Cybersecurity

TEB2213 – INTRODUCTION TO CYBERSECURITY

Concepts
Definition - Cybersecurity
• Prevention of damage to, protection of, and restoration of computers, electronic
communications systems, electronic communications services, wire communication, and
electronic communication, including information contained therein, to ensure its
availability, integrity, authentication, confidentiality, and nonrepudiation. – NIST
• Cybersecurity is the practice of protecting critical systems and sensitive information
from digital attacks. Also known as information technology (IT) security, cybersecurity
measures are designed to combat threats against networked systems and applications,
whether those threats originate from inside or outside of an organization. – IBM
• Cybersecurity is the practice of protecting systems, networks, and programs from digital
attacks. These cyberattacks are usually aimed at accessing, changing, or destroying
sensitive information; extorting money from users; or interrupting normal business
processes. Implementing effective cybersecurity measures is particularly challenging
today because there are more devices than people, and attackers are becoming more
innovative. - CISCO
Definition – Cybersecurity
(cont.)
• The word “cybersecurity” is used today to represent
several different conceptual approaches. Cybersecurity
can detail particular business functions, compliance to
industry frameworks, career pursuits, market products,
represent specific skills, etc.
• The protection of digital devices and their communication channels to
keep them stable, dependable and free from danger or threat. Usually
the required protection level must be sufficient to prevent
unauthorized access or intervention that can lead to personal,
professional, organizational, financial and/or political harm.
https://app.box.com/s/sj5xaz8a1461e7u7si3ip1361r070fed
Concept of CyberCrime

Computer crime, or cybercrime, is any crime that

involves a computer and a network.

The computer may have been used in the commission

of a crime, or it may be the target.
CyberAttack
• A cyberattack is commonly defined as an attempt to gain illegal access to a
computer or computer system to cause damage or harm. Cyberattack can
occur on almost any modern digital device. The impact can range from an
inconvenience for an individual to global economic and social disruption.
• An attacker can use people, computers, phones, applications, messages,
and system processes to carry out an attack. Individuals, organizations,
institutions, and governments can be victims of an attack. These attackers
might:
• Lock data and processes, and demand a ransom.
• Remove vital information to cause serious harm.
• Steal information.
• Publicly expose private information.
• Stop vital business processes and systems from running, to cause disruption and
malfunction.
CyberAttack
• Categories of cyberattack

• System-based attack
attacks which are intended to compromise a computer or a computer network.

• Web-based attack
occur on a website or web applications
CyberCriminal
A cybercriminal is anyone who carries out a cyberattack.
Cybercriminals can be:
• A single person or a group of people.
• An organization for hire.
• A government entity.

Cybercriminals can be located anywhere, including

embedded inside an organization or institution, to cause
damage from within.
CyberCriminal

Kevin David Mitnick is an

American computer security
consultant, author, and
convicted hacker.

Arrested in 1995 sentenced to

five years in prison for various
computer and communications-
related crimes.
CyberCriminal

Stuxnet is a malicious computer worm

first uncovered in 2010.

Stuxnet targets supervisory control

and data acquisition systems (SCADA)
and is believed to be responsible for
causing substantial damage to the
Iranian Nuclear Facilities in Natanz.
Layers of Cybersecurity
Layers of Cybersecurity
Cybersecurity Control Types

1. Physical

2. Procedural

3. Legal

4. Technical

5. People
Cybersecurity Defense Points
1. Data

2. Devices

3. Applications

4. Systems

5. Networks

6. People
Cybersecurity Types and
Technologies
1. Industrial Control Systems Cybersecurity - industry

2. Critical Infrastructure Security – electric grid, oil refinery, nuclear

3. Application Security – web, mobile, desktop app, secure coding

4. Network Security – tools and techniques

5. Cloud Security – policies, techniques & procedures

6. Internet of Things (IoT) Security – protect device & network, can

become point of entry
 Goals of Cybersecurity

This is commonly referred to as the “CIA Triads”.

Confidentiality, Integrity, Availability (CIA) model in the
context of cybersecurity.

