Cybersecurity Management Overview

Questions and Answers

What is one potential impact of deepfakes on society?

Improving communication skills

Promoting social harmony

Creating fake information (correct)

Enhancing privacy

Which method is NOT recommended for verifying if an AI voice call is legitimate?

Cross-verify with known contacts

Call back using the original number

Ignore the call entirely

Ask for money to be transferred (correct)

When encountering deepfake content that could cause social unrest, what is the recommended action?

Share it widely to raise awareness

Ignore it and move on

Immediately report it to relevant authorities (correct)

Engage with the creators in discussion

Which of the following is a tip for combating AI-powered scam calls?

Verify the caller's identity before sending any money

What is one way deepfakes can invade privacy?

By creating misleading images or videos

What does the CIA in the context of cybersecurity stand for?

Confidentiality, Integrity, Availability

Which of the following best describes the term 'cybercrime'?

Crimes using technology or electronic means to alter or steal data

How does cybersecurity management primarily function?

Through technology and processes aimed at preventing and responding to attacks.

What is the main goal of the CIA Triad in cybersecurity?

To balance the three aspects: confidentiality, integrity, and availability of data

Which statement about AI powered crime is most accurate?

AI powered crime can automate certain types of cybercrimes.

What is one recommendation for enhancing cybersecurity?

Always back up data on all digital devices

Which of the following is important when assessing the reliability of a source?

The context and source of information

How should users protect their devices when using Wi-Fi?

Beware of phishing scams

What is a common misconception about digital footprints?

Digital footprints can be completely erased

Which of the following actions can enhance device security?

Installing device tracking tools

What tactic is suggested to handle online scammers?

Develop awareness and warn relatives

In group discussions, what aspect should students focus on regarding scammers?

Methods scammers use to gain personal information

What is the primary purpose of ransomware in a cyber attack?

To encrypt data and demand payment for decryption

Why is it important to install security software on devices?

It provides protection against viruses and malware

Which of the following is NOT a recommended method to prevent malware?

Ignore suspicious emails

What is the function of a botnet in cyber attacks?

To launch distributed denial of service attacks

What technique does social engineering primarily exploit?

Human psychology and trust

Which of these attacks involves manipulating users into providing sensitive information?

Phishing

How does a Distributed Denial of Service (DDoS) attack typically operate?

By overwhelming a service with multiple requests

What is a primary characteristic of drive-by attacks?

Infecting a system without user interaction

What is the role of antivirus software in preventing cyber attacks?

To detect and remove malware from the system

What is one facial characteristic that can indicate a deepfake video?

Mouth movement out of sync with speech

Which of the following signs is indicative of a deepfake's video clarity?

Blurring in certain spots

What abnormal sound characteristic could help identify a deepfake?

Inconsistency in sound quality

Which characteristic of blinking can suggest a video is a deepfake?

Blinking too much or not at all

How might facial movements reveal a deepfake?

Facial structure appears abnormal

What is a common issue with the lip movement in deepfake videos?

Lip movements may be unnatural or out of sync

What is a common purpose of web application attacks?

To exploit vulnerabilities in the target website

Which method could potentially be used to counteract deepfakes?

Creating software to detect anomalies

Which of the following best describes AI Deepfakes?

Techniques for creating realistic fake images and sounds using AI

What makes deepfake creation challenging regarding emotional expression?

Facial expressions may lack consistency with verbal content

What is the main goal of a Man-in-the-Middle (MitM) attack?

To intercept and manipulate communication between two parties

Zero-day exploits are typically characterized by which of the following?

Attacks that are not publicly known at the time of the exploit

What type of threat does crypto-jacking represent?

Using someone’s computer resources to mine cryptocurrency without their consent

Which method is commonly used in SQL Injection attacks?

Manipulating database queries to extract data

Insider threats are primarily associated with which of the following?

Malicious actions taken by individuals within an organization

Creating fake news using AI can lead to which of the following consequences?

Panic or misunderstanding in the public

Study Notes

Cybersecurity Management

• Cybersecurity management involves using technology and processes to prevent and respond to attacks on devices, networks, information infrastructure, systems, or programs to prevent unauthorized access and reduce damage.

Learning Objectives

• Students can compare and comment on cybersecurity management.
• Students can discuss cybersecurity management using reasoning.
• Students can solve problems and organize cybersecurity management work systems.

