Cybersecurity is the practice of protecting systems, networks, applications, and data from digital attacks, unauthorized access or disruption, which have been emerging with the evolution of the internet. In this essay, we are going to, first, skim the history of cybersecurity to understand its origin and necessity, then discover the three most common threats, by commodity, phishing, password attacks and data breaches, and their prevention strategies.
The history of cybersecurity has evolved alongside the history of computers and networks. Cybersecurity has emerged from computers becoming interconnected, valuable and attackable. During the early era of information technology, security was mostly physical. Computers were isolated and did not interact, hence protection only focused on restricting physical access. As time-sharing systems appeared in the 1960s, multiple users shared a single computer, which led to the need for user authentication, permissions and access control. In the 1970s, the next step in cybersecurity came when Bob Thomas, an IT researcher, created a computer program called Creeper, which spread across ARPANET systems and displayed the message, “I’m the creeper: catch me if you can”. A second program called “Reaper” was created to remove the first one. They are the first examples of computer virus and antivirus software. After that, in the 1980s, various commercial antiviruses, including McAfee, were released. In the 1990s, as the internet became public, user or even government information, went online. Hacking was increasing dramatically at that time and cybercrime was emerging commercially. As a result, firewalls were invented, the antivirus software industry grew and encryption technologies expanded. From 2000 to now (modern day), almost everything we rely on today, money, communication, healthcare, transportation and even national defense, runs on digital systems. Therefore, cybersecurity has become one of the most important technology industries and is continuing to grow at the speed of light, against cybercrime organizations, which have been heavily funding professional cyberattacks.
Moving onto the three most common threats, the most common is phishing, which is the practice of sending fraudulent communications that appear to come from reputable sources, usually from email and text messaging. The purpose of these attacks is to steal money, gain access to sensitive data or to install malware on the victim’s device. It commonly happens through fake email, SMS, social messages and fake login pages. Despite its simplicity, it is still the most effective, because it exploits the vulnerabilities of human nature, such as a tendency to trust others or emotional response for TO urgent messages. To prevent phishing, users ought to check domains or sender email addresses carefully. Organizations should train their employees to identify common patterns of phishing attacks.
The second most ubiquitous threat is password attacks, in which attackers attempt to gain access to a system by cracking or guessing user passwords. Hackers systematically guess every possible combination of letters, numbers and symbols, or they just use a list of common passwords, words and phrases until the correct password is found. Password attacks are not only standalone but also combined with other common methods, such as phishing. FOR EXAMPLE, malware could be installed on the victim’s device via a phishing email, then it steals user personal information including their passwords. The problem could be more serious, if the user reuses the same password across numerous websites. In this case, attackers try previously obtained passwords on other websites, which is called credential stuffing. To prevent that, users are recommended to set unique passwords on each site and use a password manager, like Bitwarden, to manage them.
The third most common threat is data breach, which is the leak of confidential, private or otherwise sensitive information from an online environment. A data breach may occur accidentally or as the result of a cyberattack. For example, in 2024, Zalo, which is the most widely used messaging platform in Vietnam, was hacked and allowed the breaching of personal data of 100 million users. According to that hacker’s post, phone numbers, usernames and display names of Zalo users had been compromised. With access to phone numbers and usernames, cybercriminals launched phishing attacks, scam phone calls or AND even identity theft. Ironically, their users could not do anything to prevent that. The only recommendations applicable to this situation are to change compromised information immediately and be more careful when sending data via message platforms.
In conclusion, we have walked through the history of cybersecurity. This post does not list full kinds of cyberattacks, but has introduced three most common cyberattacks and their prevention strategies. For more information, readers are encouraged to explore additional resources and stay updated on emerging threats and protection methods.