Schlagwort-Archive: Cyber Attacks

Cybersecurity is one of the fastest-growing segments of the technology industry

Source: https://www.fool.com/investing/the-10-biggest-cybersecurity-stocks.aspx

The 10 Biggest Cybersecurity Stocks

When looking to invest in this high-growth tech industry, start with the biggest names on the cybersecurity block.

Cybersecurity is one of the fastest-growing segments of the technology industry. As more people around the globe connect to the internet and hundreds of millions of devices get connected to a network every year, the need to keep all of that data secure is on the rise.

In fact, according to research firm Global Market Insights, cybersecurity is expected to go from a $120 billion-a-year endeavor in 2017 to more than $300 billion in 2024, good for an average 12% annual growth rate. It’s no wonder, then, that so many businesses are getting in on the movement. Old tech titans like Microsoft (NASDAQ:MSFT), Cisco (NASDAQ:CSCO), and Oracle (NYSE:ORCL) all offer cybersecurity as part of their service suites. Other names are investing in the action, too. Old smartphone maker BlackBerry (NYSE:BB), for example, bought small cybersecurity outfit Cylance in early 2019 to further its transformation as a software company.

A silhouette of a person filled in with digital data, signifying artificial intelligence.

Image source: Getty Images.

As the world goes digital, managing new digital-first business operations and keeping information safe and secure will continue to evolve and grow in importance. For those wanting to invest in the cybersecurity industry, researching the biggest names in the business is a good place to get started (after brushing up on the basics here). Here are the 10 largest companies that make cybersecurity their primary concern based on market capitalization (the value of the company calculated by number of shares outstanding multiplied by price per share).

Company Market Capitalization as of July 2019 What the Company Does
1. Palo Alto Networks (NYSE:PANW) $21.3 billion A diversified provider of security solutions, with an increasing focus on cloud software
2. Splunk (NASDAQ:SPLK) $20.5 billion Big data analytics, including security orchestration and automated response
3. Check Point Software (NASDAQ:CHKP) $17.9 billion A diversified provider of security software and hardware
4. CrowdStrike (NASDAQ:CRWD) $17.5 billion Cloud-based endpoint security
5. Okta (NASDAQ:OKTA) $15.4 billion Cloud-based identity and privileged-access management software
6. Fortinet (NASDAQ:FTNT) $14.9 billion A diversified provider of security software and hardware
7. Symantec (NASDAQ:SYMC) $14.0 billion Largest security provider by revenue; owner of LifeLock and Norton Antivirus
8. Akamai Technologies (NASDAQ:AKAM) $13.6 billion Internet content delivery and security
9. Zscaler (NASDAQ:ZS) $10.4 billion Diversified provider of cloud-based security
10. F5 Networks (NASDAQ:FFIV) $8.7 billion Internet and application content delivery and security
Bonus: Proofpoint (NASDAQ:PFPT) $7.0 billion Employee communications and internet security

Data as of July 23, 2019. Data source: YCharts and company-specific investor relations.

Types of cybersecurity stocks

„Cybersecurity“ is the umbrella term, but there are different types of security firms tackling various problems in today’s connected age.

Broad-focus cybersecurity companies

For example, the larger outfits have been angling themselves to cover a wide range of needs, becoming one-stop security shops. Palo Alto Networks and Fortinet are two such companies, covering everything from firewalls (a network feature, sometimes a piece of hardware but more often software, that decides what data to let in and out) to artificial intelligence-based software that automates tasks and monitors an organization’s digital activity.

Endpoint security providers

These companies focus on securing remote devices connected to a network. The number of devices hooked up to the internet has been growing by the hundreds of millions every year, and that trend is expected to continue. Businesses are leading the charge, and everything from employee smartphones and tablets to assets in transit to connected machinery is in need of safekeeping. Endpoint protection software handles that specific need. Startup CrowdStrike, among others, is a specialist in this space.

Specialized security services

These niche companies include Okta, which provides privileged-access management — basically, only allowing users access to the sensitive data that they’re supposed to see. Then there’s security for the cloud, or computing and software that is offered remotely by way of a data center. Zscaler concerns itself with keeping cloud connections and data safe for businesses and organizations.

