Home | Steps to Compliance | Understanding CMMC

minutes remaining

In the past three years, the number of cyber incidents reported has grown from 109 to 142, with no indication of slowing down. One of the main targets for cybercrimes in the U.S. is the DoD contractors, due to the amount of sensitive information in its network.

What are Cyber Incidents?

A cyber incident is a broad term that refers to a threat to information security. An incident can occur when a third party violates a network policy, potentially exposing confidential information to the public. However, not all cyber incidents will release sensitive information.

How Do Cyber Incidents Happen?

Because several organizations host sensitive information in its network cyber incidents are fairly common. Often times the victims of cyber attacks do not have a good cybersecurity program set in place. This makes it easy for an attacker to compromise a computer system and gain access. Some of the most common ways to do that are through hackers, lost or stolen media, or a lack of security.

Hackers

A security hacker is someone who researches ways to break through protections and exploit flaws in a computer system or network. A hacker can penetrate a network through several mediums. Some of the most common techniques to access a system are malware, Trojans, and Spear Phishing.

Malware

Malware is a type of software that hackers design to access information from a network system. A malware attack can look different for each organization or individual. Some of the most common types of malware are advanced persistent threats and ransomware.

Advanced Persistent Threat

Advanced Persistent Threats (APT) are long-term, ongoing attacks that hackers use to gain information about an organization or leak private data to the public. An APT is a type of malware that hackers use when they want to infiltrate a system and go unnoticed for several months.

Ransomware

Ransomware is one of the most well-known types of malware. Hackers will steal data and encrypt it so the owners can not access it. They will only decrypt it when a ransom is paid. To learn more about ransomware and how it can affect an organization, read CISA’s Ransomeware Guide.

Trojans

A Trojan is any software that deceives users about its true intentions. It is a computer program that is designed to hurt, disrupt, steal, or otherwise harm your data or network. To deceive you, a Trojan poses as a legitimate application or file. It tries to trick you into downloading and running malware on your device.

Spear Phishing

Spear-phishing is a tactic hackers use to steal sensitive information or install malware on victims’ devices. Unlike malware attacks, spear-phishing requires a hacker to do a lot of research, including personal information about the victim. Oftentimes, this type of attack is done through email and is used as a way to steal account details or financial information.

Lost/Stolen Hardware

Another way cyber incidents can happen is through lost or stolen hardware. This can be a phone, laptop, or anything else that is an endpoint on a network. If a hacker obtains technology that has access to the system, they will have immediate access to the sensitive information it holds.

Lax Security

Cybersecurity is still a relatively new concept. Many businesses mistakenly believe that their IT and Cybersecurity departments are the same. Because of this, many organizations only have precautions in place for IT and not cybersecurity. This creates lax security standards for a company and makes it easier for hackers to get into.

Effects of Cyber Incidents

Cyber incidents can happen in various ways and have severe consequences for an organization. Besides sensitive data being released, a cyber incident can cause electrical blackouts and interruptions to phone and computer networks. Finical damage follows closely behind any form of a cyber incident as well. In 2021, IBM reported that the average cost of a cyber incident was $4.24 Million.

Cyber incidents can happen to any business. If you want to prevent a cyber incident from happening to your organization, follow NIST SP 800-171 cybersecurity practices. These standards are well-known and widely accepted as good guidelines for any organization to build a cybersecurity plan.