BSc (Hons) Cyber Security Lecture 2 PDF

Document Details

AffableTheory7192

Uploaded by AffableTheory7192

University of Mauritius

Sheeba Armoogum

Tags

cybersecurity computer security information security digital security

Summary

This lecture introduces cybersecurity and its importance in today's digital world. It covers real-world examples, such as in online banking and healthcare, and explains core concepts like threats, vulnerabilities, and risk assessment. The lecture also details various attack types and important terminology related to cybersecurity.

Full Transcript

BSc (hons) Cyber Security Security Fundamentals ICT 12018Y Department of Information & Communication Technologies Faculty of Information, Communication & Digital Technologies University of Mauritius Associate P...

BSc (hons) Cyber Security Security Fundamentals ICT 12018Y Department of Information & Communication Technologies Faculty of Information, Communication & Digital Technologies University of Mauritius Associate Professor (Dr) Sheeba Armoogum Lecture 2: Introduction to Cybersecurity and the Importance of Information Security What is Cybersecurity? Cybersecurity is the practice of protecting computer systems, networks, and data from unauthorized access, use, disclosure, disruption, modi8ication, or destruction. It's about safeguarding our digital assets and ensuring their con8identiality, integrity, and availability. In today's interconnected world, cybersecurity is no longer just an IT issue; it's a critical business and societal concern. The Importance of Cybersecurity in Today's World Digital Transformation: Our lives are increasingly reliant on technology, making cybersecurity essential. Evolving Threats: Cybercriminals are constantly developing new and sophisticated attack methods. Economic Impact: Cyberattacks can result in signi8icant 8inancial losses for individuals and organizations. National Security: Cybersecurity is crucial for protecting critical infrastructure and sensitive information. @Copyright 2024 – No content of this lecture could be reproduced without permission. Associate Professor (Dr) Sheeba Armoogum 1 Real-World Examples: Online Banking Online banking relies heavily on cybersecurity to protect sensitive 8inancial information. Threats: Phishing attacks, malware infections, and man-in-the-middle attacks can compromise accounts. Consequences: Financial losses, identity theft, and damage to credit scores. Real-World Examples: Social Media Social media platforms store vast amounts of personal information, making them attractive targets for cybercriminals. Threats: Account takeovers, data breaches, and the spread of misinformation. Consequences: Identity theft, reputational damage, and privacy violations. Real-World Examples: Healthcare Healthcare organizations hold sensitive patient data, making cybersecurity paramount. Threats: Ransomware attacks, data breaches, and disruption of critical medical devices. Consequences: Life-threatening situations, 8inancial losses, and erosion of trust. The Impact of Cyberattacks: Financial Loss Direct Costs: Stolen funds, recovery expenses, regulatory 8ines. Indirect Costs: Business disruption, reputational damage, loss of customer trust. The Impact of Cyberattacks: Identity Theft Personal Information: Cybercriminals can steal names, addresses, social security numbers, and 8inancial data. Consequences: Fraudulent accounts, unauthorized transactions, and damage to credit history. @Copyright 2024 – No content of this lecture could be reproduced without permission. Associate Professor (Dr) Sheeba Armoogum 2 The Impact of Cyberattacks: Reputational Damage Loss of Trust: Cyberattacks can erode customer trust and damage brand reputation. Negative Publicity: Data breaches and other security incidents can lead to negative media coverage. Long-Term Impact: Recovering from reputational damage can be costly and time-consuming. Key Cybersecurity Terminology: Threat Threat: Any potential danger to a computer system or network. Examples: Hackers, malware, natural disasters, and even unintentional human error. Key Cybersecurity Terminology: Vulnerability Vulnerability: A weakness in a system or network that can be exploited by a threat. Examples: Software bugs, weak passwords, and miscon8igured systems. Key Cybersecurity Terminology: Risk Risk: The likelihood that a threat will exploit a vulnerability and cause harm. Risk Assessment: Involves identifying assets, threats, and vulnerabilities to determine the level of risk. Key Cybersecurity Terminology: Exploit Exploit: A piece of code or software that takes advantage of a vulnerability. Zero-Day Exploit: An exploit that targets a vulnerability unknown to the software vendor or security community. Key Cybersecurity Terminology: Attacker Attacker: An individual or group who attempts to exploit vulnerabilities for malicious purposes. Types of Attackers: Hacktivists, cybercriminals, nation-states. @Copyright 2024 – No content of this lecture could be reproduced without permission. Associate Professor (Dr) Sheeba Armoogum 3 Key Cybersecurity Terminology: Target Target: The system, network, or data that an attacker is attempting to compromise. High-Value Targets: Organizations with valuable data or critical infrastructure. Different Types of Cyber Threats: Hackers Hackers: Individuals with advanced computer skills who use their knowledge to access systems or data without authorization. Black Hat Hackers: Malicious hackers who exploit vulnerabilities for personal gain or to cause harm. White Hat Hackers: Ethical hackers who use their skills to identify and report vulnerabilities to improve security. Different Types of Cyber Threats: Malware Malware: Malicious software designed to harm computer systems or steal data. o Viruses: Self-replicating programs that spread to other 8iles or systems. o Worms: Standalone programs that spread through networks. o Trojans: Disguise themselves as legitimate software but perform malicious actions. o Ransomware: Encrypts data and demands payment for decryption. o Spyware: Secretly monitors user activity and steals information. Different Types of Cyber Threats: Social Engineering Social Engineering: Manipulating people into giving up con8idential information. o Phishing: Deceptive emails or websites that trick users into revealing sensitive data. o Baiting: Offering something enticing to lure victims into a trap. o Pretexting: Creating a false scenario to gain trust and extract information. @Copyright 2024 – No content of this lecture could be reproduced without permission. Associate Professor (Dr) Sheeba Armoogum 4 Different Types of Cyber Threats: Denial-of-Service Attacks Denial-of-Service Attacks: Flood a system or network with traf8ic, making it unavailable to legitimate users. o Distributed Denial-of-Service Attacks: Use multiple compromised systems to amplify the attack traf8ic. o Impact: Business disruption, 8inancial losses, reputational damage. @Copyright 2024 – No content of this lecture could be reproduced without permission. Associate Professor (Dr) Sheeba Armoogum 5

Use Quizgecko on...
Browser
Browser