Introduction to Cybersecurity

Questions and Answers

Which of the following actions exemplify safeguarding personal data at a personal level?

• Analyzing economic stability.
• Monitoring national security threats.
• Managing organizational reputation.
• Protecting your identity and computing devices. (correct)

Personal data exists only online.

False (B)

What is the primary goal of cybersecurity?

To protect individuals, organizations, and governments from digital attacks

Your ______ is the real-life persona that you present on a daily basis.

offline identity

Match the data category with the type of information it includes:

Medical records = Physical and mental health information, fitness tracker data Education records = Academic qualifications, attendance records, disciplinary reports Employment and financial records = Income, expenditure, tax records, credit card statements

Why is it important to be mindful of the data collected by fitness trackers?

It is transferred and stored via the cloud, making it vulnerable. (B)

If you do not use social media, you do not have an online identity.

False (B)

What is the potential impact of cybercriminals obtaining your personal data?

Infringement on privacy, impersonation, serious damage to reputation

Social media companies generate most of their income by selling ______ based on customer data.

targeted advertising.

Match the following entities with their potential interest in your data.

Internet Service Provider (ISP) = Tracking online activity to sell data to advertisers Advertisers = Monitoring online activities to send targeted ads Websites = Tracking activities via cookies to provide a personalized experience

What is a key difference between stealing money versus stealing an identity for cybercriminals?

Stealing money only provides short-term financial gain. (A)

ISPs are never legally required to share your information with government surveillance agencies.

False (B)

What is the cybercriminal able to do when they steal your medical insurance?

Cybercriminals can use the benefits for themselves and have procedures saved under your name.

[Blank] collect your data for clinical research, patient health monitoring, and fitness and wellbeing tracking.

wearable technologies

Match the type of organizational data with its description:

Transactional data = Details relating to buying, selling, and organizational operations Intellectual property = Patents, trademarks, and new product plans Financial data = Income statements, balance sheets, and cash flow statements

What could be the effect on a company if their intellectual property is lost?

It could prove disastrous for the future of the company. (B)

The McCumber Cube considers only two dimensions when evaluating information security initiatives.

False (B)

What is the best way to ensure data integrity?

One way to ensure integrity is to use a hash function or checksum.

[Blank] is a set of rules that prevents sensitive information from being disclosed to unauthorized people, resources, and processes.

Confidentiality

Match the security measure with its description according to the McCumber Cube:

Awareness, training, and education = Ensuring users know about potential security threats and actions to take Technology = Software and hardware solutions like firewalls to protect information. Policy and procedure = Administrative controls for implementing information assurance.

In the context of data protection, what does 'availability' ensure?

Data is accessible to authorized users when needed. (D)

Online vandalism can improve an organization's reputation.

False (B)

Name one of the repercussions of a data security breach on a company.

reputational damage, theft, loss of revenue, damaged intellectual property

A ______ attack occurs when multiple devices infected with malware flood the resources of a targeted system.

DDoS

Match the type of hacker with their motivation.

White hat = Improve system security with permission Gray hat = Find vulnerabilities and report if it aligns with agenda Black hat = Exploit vulnerabilities for illegal gain

What is the primary difference between a gray hat hacker and a black hat hacker?

Gray hat hackers do not always seek personal gain. (C)

Cyber-attacks can only originate from external sources.

False (B)

Besides stealing data what other purpose exists for cyberwarfare?

To impact another nation's infrastructure

______ is the use of technology to penetrate and attack another nation's computer systems and networks.

cyberwarfare

Match the type of information warfare with its description.

Defensive = Actions to defend against ICT attacks Offensive = Attacks against the ICT assets of an opponent

Flashcards

What is Cybersecurity?

The continuous effort to protect individuals, organizations, and governments from digital attacks. Also by protecting networked systems and data from unauthorized use or harm.

What is personal data?

Information that can be used to identify you that exists both offline and online.

What is Offline identity?

Your real-life persona at home, school, or work, known to family and friends, including details like your full name, age, and address.

What is Online identity?

Not just your name, it's who you are and how you present yourself online. Including usernames, aliases, and the social identity you establish on online platforms.

Examples of personal data

Medical, educational, employment, and financial records.

What is Transactional data?

Details related to buying/selling, production, and employment decisions.

What is Intellectual property?

Patents, trademarks, and new product plans that give a company an advantage.

What is Financial data?

