10 of the Most Dastardly Words in Cyber Security’s Wild West

“White hat” and “black hat” — which we use to distinguish ethical hackers from cyber criminals — come from old Western movies, where good guys would wear white hats and bad guys would wear black hats to make it easy on the audience.

But the similarities between cyber security and the cinematic Wild West don’t end there. On today’s networks, ruthless bandits fight battles with ethical codeslingers across a rapidly expanding frontier. The systems for upholding the law have to keep pace with criminal development in a fast-paced and often turbulent new world.

Also like those old Western epics, cyber security comes with its own colorful vernacular. So if you want to get in touch with the discipline, you’ll want to get familiar with these “fightin’ words” in the cyber security space:

  1. Ransomware: Hackers take over an employee’s workstation or freezes an individual’s important data, then demand a fee — the ransom! — for access. If it sounds familiar, it should — ransomware has been around for years. But it’s the hotness right now, with the Internet Crime Complaint Center receiving nearly 2,500 filings representing about $24 million in ransom paid in 2015.
  2. Identity theft: Forget purse snatchers — now, cyber fraudsters can get a lot more out of you by hacking your private information. Personal information that can be used to steal an account holder’s identity can fetch an even higher price than credit cards on the black market!
  3. Advanced persistent threat (APT): If only hackers were blindly throwing darts! Unfortunately, many of these crafty cyber outlaws orchestrate sophisticated, targeted attacks over time to work their way into networks. These APTs take much more than a vulnerability scan to shut down!
  4. Client-side attacks: Cybercriminals don’t need to go straight for the server to wreak havoc. An unsuspecting end user or client will do just fine! Hackers use a variety of tricks to fool users into trusting compromised sites or servers — a major concern for corporate security because they target employees, who are typically the weakest links in any security program.
  5. Card skimming: A visit to the ATM can turn into a nightmare in a second thanks to these hacking devices. Criminals install skimmers into ATMs to capture data from bank cards, and they have become increasingly sophisticated and difficult to detect. These typically are paired with hidden cameras to grab PIN information. And because the stolen account data translates to lost funds for financial institutions, customers aren’t the only ones who need to stay alert.
  6. Social engineering: Here come the internet con artists! Social engineering takes advantage of employees’ or consumers’ lack of cyber savvy. Picture a modern-day Paul Newman calling an employee or use a spear-phishing campaign to send a targeted email that appears legitimate and imitates a trustworthy sender. That’s how cyber criminals pull off cyber engineering, and they do it to obtain sensitive data.
  7. Dark web: In the dark web, sites aren’t even accessible by common browsers, making it a natural gathering place for today’s cyber criminals. This is the desert hideout of the internet, where hackers plan coordinated attacks, and fraudsters barter illicit goods, services and ill-gotten information. But it’s also a place that, if mined right, can actually help your cyber-intelligence efforts.
  8. Negative press: They say “any press is good press,” right? Yeah, well … when it comes to cyber security, they’re wrong. Ask Target how much it welcomed the press from its 2013 security breach across 40 million payment cards. Negative attention on the cyber security front can translate into far greater losses than the direct cost of an incident.
  9. Lawsuit/civil suit: Things can get a lot worse if the lawyers get involved! If an organization falls victim to a data breach, you naturally will have direct financial losses, recovery costs and reputation damage. But a lawsuit might be in the offing, too, if the incident response came up short or if breach prevention measures weren’t sufficient.
  10. Security apathy: Wild West townspeople are downright apathetic to every posse that runs through town — and naturally, that does nothing to stop them. Stay vigilant! Underestimating the threat of cyber crime could be your undoing if a security breach does enough damage. Follow the lead of SEC chair Mary Jo White, who recently stated that hackers are the biggest threat to the global financial system.

These terms strike fear into the hearts of many, but every organization needs to confront them head-on to create a functional security program. Gotham Security offers a number of services that can help bring order to the cyber frontier and empty these words of their ability to cause panic.

The Gotham Security vulnerability assessment, for instance, combs your entire network landscape to find weaknesses and offer guidance on closing them down. To outpace advanced persistent threats, our penetration testers use real-world, advanced hacking techniques to uncover potential exploits hiding deep within your networks. Meanwhile, our phishing assessments use the most up-to-date, deceptive methods (e.g. spear-phishing) to gauge your employees’ level of awareness and get them prepared to protect your data.

To learn more about how to deputize Gotham so we can run cyber criminals out of your town, give us a call at 917.734.4120, or email us at info@gotham-security.com.