Introduction to Cybersecurity Engineering - PDF

Chat with Document Download Quiz & Flashcards

Document Details

LyricalForest192

Uploaded by LyricalForest192

2018

Tags

cybersecurity engineering ethical hacking cyber warfare

Related

Summary

This document is an introduction to cybersecurity engineering including the syllabus and assessments. Topics covered includes cybersecurity and its origin, ethical hacking, personal data, and cyber warfare. There are also some class activities and examples.

Full Transcript

Introduction to Cybersecurity Engineering CSE210 Chapter 1 Introduction to Cybersecurity Assessments Assessment Criteria Assignments 10 % Quizzes 10% Labs 10% Midterm 20% Project...

Introduction to Cybersecurity Engineering CSE210 Chapter 1 Introduction to Cybersecurity Assessments Assessment Criteria Assignments 10 % Quizzes 10% Labs 10% Midterm 20% Project 15% Final Exam 35 % Textbook William Stallings, Lawrie Brown. (2018) Computer Security: Principles and Practice, 4th Ed, ISBN-10: 1292220619 Prentice Hall. Raef Meeuwisse. (2017). Cybersecurity for Beginners, 2nd Edition, Cyber Simplicity Ltd; Syllabus Week Topics Week 1 Introduction to Cybersecurity Engineering Week 2 Attacks Concepts and Techniques Week 3 Introduction to Cryptography Week 4 Risk Assessment Week 5 Security Controls Plans and Procedure Week 6 Intrusion Detection System Week 7 Legal and Ethical Aspects Week 8 & 9 Physical Infrastructure Security/ Human Resource Security Week 10 Database Security Week 11 Software Security Week 12 Operating System Security Self Enrolment Link for LABS: https://www.netacad.com/portal/web /self-enroll/m/course-1840732 Outline Cybersecurity and its origin Ethical Hacking and Cybersecurity Define personal data. Explain why personal data is profitable to hackers. Describe types of data used by governments and organizations. Describe the impact of a security breach. Describe the characteristics and motives of an attacker. Cybersecurity roles Describe cyberwarfare. Cybersecurity and its origin We are living in the most significant period of change that has ever taken place in the human history – the digital revolution Hospitals , transport vehicles, shops, the electricity and water in your house, and pretty much everything will stop working if the technology they rely upon stops functioning. The rate of change is not slowing down, it is accelerating. Figure: Two photographs Human activities have changes more in past 10 years that involve the selection than they did in any 10-year period in the human of pope history Ofcon report in 2014 found that an Average UK adult spend 8 hours 41 minutes per day using a digital device Cybersecurity and its origin “If you are not concerned about cybersecurity, you don’t know enough about it” The lure of cost and higher earnings encourage us to adopt new technologies quickly Do we understand the risks? The subject cybersecurity is relevant to all of us and without understanding it poses personal and professional risk Did you ever download a free software application? The application was not free. The price was access to information on your phone Your smartphone, tablet or laptop, already come with few of those applications loaded and permission to access your data is slipped into your agreement with them Cybersecurity and its origin We live in a world where organizations collect information to build their power. Organizations wants to learn how to improve their products and services To better target their customers Improve sales Collect data on their competitors (to understand threats and opportunities) Collect information to sell to other companies Cybersecurity and its origin Definition of Cybersecurity “The protection of digital devices and their communication channels to keep them stable, dependable and reasonably safe from the danger or threat. Usually the required protection level must be sufficient to prevent or address un-authorized access or intervention before it can lead to substantial personal, professional, organizational, financial and/or political harm” Digital Device “Any electronic appliance that can create modify, archive, retrieve, or transmit information in an electronic format. Desktop computers, laptops, tablets, smartphones and internet- connected home devices are all examples of digital devices” Cybersecurity and its origin Early cybersecurity efforts focused primarily on protection against malicious and intentional threats to technology However, it is now accepted that systems can be taken out of action because of process gaps, unexpected user actions, and even rouge insider activities. For example, in February, 2017, AWS suffered a partial outage due to a very minor typo by an employee who was trying to debug the billing system. The outage took popular services such as Netflix, Tinder, Airbnb, Reddit and IMDb offline for several hours Cybersecurity and its origin Guarding against external and malicious threat is a priority Create the most damage and cost Most of the major cybersecurity incidents are due to criminal, state or terrorist-led activities The threats from insiders tend to create most impact when they are intentional A malicious attack includes the unauthorized removal or copying of information. These information leaks often cause customer, brand and share damage in addition to high redemption and compensation costs A system outage can create these costs, but usually at a different and lower scale Cybersecurity and its origin The transformation that gave rise to cybersecurity threats was mostly driven by one key factor: Internet connection speeds became faster, cheaper and more widely adopted, even in less economically developed countries. This change combined with faster computer processing speeds and better web application programming, gradually made it easier, more effective and