1. What is Cybersecurity?

Cybersecurity is the practice of protecting critical systems and sensitive information from digital attacks.
Also known as information technology (IT) security, cybersecurity measures are designed to combat
threats against networked systems and applications, whether those threats originate from inside or outside
of an organization.
In 2020, the average cost of a data breach was USD 3.86 million globally, and USD 8.64 million in the
United States. These costs include the expenses of discovering and responding to the breach, the cost of
downtime and lost revenue, and the long-term reputational damage to a business and its brand.
Cybercriminals target customers’ personally identifiable information (PII) — names, addresses, national
identification numbers (e.g., Social Security number in the US, fiscal codes in Italy), and credit card
information — and then sell these records in underground digital marketplaces. Compromised PII often
leads to a loss of customer trust, the imposition of regulatory fines, and even legal action.
Security system complexity, created by disparate technologies and a lack of in-house expertise, can
amplify these costs. But organizations with a comprehensive cybersecurity strategy, governed by best
practices and automated using advanced analytics, artificial intelligence (AI) and machine learning, can
fight cyberthreats more effectively and reduce the lifecycle and impact of breaches when they occur.
Cyber security is the practice of defending computers, servers, mobile devices, electronic systems,
networks, and data from malicious attacks. It's also known as information technology security or
electronic information security. The term applies in a variety of contexts, from business to mobile
computing, and can be divided into a few common categories.
· Network security is the practice of securing a computer network from intruders, whether targeted
attackers or opportunistic malware.
· Application security focuses on keeping software and devices free of threats. A compromised
application could provide access to the data its designed to protect. Successful security begins in the
design stage, well before a program or device is deployed.
· Information security protects the integrity and privacy of data, both in storage and in transit.
· Operational security includes the processes and decisions for handling and protecting data assets.
The permissions users have when accessing a network and the procedures that determine how and where
data may be stored or shared all fall under this umbrella.
· Disaster recovery and business continuity define how an organization responds to a cyber-security
incident or any other event that causes the loss of operations or data. Disaster recovery policies dictate
how the organization restores its operations and information to return to the same operating capacity as
before the event. Business continuity is the plan the organization falls back on while trying to operate
without certain resources.
· End-user education addresses the most unpredictable cyber-security factor: people. Anyone can
accidentally introduce a virus to an otherwise secure system by failing to follow good security practices.
Teaching users to delete suspicious email attachments, not plug in unidentified USB drives, and various
other important lessons is vital for the security of any organization.

2. How important is Cybersecurity?

There are many risks, some more serious than others. Among these dangers are malware erasing your
entire system, an attacker breaking into your system and altering files, an attacker using your computer to
attack others, or an attacker stealing your credit card information and making unauthorized purchases.
There is no guarantee that even with the best precautions some of these things won't happen to you, but
there are steps you can take to minimize the chances.
In today’s connected world, everyone benefits from advanced cyber defense programs. At an individual
level, a cybersecurity attack can result in everything from identity theft to extortion attempts, to the loss
of important data like family photos. Everyone relies on critical infrastructure like power plants, hospitals,
and financial service companies. Securing these and other organizations is essential to keeping our society
functioning.

Everyone also benefits from the work of cyberthreat researchers, like the team of 250 threat researchers at
Talos, who investigate new and emerging threats and cyber-attack strategies. They reveal new
vulnerabilities, educate the public on the importance of cybersecurity, and strengthen open-source tools.
Their work makes the Internet safer for everyone.
3. Explain the difference between White Hat, Black Hat, and Gray Hat.
Black hat hacker
Like all hackers, black hat hackers usually have extensive knowledge about breaking into computer
networks and bypassing security protocols. They also create malware, programs that allow them to gain
access to computer networks, spy on victims’ online activities, or lock the devices of their victims. Black
hat hackers are typically out for personal or financial gain, but they can also be involved in cyber
espionage or protest. Some might be addicted to the thrill of cybercrime.Black hat hackers can range
from amateurs getting their feet wet by spreading malware, to experienced hackers who steal data,
specifically financial information, personal information, and login credentials. Many then sell this
information on the dark web. Other hackers not only steal data, they modify or destroy data, too.
Black hat hackers at work
Black hat hackers are the ones behind those big data breaches that make headlines each year. In a data
breach, hackers steal the personal and financial information held by large companies or governments,
including the credit card, log-in and Social Security number of consumers, patients or constituents.These
hackers can then publish this information to embarrass a corporation or government body, sell it on the
deep web, or blackmail companies, agencies, or individuals.
According to the Identity Theft Resource Center's 2021 Data Breach Report, the United States saw 1,862
data breaches in 2021, a record high.Data breaches have long been on the rise. In perhaps the biggest
ever, black hat hackers breached Yahoo and stole 3 billion customer records from 2013 to 2014. And in
October of 2016, hackers stole more than 412 million customer records from adult website Adult Friend
Finder. National credit bureau Equifax was also the victim of black hat hackers when a data breach
exposed more than 145 million customer records from May through July of 2017.