Income statements, balance sheets, and cash flow statements.

What is IoT?

A large network of physical objects with sensors, software, and other equipment connected to the Internet to collect and share data.

McCumber Cube

A framework by John McCumber to establish/evaluate information security initiatives.

What is Confidentiality?

Rules preventing sensitive information from being disclosed to unauthorized entities.

What is Integrity?

Ensures system data is protected from intentional or accidental modification with checksums/hash functions.

What is Availability?

Authorized users can access systems/data when needed, using well-maintained equipment, hardware repairs, updated OS, and backups.

What is Processing in cyber security?

Data being used to perform an operation, like updating a database record.

What is Storage in cyber security?

Data stored in memory or on a permanent storage device (hard drive, solid-state drive, USB drive).

Awareness, training, and education

The measures put in place to ensure users know about security threats and how to react.

Technology

Software and hardware solutions (like firewalls) that protect data.

Policy and procedure

Administrative controls for implementing information assurance, such as incident response plans and best practice guidelines.

What is a Security breach?

Results in unauthorized access to data/applications/services, exposing private information.

Who are Cyber attackers?

Individuals or groups exploiting vulnerabilities for personal/financial gain.

What is a Script kiddie?

Amateur/inexperienced hackers using existing tools to launch attacks.

Who are Hackers?

Hackers break into computer systems/networks, classified by intent.

Who is a White hat attacker?

Break into systems to find weaknesses and improve security with permission; report findings to the owner.

Who is a Gray hat attacker?

Find vulnerabilities, report only if it suits their agenda, or publish details online.

Who is a Black hat attacker?

Take advantage of vulnerabilities for illegal personal, financial, or political gain.

Who are Organized hackers?

Organizations of cybercriminals, hacktivists, terrorists, and state-sponsored hackers.

What is Cyberwarfare?

Use of technology to attack another nation's computer systems and networks.

Defensive Information Warfare

Strategies and actions to defend against attacks on ICT assets.

Offensive Information Warfare

Information warfare that involves attacks against ICT assets of an opponent.

Study Notes

Cybersecurity Introduction

• Cybersecurity is the continuous protection of individuals, organizations, and governments from digital attacks
• It protects networked systems and data from unauthorized use or harm

Levels of Cybersecurity Protection

• Personal: Protecting your identity, data, and computing devices
• Organizational: Protecting the organization's reputation, data, and customers is everyone's responsibility
• Government: Protecting national security, economic stability, and the safety/wellbeing of citizens

Protecting Personal Data

• Personal data is any information that can be used to identify you
• Personal data exists both offline and online

Offline Identity

• The real-life persona presented daily at home, school, or work
• Includes details like your full name, age, and address known by family and friends
• Securing offline identity is important because identity thieves can steal data easily

Online Identity

• Not just a name, it is how you present yourself to others online
• Encompasses username or alias for online accounts and portrayed social identity online
• Limiting personal information is key

Online Presence

• Having social media or online accounts is not essential for online identity
• Simply using the web creates an online identity

Data Vulnerability

• Personal data includes name, SSN, driver's license, birth date/place, mother's maiden name, and exchanged pictures/messages
• Cybercriminals use this data to identify, impersonate, and infringe on privacy, causing reputational damage

How Hackers Access Personal Data

Medical Records

• Physical/mental health and wellbeing info is added to electronic health records (EHRs) during doctor visits
• Fitness trackers collect clinical data like heart rate, blood pressure, and blood sugar levels, storing and displaying via the cloud

Education Records

• Academic qualifications and achievements are recorded
• Contact information, attendance, disciplinary reports, health/immunization records, and individualized education programs (IEPs) are also stored

Employment and Financial Records

• Employment data, past employment, and current performance reviews
• Financial records include income, expenditure, tax records, paychecks, credit card statements, credit rating, and bank account details
• If this data is not safeguarded properly, it can compromise privacy and enable cybercriminals

Data Location

• Photos taken at work on a mobile phone are available on the mobile device.
• Sharing with friends can lead to copies on their devices
• Posting photos online puts them on servers worldwide, accessible to unknown individuals

Loyalty Cards

• Store loyalty cards save money on purchases
• Stores use these cards to build a purchasing behavior profile, which can then target special offers

Smart Devices

• Computing devices provide access to personal data and generate information
• Wearable technologies like smartwatches and activity trackers collect data for clinical research, patient health monitoring, plus fitness and wellbeing tracking
• The global fitness tracker market grows, and so does the risk to your personal data

