This doth be a machine-wrought text which may contain errors!
Data security doth concern itself with the shielding of information and systems from unwelcome access, alteration, or ruin. To wit, ere we may know against what we must defend ourselves, ‘tis first needful we comprehend the threats.
What Doth Constitute a Threat?
A threat is aught that may harm information, systems, or accessibility. ‘Tmay be all manner of things, from a hacker to a servant who doth click upon a phishing link, to a power outage which doth bring down the servers.
Common Threats
De vanligste truslene mot datasystemer er fortsatt phishing, skadevare og angrep mot passord. Phishing forsøk øker stadig i sofistikasjon, og det blir vanskeligere å skille ekte e-poster fra falske. Skadevare, slik som virus og ransomware, kan forårsake stor skade på data og systemer. Svake passord er en enkel inngangsport for angripere.
For å beskytte seg mot disse truslene, er det viktig å være oppmerksom på mistenkelige e-poster og lenker, holde programvaren oppdatert, og bruke sterke og unike passord. Det er også lurt å ha en god sikkerhetskopi av dataene sine.
The most common threats to data systems remain phishing, malware, and attacks upon passwords. Phishing attempts do ever increase in sophistication, and ‘tis grown more difficult to discern true missives from false. Malware, such as viruses and ransomware, may cause great damage unto data and systems. Weak passwords are a simple gate for assailants to enter.
To protect oneself against these threats, ‘tis important to be mindful of suspicious emails and links, to keep software updated, and to employ strong and unique passwords. ‘Tis also wise to possess a good backup of one’s data.
Vile Software (Malware)
Vile software doth be software wrought to do harm. The most common kinds be:
| Kind | What it doth | Example |
|---|---|---|
| Virus | Spreadeth by attaching itself to other files | Attachment in email |
| Trojan | Doth pretend to be useful software | False installation file |
| Ransomware | Encrypteth thy files and demandeth ransom | WannaCry, LockBit |
| Spyware | Doth secretly monitor thy activity | Keyloggers |
Ransomware, perchance, is the most grievous threat to enterprises this day. Imagine, if thou wilt, that all files on all servers are suddenly encrypted and inaccessible.
Phishing
Phishing doth be attempts to beguile one into yielding sensitive particulars (passwords, personage details) by posing as one they are not. ‘Tis oft conveyed as an epistle, yet also by text message and missives within the social medias.
Markings thereof:
- Hasteth! “Thine account shall be closed within 24 hours!”
- Unknown sender, or sender resembling, yet not being correct (
support@micosoft.com) - Links which lead to an address other than that which the text doth proclaim
- Poor language or generic salutations (“Dear Customer”)
Service Denial Assaults (DDoS)
A DDoS assault (Distributed Denial of Service) doth overwhelm a service with so much traffic that it doth cease to function. Imagine, good sir, thousands of folk attempting to pass through a single door at once.
’Tis not an attempt to pilfer data, but to render the service inaccessible. ’Tmay be employed for extortion, sabotage, or as a diversion whilst another assault doth proceed.
Social Manipulation (social engineering)
Many of the most potent assaults do exploit men, not technology. Social manipulation doth concern itself with beguiling folk to perform deeds they ought not.
| Method | Explanation |
|---|---|
| Phishing | False missives which appear credible to the eye |
| Pretexting | To pose as another (e.g., “the IT department”) |
| Tailgating | To follow one through a locked door without a key of thine own |
| Baiting | To leave a USB stick with malware where one may discover it |
Threats to Democracy and Society
Digital threats concern not merely single enterprises, but may affect the whole commonwealth:
| Threat | How it doth affect the commonwealth |
|---|---|
| Misinformation | False tidings spread through the social media may sway elections and opinions |
| Deepfakes | AI-generated visions which make it hard to discern truth from falsehood |
| Cyber-attacks upon critical infrastructure | Assaults upon the power grid, hospitals, or waterworks may afflict the whole society |
| Privacy breaches | Leakage of personal data doth weaken trust in digital services |
| Surveillance | Disproportionate watching doth threaten personal liberty |
Norge er ikke immune
Norway hath been subjected to sundry grievous cyber assaults. The Parliament was hacked in the years of twenty and one and twenty. The commune of Østre Toten was smitten by ransomware in the year of one and twenty, which did lay low the communal services for weeks on end. Norsk Hydro was afflicted by ransomware in the year of nineteen, with costs exceeding eight hundred million crowns.
Foundational Defence
Thou requirest not advanced tools to shield thyself from the majority of threats:
| Measure | ‘Gainst What it Doth Guard |
|---|---|
| Keep Systems Updated | Known Vulnerabilities |
| Strong, Unique Passwords | Brute Force, Re-use of Leaked Passwords |
| MFA (Two-Factor Authentication) | Access, e’en should thy Password Leak |
| Backup | Ransomware, Disc Failure, Mishap |
| Firewall | Unwanted Network Traffic |
| Training | Phishing and Social Manipulation |
The most principal factor
Most triumphs of assault do commence with men, not with device. A server updated, with firewall strong, doth aid but little if one doth click upon a phishing link and yieldeth up their password. Awareness is the most potent security measure.
Task the First - Of a Notable Assault
Seek ye knowledge of the WannaCry assault of the year of our Lord 2017. ‘Twas a plague upon hospitals, businesses, and public services throughout the world.
- What manner of malicious software did it prove to be?
- By what means did it spread its contagion?
- What were the consequences thereof?
- What might have stayed its hand? (Hint: a simple updating of systems)
Task 2 - Discern Phishing
Mark well this Jigsaw Phishing Quiz from Google. ‘Tis an interactive assay wherein thou shalt determine which missives be true and which do feign.
How many dost thou answer aright?
Task the Third – Who Doth Threaten Norway?
Read the latest National Digital Risk Portrait from NSM (National Security Authority) at nsm.no.
- What perils doth NSM bring forth as most significant?
- Which sectors are most vulnerable?
- Doth aught surprise thee?
Summary
- Malware, phishing and DDoS be amongst the most common of threats.
- Social engineering doth exploit men, not technology.
- Digital threats may affect democracy and public trust through misinformation and assaults upon critical infrastructure.
- Updates, strong passwords, MFA and backup be the most important security measures.
- Training is the most effective measure against social engineering.