White hat hacker

White hat hackers are also skilled at breaking into networks and exposing vulnerabilities in the computer
systems of major retailers, government agencies, healthcare providers, and corporations. But these
hackers use their powers for good rather than evil. Also known as “ethical hackers,” white hat hackers
can be paid employees or contractors working for companies as security specialists that attempt to find
security holes via hacking.
White hat hackers employ the same methods of hacking as black hats, with one exception — they do it
with permission from the owner of the system first, which makes the process completely legal. White hat
hackers perform penetration testing, test existing security systems, and look for vulnerabilities in
companies' computer systems. There are even courses, training, conferences, and certifications to teach
people the basics of ethical hacking.
White hat hackers at work
There are plenty of white hat hackers working to help companies and government agencies protect
themselves from cybercriminals. Charlie Miller is a good example. He earned his hacking credentials by
finding vulnerabilities at Apple. He has worked as a white hat hacker for the U.S. National Security
Agency. Jeff Moss is another well-known white hat hacker. He served on the U.S. Homeland Security
Advisory Council for the administration of President Barack Obama and co- chaired that council's Task
Force on Cobleskill’s.
Gray hat hacker
As in life, there are gray areas in the hacking world that are neither black nor white. Gray hat hackers
operate somewhere between the extremes of their black hat and white hat counterparts. They don't
necessarily want to cause pain or steal from their victims, but they often hack into their targets' networks
to look for vulnerabilities in a system without the owners' permission or knowledge.
And if they find these vulnerabilities? They will report them to the owner, but they often request a fee to
fix the issues they find. If the owner does not respond or comply, sometimes these hackers will post the
newly found vulnerability online for the world to see.
These types of hackers may not be inherently malicious; they’re just looking to get something out of their
discoveries. Usually, gray hat hackers will not exploit the vulnerabilities they find. They won't steal and
leak the financial information that retailers have collected on their customers, for instance. However, this
type of hacking is still considered illegal because the hackers don't receive permission from the owners
before attempting to attack their systems.
Gray hat hackers at work
Khalil Shreateh is one of the better-known gray hat hackers. In the summer of 2013, he hacked the
Facebook page of company founder Mark Zuckerberg. Why? To force Facebook to correct a flaw that
allowed him to post to the Facebook pages of other users without their consent. Motivated by Shreateh's
hack, Facebook fixed this vulnerability.

4. Give at least 3 biggest cyberattacks/cybercrimes/data or security breaches happened in year

2021/2022.

 Facebook
Facebook was, yet again, the victim of a data breach in April 2021. The breach was more of a screen
scrape than a technical hack. The breach affected 530 million Facebook users from 106 countries. The
personal data exposed included Facebook ID numbers, names, phone numbers, dates of birth and
location. The screen scraping attack happened because of a feature known as contact importer that
became an allowed vulnerability in Facebook; any profiles set to public or shared with friends or enabled
a lookup using a phone number allowed this exploit to happen.
The use of screen-scraping to capture personal details was also used to breach the personal and
professional data of 92% of LinkedIn users in April and July 2021.

 Colonial Pipeline
Colonial Pipeline is a major U.S. company responsible for 45% of all fuel consumed on the east coast. In
May 2021, Colonial Pipeline was effectively shut down by a ransomware attack that affected around 50
million customers. The hacking group, DarkSide, carried out the attack. Again, the attackers used a
double-whammy approach, encrypting data and stealing around 100 gigabytes of data. The stolen data
was used to put pressure on the company to pay the $4.4 million ransom. A compromised password is
believed to have initiated the attack; experts have stated that the password is part of a batch of
compromised credentials available on the dark web. Darkside is renowned for offering a Ransomware-as-
a-Service package (RaaS), making attacks more accessible and easier to initiate.

