Cybersecurity and Data Power

Cybersecurity and Data Power

• Great businesses have been created by collecting and harnessing the power of data and data analytics.
• These businesses have the responsibility to protect this data from misuse and unauthorized access.
• The growth of data has created great opportunities for cybersecurity specialists.

Cybersecurity Domains

• Cyber experts now have the technology to track worldwide weather trends, monitor the oceans, and track the movement and behavior of people, animals, and objects in real-time.
• New technologies, such as Geospatial Information Systems (GIS) and the Internet of Everything (IoE), have emerged.
• These technologies depend on collecting and analyzing tremendous amounts of data.

Cybersecurity Criminals

• Hackers can be categorized into three types:
  • White hat attackers: break into networks or computer systems to discover weaknesses and improve security.
  • Gray hat attackers: may find a vulnerability and report it to the owners of the system if it coincides with their agenda.
  • Black hat attackers: unethical criminals who violate computer and network security for personal gain or malicious reasons.

Cybersecurity Criminals (Cont.)

• Script Kiddies: teenagers or hobbyists with little or no skill, often using existing tools or instructions found on the Internet to launch attacks.
• Vulnerability Brokers: gray hat hackers who attempt to discover exploits and report them to vendors for prizes or rewards.
• Hacktivists: gray hat hackers who rally and protest against different political and social ideas.
• Cyber Criminals: black hat hackers who are either self-employed or working for large cybercrime organizations.
• State Sponsored Hackers: either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks.

Thwarting Cyber Criminals

• Coordinated actions to limit or fend off cyber criminals include:
  • Vulnerability Database: National Common Vulnerabilities and Exposures (CVE) database provides a publicly available database of all known vulnerabilities.
  • Early Warning Systems: The Honeynet project provides a HoneyMap which displays real-time visualization of attacks.
  • Share Cyber Intelligence: InfraGard is an example of sharing cyber intelligence to prevent hostile cyberattacks.
  • ISM Standards: The ISO 27000 standards provide a framework for implementing cybersecurity measures within an organization.

Common Threats

• Cybersecurity threats are particularly dangerous to certain industries and the type of information they collect and protect.
• Threats can come from:
  • Personal Information
  • Medical Records
  • Education Records
  • Employment and Financial Records
  • Network services like DNS, HTTP, and Online Databases
  • Packet sniffing and forgery
  • Rogue devices, such as unsecured Wi-Fi access points

Spreading Cybersecurity Threats

• Threats can originate from within an organization or from outside.
• Internal threats can cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices.
• External threats can exploit vulnerabilities in networked devices or use social engineering to gain access.

Spreading Cybersecurity Threats (Cont.)

• Vulnerabilities of Mobile Devices: the inability to centrally manage and update mobile devices poses a growing threat to organizations that allow employee mobile devices on their networks.
• Emergence of Internet-of-Things (IoT): the connection of various devices to the Internet increases the amount of data that needs protection.
• Impact of Big Data: big data poses both challenges and opportunities based on three dimensions: volume, velocity, and variety.

Spreading Cybersecurity Threats (Cont.)

• Threat Complexity:
  • Advanced Persistent Threats (APTs): continuous computer hacks that occur under the radar against a specific object.
  • Algorithm attacks: track system self-reporting data and use it to select targets or trigger false alerts.
  • Intelligent selection of victims: sophisticated attacks only launch if the attacker can match the signatures of the targeted victim.

Threat Complexity (Cont.)

• Broader Scope and Cascade Effect:
  • Federated identity management: multiple enterprises that let their users use the same identification credentials to gain access to the networks of all enterprises in the group.
• Safety Implications:
  • Emergency call centers in the U.S. are vulnerable to cyberattacks that could shut down 911 networks, jeopardizing public safety.
  • Telephone denial of service (TDoS) attacks: use phone calls against a target telephone network, tying up the system and preventing legitimate calls from getting through.