Regardless of the security need, digital-based operations and communications are on the rise across the board, which means all of the top cybersecurity companies are experiencing growth of some sort. That creates an opportunity for investors to cash in on the movement. Here is a breakdown of each of the top cybersecurity companies and how their stocks are valued.

The top 10 biggest cybersecurity stocks

1. Palo Alto Networks: The largest cybersecurity stock

Sitting atop the cybersecurity pure-play list is Palo Alto Networks. The company has built itself into the leader in the security space, offering a broad range of services for its customers from firewalls to automated threat response to cloud security. The largest player in the cybersecurity niche by market cap, Palo Alto has managed to outpace the industry’s average growth rate in spite of its size.

Part of the story behind Palo Alto’s growth is the company’s acquisition spree of smaller competitors. In May 2019, the company announced its intent to purchase two cloud-based cybersecurity outfits, one for $410 million and the other for a smaller undisclosed sum. Both were added to a new cloud security service segment called Prisma, aimed at continuously updating Palo Alto’s offerings as needs of customers evolve over time. CEO Nikesh Arora, a former executive at Alphabet’s (NASDAQ:GOOGL) (NASDAQ:GOOG) Google, has indicated that strategic acquisitions will continue to play an integral part in his company’s strategy to remain relevant.

The sums of money paid for acquisitions have been substantial (at least $1 billion spent since 2018), and they’re among the reasons Palo Alto is not yet a profitable business. However, when backing out one-time nonrecurring expenses and noncash items, the company still manages to post positive free cash flow (money left over after basic operating expenses and capital expenditures). In short, that means the company can afford its aggressive buying spree.

The free cash flow generation is important, because it gives the leader in pure-play network security the wiggle room it needs to invest heavily in cloud computing, AI, and other technology as customer needs change over time. Global cloud spending is expected to grow an average of about 16% a year through 2022, according to technology research group Gartner. Sitting at the intersection of two double-digit growth industries, that long-term trend should give Palo Alto Networks an enduring outlet to sustain double-digit sales growth and help it maintain its pole position within the world of cybersecurity.

2. Splunk: Big data and securing business operations

Splunk started out as a big data monitoring company. Its software suite allows organizations to analyze and make sense of information being generated from their digital systems, from websites to connected equipment to payment processing networks, among other things. If it’s an electronic system, it creates data; and if it creates data, Splunk can help monitor it and give customers the ability to make sense of trends and other behavior of digital systems. Incidentally, one of the primary use cases for the data parsing and analytics platform is cybersecurity.

To increase its capabilities in that department, Splunk has also embarked on an aggressive acquisition spree. As a result, the big data company is now a leader in the fast-growing security orchestration, automation, and response (SOAR) segment of the cybersecurity industry. SOAR utilizes artificial intelligence (a software system that mimics how the human brain works and learns and adapts to changing circumstances) to sift through information in real time, detect potential threats, and take action to keep things on lockdown. With data breaches a constant threat, the ability to automate aspects of the workload holds appeal for large organizations.

Despite its size, Splunk has still been growing quickly. The downside is that Splunk is spending lots of cash to foster further expansion, which keeps the company in the red. Specifically, research and development of new software capabilities and sales and marketing to acquire new customers are the biggest line items affecting the bottom line. However, much like Palo Alto Networks, Splunk is free cash flow positive; profits will be a bigger consideration later on as the company matures.

That’s because Splunk’s primary industry, big data analytics, should grow an average of 13% a year and surpass $274 billion in size by 2023 — according to researcher IDC. Along the way, Splunk will also benefit from the booming and fast-changing cybersecurity industry, making it one of the best plays on the trend. The company’s expertise in monitoring and making sense of large and complex sets of data particularly lends itself to keeping business information locked up, and its recent takeovers of smaller peers have helped bolster its position in network security. Splunk’s prospects and chances at continued industry leadership look especially good.

3. Check Point Software: Adjusting to a new technology

Check Point Software, as its name implies, offers software security along with hardware to keep business networks secure. Much like Palo Alto Networks, the company has a diversified mix of solutions covering on-premeses computer networks, cloud, and endpoint protection.

Though it’s one of the largest and oldest cybersecurity companies around (founded in 1993), Check Point has not been growing at the breakneck speed of some of its peers. Low-single-digit sales growth has been the norm for some time. The reason? New technologies like the cloud have made some of Check Point’s legacy services like hardware-based security less compelling. The company is trailing some of its competitors, so spending to update the business model for today’s security needs has been a top priority. It isn’t paying off yet, and Check Point’s sluggish pace could mean its younger peers will bypass it in the years ahead.