Hackers' Objectives

• Hackers are after more than money
• They also steal identity and ruin lives

Identity Theft

• Medical theft includes cybercriminals stealing medical insurance for benefits, and medical procedures save in one's medical records
• Banking: private data theft accesses bank accounts, credit cards, social profiles, and other online accounts
• Identity thieves can file fake tax returns and get refunds or take out loans in your name to ruin your credit rating/life

Data Desirability

• Internet Service Providers (ISP), Advertisers, search engines, social media platforms, and visited websites all want personal data

ISPs

• ISPs track online activity and may sell data to advertisers for a profit in some countries
• ISPs may be legally required to share your information with government surveillance

Advertisers

• Advertisers monitor and track online activities like shopping habits and preferences to send targeted ads

Search Engines and Social Media

• These platforms want gender, geolocation, phone number, and political/religious ideologies based on search histories and online identity
• This information is sold to advertisers for a profit

Website Data Collection

• Websites use cookies to track activities
• A data trail linked to online identity often ends up in the hands of advertisers!

Cybercriminal Sophistication

• Cybercriminals are becoming increasingly sophisticated in their pursuit of data
• They pose a huge threat to organizational data

Organizational Data Types

• Traditional data: Generated and maintained by all organizations, big and small
• Internet of Things (IoT) and Big Data

Traditional Data

Transactional

• Details related to buying and selling
• Production activities
• Basic organizational operations
• All information used to make employment decisions

Intellectual Property

• Patents, trademarks, and new product plans
• Enables an organization to have an economic advantage over competitors
• Losing intellectual property (trade secrets) is harmful to a company's future

Financial

• Income statements
• Balance sheets
• Cash flow statements
• Insight into the health of a company

The Cube

• The McCumber Cube is a model framework created by John McCumber in 1991
• It helps organizations establish and evaluate information security initiatives and considers related factors

Foundations to Protect Information Systems

• Security measures used to protect data
• Protection of information in all possible states

Confidentiality

• Rules preventing the disclosure of sensitive information to unauthorized entities
• Achieved through data encryption, identity proofing, and two-factor authentication

Integrity

• Ensuring system information or processes are protected from intentional or accidental changes
• Achieved through hash functions or checksums

Availability

• Authorized users able to access systems and data when/where needed
• Achieved by maintaining equipment, performing hardware repairs, updating operating systems/software, and doing backups

The Protection of Information

• Processing: Data used to perform operations like updating records (data in process)
• Storage: Data stored on memory or permanent devices like hard drives/SSDs/USB drives (data at rest)
• Transmission: Data traveling between systems (data in transit)

Security Measures

• Awareness, training, and education: Ensuring users know potential security threats and actions to protect information
• Technology: Software and hardware solutions designed to protect information systems with firewalls
• Policy and Procedure: Administrative controls for information assurance, incident response plans, and best practice guidelines

Phishing Example

• A fraudulent email is sent that looks like it is from @Apollo
• There is something 'phish-y' about it

Phishing

• Phishing is common and works often
• Elite gaming brand Razer experienced a data breach in August 2020

Razer

• Razer exposed the personal information of approximately 100,000 customers
• A misconfigured cloud cluster exposed Razer's infrastructure to the public internet, causing a data leak
• Cybercriminals had access to customer information that could be used in social engineering/fraud attacks while it took over three weeks to secure the cloud instance
• Organizations need to take a proactive approach to cloud security

Data Security Breaches

Persirai Botnet

• In 2017, the Internet of Things (IoT) botnet, Persirai, targeted over 1,000 different models of Internet Protocol (IP) cameras
• Ports were accessed to inject commands, malware was installed, and was then deleted and able to run in memory to avoid detection
• 122,000 cameras from several manufacturers were hijacked and conducted DDoS attacks
• DDoS attacks: numerous malware-infected devices overwhelm a targeted system
• IoT creating opportunities for cybercriminals to attack

Equifax

• In September 2017, consumer credit reporting agency Equifax announced a data breach event
• Attackers exploited a vulnerability in web application software
• Hackers gained access to the sensitive data of millions of customers
• Equifax established a website for customers to check if data was compromised
• New domain names let cybercriminals create unauthorized websites, which used tactics to trick customers into providing personal information
• Attackers can use customer identities and are privy to personal information making it difficult to discern
• Quickly verify if your information was compromised, and when in a crisis, beware of unauthorized websites
• Be vigilant over the Internet because cybercriminals may exploit data
• Check credit reports regularly and immediately report fraudulent information/purchases

