IAAS311.pdf
Document Details
Uploaded by Deleted User
Tags
Full Transcript
IAAS311 Organized Hackers: Cybercriminal groups, hacktivists, terrorists, and state-sponsored Introduction to Cybersecurity...
IAAS311 Organized Hackers: Cybercriminal groups, hacktivists, terrorists, and state-sponsored Introduction to Cybersecurity attackers. 1. The World of Cybersecurity 5. Cyberwarfare Cybersecurity is the ongoing effort to Purpose: To disrupt, gather intelligence, or protect individuals, organizations, and damage another nation's infrastructure. An governments from digital attacks by example is the Stuxnet malware, which safeguarding networked systems and data targeted Iran’s nuclear facilities. from unauthorized access or harm. 6. Data Security Importance: Common Breaches: o Personal: Protect your identity, data, and devices. o Persirai Botnet: Targeted IP cameras in a DDoS attack. o Organizational: Safeguard reputation, data, and customers. o Equifax Breach: Hackers exploited a web vulnerability, leading to identity o Government: Protect national theft risks. security and citizen wellbeing. Consequences: 2. Protecting Your Personal Data o Reputational damage, financial loss, Offline Identity: Information you share daily vandalism, theft, and intellectual (name, age, address). Protect it from identity property loss. theft. 7. The McCumber Cube (Security Model) Online Identity: Information you reveal online (username, social identity). Limit Three Dimensions: what you share to avoid privacy risks. 1. Confidentiality: Data encryption and 3. Types of Data and Risks identity proofing. Sensitive Information: Personal data such 2. Integrity: Protect against unauthorized as medical, educational, employment, and data modifications. financial records are valuable to hackers. 3. Availability: Ensure authorized access Data Leakage: Even casual sharing of to systems and data when needed. photos or information can lead to worldwide Key Terms dissemination. Cybercriminals: Individuals who seek to 4. Cyber Attacks exploit vulnerabilities for personal or Types of Attackers: political gain. o White Hat: Ethical hackers who Internet of Things (IoT): Devices connected identify system weaknesses. to the internet collecting and sharing data, increasing the risk of data breaches. o Gray Hat: Exploit vulnerabilities for personal reasons but may inform the Identity Theft: Criminals using personal system owners. information to steal money or commit fraud. o Black Hat: Hackers seeking illegal financial or political gain. MODULE 2 3. Security Vulnerabilities and Exploits: 1. Types of Malware: o Hardware Vulnerabilities: Example: Meltdown and Spectre, exploiting CPU o Spyware: Monitors online activity and vulnerabilities. captures sensitive information (e.g., keystrokes). o Software Vulnerabilities: Example: Buffer overflows and non-validated input. o Adware: Delivers advertisements, often bundled with legitimate software. o Race Conditions: Exploiting the timing of events in processes. o Backdoor: Bypasses normal authentication to access systems. o Access Control Problems: Weak controls over access to resources. o Ransomware: Holds systems/data hostage until a payment is made. o Software Updates: Essential to patch vulnerabilities. o Scareware: Tricks users into believing their system is at risk. 4. The Cybersecurity Landscape: o Rootkit: Alters OS to create a backdoor, o Cryptocurrency: Digital currency secured hard to detect. through encryption. o Virus: Replicates and attaches to o Cryptojacking: Using someone’s device executable files, potentially destructive. to mine cryptocurrency without their consent. o Trojan Horse: Masks its malicious intent, often hidden in legitimate files. Symptoms of Malware Infection: o Worms: Spreads on its own across Slow CPU performance. systems, causing widespread damage. Frequent system crashes. 2. Methods of Infiltration: Unexplained network issues. o Social Engineering: Manipulating Unknown files or programs. individuals to gain unauthorized access. Emails being sent without your knowledge. ▪ Techniques: Pretexting, Tailgating, Quid pro quo. New Terms and Commands: o Denial-of-Service (DoS): Overwhelms Spyware, Adware, Ransomware, Trojan Horse, systems with traffic. Worm, Botnet, DDoS, DoS, Buffer Overflow, Social Engineering, Cryptojacking, etc. o Distributed DoS (DDoS): DoS attacks originating from multiple sources. MODULE 3 o Botnet: Group of infected computers 1. Protecting Your Devices and Network used for malicious purposes. Turn on the firewall: Use either a software or o On-Path Attacks: Intercepting hardware firewall to protect your device communications (e.g., Man-in-the-Middle from unauthorized access. attacks). Install antivirus and antispyware: Protect o Password Attacks: Methods include against malware that can destroy data or spy password spraying, brute-force, and on your activities. rainbow attacks. Manage OS and browser security: Keep your 6. Who Owns Your Data? system updated with the latest security Terms of Service: Review terms before patches. signing up, especially regarding how your data Set up password protection: Use strong is used, shared, and stored. passwords and encrypt sensitive data. MODULE 4 2. Wireless Network Security 1. Cybersecurity Devices and Technologies Home network: Change default SSIDs and Security Appliances: passwords, enable WPA2 encryption, and update devices regularly. o Routers: Basic traffic filtering capabilities. Public Wi-Fi risks: Avoid sharing personal information on public Wi-Fi. Use a VPN to o Firewalls: Control/filter secure your connection. communications between devices and networks. 