operating the cryptominer. Many modern day cryptominer malware variants utilize groups of infected machines working in concert to do the mining.

Because cryptominers create money for criminals without the need for any involvement by their human victims, cybercriminals, especially those who lack the sophistication to launch high-stakes targeted ransomware attacks, have increasingly gravitated to cryptominers as a quick way to monetize cyberattacks.

While the value of cryptocurrencies fluctuates wildly (at least as of the time of the writing of this chapter), some relatively unsophisticated cryptocurrency mining networks are believed to net their operators more than $30,000 per month.

While some potential attackers are intent on benefiting at your expense, others have no intentions of inflicting harm. However, these parties can innocently inflict dangers that can be even greater than those posed by hostile actors.

Perhaps the greatest cybersecurity danger of all — whether for an individual, business, or government entity — is the possibility of human error. Nearly all major breaches covered in the media over the past decade were made possible, at least in part, because of some element of human error. In fact, human error is often necessary for the hostile actors to succeed with their attacks — a phenomenon about which they’re well aware.

Why are humans so often the weak point in the cybersecurity chain — making the mistakes that enable massive breaches? The answer is quite simple.

Consider how much technology has advanced in recent years. Electronic devices that are ubiquitous today were the stuff of science-fiction books and movies just one or two generations ago. In many cases, technology has even surpassed predictions about the future — today’s phones are much more powerful and convenient than Maxwell Smart’s shoe-phone, and Dick Tracy’s watch would not even be perceived as advanced enough to be a modern day toy when compared with devices that today cost under $100.

Security technology has also advanced dramatically over time. Every year multiple new products are launched, and many new, improved versions of existing technologies appear on the market. The intrusion detection technology of today, for example, is so much better than that of even one decade ago that even classifying them into the same category of product offering is questionable.

On the flip side, however, consider the human brain. It took tens of thousands of years for human brains to evolve from that of earlier species — no fundamental improvement takes place during a human lifetime, or even within centuries of generations coming and going. As such, security technology advances far more rapidly than the human mind.

Furthermore, advances in technology often translate into humans needing to interact with, and understand how to properly utilize a growing number of increasingly complex devices, systems, and software. Given human limitations, the chances of people making significant mistakes keep going up over time.

The increasing demand for brainpower that advancing technology places on people is observable even at a most basic level. How many passwords did your grandparents need to know when they were your age? How many did your parents need? How many do you need? And, how easily could remote hackers crack passwords and exploit them for gain in the era of your grandparents? Your parents? Yourself?

Add to the mix that many people today work from home — often at the same time during which their children attend school remotely from the same location — and the possibility of human errors made either due to interruptions mid-task, or due to the inability to speak in-person with a colleague, grow dramatically.

The bottom line: You must internalize that human error poses a great risk to your cybersecurity — and act accordingly.

In the context of information security, social engineering refers to the psychological manipulation of human beings into performing actions that they otherwise would not perform and which are usually detrimental to their interests.

Examples of social engineering include

Calling someone on the telephone and tricking that person into believing that the caller is a member of the IT department and requesting that the person reset their email password

Sending phishing emails (see Chapter 2)

Sending CEO fraud emails (see Chapter 2)

While the criminals launching social engineering attacks may be malicious in intent, the actual parties that create the vulnerability or inflict the damage typically do so without any intent to harm the target. In the first example, the user who resets their password believes that they are doing so to help the IT department repair email problems, not that they are allowing hackers into the mail system. Likewise, someone who falls prey to a phishing or CEO fraud scam is obviously not seeking to help the hacker who is attacking them.

Other forms of human error that undermine cybersecurity include people accidentally deleting information, accidentally misconfiguring systems, inadvertently infecting a computer with malware, mistakenly disabling security technologies, and other innocent errors that enable criminals to commit all sorts of mischievous acts.

The bottom line is never to underestimate both the inevitability of, and power of, human mistakes — including your own. You will make mistakes, and so will I — everyone does. So on important matters, always double-check to make sure that everything is the way it should be. It is better to check many times when there was, in fact, no social engineering attack, than to fail to check the one time that there was such an attack.

As described in Chapter 2, cybersecurity includes maintaining your data’s confidentiality, integrity, and availability. One of the greatest risks to availability — which also creates secondhand risks to its confidentiality and integrity — is external disasters. These disasters fall into two categories: naturally occurring and man-made.

A large number of people live in areas prone to some degree to various forms of natural disasters. From hurricanes to tornados to floods to fires, nature can be brutal — and can corrupt, or even destroy, computers and the data that the machines house.

Continuity planning and disaster recovery are, therefore, taught as part of the certification process for cybersecurity professionals. The reality is that, statistically speaking, most people will encounter and experience at least one form of natural disaster at some point in their lives. As such, if you want to protect your systems and data, you must plan accordingly for such an eventuality. It is not surprising that organizations with proper continuity plans in place often fared far better than their unprepared counterparts when the COVID-19 pandemic hit and forced people to work from home.