There is one thing that makes Check Point different from other companies on this list, though. As an older, well-established company, it does turn a profit. Thus, traditional valuation metrics (without the need to make adjustments for things like stock-based compensation, shares a company pays to employees as an extra perk) work for the stock. However, heavy spending to transform the business into a more relevant one for the times has the bottom line stuck in a rut. Until that changes, there’s little compelling reason to consider the stock.

Check Point has been working hard to update its offerings for more modern needs, but the sheer number of newer start-ups could mean this established cybersecurity business will continue to get disrupted. That’s not an enviable situation to be in, especially when the industry overall is growing by double digits.

4. CrowdStrike: The newest stock on the top-10 list

Endpoint security company CrowdStrike more than doubled in value after it had its IPO (sold shares to raise money, making it available to the general investing public for the first time) in June 2019. That easily puts the firm among the largest in the cybersecurity business by market cap.

The stock has years‘ worth of double-digit sales growth baked into it, but momentum could be on CrowdStrike’s side. Revenues more than doubled in 2018. The number of connected devices around the globe is increasing every year — by the hundreds of millions — which plays right into the hands of this security company and its endpoint-protection software suite. Since many of those devices are not tethered to an office or other physical location, CrowdStrike’s cloud computing-native system lends itself to this type of security particularly well.

Because it is cloud based, CrowdStrike also boasts the ability to make near-instant system updates when a threat is detected, and its software can learn and adapt from uploaded customer data. Paired with millions of new connections getting added to an internet-connected network every year, it adds up to lots of new customer sign-ups and expanding relationships with existing ones. Dollar-based net expansion (which measures how much money existing clients spend each year) has been over 100% for years, indicating customers spend more with CrowdStrike as time passes. It’s a powerful business model, one that CrowdStrike plans on putting to use in other security disciplines as it begins to expand beyond endpoint security. With the cloud and the number of endpoints increasing dramatically, it’s no wonder this stock is off to a hot start and looks like it has years‘ worth of growth left ahead of it.

5. Okta: Keeping data on a need-to-know basis

Another upstart security company, Okta has only been around since 2009, but the identity-protection specialist has been growing like a weed. The company ensures that employees and others with privileged access within an organization get connected to the apps and data they need — and keeps everyone else out. The number of digital systems and software being utilized by organizations continues to rise, increasing the complexity and difficulty in keeping systems secure from intruders. Thus, the need for Okta’s identity services has been booming.

In just a few years‘ time, Okta has become one of the largest cybersecurity pure plays around, with sales consistently growing north of 50% in the past. Management expects that trajectory will moderate to somewhere in the mid-30% range for the foreseeable future — still nothing to balk at. And that rate of expansion could be sustainable, too. According to the Global Market Insights cybersecurity report, identity, authentication, and access management services are expected to be an especially fast-growing subset of cybersecurity, with the potential for services to increase an average of 17% a year through 2024. At the forefront of the movement, Okta is primed to gobble up market share as identity and access management increases in importance.

Here’s the downside: Okta is not a profitable business as of this writing. The company is funneling cash into marketing and research to maximize its sales growth now. Profits will be a concern later. The good news, though, is that gross profit margin (the amount of money the company keeps after producing a service and then selling it but before paying other operating expenses) is on the rise as the company grows.

That bodes well for the future of this cybersecurity leader. Identity security/privileged data access rights is expected to be a high-growth segment of network security for the next few years, and Okta is a leader in the space.

6. Fortinet: Successfully bridging legacy security with the new

Another diversified provider of firewalls, cloud and endpoint security, and identity management, Fortinet took a hit amid worries that the trade war between the U.S. and China would dampen growth in the company’s important international markets — Asia and Europe specifically. Newer security upstarts have also disrupted some of Fortinet’s legacy offerings like hardware-based network security for on-premises protection. Economic and industry headwinds or not, though, this cybersecurity outfit is doing just fine.

