Page 52 - Auditinf Electronic System
P. 52
Fourth: What are Cybersecurity Risks:
Cybersecurity Risks Refers to the risk arising from dealing in the
cyberspace (internet). Cybersecurity risk is an ever-increasing risk that requires
increasing controls due to the increase and complete dependence on the internet
in the business environment As companies turn to digital technologies for
business operations, the risk of a security breach continues to rise. In fact,
leaders in the profession have identified cybersecurity as the number one
technology risk.
Fifth: What are the resulting Cyber -attacks? and the effect
on client firm
Cyberattacks are perpetrated for varied reasons, including but not limited to
financial fraud, information theft or misuse, activist causes, to render computer
systems inoperable, and to disrupt critical infrastructure and vital services of a
government or organization.
Cyber-attacks examples:
❖ Phishing: The attacker sends a large number of fraudulent emails and gains
access to the system.
❖ Structured query language (SQL Injections): The attacker gains access to the
protected information by adding malicious code to the SQL server.
❖ Password Attack: Attackers gain access to the passwords unethically and gain
access to the confidential data. Passwords also may be compromised by IP
spoofing, and packet sniffers.
✓ Spoofing: is identity misrepresentation in cyberspace, (e.g., Using a false website
to obtain visitors personal and Confidential information).
✓ Sniffing: is the use of software to eavesdrop on information sent by a user to the
host computer of a websites
❖ Denial of service Attack (DOS): an attack meant to shut down a machine or
network, making it inaccessible to its intended users by overloading the system
with information.
52 53
جميع الحقوق محفوظة ـ الإعتداء على حق المؤلف بالنسخ أو الطباعة يعرض فاعله للمسائلة القانونية