 Electronic Arts
Sensitive data takes many forms, one of which is Intellectual Property (IP). In the case of a cyberattack
against Electronic Arts in June 2021, 780 gigabytes of source code were stolen. Having unfettered access
to source code used for consumer games allowed the attackers to locate vulnerabilities that could be
exploited, thereby placing customer personal data at risk. The attack came with a ransom demand, the
hackers placing source code snippets online in an attempt to put pressure on Electronic Arts to pay up.
The cybercriminals are believed to have used stolen cookies, sold for $10 on the dark web, to gain initial
access to a company Slack account. Social engineering was then used to trick IT support into issuing a
temporary multi-factor authentication token to allow privileged access to data.

5. Explain the CIA Triad concept.

The three letters in "CIA triad" stand for confidentiality, integrity, and availability. The CIA triad is a
common, respected model that forms the basis for the development of security systems and policies.
These are used for the identification of vulnerabilities and methods for addressing problems and creating
effective solutions.

The confidentiality, integrity, and availability of information is crucial to the operation of a business, and
the CIA triad segments these three ideas into separate focal points. This differentiation is helpful because
it helps guide security teams as they pinpoint the different ways in which they can address each concern. 

Ideally, when all three standards have been met, the security profile of the organization is stronger and
better equipped to handle threat incidents.

Confidentiality involves the efforts of an organization to make sure data is kept secret or private. To
accomplish this, access to information must be controlled to prevent the unauthorized sharing of data—
whether intentional or accidental. A key component of maintaining confidentiality is making sure that
people without proper authorization are prevented from accessing assets important to your business.
Conversely, an effective system also ensures that those who need to have access have the necessary
privileges.

For example, those who work with an organization’s finances should be able to access the spreadsheets,
bank accounts, and other information related to the flow of money. However, the vast majority of other
employees—and perhaps even certain executives—may not be granted access. To ensure these policies
are followed, stringent restrictions have to be in place to limit who can see what.

Integrity involves making sure your data is trustworthy and free from tampering. The integrity of your
data is maintained only if the data is authentic, accurate, and reliable. 

For example, if your company provides information about senior managers on your website, this
information needs to have integrity. If it is inaccurate, those visiting the website for information may feel
your organization is not trustworthy. Someone with a vested interest in damaging the reputation of your
organization may try to hack your website and alter the descriptions, photographs, or titles of the
executives to hurt their reputation or that of the company as a whole.

Availability

Even if data is kept confidential and its integrity maintained, it is often useless unless it is available to
those in the organization and the customers they serve. This means that systems, networks, and
applications must be functioning as they should and when they should. Also, individuals with access to
specific information must be able to consume it when they need to, and getting to the data should not take
an inordinate amount of time.

If, for example, there is a power outage and there is no disaster recovery system in place to help users
regain access to critical systems, availability will be compromised. Also, a natural disaster like a flood or
even a severe snowstorm may prevent users from getting to the office, which can interrupt the availability
of their workstations and other devices that provide business-critical information or applications.
Availability can also be compromised through deliberate acts of sabotage, such as the use of denial-of-
service (DoS) attacks or ransomware.

To ensure availability, organizations can use redundant networks, servers, and applications. These can be
programmed to become available when the primary system has been disrupted or broken. You can also
enhance availability by staying on top of upgrades to software packages and security systems. In this way,
you make it less likely for an application to malfunction or for a relatively new threat to infiltrate your
system. Backups and full disaster recovery plans also help a company regain availability soon after a
negative event.