Revenues and adjusted earnings were up 20% and 77%, respectively, in 2018. Fortinet has been adding dozens of new deals worth more than $1 million every quarter, winning customers over with its new and improved software suite aimed at keeping all parts of an organization safe. Although less aggressive in its acquisition strategy than Palo Alto Networks or Splunk, Fortinet continues to invest heavily in updating its offerings to keep its customers secure. The cloud has been an area of focus, as well as increasing the number of subscription-based software deals. The investments in new technology have been paying off and yielding results for shareholders, even as other legacy cybersecurity companies have been failing to make the cut.

As a result of its less aggressive nature, Fortinet also runs a profitable business where some of its competitors don’t — and the bottom line has been rising faster than sales as the company’s investments have started to yield results. Ample cash means this security business can continue to invest in its new high-octane segments like cloud, endpoint, and identity security, which bodes well for it being able to maintain its two-figure top-line growth rate for some time even as legacy lines of business fade. With a well-established presence in the industry and a successful business update strategy well underway and paying off, Fortinet is one of the best cybersecurity stocks around.

7. Symantec: The biggest cybersecurity company by revenue

Symantec is the world leader in cybersecurity services when using sales figures as the metric. With nearly $5 billion in revenue in the last year, it is nearly double the size of its younger peers like Palo Alto Networks. Yet despite Symantec’s leadership, its market cap lags. One of the oldest network security players around and owner of recognizable software names like LifeLock and Norton Antivirus, Symantec has had to deal with disruption and shifting technology that have left growth near nonexistent and profitability underwhelming.

Though Symantec has been updating its operations — it recently announced a new comprehensive cloud-based security suite covering everything from email to application login protection — results have been sluggish. Fiscal 2019 sales fell 2%. The company’s legacy operations are holding it back, and bloated operating expenses have meant paltry bottom-line earnings. Not exactly what investors should be looking for from the leader of a high-flying industry.

There could be hope of a rebound, though, as Symantec continues to work through its transition. Chipmaker Broadcom (NASDAQ:AVGO) thought there was value in Symantec and was reportedly interested in acquiring the old security company to add it to its growing software division. However, negotiations fell through, and Symantec will have to go it alone for now. Until the company can demonstrate a strategy that can gain some traction in the growing world of cybersecurity, Symantec will continue to struggle in the wake of younger and more nimble peers that started investing earlier in the shifting landscape.

8. Akamai: Guarding the security of the internet itself

The next security outfit on the list handles a different piece of the industry than any of the others covered thus far. Akamai (NASDAQ:AKAM) helps deliver and secure web content as it travels from its source to the end user, from live and streaming video to traditional web page text and pictures. The internet’s continual expansion has been a boon for Akamai, which has launched new services to cover new web applications (like video streaming) and new mobile device types to keep the internet connection to them secure.

Akamai’s traditional web business is a low- to mid-single-digit growth story, but its newer cloud security services have been growing well into the double digits. New services are still a small fraction of the whole, but they are a high-margin endeavor. Akamai’s bottom line has been getting a big double-digit boost as Akamai’s investment and spending on new web delivery applications subside and past spending starts to yield results.

Akamai has grown into one of the internet’s primary content delivery platforms, responsible for handling as much as a third of global web traffic. As such, this company will be slower moving than other security businesses, but Akamai still has growth prospects ahead of it. Internet infrastructure company Cisco expects web traffic — led by video content — to grow an average of 26% a year through 2022. That means Akamai’s newer business should continue to move the needle for some time; plus the overall operation is solidly in profitable territory. In short, the leading internet content delivery and security company should be a slow-and-steady play for the foreseeable future.

9. Zscaler: Another investment in the cloud

Back to small but up-and-coming cybersecurity. Zscaler has its sights set on securing cloud computing and thus built itself from the ground up as a cloud-only software suite. The world is going mobile, and so are business operations. With fewer centralized locations and more remotely connected devices popping up, Zscaler helps keep newer business networks safe for its customers and their employees.

With a business model similar to those of CrowdStrike and Okta, Zscaler plays in a new multibillion-dollar industry that will only continue to grow larger, and the company has been frank in saying it is all about maximizing growth right now. And no wonder, as Gartner says in its cloud research that annual spending will nearly double from 2018 to 2022 to more than $330 billion a year. Sales at Zscaler have been growing north of 60% year over year for some time, but what’s a few hundred million in annual sales when the whole market is worth hundreds of billions? The downside is that in spite of massive growth and a rosy outlook for the good times to continue, operating losses are still substantial. With Zscaler all about nurturing sales as fast as possible, the red ink is unlikely to disappear anytime soon.

