Impacts of Cyber Security Attacks | CompTIA Security+ SY0-601 | 1.6d

In this video you will learn about the potential risks of utilizing legacy systems in addition to learning about various impacts of cybersecurity attacks such as: data loss, data breaches, data exfiltration, identity theft, financial impacts, reputation impacts, & availability loss impacts.

Legacy Platforms

A legacy system is an old or outdated method, technology, computer system, or application program that is still in use.  Often referencing a system as “legacy” means that it paved the way for the standards that would follow it.  This could also mean that the system just simply needs to be replaced.  The major concern when it comes to running legacy systems is the lack of vendor support for the hardware or software which could lead to the legacy system being vulnerable because the vendor is not investigating nor providing security patches for potential vulnerabilities.

Impacts of Cyber Security Attacks

Here is a list of the most common cybersecurity attacks & breaches that you need to be concerned about for the CompTIA Security+ SY0-601 certification exam:

  • Data Loss:  an error condition in information systems in which information is destroyed by failures (like failing hard disk drives) or neglect (like mishandling data storage) whether the data loss occurs during storage, transmission, or processing.
  • Data Breaches:  a security violation in which sensitive, protected or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.[1]  Incidents range from concerted attacks by individuals who hack for personal gain or malice, organized crime, political activists or national governments, to poorly configured system security or careless disposal of used computer equipment or data storage media.
  • Data Exfiltration:  occurs when malware and/or a malicious actor carries out an unauthorized data transfer from a computer.  It is also commonly referred to as data extrusion or data exportation.  Data exfiltration is also considered a form of data theft.
  • Identity Theft:  identity theft is what happens when someone steals your personal information to commit fraud.  The identity thief may use your information to apply for credit, file taxes, or get medical services.  These acts can damage your credit status, and cost you time and money to restore your good name.[2]
  • Financial: the impact & consequences of a breach or a cybersecurity incident can lead to fines and lawsuits against companies; possibly even jail time.[3] 
  • Reputation:  companies that experience cybersecurity incidents that result in data loss, data breaches, or data exfiltration often take a hit to their reputation & brand which results in their customers losing confidence in the company to properly secure their information assets.
  • Availability Loss:  companies that experience outages due to cyber attacks like denial-of-services attacks often have to deal with significant financial impacts to their business due to normal traffic and/or customers not being able to interact with their products or services.  Also, the loss of availability not only can impact the bottom line of the business but it can also impact the potential bottom line of their customers who may be using those products or services to run their own businesses.

References

  1. State & Tribal Child Welfare Information Systems, Information Security Data Breach Response Plans. United States Department of Health and Human Services, Administration for Children and Families.
  2. Identity Theft. USA Gov.
  3. Santos, O.; Taylor, R.; Mlodziannowski, J. CompTIA Security+ SY0-601 Cert Guide.