Content

• Cybersecurity Management
• Cyber Crime
• AI Powered Crime

Cybersecurity

• The use of technology and processes to prevent and respond to attacks that may occur on devices, networks, information infrastructure, systems, or programs to prevent unauthorized access and reduce damage.

CIA Triad

• Confidentiality
• Integrity
• Availability
• The basics of cybersecurity best practices.

Cyber Crime

• Computer crime or cybercrime is a threat that causes damage by technological or electronic means to destroy, alter, or steal data.
• Crime Triangle Theory - Offender, Opportunity, and Target/Victim

Types of Cyber Crime

• Finance
• Sexual
• Hacking

Peer-to-Peer Money Transfer

• Criminals use mule accounts to transfer money from victims to themselves.
• Victims unknowingly send money to a bank account that is controlled by an intermediary.

Criminal Neighbouring

• Criminals in neighboring countries, using prepaid SIMs from Thailand, target victims through social media, mobile banking, and the internet.

Cyber Attack

• A variety of attacks that can compromise systems.

Malware

• Malicious software designed to disrupt operations, steal sensitive information, or grant unauthorized access.
• Viruses, worms, Trojans, Ransomware, Maze Ransomware.

Types of Cyber Attacks

• Botnets (distributed denial-of-service, or DDoS)
• Denial of Service (DoS)
• Distributed Denial of Service (DDoS)
• Password Attacks
• Drive-by Attacks

How to Prevent Malware

• Regularly back up data.
• Always update programs and operating systems.
• Install Antivirus and Anti-malware programs and always update signature.
• Carefully check email attachments and links.
• Follow news about cyberattacks.

Social Engineering

• Manipulation tactics exploiting human psychology to trick individuals into divulging confidential information, gaining unauthorized access, or performing actions compromising security. Examples include:
• Phishing
• Shoulder Surfing
• Dumpster Diving
• Domain Name System (DNS) Spoofing
• Fraud related social engineering

Other Cyber Attacks

• Man-in-the-Middle (MitM)
• Zero-day Exploit & Attack
• Internet of Things (IoT)
• Insider threat
• Data breach
• Crypto-jacking
• Web application attacks (SQL Injection, Cross-site Scripting, Path Traversal)

AI Powered Crime

• Creating fake images or clips of other people (AI Deepfakes) for fraud.
• Imitating voices of celebrities or acquaintances (AI Voice Covers) from voice samples for fraud.
• Creating fake obscene clips (AI Deepfakes) to defame others.
• Creating fake news (Fake News) that is credible and causes panic or misunderstanding.
• Creating pornography by using another person's face.

Deepfakes

• Creating fake videos or images.
• Changing faces
• Invasion of privacy
• Creating fake information

How to Spot Deepfakes

• Observe physical characteristics (blinking, mouth and teeth, facial movements).
• Observe other characteristics (video clarity, abnormal sounds, context and source).

AI Voice Covers

• Imitating celebrities' or acquaintances' voices.
• The voice sounds like someone known, but uses a strange number.
• Talking about money or asking to borrow.
• Asking for in-depth information.

Recommendations for Cybersecurity

• Do not use simple passwords.

• Pay attention to privacy settings.

• Be aware of digital footprints.

• Install security software on all digital devices.

• Always back up data.

• Install device tracking tools or lock screens.

• Be careful using Bluetooth

• Delete data or programs no longer in use

• Always update operating systems

• Beware of phishing scams

• Use social media carefully

• Be careful when using Wi-Fi

ACTIVITY: Awareness Campaign

• Divide into groups of 5-7 people.
• Discuss "How the New Gen Children handle it safely?".
• Discuss student coping mechanisms with scammers.
• Discuss additional benefits scammers seek beyond property and money.
• Discuss how to warn relatives about these scams.
• Students present their group's work.

Case Studies

• Impersonation and building trust - scammers impersonate.
• Creating emergencies and using pressure - scammers create urgent situations.
• Using emotional appeals and psychological tactics.

Conclusion

• None provided

Description

This quiz explores the fundamental principles of cybersecurity management, including the CIA triad and the challenges of cybercrime. Students will engage in discussions and problem-solving related to cyber threats and management strategies. Test your knowledge on how to protect information infrastructure and respond to cyber threats effectively.