Much like its start-up peers, though, Zscaler takes those losses by design as it keeps its foot on the gas. Gross profit margin was an enviable 81% at last report, one of the best in the industry. With profit potential like that in a fast-expanding cloud computing sandbox, it makes sense Zscaler is all about growth now and profit later. With the world going mobile, this security stock looks like an especially promising one in the years ahead as it takes advantage of its early cloud-based security lead.

10. F5 Networks: Lagging behind the cybersecurity growth average

F5 Networks provides hardware and software solutions that help companies keep their applications and app delivery secure. Similar to Akamai, the company’s legacy business isn’t exactly lighting the world on fire. However, newer services, particularly those aimed at cloud computing-based apps, are on a tear. To that end, F5 recently acquired app optimization and security peer NGINX for $670 million.

It’s a sizable sum but likely a prudent move for F5. The company has been reporting low-single-digit revenue growth the last few years — nearly all of which has been driven by big expansion in its software service segment. While the top line has been sluggish, the upside is that new software and security offerings are a much more profitable concern. As a result, earnings are up nearly 40% over the last trailing three-year stretch.

During its transition phase to more modern app security and delivery, F5’s stock has taken a beating. There’s worry that the transition will continue to be a bumpy one, thus making this stock among the cheapest in the cybersecurity industry. However, though the low valuation reflects the fact that F5 has fallen behind the curve in the digital age, F5 is an inexpensive play on digital security and delivery. With internet traffic and content delivery still a slow-and-steady endeavor, F5 can continue to thrive — albeit at a much slower rate than elsewhere in cybersecurity.

Bonus. Proofpoint: An up-and-coming communications security specialist

One of the smaller outfits in the security space, Proofpoint is worth a mention as a bonus number 11 on the top-10 list. The company specifically helps organizations keep their employees safe. Email attacks are a key pain point for many businesses, and securing communications in that department — as well as on social media, cloud applications, and mobile devices — is a specialty at Proofpoint.

Though a niche offering within the greater cybersecurity industry, Proofpoint is expanding fast. After the company grew 38% in 2018, management forecasted full-year 2019 revenue to be up at least another 22%. However, as with its high-powered sales-oriented peers, the company does run up big losses. As with many other cybersecurity plays we’ve been discussing, though, that’s due to Proofpoint reinvesting in itself to foster more growth.

Nevertheless, when we adjust the bottom line for one-time items and other noncash expenses, Proofpoint is free cash flow positive, a metric that has been steadily on the rise. That should help Proofpoint keep up its double-digit growth trajectory as employee access points via remote computers, smartphones, and other devices continue to boom in the States and especially overseas. It’s a much smaller business than the top 10 companies are, but this cybersecurity concern still offers a compelling growth story worth keeping an eye on as it keeps communications safe and secure.

Proofpoint will also likely see long-term benefit from the explosion in devices hooked up to a network in the years ahead. The workforce’s increasing mobility means keeping employee communications on lockdown will be an increasingly complex problem, one that this small security company can help solve.

An illustrated shield displayed on top of a wall of digital data.

Image source: Getty Images.

Choosing the right cybersecurity stock to invest in

Taking a high-level look at the biggest companies in the cybersecurity market is only the start to choosing an investment. Some of the stocks are buys, others not so much. As the industry is still in high-growth mode and adapting fast to technological developments, investors would be best off picking the companies posting the fastest revenue expansion rates and those that carry the highest gross profit margins. Click here for a discussion on the top cybersecurity stocks and an introduction on how to pick the best companies in the industry.

Before investing, though, it’s important to remember a few things. Though cybersecurity is one of the fastest-expanding industries around, with high growth expectations comes a high level of volatility. Stock prices can run higher very quickly — and reverse course just as fast. Only investors who have a long-term perspective (no less than a few years) and the ability to purchase a position over time (buying a few shares at a time on a set schedule, like monthly, quarterly, or whenever the stock dips in price by at least double digits) should consider buying.