Throughout this course, you'll learn about the types of

attacks that cybercriminals use to disrupt these goals, and
cause harm. You'll also see some basic threat mitigation
strategies.
 Goals of Cybersecurity
Confidentiality is roughly equivalent
to privacy.

Measures undertaken to ensure

confidentiality are designed to
prevent sensitive information from
reaching the wrong people, while
making sure that the right people
can in fact get it.

• Confidentiality:
Assurance that information is shared only among authorized persons or
organizations.
 Goals of Cybersecurity
Integrity

In information security, data integrity

means maintaining and assuring the
accuracy and consistency of data over
its entire life-cycle.

• Integrity (authenticity and non-repudiation)

Assurance that the information is authentic and complete. Non-repudiation assures
that a person having committed a transaction cannot deny it at a later stage.
 Goals of Cybersecurity
Availability

Availability of information refers to

ensuring that authorized parties are
able to access the information when
needed

• Availability :
Assurance that the systems responsible for delivering, storing and processing
information are accessible when needed, by those who need them.
Threat Landscape
Whether an organization is big or small, the entirety of the digital
landscape with which it interacts represents an entry point for a
cyberattack.
These can include:
• Email accounts
• Social media accounts
• Mobile devices
• The organization's technology infrastructure
• Cloud services
• People
Concept of Cyberspace

Cyberspace is "the
environment in
which
communication
over computer
networks occurs.“
Concept of Cyberspace

And almost everybody in

one way or the other is
connected to it
Concept of Cyberspace

And almost everybody in

one way or the other is
connected to it
Concept of Cyberspace

And almost everybody in

one way or the other is
connected to it
Concept of Cyberspace

And almost everybody in one way or the

other is connected to it
Concept of Cyberspace
And almost everybody in one way or
the other is connected to it
Concept of Cyberspace
And almost everybody in one way or the
other is connected to it
Attack Vectors
Security Breaches
• Any attack that results in someone gaining
unauthorized access to devices, services, or networks is
considered a security breach. Imagine a security breach
as similar to a break-in where an intruder (attacker)
successfully breaks into a building (a device,
application, or network).
• Security breaches come in different forms, including the
following:
• Social engineering attacks
• Browser attacks
• Password attacks
Data Breaches
• A data breach is when an attacker successfully gains access or control of
data. Using the intruder example, this would be similar to that person getting
access to, or stealing, vital documents and information inside a building.

• When an attacker achieves a security breach, they'll often want to target data,
because it represents vital information. Poor data security can lead to an
attacker gaining access and control of data. This can lead to serious
consequences for the victim, whether that is a person, organization, or even a
government. This is because the victim's data could be abused in many ways.
For example, it can be held as ransom or used to cause financial or
reputational harm.
Malwares
• Malware comes from the combination of the words malicious and
software. It’s a piece of software used by cybercriminals to infect
systems and carry out actions that will cause harm. This could
include stealing data or disrupting normal usage and processes.

• Malware has two main components:

• Propagation mechanism
• Payload
Malwares – propagation
mechanism
Propagation is how the malware spreads itself across one
or more systems.

A few examples of common propagation techniques:

1. Virus – attached to another executable, must be triggered
2. Worm – self-replicate and propagate independently via network after the
breach
3. Trojan – hidden inside apparently harmless application
Malwares – payload
The payload is the action that a piece of malware performs on an infected
device or system.

Some common types of payload:

1. Ransomware – locks systems or data until victim has paid a ransom

2. Spyware – spies on the device or system

3. Backdoors – allow ccybercriminal to bypass existing security measures

4. Botnet – similarly infected devices are joined and remotely controlled

Mitigation Strategies
A mitigation strategy is a measure or collection of steps that an organization
takes to prevent or defend against a cyberattack. This is usually done by
implementing technological and organizational policies and processes designed
to protect against attacks.
Some common mitigation strategies:
1. Multifactor authentication – something you know, something you have, something you are

2. Browser security – web content filtering, security updates, prohibit unauthorized add-ons

3. User education – caution against suspicious emails and social engineering

4. Threat intelligence – collect system information, vulnerabilities and information on attacks to gain
insights and respond to cyberattacks.