3. Password and Passphrase Guidelines o Intrusion Prevention Systems (IPS): Strong passwords: At least 8-64 characters, Block malicious traffic using no common phrases, and no password hints. signature-based detection. Passphrase: Longer than a password and o Virtual Private Networks (VPNs): harder to crack (e.g., “Acat th@tlov3sd0gs.”). Secure encrypted communication 4. Data Maintenance between remote devices and organizational networks. Encryption: Convert data into unreadable forms to prevent unauthorized access. o Antimalware/Antivirus: Detect and Tools like EFS on Windows help encrypt files. block malware using signature or behavior-based analysis. Backup: Use secondary locations (e.g., external drives, cloud services) to back up Types of Firewalls: important data. o Network Layer: Filters based on IP Permanent deletion: Overwrite data multiple addresses. times with tools like SDelete or physically o Transport Layer: Filters based on destroy the storage device. data ports. 5. Safeguarding Your Online Privacy o Application Layer: Filters based on Two-factor authentication: Adds extra applications. security using a second token (e.g., SMS o Context-Aware Layer: Filters based code, biometric scan). on user, device, and threat profile. Open Authorization (OAuth): Log in to third- Port Scanning: Scans open ports on a party apps using credentials from other network to assess vulnerabilities. accounts (e.g., Google, Facebook). Intrusion Detection and Prevention Private browsing: Use modes like Incognito Systems (IDS/IPS): (Chrome) or InPrivate (Edge) to minimize data tracking. o IDS: Detects malicious activities and alerts administrators. o IPS: Blocks traffic based on positive detection of malicious behavior. 2. Behavior-Based Cybersecurity Employee Training: Educate employees on security practices and incident response. Behavior-Based Security: Monitors communication patterns to detect Legal and Ethical Issues anomalies. Personal Legal Issues NetFlow: Collects data about network Cybersecurity professionals must operate traffic to identify abnormal behavior. within legal boundaries, despite having the Penetration Testing: skills to engage in hacking. o Steps: Planning, Scanning, Gaining Ethical considerations emphasize that just Access, Maintaining Access, and because one can perform an action does Reporting. not mean they should, as hacking can lead to traceable consequences. o Used to identify vulnerabilities in systems by simulating attacks. Corporate Legal Issues 3. Cisco’s Approach to Cybersecurity Organizations must comply with cybersecurity laws, with potential CSIRT (Computer Security Incident repercussions for breaches including job Response Team): Manages security loss and legal penalties. incidents, proactive threat assessment, and incident response. Employees are advised to consult legal or HR departments when uncertain about the Security Playbook: A guide for incident legality of actions. detection and response, automating threat responses. International Law Tools: Cybersecurity law is evolving due to the borderless nature of cyberspace. o SIEM (Security Information and Event Management): Collects and There is ongoing debate regarding the best analyzes security data for real-time practices for international cybersecurity attack detection. governance. o DLP (Data Loss Prevention): Ethical Considerations Protects data in use, in motion, and Professionals face dilemmas when at rest to prevent unauthorized reporting incidents that could implicate access. colleagues. Questions to consider include 4. Risk Management legality, compliance with company policy, and potential reputational impact. Risk Management: Continuous process of identifying and mitigating risks to reduce Education and Career Pathways their impact on the organization. Becoming a Cybersecurity Professional Steps: Frame, Assess, Respond, and Entry-level positions such as Security Monitor risks. Analyst provide a foundation for growth in 5. Security Best Practices various cybersecurity roles. Security Policies: Define rules and Job search platforms like Indeed and responsibilities for organizational security. LinkedIn can help identify available positions globally. Regular Backups: Ensure data recovery from backups in case of failure. Professional Certifications Certifications enhance credibility and career prospects. Key certifications include: Microsoft Technology Associate (MTA): For high school students and career changers. Palo Alto Networks Certified Cybersecurity Associate: Entry-level certification for newcomers. CompTIA Security+: Essential for IT security roles in government. EC Council Certified Ethical Hacker (CEH): Focuses on identifying vulnerabilities legally. ISC2 Certified Information Systems Security Professional (CISSP): Requires five years of experience. Tools for Career Development CyberSeek: Provides data on supply and demand in the cybersecurity job market, aiding individuals in navigating their career paths.