For those with the time to wait, though, investing in cybersecurity should be a profitable endeavor. In a decade’s time, this top-10 list will no doubt look very different, but a few of these names will still be around and will likely be much larger than they are today.

 

Important cybersecurity terms even your non-tech employees need to know

Cyberattacks continue to grow in scale, ferocity, and audacity. No one is safe. Large corporations are a target because hackers see the potential payoff as huge. Small companies are vulnerable too because they don’t have the financial muscle needed to invest in sophisticated security systems. Now more than ever, businesses must do whatever it takes to keep their data and tech infrastructure safe. If non-techie employees understand key cybersecurity terms, they’ll have a much better chance of making the right security decisions. There are thousands of cybersecurity terms but no one (techie or otherwise) is under obligation to know all of them. Some terms are, however, more important than others and these are the ones all staff must be aware of.

Note that knowing these cybersecurity terms is more than just mastering the definitions. Rather, it’s being able to understand the patterns and behavior that define them.

Shutterstock

1. Adware

Adware is a set of programs installed without explicit user authorization that seek to inundate the user with ads. The primary aim of adware is to redirect search requests and URL clicks to advertising websites and data collection portals.

While adware mainly aims to advertise a product and monitor user browsing activity, it also slows down browsing speed, page-load speed, device performance, eats into metered data, and may even download malicious applications in the background.

2. Botnet

Shutterstock

Botnets are simply a collection of several (and they can number in the millions) Internet-enabled devices such as computers, smartphones, servers, routers, and IoT devices that are under a central command and control.

Botnets are infectious and can be propagated across multiple devices. Botnet is a portmanteau of “robot” and “network.” Some of the largest and most dramatic cyberattacks in recent times have involved botnets, including the destructive Mirai malware that infected IoT devices.

3. Cyber-espionage

When you hear the term espionage, what first comes to mind is the world in a bygone era. But espionage is as alive today as it was a century ago. The difference is that thanks to the proliferation of information technology and the ubiquity of the Internet, espionage can now be executed electronically and remotely.

Cyber-espionage is the gathering of confidential information online via illegal and unauthorized means. As you’d expect, the primary target of cyber-espionage is governments as well as large corporations. China has been in the news in this regard though other world powers such as the United States and Russia have been accused of doing the same at some point.

cybersecurity terms

4. Defense-in-depth

Defense-in-depth is a cybersecurity strategy that involves creating multiple layers of protection in order to protect the organization and its assets from attack. It’s born out of a realization that even with the best and most sophisticated technical controls, no security is ever 100 percent impenetrable.

With defense-in-depth, if one security control fails to prevent unauthorized access, the intruder will run into a new barrier. It’s unlikely that many hackers will have the knowledge and skills to surmount these multiple barriers.

5. End-to-end encryption

End-to-end encryption is a means of securing and protecting data that prevents unauthorized third parties from accessing it during rest or transmission. For instance, when you shop online and pay with your credit card, your computer or smartphone has to relay the credit card number you provide to the merchant for authentication and payment processing.

If your card details fall into the wrong hands, someone could use it to make purchases without your permission. By encrypting the data during transmission, you make it harder for third parties to access your confidential information.

6. Firewalls

A firewall is a defense mechanism that is meant to keep the bad guys from penetrating your network. It’s a virtual wall that protects servers and workstations from internal and external attack. It keeps tabs on access requests, user activity, and network traffic patterns in order to determine who can and cannot be allowed to interact with the network.

7. Hashing

Hashing is an algorithm for encrypting passwords from plain text into random strings of characters. It’s a form of security method that transforms fixed-length character strings into a shorter value that represents it. That way, if an intruder somehow got through to the password file or table, whatever they see will be text that is useless to them.

8. Identity theft

Identity theft is sometimes referred to as identity fraud. It’s the No. 1 reason why hackers seek to access confidential information and customer data especially from an organization. An identity thief hopes impersonate an individual by presenting the individual’s confidential records or authentication information as their own.

For example, an identity thief could steal credit card numbers, addresses, and email addresses then use that to fraudulently transact online, file for Social Security benefits, or submit an insurance claim.

9. Intrusion detection system (IDS)

It’s relatively uncommon for a cyberattack to be completely unprecedented or unknown in its form, pattern, and logic. From viruses to brute force attack, there are certain indicators that point to unusual activity. In addition, once your network is up and running, all network traffic and server activity will follow a relatively predictable pattern.