Cybersecurity and Data Power

• Great businesses have been created by collecting and harnessing the power of data and data analytics.
• These businesses have the responsibility to protect this data from misuse and unauthorized access.
• The growth of data has created great opportunities for cybersecurity specialists.

Cybersecurity Domains

• Cyber experts now have the technology to track worldwide weather trends, monitor the oceans, and track the movement and behavior of people, animals, and objects in real-time.
• New technologies, such as Geospatial Information Systems (GIS) and the Internet of Everything (IoE), have emerged.
• These technologies depend on collecting and analyzing tremendous amounts of data.

Cybersecurity Criminals

• Hackers can be categorized into three types:
  • White hat attackers: break into networks or computer systems to discover weaknesses and improve security.
  • Gray hat attackers: may find a vulnerability and report it to the owners of the system if it coincides with their agenda.
  • Black hat attackers: unethical criminals who violate computer and network security for personal gain or malicious reasons.

Cybersecurity Criminals (Cont.)

• Script Kiddies: teenagers or hobbyists with little or no skill, often using existing tools or instructions found on the Internet to launch attacks.
• Vulnerability Brokers: gray hat hackers who attempt to discover exploits and report them to vendors for prizes or rewards.
• Hacktivists: gray hat hackers who rally and protest against different political and social ideas.
• Cyber Criminals: black hat hackers who are either self-employed or working for large cybercrime organizations.
• State Sponsored Hackers: either white hat or black hat hackers who steal government secrets, gather intelligence, and sabotage networks.

Thwarting Cyber Criminals

• Coordinated actions to limit or fend off cyber criminals include:
  • Vulnerability Database: National Common Vulnerabilities and Exposures (CVE) database provides a publicly available database of all known vulnerabilities.
  • Early Warning Systems: The Honeynet project provides a HoneyMap which displays real-time visualization of attacks.
  • Share Cyber Intelligence: InfraGard is an example of sharing cyber intelligence to prevent hostile cyberattacks.
  • ISM Standards: The ISO 27000 standards provide a framework for implementing cybersecurity measures within an organization.

Common Threats

• Cybersecurity threats are particularly dangerous to certain industries and the type of information they collect and protect.
• Threats can come from:
  • Personal Information
  • Medical Records
  • Education Records
  • Employment and Financial Records
  • Network services like DNS, HTTP, and Online Databases
  • Packet sniffing and forgery
  • Rogue devices, such as unsecured Wi-Fi access points

Spreading Cybersecurity Threats

• Threats can originate from within an organization or from outside.
• Internal threats can cause greater damage than external threats because internal users have direct access to the building and its infrastructure devices.
• External threats can exploit vulnerabilities in networked devices or use social engineering to gain access.

Spreading Cybersecurity Threats (Cont.)

• Vulnerabilities of Mobile Devices: the inability to centrally manage and update mobile devices poses a growing threat to organizations that allow employee mobile devices on their networks.
• Emergence of Internet-of-Things (IoT): the connection of various devices to the Internet increases the amount of data that needs protection.
• Impact of Big Data: big data poses both challenges and opportunities based on three dimensions: volume, velocity, and variety.

Spreading Cybersecurity Threats (Cont.)

• Threat Complexity:
  • Advanced Persistent Threats (APTs): continuous computer hacks that occur under the radar against a specific object.
  • Algorithm attacks: track system self-reporting data and use it to select targets or trigger false alerts.
  • Intelligent selection of victims: sophisticated attacks only launch if the attacker can match the signatures of the targeted victim.

Threat Complexity (Cont.)

• Broader Scope and Cascade Effect:
  • Federated identity management: multiple enterprises that let their users use the same identification credentials to gain access to the networks of all enterprises in the group.
• Safety Implications:
  • Emergency call centers in the U.S. are vulnerable to cyberattacks that could shut down 911 networks, jeopardizing public safety.
  • Telephone denial of service (TDoS) attacks: use phone calls against a target telephone network, tying up the system and preventing legitimate calls from getting through.