6. What is a malware?
Malware, short for “malicious software,” refers to any intrusive software developed by cybercriminals
(often called “hackers”) to steal data and damage or destroy computers and computer systems. Examples
of common malware include viruses, worms, Trojan viruses, spyware, adware, and ransomware. Recent
malware attacks have exfiltrated data in mass amounts.
6.1 List out at least 9 types of common malwares and explain each.
1. Viruses
A computer virus is what most of the media and regular end-users call every malware program reported in
the news. Fortunately, most malware programs aren't viruses. A computer virus modifies other legitimate
host files (or pointers to them) in such a way that when a victim's file is executed, the virus is also
executed.
Pure computer viruses are uncommon today, comprising less than 10% of all malware. That's a good
thing: Viruses are the only type of malware that "infects" other files. That makes them particularly hard to
clean up because the malware must be executed from the legitimate program. This has always been
nontrivial, and today it's almost impossible. The best antivirus programs struggle with doing it correctly
and in many (if not most) cases will simply quarantine or delete the infected file instead.
2. Worms
Worms have been around even longer than computer viruses, all the way back to mainframe days. Email
brought them into fashion in the late 1990s, and for nearly a decade, computer security pros were
besieged by malicious worms that arrived as message attachments. One person would open a wormed
email and the entire company would be infected in short order.
The distinctive trait of the computer worm is that it's self-replicating. Take the notorious Iloveyou worm:
When it went off, it hit nearly every email user in the world, overloaded phone systems (with fraudulently
sent texts), brought down television networks, and even delayed my daily afternoon paper for half a day.
Several other worms, including SQL Slammer and MS Blaster, ensured the worm's place in computer
security history.
What makes an effective worm so devastating is its ability to spread without end-user action. Viruses, by
contrast, require that an end-user at least kick it off, before it can try to infect other innocent files and
users. Worms exploit other files and programs to do the dirty work. For example, the SQL Slammer
worm used a (patched) vulnerability in Microsoft SQL to incur buffer overflows on nearly every
unpatched SQL server connected to the internet in about 10 minutes, a speed record that still stands today.

3. Trojans
Computer worms have been replaced by Trojan malware programs as the weapon of choice for hackers.
Trojans masquerade as legitimate programs, but they contain malicious instructions. They've been around
forever, even longer than computer viruses, but have taken hold of current computers more than any other
type of malware.
A Trojan must be executed by its victim to do its work. Trojans usually arrive via email or are pushed on
users when they visit infected websites. The most popular Trojan type is the fake antivirus program,
which pops up and claims you're infected, then instructs you to run a program to clean your PC. Users
swallow the bait and the Trojan takes root.
Remote access Trojans (RATs) in particular have become popular among cybercriminals. RATs allow the
attacker to take remote control over the victim's computer, often with the intent to move laterally and
infect an entire network. This type of Trojan is designed to avoid detection. Threat actors don't even need
to write their own. Hundred of off-the-shelf RATs are available in underground marketplaces.
Trojans are hard to defend against for two reasons: They're easy to write (cyber criminals routinely
produce and hawk Trojan-building kits) and spread by tricking end-users — which a patch, firewall, and
other traditional defense cannot stop. Malware writers pump out Trojans by the millions each month.
Antimalware vendors try their best to fight Trojans, but there are too many signatures to keep up with.
4. Hybrids and exotic forms
Today, most malware is a combination of traditional malicious programs, often including parts of Trojans
and worms and occasionally a virus. Usually the malware program appears to the end-user as a Trojan,
but once executed, it attacks other victims over the network like a worm.
Many of today's malware programs are considered rootkits or stealth programs. Essentially, malware
programs attempt to modify the underlying operating system to take ultimate control and hide from
antimalware programs. To get rid of these types of programs, you must remove the controlling component
from memory, beginning with the antimalware scan.
Bots are essentially Trojan/worm combinations that attempt to make individual exploited clients a part of
a larger malicious network. Botmasters have one or more "command and control" servers that bot clients
check into to receive their updated instructions. Botnets range in size from a few thousand compromised
computers to huge networks with hundreds of thousands of systems under the control of a single botnet
master. These botnets are often rented out to other criminals who then use them for their own nefarious
purposes.
5. Ransomware
Malware programs that encrypt your data and hold it as hostage waiting for a cryptocurrency pay off has
been a huge percentage of the malware for the last few years, and the percentage is still growing.
Ransomware has often crippled companies, hospitals, police departments, and even entire cities.
Most ransomware programs are Trojans, which means they must be spread through social engineering of
some sort. Once executed, most look for and encrypt users’ files within a few minutes, although a few are
now taking a “wait-and-see” approach. By watching the user for a few hours before setting off the
encryption routine, the malware admin can figure out exactly how much ransom the victim can afford and
also be sure to delete or encrypt other supposedly safe backups.
Ransomware can be prevented just like every other type of malware program, but once executed, it can be
hard to reverse the damage without a good, validated backup. According to some studies, about a quarter
of the victims pay the ransom, and of those, about 30 percent still do not get their files unlocked. Either
way, unlocking the encrypted files, if even possible, takes particular tools, decryption keys and more than
a bit of luck. The best advice is to make sure you have a good, offline backup of all critical files.
6. Fileless malware
Fileless malware isn’t really a different category of malware, but more of a description of how they
exploit and persevere. Traditional malware travels and infects new systems using the file system. Fileless
malware, which today comprises over 50 percent of all malwares and growing, is malware that doesn’t
directly use files or the file system. Instead, they exploit and spread in memory only or using other “non-
file” OS objects such as registry keys, APIs or scheduled tasks.
Many fileless attacks begin by exploiting an existing legitimate program, becoming a newly launched
“sub-process,” or by using existing legitimate tools built into the OS (like Microsoft’s PowerShell). The
result is that fileless attacks are harder to detect and stop. If you aren’t already very familiar with common
fileless attack techniques and programs, you probably should be if you want a career in computer
security.