An IDS seeks to keep tabs on network traffic by quickly detecting malicious, suspicious, or anomalous activity before too much damage is done. The IDS blocks malicious traffic and sends an alert to the network administrator.

10. IP spoofing

IP address forgery or spoofing is an address-hijacking mechanism in which a third party pretends to be a trusted IP address in order to mimic a legitimate user’s identity, hijack an Internet browser, or otherwise gain access to a restricted network. It isn’t illegal for one to spoof an IP address. Some people do so in order to conceal their online activity and maintain anonymity (using tools such as Tor).

But IP spoofing is more often associated with illegal or malicious activity. So organizations should exercise caution and take appropriate precautions whenever they detect that a third party wants to connect to their network using a spoofed address.

11. Keylogger

Keylogger is short for keystroke logger. It’s a program that maintains a record of the keystrokes on your keyboard. The keylogger saves the log in a file, then encrypts and distributes it. While a keylogging algorithm can be used for good (some text-to-voice apps for example use keylogging mechanism to capture and translate user activity) keyloggers are often a form of malware.

A keylogger in the hands of nefarious persons is a destructive tool and is perhaps the most powerful weapon of infiltration a hacker can have. Remember, the keylogger will capture all key information such as user names, passwords, PINs, pattern locks, and financial information. With this data, the hacker can easily access your systems without breaking a sweat.

12. Malware

Malware is one of the cybersecurity terms you will hear the most often. It’s a catch-all word that describes all malicious programs including viruses, Trojans, spyware, adware, ransomware, and keyloggers. It’s any program that takes over some or all of the computing functions of a target computer for ill intent. Some malware is just little more than a nuisance but in many cases, malware is part of a wider hacking and data extraction scheme

13. Password sniffing

cybersecurity terms

Password sniffing is the process of intercepting and reading through the transmission of a data packet that includes one or more passwords. Given the volume of network traffic relayed per second, password sniffing is most effectively done by an application referred to as a password sniffer. The sniffer captures and stores the password string for malicious and illegal purposes.

14. Pharming

Pharming is the malicious redirection of a user to a fraudulent site that has colors, design, and features that look very similar to the original legitimate website. A user will unsuspectingly key in their data into the fake website’s input forms only to realize days, weeks, or months later that the site they gave their information to was harvesting their data to commit fraud.

15. Phishing

Phishing is a form of social engineering and the most common type of cyberattack. Every day, more than 100 billion phishing emails are sent out globally. Phishing emails purport to originate from a credible recognizable sender such as e-Bay or Amazon or financial institutions. The email will trick the recipient into sharing their username and password on what they believe is a legitimate website but is in reality a website maintained by cyberattackers.

Knowing these cybersecurity terms is a first step in preventing cyberattacks

While technical controls are crucial, employees are the weakest link in your security architecture. Nothing makes employees better prepared for a cyberattack than security training and awareness. For most organizations, the IT department represents only a fraction of the entire workforce.

Tech staff can therefore not be everywhere to explain cybersecurity terms and help each employee make security-conscious decisions. Therefore, making sure your non-techie staff is familiar with these cybersecurity terms is fundamental.

http://techgenix.com/15-cybersecurity-terms/

Cyber Attacks get worse in 2017

cyber-attack

Image Credit: SWEviL/Shutterstock

It was speculated 2016 would see even more cybersecurity activity than 2015, and it did not disappoint. Consider the $81 million stolen from Bangladesh Bank, the 500 million accounts swiped from Yahoo, or the 19,000 emails leaked from Democratic Party officials in the run-up to the election. Not to mention the IoT-powered botnets launching record-breaking DDoS attacks that have brought down major parts of the Internet.

But, in reality, this year’s cyber-attack headlines offer just a glimpse of a cyber war between hackers and security personnel that is being waged on a grand scale every day. More than anything, they are harbingers of worse to come.

Here are some of the escalated challenges we will face in 2017.

1. Attackers won’t just steal data — they will change it

Today’s savvy attackers are moving away from pure data theft and website hacking to attacks that have a subtler target: data integrity. They will use their ability to hack information systems not just to make a quick buck but also to cause long-term, reputational damage to individuals or groups through the erosion of trust in the data itself.

