Cyber Security Fundamentals - Lecture 2

Questions and Answers

What is the primary objective of cybersecurity?

• To manage user access to different digital platforms
• To increase the speed of computer systems
• To protect computer systems and data from unauthorized actions (correct)
• To monitor internet traffic for legal compliance

Why is cybersecurity considered vital for businesses today?

• It replaces the need for physical security measures
• It protects against evolving threats and economic losses (correct)
• It enhances employee productivity through technology
• It helps in reducing the cost of technology

Which threat is specifically associated with online banking?

• Malware infections (correct)
• Social engineering
• Identity theft
• Data breaches

What type of attack is characterized by intercepting communication between two parties?

Man-in-the-middle attack (C)

Which of the following is NOT a consequence of a cyberattack?

Improved cybersecurity measures (D)

What makes healthcare organizations particularly attractive targets for cybercriminals?

The sensitive patient data they hold (D)

What is a common threat faced by social media platforms?

Account takeovers (C)

What role does digital transformation play in the importance of cybersecurity?

It increases reliance on technology, heightening cybersecurity needs. (A)

What are the direct costs associated with cyberattacks?

Stolen funds (D)

What is meant by vulnerability in the context of cybersecurity?

A weakness in a system that can be exploited (A)

What is a zero-day exploit?

An exploit that targets an unknown vulnerability (D)

What can be a consequence of identity theft due to cyberattacks?

Unauthorized transactions (D)

Which of the following is not a consequence of reputational damage from a cyberattack?

Immediate recovery of funds (B)

What does risk in cybersecurity refer to?

The potential for loss or harm (D)

Who is classified as an attacker in the realm of cybersecurity?

An individual exploiting vulnerabilities for malicious purposes (C)

What can be considered an indirect cost of a cyberattack?

Loss of customer trust (B)

What defines high-value targets in cybersecurity?

Organizations with valuable data or critical infrastructure (D)

What is the main difference between black hat and white hat hackers?

Black hat hackers exploit vulnerabilities for personal gain, while white hat hackers aim to improve security. (B)

Which of the following is not a type of malware?

Phishing (B)

What is the primary purpose of ransomware?

To encrypt data and demand payment for decryption (C)

What is an example of social engineering in cybersecurity?

Phishing via deceptive emails or websites (C)

Which attack aims to make a system unavailable to legitimate users?

Denial-of-Service attack (A)

What distinguishes a distributed denial-of-service attack from a regular denial-of-service attack?

It utilizes multiple compromised systems for amplified attacks. (C)

What kind of software is classified as spyware?

Software that monitors user activity and steals information (D)

Study Notes

Cybersecurity Overview

• Cybersecurity involves protecting computer systems, networks, and data from unauthorized access and threats.
• Essential for safeguarding digital assets by ensuring confidentiality, integrity, and availability.

Importance of Cybersecurity

• Digital transformation increases reliance on technology, necessitating robust cybersecurity measures.
• Cybercriminals continually evolve their techniques, creating new challenges for cybersecurity.
• Cyberattacks can cause significant financial losses for individuals and organizations.
• National security relies on effective cybersecurity to protect critical infrastructure and sensitive information.

Real-World Impacts

Online Banking

• Heavily relies on cybersecurity to secure financial information.
• Threats include phishing, malware, and man-in-the-middle attacks, leading to potential identity theft and credit damage.

Social Media

• Platforms store vast personal information, making them attractive to cybercriminals.
• Risks encompass account takeovers and data breaches, which can result in reputational damage and privacy violations.

Healthcare

• Sensitive patient data necessitates strong cybersecurity practices.
• Threats include ransomware and data breaches, with dire consequences for patient safety and organizational trust.

Consequences of Cyberattacks

• Financial Loss: Direct costs including stolen funds and recovery expenses, alongside indirect costs like reputational damage.
• Identity Theft: Theft of personal information leading to fraudulent accounts and unauthorized transactions.
• Reputational Damage: Loss of trust among customers and adverse media coverage can result in long-term business impacts.

Key Cybersecurity Terminology

• Threat: Potential danger to systems—includes hackers and malware.
• Vulnerability: System weaknesses that can be exploited by threats, such as software bugs or weak passwords.
• Risk: Likelihood of a threat exploiting a vulnerability, emphasized through risk assessment processes.
• Exploit: Code that takes advantage of vulnerabilities, including zero-day exploits which target unknown weaknesses.
• Attacker Types:
  • Hacktivists promote political causes.
  • Cybercriminals pursue financial gain.
  • Nation-states may attack for national interests.

Types of Cyber Threats

Hackers

• Black Hat Hackers: Malicious attackers exploiting vulnerabilities.
• White Hat Hackers: Ethical hackers enhancing security by reporting vulnerabilities.

Malware

• Viruses: Spread by replicating across files.
• Worms: Independent programs that propagate through networks.
• Trojans: Disguised harmful software.
• Ransomware: Encrypts data and demands payment for access.
• Spyware: Monitors user activity for information theft.

Social Engineering

• Manipulative techniques to extract confidential information.
• Common methods include phishing, baiting, and pretexting.

Denial-of-Service Attacks

• Flood systems with traffic to disrupt service.
• Distributed Denial-of-Service (DDoS): Amplified attacks using multiple compromised devices, resulting in significant business disruption.

Conclusion

• Cybersecurity is a critical aspect of modern technology, vital for protecting individual and organizational assets. Understanding threats, vulnerabilities, and the consequences of cyberattacks is essential for effective defense strategies.

Description

This quiz covers the basics of cybersecurity and highlights the importance of information security. It is designed for students in the BSc (Hons) Cyber Security program. Participants will learn fundamental concepts and practices crucial to protecting computer systems.