cheaper to provide mainstream services through the Internet, rather than using traditional offline routes. Activities like banking, shopping, watching movies and listening to broadcasts became more convenient online. The organizations who are adopting to the new technologies are paying less, incurring lower costs, earning more and even socializing more. The organizations using traditional services are less competitive due to their higher costs and lower benefits. Cybersecurity and its origin We routinely store and transact very sensitive information and services through networked devices. Our credit cards and medical information are online Internet is used as a primary method of correspondence Substantial information about us is in our connected devices Cybersecurity and its origin Before the emergence of cloud computing, the challenges faced by IT department included: In large companies, nearly everything was custom made. Businesses would ask their technology department to built software from a clean page, often on very limited business knowledge. Smaller companies often could not afford software for some tasks would manage with manual process or by using local spreadsheets and databases The cloud open up the market for software that offered choices and prices never seen before. Instead of paying thousands or millions for a piece of software, waiting months or years for it to arrive, and then spending money again and get it hosted, we could all pay a much lower price and try out the software with a matter of minutes Cybersecurity and its origin These cloud opportunities took most of the decisions about technology choices away from IT departments, but left them with the responsibility of securing these externally-administered tools after the decision was made. The decision making power in most companies now lies with non- IT personnel. Technology department no longer dictate what software their company will use; instead, business executives tell the IT department what it need to integrate and support for the benefit of the company. This has significantly changed the roles and skills requirements of technology departments. Any information security person who stopped working in 2009 and came back in the field today would barely recognize the functions of the IT or cybersecurity department. Ethical Hacking and Cybersecurity A common misconception is that the ability to hack or break into a computer system, is synonymous with the ability to perform cybersecurity. Although the ability to perform ethical hacking is a valuable skill, it does not by itself equate to an ability to secure a system Criminal hackers only need the ability to find one weakness to be successful. On the other hand , effective cyber security requires the ability to ensure that every significant potential point of weakness is addressed Personal Data What is Cybersecurity? Protection of networked system and data from unauthorized use or harm Your Online and Offline Identity Offline Identity Your identity that interacts on a regular basis at home, school or work Online Identity Your identity while you are in cyberspace Should only reveal a limited amount of information about you Username or alias Should not include any personal information Should be appropriate and respectful Should not attract unwanted attention Personal data Your Data Medical Records Electronic health records (EHR) – physical, mental, and other personal information Prescriptions Education Records Grades, test scores, courses taken, awards and degrees rewarded Attendance Disciplinary reports Employment and Financial Records Income and expenditures Tax records – paycheck stubs, credit card statements, credit rating and banking statement Past employment and performance Personal data Where is Your Data? Medical records: doctor’s office, insurance company Store loyalty cards Stores compile your purchases Marketing partner uses the profiles for target advertisement Online pictures: friends, strangers may also have a copy Your Computer Devices Data storage and your portal to your online data List some example of your computing devices Personal data Personal data as a target How do the criminals get your money? Online credentials Gives thieves access to your accounts Creative schemes Trick into wiring money to your friends or family Why do they want your identity? Long-term profits Medical benefits File a fake tax return Open credit card accounts Obtain loans Organizational data Types of Organizational Data Traditional Data Personnel – application materials, payroll, offer letter, employee agreements Intellectual – patents, trademarks, product plans, trade secrets Financial – income statements, balance sheets, cash flow statements Internet of Things and Big Data IoT – large network of physical objects, such as sensors Big Data – data from the IoT Confidentiality, Integrity and Availability Confidentiality – privacy Integrity – accuracy and trustworthiness of the information Availability – information is accessible Organizational data The Consequences of a Security Breach Not feasible to prevent every attack Attackers will always find new ways Ruined reputation, vandalism, theft, revenue lost, damaged intellectual property Fig: The impact of a Security Breach Example - LastPass security breach  An online password manager  Stolen email addresses, password reminder questions, and authentication hashes  Requires email verification or multi-factor authentication when logging in from an unknown device  Users should use complex master password, change master password periodically, and beware of phishing attacks States of a Data Data has three possible states 1. Data in Transit 2. Data in Storage 3. Data in Process Dimensions of Cybersecurity The three main dimensions of cybersecurity are Confidentiality Integrity Availability Availability