In the past six months alone, we’ve seen attacks like the DNC and Yahoo breaches, which focused on influencing political and economic public opinion, rather than simply gaining a profit. And the hackers aren’t done yet – the Russian group thought to be behind the election-related breaches is moving on to Germany’s elections next, according to a recent statement.

The scenario is particularly worrying for industries that rely heavily on public confidence. In fact, data from the analysis of SEC disclosures found 83 percent of publicly traded companies worry most about risk of brand damage via hacks. But it’s not just them. A laboratory that cannot vouch for the fidelity of medical test results, or a bank that has had account balances tampered with, are examples of organizations at particular risk. Governments, as pointed out above, may also suffer significant damage from such attacks, as critical data repositories are altered and public distrust in national institutions rises.

We’re also seeing this kind of manipulation at smaller scale. For example, we were deployed in a manufacturing firm that used biometric scanners to restrict access to their machinery and industrial plants. We noticed an unusual Telnet for a biometric scanner that was hooked to the corporate network. After further investigation, we found that legitimate data was being altered – quite possibly to add new fingerprints. This type of manipulation, had it not been detected early, would have have let attackers right in through the front door.

While some of the recent breaches and the result of this year’s U.S. presidential election may seem straight out of a movie, tomorrow’s cyber-attacks will make it harder than ever to parse fact from fiction.

2. Consumer devices will be held for (cyber) ransom

Ransomware, like Cryptolocker, has plagued companies around the world — experts reckon these attacks have increased fivefold in 2016 alone. They encrypt critical files at a speed that is virtually impossible to keep up with and leave companies facing hefty fees for their release.

Hospitals have suffered particularly at the hands of ransomware attacks. They are prime targets, as they have become digital jungles full of everything from life-saving medical equipment and critical patient records to patient devices and staff computers — all with cyber defenses that have failed to keep pace. The result is organizations that pay up. Hollywood Presbyterian Medical Center in Los Angeles paid the equivalent of $17,000 in Bitcoin to extortionists after its computers were taken offline for over a week.

In 2017 and beyond, we will start to see the beginning of a new type of extortion on a micro level, as consumers are targeted across a range of connected objects. Imagine getting home and turning on your smart TV only to find that cybercriminals are running a ransomware attack on your device. Would you pay $50 to unlock it? Or what if the new GPS system in your car got hacked when you were late for a meeting — how much would you pay to unlock it?

3. Artificial intelligence will be a weapon

Artificial intelligence is exciting for many reasons — self-driving cars, virtual assistants, better weather forecasting, the list goes on. But attackers will use AI to wield highly sophisticated and persistent attacks, attacks that blend into the noise of busy networks.

We have already seen the first glimpses of attacks going this direction in automated polymorphic and metamorphic malware. Polymorphic malware, which changes its attributes mid-attack to evade detection, has reinforced the obsoleteness of signature-based detection methods. It self-learns and understands its environment and network before choosing its next action. Automation has also been a major factor in the resurgence of ransomware. We can anticipate that artificial intelligence threats will be similar. Imagine a piece of artificially intelligent malware sitting silently on a network, observing its surroundings and learning how to disguise itself. If it understands how to completely blend in with the background noise of a network, could it ever be detected?

The next generation of AI-powered attacks to emerge will use customized code to emulate the behaviors of specific users to fool even skilled security personnel. This includes the ability to craft sophisticated and bespoke phishing campaigns that will successfully dupe even the most threat-conscious employee.

Earlier this year, we were deployed in a charity in California for a proof-of-value. One day, a receptionist received an email containing a fake invoice, supposedly coming from a stationary supplier known to the company. The receptionist opened the attachment, as she recognized the company, and typically handled many invoices per day. As soon as she clicked the attachment, her computer immediately connected to a server in Ukraine and downloaded a malware that rapidly began encrypting files. This will only get worse with “smart” malware driving attacks specifically tailored for their victims.

Next year’s attackers can see more than your social media profile. They’ll know that your 10 a.m. meeting with your supplier is being held at its new headquarters. At 9:15 a.m., an email with the subject line “Directions to our office” arrives in your inbox, apparently from the person you are meeting, as you get off the train. Do you click the map link in the email?

 

http://venturebeat.com/2016/12/11/heres-how-cyber-attacks-get-worse-in-2017/