7. Adware
If you're lucky, the only malware program you've come in contact with is adware, which attempts to
expose the compromised end-user to unwanted, potentially malicious advertising. A common adware
program might redirect a user's browser searches to look-alike web pages that contain other product
promotions.
8. Malvertising
Not to be confused with adware, malvertising is the use of legitimate ads or ad networks to covertly
deliver malware to unsuspecting users’ computers. For example, a cybercriminal might pay to place an ad
on a legitimate website. When a user clicks on the ad, code in the ad either redirects them to a malicious
website or installs malware on their computer. In some cases, the malware embedded in an ad might
execute automatically without any action from the user, a technique referred to as a “drive-by download.”
Cybercriminals have also been known to compromise legitimate ad networks that deliver ads to many
websites. That’s often how popular websites such as the New York Times, Spotify and the London Stock
Exchange have been vectors for malicious ads, putting their users in jeopardy.
The goal of cybercriminals who use malvertising is to make money, of course. Malvertising can deliver
any type of money-making malware, including ransomware, cryptomining scripts or banking Trojans.

9. Spyware
Spyware is most often used by people who want to check on the computer activities of loved ones. Of
course, in targeted attacks, criminals can use spyware to log the keystrokes of victims and gain access to
passwords or intellectual property.
Adware and spyware programs are usually the easiest to remove, often because they aren't nearly as
nefarious in their intentions as other types of malware. Find the malicious executable and prevent it from
being executed — you're done.
A much bigger concern than the actual adware or spyware is the mechanism it used to exploit the
computer or user, be it social engineering, unpatched software, or a dozen other root exploit causes. This
is because although a spyware or adware program’s intentions are not as malicious, as say, a backdoor
remote access trojan, they both use the same methods to break in. The presence of an adware/spyware
program should serve as a warning that the device or user has some sort of weakness that needs to be
corrected, before real badness comes calling.

