“Cyber” – the word conjures up images of futuristic robots, a post apocalyptic world and machines displaying human characteristics. Clearly we’ve seen too many sci-fi movies.
However, cyber security isn’t in the future, it’s here now and the threat is very real.
Wikipedia defines cyber security as follows:
Computer security, also known as cybersecurity or IT security, is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. It includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures. https://en.wikipedia.org/wiki/Computer_security (2015/10/12)
It is clear that any theft from ICT equipment or data, as well as any disruption of service, can be added to this definition.
The following categories have been included in Wikipedia: Backdoors; Denial-of-service attack; Direct-access attacks; Eavesdropping; Spoofing; Tampering; Privilege escalation; Phishing; Clickjacking; Social engineering and trojans. (Over the next few months we will be discussing these categories in more detail.)
The reasons for attacks on companies are mostly for financial gain, but where Stellenbosch University is concerned, there are a few other reasons. For example financially, manipulation of marks or degrees, access to exam papers, access to and manipulation of research material, obtaining contact information (staff, students or donors), for ideological reasons, using our computing power and abusing our high speed internet access to launch attacks on other entities, etc.
The biggest weak spots in security include usernames and passwords; untrained or inadvertent users; unsafe work stations; obsolete equipment, faulty hard drives; “man-in-the-middle“attacks and cloud services.
The easiest way to gain access to our systems is by means of an existing username and password. Of course it’s of the utmost importance that users choose passwords that are difficult to hack and maintain good password practice.
Don’t use official SU usernames and passwords for any other service or social media. Rather create a separate gmail or live.com e-mail address and use it for official registrations and services.
User access needs to be audited on a regular basis and out-dated rights, need to be removed.
Untrained or inadvertent users are probably the single biggest risk. It’s easy to be “convinced” to click on a link or open an e-mail attachment. Someone who does not pay attention to what they do, are easy targets – even in cyber space.
Work stations under control of end users with administrator rights provide another risk, since they can install any programme. Users navigate to any web address and click links without thinking twice. Any of these links can compromise the workstation and subsequently also the whole campus infrastructure.
Even outdated equipment contains data. Therefore it is important that any data be removed before equipment leaves university property.
These are just a few examples of threats to cyber security and the challenges they present Information Technology. With the assistance of our users, we can at least prevent a few of these dangers.
As ons die woord cyber hoor, dink ons aan futuristiese robotte,`n post-apokaliptiese wêreld en super-slim rekenaars.
Kubersekuriteit is egter nie in die verre toekoms nie, dis reeds hier en die bedreiging is werklik.
Wikipedia omskryf kubersekuriteit as volg:
Computer security, also known as cybersecurity or IT security, is the protection of information systems from theft or damage to the hardware, the software, and to the information on them, as well as from disruption or misdirection of the services they provide. It includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures. https://en.wikipedia.org/wiki/Computer_security (2015/10/12)
Dit is dus duidelik dat enige diefstal van IKT toerusting of data, en ook enige ontwrigting van die diens by die definisie ingesluit word.
Die volgende kategorieë word volgens Wikipedia identifiseer: Backdoors; Denial-of-service attack; Direct-access attacks; Eavesdropping; Spoofing; Tampering; Privilege escalation; Phishing; Clickjacking; Social engineering and trojans. (Oor die volgende paar maande sal ons hierdie kategorieë in meer detail verduidelik.)
Die beweegrede vir aanvalle op firmas is dikwels van monetêre aard, maar in die geval van die Universiteit van Stellenbosch is speel ʼn paar ander motiverings ook ʼn rol, byvoorbeeld finansieel, punte/grade manipulasie, vooraf insig in vraestelle, toegang tot en manipulasie van navorsingsmateriaal en resultate, verkryging van kontakbesonderhede (personeel, studente, donateurs, ens), ideologiese redes, benutting van ons rekenaar verwerkingskrag, misbruik van ons hoë-spoed internettoegang om aanvalle op ander entiteite te loods, ens.
Die grootste swakplekke in sekuriteit sluit gebruikersname en wagwoorde; onopgeleide of onoplettende gebruikers; onveilige werkstasies; uitgediende apparatuur; foutiewe hardeskywe; “man-in-the-middle“-aanvalle en cloud-dienste, in.
Die eenvoudigste manier om toegang tot ons stelsels te kry is om dit deur middel van ʼn bestaande gebruikersnaam en wagwoord. Vanselfsprekend is dit dus belangrik dat gebruikers wagwoorde kies wat moeilik ontsluit kan word en goeie wagwoord praktyk toepas.
Moenie amptelike US gebruikersname en wagwoorde vir enige ander diens en sosiale media te gebruik nie. Skep liewer `n aparte gmail of live.com e-posadres en gebruik dit vir nie-amptelike registrasies en dienste.
Gebruikers se toegang moet gereeld geouditeer word en ou regte wat nie meer gebruik word nie, moet verwyder word.
Onopgeleide of onoplettende gebruikers is heel moontlik die grootse enkele risiko wat daar is. Dis baie maklik om “oortuig” te word om op `n skakel te klik of ʼn e-pos aanhangsel oop te maak. Iemand wat nie oplet na wat hul doen nie is ʼn maklike teiken vir enige aanvaller — ook in die kuberruimte.
Werkstasies onder die beheer van eindgebruikers met administrateursregte, bied `n volgende risiko, aangesien hulle enige program kan installeer. Gebruikers navigeer na enige webadres en klik op skakels sonder om daaroor te dink. Enigeen van die skakels kan die werkstasie en gevolglik die kampus-infrastruktuur en data blootstel.
Ook uitgediende apparatuur kan data bevat en gevolglik is dit noodsaaklik dat alle data eers verwyder word voordat apparatuur US-eiendom verlaat.
Hierdie is bloot `n paar voorbeelde van kubersekuriteit risikos en die uitdagings wat dit aan Informasietegnologie bied. Met gebruikers se hulp kan ons egter die gevare so ver moontlik afweer.