iStock-1279862993.jpg

Cyber Security

Suspicious Cyber Activity and Online Threats

The “war on terror”is constantly evolving. In recent years, terrorists have turned to unconventional weapons, such as cyberterrorism. And as a new, more computer-savvy generation of terrorists comes of age, the danger seems set to increase.

 

Cyber terrorism can refer to a number of different behaviors that involve abnormal access patterns, database activities, file changes, and other out-of-the-ordinary actions that can indicate an attack or data breach. Being able to recognize these activities is important as it can help pinpoint the source and nature of the breach, allowing you to act quickly to correct the security threat and minimize damage.

 

Together, we can mitigate cyber security threats by terrorists and violent extremists. This includes countering the threat of cyber-attacks carried out by terrorist actors against critical infrastructure, as well as developing the use of social media to collect digital information to counter online terrorism and violent extremism.

The potential threat posed by cyberterrorism has provoked considerable alarm. Numerous security experts, politicians, and others have publicized the danger of cyberterrorists hacking into government and private computer systems and crippling the military, financial, and service sectors of advanced economies. Cyberterrorism is, to be sure, an attractive option for modern terrorists, who value its anonymity, its potential to inflict massive damage, its psychological impact, and its media appeal.

Here are some of the most common examples of suspicious activity:

Image by Bernard Hermant
Testing or Probing of Security
shield.png

Abnormal database activity can be caused by either internal or external attacks, and the crucial signs to watch for include changes in your users, changes in permissions, and unusual data content growth.

iStock-1165067637.jpg
Cyberattack
computer.png

Disrupting or compromising an organization’s information technology systems

Image by Proxyclick Visitor Management System
Database activity
click.png

Abnormal database activity can be caused by either internal or external attacks, and the crucial signs to watch for include changes in your users, changes in permissions, and unusual data content growth.

Image by Carlos Muza
Account abuse
people.png

The abuse of privileged accounts is one of the most common signs of an insider attack, and symptoms to watch for are modified audit trails, sharing of account access, and the accessing of sensitive information without need.

Vertical File Cabinet
File changes
write.png

Configuration changes to files—including replacement, modifications, file additions, and deletion—is a classic sign of a data breach, because it indicates somebody has infiltrated your network and is trying to prevent being discovered.