7. The following are methods of infiltration or types of cyberattacks. Explain each:

7.1 Social Engineering

Effective social engineering attacks can be almost impossible to detect. Attackers use deceptive
techniques that play on human biases to manipulate others into revealing valuable personal information.
Here, we’ll examine how social engineering works and look at specific examples of known scams. Keep
reading to learn how to prevent social engineering from happening to you.
social engineering as a psychological attack that exploits human behavior or our cognitive biases. It
usually involves tricking people into unknowingly divulging sensitive information that can be used for
corrupt or criminal purposes. Hackers use social engineering techniques to extract personal information
they can use for identity theft or other frauds or crimes.
7.2 Denial-of-Service
A denial-of-service (DoS) attack is a cyberattack on devices, information systems, or other network
resources that prevents legitimate users from accessing expected services and resources. This is usually
accomplished by flooding the targeted host or network with traffic until the target can't respond or
crashes. DoS attacks can last anywhere from a few hours to many months and can cost companies time
and money while their resources and services are unavailable.
7.3 Distributed DoS
A common type of DoS attack is the distributed denial-of-service (DDoS) attack. The attacker floods its
target with unwanted Internet traffic so that normal traffic is unable to reach its intended destination.
Hordes of Infected, connected devices (e.g., smartphones, PCs, network servers, and Internet of Things
devices) from around the world go after a targeted website, network, web application, application
programming interface, or data center infrastructure simultaneously to block traffic.
7.4 Botnet
The term “botnet” refers to a collection of computers linked together to perform a specific task. Botnets
themselves are not a threat to your network. For example, some botnets perform helpful tasks like
managing chatrooms or keeping track of points during an online game. However, when botnets are
misused for malicious purposes, they can be very dangerous. This is because a botnet can control your
computer and also use it to carry out attacks.
7.5 On-Path Attacks
On-path attackers place themselves between two devices (often a web browser and a web server) and
intercept or modify communications between the two. The attackers can then collect information as well
as impersonate either of the two agents. In addition to websites, these attacks can target email
communications, DNS lookups, and public WiFi networks. Typical targets of on-path attackers include
SaaS businesses, ecommerce businesses, and users of financial apps.
7.6 SEO Poisoning
SEO poisoning is when a fake web page is created that is then found when users search for a related
keyword on a search engine. The end goal of SEO poisoning is to get that web page ranked higher on
Google. The impact that this has on the user can be significant. Once this is applied, users will be
redirected to an unwanted page.
These pages are usually infected with malware which can be harmful to most desktops. However, from
the user’s perspective, we need to know what pages SEO poisoning can impact.
They can impact a variety of pages from a range of topics, but here are some that you need to be aware of:
Trending topics
Advertisements
Holidays
News items
Viral videos
7.7 Wi-Fi Password Cracking
Cracking is the process of exploiting security weaknesses in wireless networks and gaining unauthorized
access. WEP cracking refers to exploits on networks that use WEP to implement security controls. There
are basically two types of cracks namely;
Passive cracking– this type of cracking has no effect on the network traffic until the WEP security has
been cracked. It is difficult to detect.
Active cracking– this type of attack has an increased load effect on the network traffic. It is easy to detect
compared to passive cracking. It is more effective compared to passive cracking.
WiFi Password Hacker (WEP Cracking) Tools
Aircrack– network sniffer and WEP cracker. This WiFi password hacker tool can be downloaded from
http://www.aircrack-ng.org/
WEPCrack– this is an open source Wi-Fi hacker program for breaking 802.11 WEP secret keys. This
WiFi hacker app for PC is an implementation of the FMS attack. http://wepcrack.sourceforge.net/
Kismet– this WiFi password hacker online detects wireless networks both visible and hidden, sniffer
packets and detect intrusions. https://www.kismetwireless.net/
WebDecrypt– this WiFi password hack tool uses active dictionary attacks to crack the WEP keys. It has
its own key generator and implements packet filters for hacking WiFi password.
http://wepdecrypt.sourceforge.net/
7.8 Password Attacks
In these types of attacks in Cyber Security, the attackers attempt to hack different accounts of the victims
by hacking their profiles and their passwords which gives them illegal access to all the information of the
victim that is eventually used by the attackers as per their benefits.
7.9 Cracking
Cracking takes things a step farther. Cracking is when someone performs a security hack for criminal or
malicious reasons, and the person is called a “cracker.” Just like a bank robber cracks a safe by skillfully
manipulating its lock, a cracker breaks into a computer system, program, or account with the aid of their
technical wizardry.
Cracking methods are often less sophisticated than many typical hacking techniques, which is another
reason why people who identify as hackers’ distance themselves from what’s perceived as a more
mundane and selfish pursuit. A cracker who exclusively uses tools built by others is known as a “script
kiddie.”

8. In your own opinion, how will you prevent yourself from cyberthreats/cyberattacks/network
security breaches?
In my opinion, I will prevent myself from cyberthreats/cyberattacks/network security breaches by
always have more than one copy of my most important data. I will make sure to back it up frequently and
keep a safe offline copy to ensure that ransomware or even a technical problem doesn’t get in the way.
Having a backup is the best way to recover from ransomware. I will also limit sensitive personal info on
social media and limit social log in. I will make sure that I only enter the basic information required to get
the account activated, and don’t provide excessive information that could put me at risk.
In addition, I will use the latest Web browsers because they have improved security for fake
websites. Always cautious and assume someone is monitoring your data over public Wi-Fi. Run Antivirus
Scans and Install Software Updates for data safety purposes. Lastly, I think I need to always remember
the phrases “think before you click”. We are a society of clickers; we like to click on pictures, addresses,
hyperlinks, and more. Always be cautious of receiving any message with a hyperlink and ask yourself
whether it was expected.
REFERENCES
https://www.ibm.com/topics/cybersecurity
https://www.kaspersky.com/resource-center/definitions/what-is-cyber-security
https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html#~how-cybersecurity-works
https://www.securitymagazine.com/articles/94506-5-biggest-cybersecurity-threats
https://www.fortinet.com/resources/cyberglossary/cia-triad#:~:text=The%20three%20letters%20in
%20%22CIA%20triad%22%20stand%20for,methods%20for%20addressing%20problems%20and
%20creating%20effective%20solutions.
https://www.csoonline.com/article/2615925/security-your-quick-guide-to-malware-types.html
https://www.cisco.com/c/en/us/products/security/advanced-malware-protection/what-is-malware.html