The impacts of a cyber-security attack (4.2) and prevention measures (4.3) GapFill

There are many different ways in which cyber-security attacks can have an effect on an organisation, either by directly affecting their service or by harming their users.

For example, a cyber-security attack could make part of a service unavailable to users, such as making an online shopping platform unable to process payments, preventing customers from placing orders. This is known as  data manipulationdata denialdenial of servicedata theft. Another impact of a security breach could be  data manipulationidentity theftdata theftdata denial, when attackers are able to see users' personal data, which can potentially lead to  identity theftdata theftdata manipulationdata destruction if the attackers are able to get usernames and passwords to log in to people's private accounts. These sorts of attack not only damage the organisation directly, but can also cause users to lose trust in the service or organisation.

More advanced attacks may not only disrupt services and steal data, but may also edit the data being held. This could be done in the form of  identity theftdenial of servicedata manipulationdata destruction, where data is removed so that the organisation and its users can no longer access it, or data manipulation, which changes the information; for example, changing the amount of money being transferred by an online bank payment.

There are three main ways in which cyber-security attacks can affect an organisation: by causing  disruptionrisklossfailure, such as when data is lost or the attack loses the organisation money; by causing  legislationsafety concernsdisruptionrisk, such as when an organisation has to upgrade its security after an attack, or a service becomes unavailable to its users for a period of time; and by causing  safety concernsfailurelossrisk, such as if a system that provides important information (e.g. a set of traffic lights or an aeroplane's display panel) is disabled.

However, there are several steps that can be taken to mitigate the impact of cyber-security vulnerabilities. Some of these prevention measures are  logicalphysicalviablefunctional – they prevent people or programs from interfering with software or data. These prevention measures include:  antivirus softwarebackupsencryptionaccess rights, requiring the user to give their username and password to access the system and then restricting access depending on the permissions assigned to that specific user;  biometricsantivirus softwareencryptionaccess rights, which identifies and removes malware from infected computers;  access rightsbackupsencryptionantivirus software, which obscures sensitive data so that it cannot be read by unauthorised users; and  encryptionbiometricsbackupsaccess rights, which provide a way to restore data if it is lost or corrupted. There are also  physicalviablevisiblelogical prevention measures that secure computer systems by preventing attackers from gaining access to the system's hardware. One example of this type of prevention measure is locking certain secure rooms (e.g. server rooms) with  authenticateduserencryptedbiometric access devices, such as fingerprint or retina scanners.

It is also important that any time an organisation disposes of a storage device all data on that device is securely destroyed, either by overwriting all data on the device, by performing  a magnetic wipea rebootformattingpartitioning on the device to alter all data stored on it (which can make the device unusable as basic commands are altered − but this doesn't work for flash-based or printed media such as SSDs, flash drives and CDs), or by physically destroying the device so that it can no longer be used or have its data read. In many cases, it may be beneficial to perform more than one of these techniques to ensure that old data cannot be accessed.