Cybersecurity Confidentiality Integrity The profile of attacker Type of Attacker Amateurs Script kiddies with little or no skill Using existing tools or instructions found online for attacks Hackers - break into computers or networks to gain access White hats – break into system with permission to discover weaknesses so that the security of these systems can be improved Gray hats – compromise systems without permission and has no malicious intent Black hats - take advantage of any vulnerability for illegal personal, financial or political gain Organized Hackers - organizations of cyber criminals, hacktivists, terrorists, and state-sponsored hackers. The profile of attacker Internal and External Threats Internal Security Threats Can be an employee or contract partner Mis-handle confidential data Threaten the operations of internal servers or network infrastructure devices Facilitate outside attacks by connecting infected USB media into the corporate computer system Accidentally invite malware onto the network through malicious email or websites Can cause great damage because of direct access External Security Threats Exploit vulnerabilities in network or computing devices Use social engineering to gain access The Profile of an Attacker Organized Attackers (Cyber Criminals, Hacktivists, State Sponsored) 1.Hackers (Black Hat, Outsiders Grey Hat and White Hat) Cyber Attacks Amateurs Employees Insiders Contract Staff Trusted Partners Class Activity Identify the Hat Color Cyber Security for Individuals Different digital systems require different types and amounts of cybersecurity measures. For a private individual looking to secure his or her account and devices, cybersecurity is relatively straight forward and include simple steps such as: Always maintaining different complex passwords with over 12 characters for each account of value Keep one’s device up to date with the latest software patches Installing the most effective anti-malware software Restricting the ability to install software to a separate account Avoiding surfing to unknown websites or opening unknown links and attachments and so on Cyber Security for Organizations As the scale of the environment that needs protection increases, so does the diversity and scale of the assets. It requires specialists with diverse skills to protect these diverse assets The more complex the environment that needs to be protected, the longer the list of skills that are required to help protect it. Range of cybersecurity experts are required to protect the complex digital environment of a large organization Impact of Cybersecurity Breach Low Moderate High The loss could be The loss could be The loss could be expected to have a expected to have a expected to have a severe or limited adverse serious adverse catastrophic effect on effect on adverse effect on organizational organizational organizational operations, operations, operations, organizational organizational organizational assets, or assets, or assets, or individuals individuals individuals Cyber Security Roles Organizations are still deciding what cybersecurity is and what roles a cybersecurity department should contain. It would be possible to list 30 different roles, but we would investigate some of the major functions that should exist with in a cybersecurity team Collectively these roles allow for both Proactive and Reactive security management Proactive security is much more beneficial and less expensive than reactive measures Six main Groups of Cybersecuity 1. Management a. Cheif Information Security Officer b. Cyber Risk Manager c. Cyber Security Architect 2. Cyber Audit and Assessment a. Audit manger, Auditor, Assessment specialist 3. Event Monitoring and Alerts (reactive operations) a. Security incident and event manager b. Security incident responder c. Network intrusion analysts 4. Proactive operations a. Access administrators b. Security device c. administrators (firewall and more) d. Cryptography consultant e. Cybersecurity analysts Six main Groups of Cybersecuity(Cont..) 5. Environment testing a. Attack ad penetration testers b. Vulnerability Assessors 6. Specialists a. Security control designers b. external security specialist c. Digital forensics specialists d. Cryptologist e. Cryptanalyst f Antimalware specialist Cyber warfare What is Cyberwarfare? Cyber warfare refers to the use of technology to launch attacks on nations, governments and citizens, causing comparable harm to actual warfare using weaponry. Stuxnet malware: Designed to damage Iran’s nuclear enrichment plant Insider inserted a USB stick infected with the Stuxnet worm into an air-gapped system Reprogrammed the software controlling centrifuges to spin dangerously fast and then slow. Notorious NotPetya malware: To damage Ukrainian accounting software Wiper Attack Another example https://securitycenter.sonicwall.com/ Cyber warfare The purpose of a cyber warfare Use to gain advantage over adversaries, nations or competitors Can sabotage the infrastructure of other nations Give the attackers the ability to blackmail governmental personnel Citizens may lose confidence in the government’s ability to protect them. Affect the citizens’ faith in their government without ever physically invading the targeted nation. Countermeasures and Safeguards Technological Administrative Educational Why Become a Cybersecurity Specialist High Earning Potential Challenging Career Service to the Public Summary Cybersecurity and its origin Ethical Hacking and Cybersecurity Define personal data. Explain why personal data is profitable to hackers. Describe types of data used by governments and organizations. Describe the impact of a security breach. Describe the characteristics and motives of an attacker. Cybersecurity roles Describe cyberwarfare Don’t Forget to Read Chapter 1: The Need for Cybersecurity on NETCAD Academy