63% of companies already outsource cybersecurity services, according to a recent study by Deloitte. Education and research are the hardest hit sectors. The consulting firm CheckPoint estimates that organisations in these sectors alone receive more than 1,600 attacks per week.
What is a cyber-attack
A cyber-attack is a computer attack aimed at blocking, damaging or stealing information from the system of an entity, organisation or company. However, the answer to the question of what a cyber-attack is can be much broader, as it can also be directed towards private individuals, for the same purposes or for other reasons.
Types of cyber-attacks
There are as many types of cybersecurity attacks as there are malicious objectives a cybercriminal might have. To summarise, these are the most common and well-known types of cyber-attacks.
- Malware: It is the most generic and can include different types of cyber-attacks. It usually takes the form of malicious software, including viruses, Trojans or worms. The aim is to damage devices, services or networks, to prevent them from functioning properly, to install spyware or to take control, among other things.
- Phishing: Among the types of cybersecurity vulnerabilities, phishing is one of the most frequent and most impactful. The main objective is to steal sensitive information (such as credentials or personal data) and then use it for fraudulent purposes.
- Ransomware: Large companies or even public bodies have suffered from ransomware attacks on occasion. This type of cyber-attack is quite common and quite dangerous, as it blocks access to computers and a ransom is usually demanded in order to get it back.
- Dictionary attack: It is one of the most silent types of cyber-attacks, as it seeks to steal passwords by means of an automatic programme that tries different combinations of passwords. Therefore, it is always recommended to use unique passwords, which alternate upper and lower case, numbers, letters, symbols and are fairly long.
- Denial of service attack: It is a type of attack that seeks to disable access to a website, service or network. To do so, it launches multiple simultaneous requests, until it succeeds in crashing it.
- Man-in-the-middle attack: As its name suggests, it is an attack that seeks to intercept the online traffic of a third party (whether it is a conversation, browsing, uploading files, etc.) without the third party knowing at any time that it is being spied on.
- SQL injection attack: Among the types of cybersecurity attacks, this is one of the most problematic. The SQL injection attack seeks to steal information from company databases and websites. Sensitive data, such as users’ credit card numbers, physical addresses, identity documents and much more, can be obtained.
- Rootkit attack: This type of cyberattack gives the attacker administrator privileges, with which important changes can be made to systems.
What does cybersecurity involve?
Cybersecurity is the set of measures and tools intended to protect users, networks or equipment from cyber-attacks.
It uses the acronym CIA to protect data:
- Confidentiality: Only authorised users can and should access files and equipment.
- Integrity: The information is as it should be, and no data has been altered by a third party.
- Access: Resources should always be available when users need to access them.
Where to study cybersecurity in Spain
Currently, there are many options to study cybersecurity in Madrid or Barcelona, mainly. Universities such as the Catalonia Polytechnic, the Madrid Polytechnic and the European University of Madrid are some of the places to study cybersecurity.
But it is not necessary to do a postgraduate degree exclusively. There are also vocational training courses, specialisation courses and other paths to training in this field. More and more companies are asking how much a cybersecurity officer charges, but the truth is that there is no close-ended answer to this question. It depends on many factors, mainly the scale of the service to be provided.