Control Across Your Hybrid Environments Using Cisco Secure Workload 3.6
September 28, 2021
Cisco Secure Firewall: Sometimes, updates are great news
September 29, 2021

Simply Explained: Ransomware, Phishing, Zero Trust

Cybersecurity affects all of us, but the industry uses complicated terms that make it hard to understand. For example, what is ransomware and how does it work? What does phishing mean? Or zero trust?

Let’s discuss these cyber concepts in simple, everyday language. And let’s cover what the good guys are doing to make our online lives safer.

What’s ransomware?

Imagine if you started your laptop one day and nothing worked. It turned on, sure, but you can’t do anything. Apps, files, photos… all gone. All you see is an alarming screen that shouts, “Your files are encrypted!”

Ransomware is a special type of harmful software. It scrambles all the data on your device so you can’t access it. It locks you out. Hackers then dangle the key in front of you, demanding payment for it. Their price is usually high, but affordable; that way, you’re more likely to pay. How does $300 sound to restore your laptop right now?

Initially, ransomware attackers simply left the locked data where it was. But now some victims aren’t paying, so hackers steal copies and then threaten to make it public. Do you want your personal information published for the entire world to see? It’s evolved into a hostage situation combined with extortion: additional incentive to pay up.

What’s phishing?

In the real world, there are a lot of ways to catch fish. Bait and lures look like tasty treats, so fish naturally take a bite. Imagine their surprise when a sharp hook yanks them from the water.

In the cyber world, hackers fish for unsuspecting people to help them get inside. They need you to click a harmful link or open a malicious attachment — actions that open the door. The link downloads harmful software, or the attachment infects your device. Phishing is a simple and popular way for hackers trick and hook you.

How does it work?

Usually with an alarming or intriguing email, but sometimes through text or messaging services. “Your package cannot be delivered,” it warns, or “Your credit card is suspended!” A cleverly worded headline is the bait that preys on your emotions and curiosity, making you want to read and act on it. You don’t notice the hook.

Spear phishing is a special type. In the real world, spear fishers closely track the specific fish they want, waiting patiently for just the right moment to strike. Then they jab the poor fish instantly with a sharp stick, and it’s game over.

In the cyber world, the spear is a unique note written just for you. Before they write it, attackers learn what they can about you, like where you live or work, or the people you know. They weave that information into their message and address it to you. It looks important, relevant, and legitimate. And the extra effort is often worth it: You’re much more likely to click.

Why is there a ‘p’ in phishing?

Techies love inside jokes, and the ‘p’ comes from the term ‘pwned’ — or ‘owned’ — which is what happens when attackers are successful: They ‘own’ you. But because ‘o’ and ‘p’ are next to each other on the keyboard, slightly misspelling words like ‘fishing’ or ‘own’ with a ‘p’ is an inside joke. A bit like ‘hodl’ (hold) to cryptocurrency investors.

What’s zero trust?

The internet has always been full of bad actors, so, in the early days, it made sense for cyber defenders to focus on the boundary. They assumed everyone outside was hostile, and everyone inside was trusted, so they invested heavily in perimeter security. Today, though, the evidence is clear: Security perimeters aren’t enough. Hackers find innovative ways to get through and, once inside, they move around freely and wreak havoc. Furthermore, security borders are powerless against malicious insiders like disgruntled employees.

It made us re-think things. Today we assume that bad actors are always on internal networks, so we’re approaching cybersecurity with that in mind. It’s called “zero trust.”

Zero trust tightly controls access, no matter who you are, no matter where you are. It constantly ensures that people are who they claim to be — going well beyond age-old passwords. It restricts access based on the principle of “need to know,” which is the least amount of access that’s needed to do a specific job. Zero trust continually monitors every system and device for signs of compromise, watching for unusual or suspicious activity. And when it detects risky behavior, it automatically reduces access permissions according to security policy, sometimes disconnecting devices altogether.

What are the good guys doing about it?

Zero trust. We’re taking zero trust seriously. Organizations of all sizes are adopting it, and even the federal government is moving toward a zero trust approach. At Cisco, we’ve adopted zero trust ourselves and — this might sound counterintuitive — it’s made our lives much easier. For example, one secure sign-on connects us to multiple business applications without having to remember and re-enter passwords. We work remotely and securely on any network, anywhere. We’re more productive. And we’re helping others with our modern, Cisco Zero Trust Security solutions so they can do it too.

Phishing. We’re continually innovating with Cisco Secure Email, our modern email security solution that defends against phishing, business email compromise, malware in attachments, and ransomware. For those who use Microsoft 365, Cisco Secure Email Cloud Mailbox enhances its native security features and blocks many threats that Microsoft misses. Our Phishing Defense verifies email senders, applies advanced machine learning techniques, real time behavior analytics, relationship modeling and telemetry to protect against identity deception–based threats. We’re even educating end users to be more vigilant through Security Awareness training.

Ransomware. As discussed above, Secure Email helps to stop ransomware attacks from arriving by email. Cisco Umbrella is a critical ransomware defense by protecting users from harmful websites, even after they click. And Cisco Secure Endpoint stops ransomware from spreading if it reaches a protected device.

We covered a lot today, but I hope you have a better understanding of key cyber concepts and how the industry is taking modern threats seriously. Have a question about cybersecurity? I’d like to know, so please leave a comment below.


We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!

Cisco Secure Social Channels

Instagram
Facebook
Twitter
LinkedIn