Consequences of Security Breach

Reputational Damage

• Security breaches negatively impact an organization's reputation
• Customers notify, and may seek compensation
• Employees turn to competitors and may choose to leave in light of a scandal
• Repairing an organization's reputation can take a long time

Vandalism

• Hackers vandalize websites by posting untrue information or minor edits to contact information
• Online vandalism shows unprofessionalism and have a negative impact on reputation
• Data breaches often involve stolen, sensitive personal data

Theft

• Cybercriminals can make information public or steal an individual's money and/or identity

Revenue Loss

• The financial impact of a security breach can be devastating
• Hackers take down websites to prevent business online.
• Loss of customer information stops company growth
• Requires an investment in security infrastructure

Damage to Intellectual Property

• Intellectual property loss can be devastating
• Hackers hands on confidential documents, trade secrets, and intellectual property

Safeguards

• Protecting organizations from every cyber-attack is not possible
• Cybercriminals are always finding new ways
• Cybersecurity professionals need to respond quickly
• Security breaches have devastating consequences therefore protecting companies from a cyber attack is vital. Security breaches have devastating consequences therefore cybersecurity pros are vital

Scenario 1

• A hotel chain reports a data breach where personal guest information was exposed to hackers
• The hackers are using the login details of its employees
• Account passwords or financial information are not obtained
• Guests are able to check the portal to see if they have been impacted

eLearning Scenario 2

• eLearning platforms are becoming prime targets for digital learning
• A training platform admitted leaving personal data was on a publicly accessible cloud database
• Hackers directly accessed students’ full names, email addresses, phone numbers, and school enrollment details

Security Breach Key Takeaways

• A security breach results in unauthorized access to data, applications, services, or devices and exploits personal information.
• There are different measures to take to protect yourself and remain vigilant so that you aren't being personally negatively impacted

Identifying Cyber Attackers

• Attackers exploit vulnerabilities in a bid for personal or financial gain.

Hackers' Interests

• Credict cards and product designs

Types of Attackers

• White hat, gray hat, or black hat

Amateurs (Script Kiddies)

• Amateur hackers emerged in the 1990s who use instructions found on the Internet to launch attacks
• They use basic tools in attacks that can have devastating consequences

White Hat Attackers

• Break into networks/computer systems to identify weaknesses so that the security of a system/network can be improved

Grey Hat Attackers

• Finds vulnerabilities in a system to report findings to the owners
• They publish details about the vulnerability on the Internet so that other attackers can exploit it
• They set out to find vulnerabilities in a system and only report findings if they coincide with their agenda

Black Hat Attacker

• These attackers include hackers who take advantage of any vulnerabilities for illegal personal, financial, or political gain

Organized Hackers

• These attackers include those cybercriminals, hacktivists, terrorists, and state-sponsored hackers.

Hacktivists

• Protest or make political statements to create awareness about issues that are important to them

State-Sponsored

• They commit sabotage on behalf of their government
• They are usually highly trained and well-funded, and their attacks are focuses on goals for their government.
• They commit the task to gather intelligence

Attack Origins

• Cyber-attacks originate inside and outside of organizations

Internal Attacks

• Employees, contract staff, or trusted partners can mishandle confidential data, facilitate attacks
• Infect USB Media and invite malware
• Employees access malicious emails and websites
• They can threaten operations of internal servers or network infrastructure devices

External Attacks

• Amateurs and skilled attackers outside of the organization can exploit vulnerabilities, gain unauthorized access to computing devices, and use social engineering to gain unauthorized access to organizational data.

Cyberwarfare Introduction

• Cyberwarfare is the use of technology to attack another nation’s computer systems/networks
• Used to cause damage or disrupt services, like shutting down a power grid

Cyberwarfare Purpose

• Resorted to to give adversaries whether competitors or nations
• It helps Narrow gaps in industries/military by having intel and also blackmailing personnel

Impeding on Infrastructure

• A nation can continuously invade another nation’s infrastructure to cause disruption and chaos
• Shutting down a major city's power grid is a cyber-attack and will result in traffic being congested, the exchange of goods and services halted, patients unable to get care, and internet access disrupted