Unit-I: Introduction to Information Security

Module 1

Information security, is protection against the unauthorized use of information, especially electronic data, or the
measures taken to achieve this.

Few methods to secure our data from unauthorized access are:-

• Access control
• Encryption
• Firewalls
• Availability
• Confidentiality
• Integrity
 ATTACKS

Attacks – The suspicious activity which will collect info; defame the person & destroy the resources & info
without knowledge to the owner of information.
 Types of attacks

Active attacks Passive attacks

• Attacker attempts to alter, destroy, or • Attempts to learn or make use of

disrupt the normal operation of a system information from the system but does not
or network. affect system resources.

• Attacker takes direct action against the • In nature of eavesdropping on or

target system or network. monitoring transmission.

• More dangerous than passive attacks, • The goal of the opponent is to obtain
which involve simply monitoring or information that is being transmitted.
eavesdropping on a system or network.
ATTACKS

1. Malware - Any program or code created with the intent to do harm to a computer, network or server.

2. Denial-of-Service (DoS) Attacks - Floods a network with false requests

3. Phishing – Entice (ललचाना) a victim to share sensitive information

4. Spoofing - Disguise themselves as a known or trusted source and steal information, extort money or install malware .

5. Identity-Based Attacks - Pretending as that user

6. Code Injection Attacks - Injecting malicious code into a vulnerable computer or network to change its course of action

7. Supply Chain Attacks - Targets a trusted third-party vendor who offers services or software, vital to the supply chain.

8. Insider Threats - Internal actors such as current or former employees

1. Malware
 Malware / malicious software is any program or code created with the intent to do harm to a computer, network or server.
 Malware is the most common type of cyberattack, mostly because this term encompasses many subsets such as
ransomware, trojans, spyware, viruses, worms, keyloggers, bots, cryptojacking, and any other type of malware attack that
leverages software in a malicious way.

2. Denial-of-Service (DoS) Attacks

 DoS attack is a malicious, targeted attack that floods a network with false requests in order to disrupt business operations.
 Users are unable to perform routine and necessary tasks, such as accessing email, websites, online accounts or other
resources that are operated by a compromised computer or network.
 While most DoS attacks do not result in lost data and are typically resolved without paying a ransom, they cost the
organization time, money and other resources in order to restore critical business operations.

 For eg:- If a bank website can handle 10 people a second by clicking the Login button, an
attacker only has to send 10 fake requests per second to make it, so no legitimate users
can log in.
3. Phishing

 Phishing is a type of cyberattack that uses email, SMS, phone, social media, and social engineering techniques to entice a
victim to share sensitive information — such as passwords or account numbers
— or to download a malicious file that will install viruses on their computer or phone.

 For eg:- FB scam, fake electricity bill alerts, ATM frauds ,etc.

4. Spoofing

 Technique through which a cyber criminal disguises themselves as a known or trusted source.
 In so doing, the adversary is able to engage with the target and access their systems or devices with the ultimate goal of
stealing information, extorting money or installing malware or other harmful software on the device.
5. Identity-Based Attacks

 CrowdStrike’s findings show that 80% of all breaches use compromised identities and can take up to 250 days to identify.
 Extremely hard to detect.
 When a valid user’s credentials have been compromised and an adversary is pretending as that user, it is often very difficult
to differentiate between the user’s typical behavior and that of the hacker using traditional security measures and tools.

6. Code Injection Attacks

 Consist of an attacker injecting malicious code into a vulnerable computer or network to change its course of action.
 There are multiple types of code injection attacks.

7. Supply Chain Attacks

 Targets a trusted third-party vendor who offers services or software, vital to the supply chain.
 Software supply chain attacks inject malicious code into an application in order to infect all users of an app, while
Hardware supply chain attacks compromise physical components for the same purpose.
8. Insider Threats

 Insider threats are internal actors such as current or former employees that pose danger to an organization because they
have direct access to the company network, sensitive data, and intellectual property (IP), as well as knowledge of business
processes, company policies or other information that would help carry out such an attack.
Vulnerabilities in Information Security

Weakness or opportunity in an information system that cybercriminals can exploit and gain unauthorized access
to a computer system. Vulnerabilities weaken systems and open the door to malicious attacks.
 4 main types of Vulnerabilities

Network vulnerabilities

- Weaknesses within an organization’s

hardware or software infrastructure that Operating system (OS) vulnerabilities Process vulnerabilities
allow cyberattackers to gain access and
cause harm. - Exposures within an OS that allow cyber - Created when procedures that are
attackers to cause damage on any device supposed to act as security measures are
- These areas of exposure can range from where the OS is installed. insufficient.
poorly-protected wireless access all the
way to misconfigured firewalls that don’t - Unpatched and outdated software also - One of the most common process
guard the network at large. creates OS vulnerabilities vulnerabilities is an authentication
weakness, where users, and even IT
- Eg:- An attack that takes advantage of administrators, use weak passwords.
OS vulnerabilities is a DoS attack, where
repeated fake requests clog a system so it
becomes overloaded.
Cyber Security Goals
Objective:- To protect information from being stolen, compromised or attacked
Keep information available even in the event of physical
1. Protect the confidentiality of data. challenges. Ensure sensitive information and critical information
2. Preserve the integrity of data. technology are housed in secure areas.
3. Promote the availability of data for authorized users.

 Encryption
 Access
ols

Control  Physical Corrections

To

 Authenticatio  Computational
n Redundacies
 Authorization
 Physical
security
 Backups
 Checksums
 Data correcting codes
 Availability
1. Confidentiality

 Avoids the unauthorized disclosure of information

 Involves the protection of data, providing access for those who are allowed to see it while
disallowing others from learning anything about its content.
 Prevents essential information from reaching the wrong people while making sure that
the right people can get it.
 Data encryption is a good example to ensure confidentiality.

2. Integrity

 Methods for ensuring that data is real, accurate and safeguarded from unauthorized user
modification.
 It is the property that information has not be altered in an unauthorized way, and that source of the
information is genuine.

3. Availability

 Property in which information is accessible and modifiable in a timely fashion by those authorized to
do so.
 It is the guarantee of reliable and constant access to our sensitive data by authorized people.
Types of Security Mechanism

 Process of
 Official fraud –deterrent
encoding
process that assures the
information
 Converts parties of a transaction that
a document is authentic and
original/plain
can be trusted.
text into cipher  When notorization occurs, a
text
 By this, all data notary public certifies the
 Security techniqueauthenticity of any signature
that regulates
will be secured
appended
who or what can view or use to a document.
from other
resources in a computing env.
networks.
 Fundamental concept in security that
 Encipherment  Process of encoding information
 Converts original/plain text into cipher text
 By this, all data will be secured from other
networks.
 Security technique that regulates who or what
Access Control can view or use resources in a computing env.
 Fundamental concept in security that minimizes
risk to the business or organization

Notorization  Selecting a trusted third party to control the

Security Mechanisms communication b/w 2 entities.
 When notorization occurs, a notary public
certifies the authenticity of any signature
appended to a document.
Data integrity  Ensures accuracy, completeness, consistency
and validity of an