Lecture 1 - Part I(1) (2) - Cybersecurity Fundamentals PDF
Document Details
Uploaded by Deleted User
Tags
Summary
This lecture provides an overview of computer security, including concepts like information privacy, data integrity, and availability. It discusses the purpose of computer security, potential consequences, and different types of cyber threats. The document also touches on the importance of maintaining confidentiality and addressing various attack scenarios.
Full Transcript
THE BASICS WHAT IS COMPUTER SECURITY? IS IT: 1 Information Privacy - - - 2- Data Integrity -I - Availability 3 Cybersecurit...
THE BASICS WHAT IS COMPUTER SECURITY? IS IT: 1 Information Privacy - - - 2- Data Integrity -I - Availability 3 Cybersecurity and Digital Forensics 15 - PURPOSE OF COMPUTER SECURITYC 2 Ensures integrity of 3 Business processes - business processes are not broken is maintained 4 - Ensures resources 1 Ensure valuable i.e. data in databases are available to the resources remain e.g. No disruption in and computer systems supply chain logistics does not get changed, right people at the protected intentionally or right time unintentionally Cybersecurity and Digital Forensics 16 CONSEQUENCES o Inability to have the right access to data and information o Inadequate or flawed decision making o Non-availability of information is a typical consequence of both intentional and unintentional compromises o Possibly because someone – human or a machine – is a hurdle in the process Cybersecurity and Digital Forensics 17 MAINTAINING CONFIDENTIALITY o No doubt, one needs to ensure that the person one claims to be, is indeed the one o Authenticity o In modern institutions, information resources are never located or stored in one place o So, it is important to ensure that data and information do not change as it moves from one location to the other o Non-repudiation (denial or negation) Cybersecurity and Digital Forensics 18 CORE CONCEPTS OF COMPUTER SECURITY - o Protection of information resources of an institute – or a firm, o Protection accomplished by ensuring: o Confidentiality o Integrity o Availability of data information o CIA Cybersecurity and Digital Forensics 19 CORE CONCEPTS OF COMPUTER SECURITY (CIA) All data and All data and Assurance that information is information is all data and kept private and timely, accurate, information is is not disclosed complete and available when to unauthorized consistent required and that individuals there is no DoS Confidentiality Integrity Availability Cybersecurity and Digital Forensics 20 COMPUTER-BASED SYSTEM VULNERABILITIES SYSTEM VULNERABILITIES o Consistent increase in the number and complexity of cyber threats o For example, o In 2011 o 82 targeted attacks/day o In 2012 o Symantec reported 81% increase in malicious attacks o 232 million identity theft o In 2024: o studies conducted by the University of Maryland's A. James Clark School of Engineering found that more than 2,200 cyberattacks occur each day o When broken down, that means someone becomes a victim of a data breach, phishing attack, or other cybercrime every 39 seconds Cybersecurity and Digital Forensics 22 COMMON CYBER THREATS Identity Theft: Hacking: Malware: Phishing: Cybersecurity and Digital Forensics 23 COMMON CYBER THREATS Identity Theft: Obtaining unauthorized access to personal information—such as UID, SSN, bank accounts and passwords, for the purpose of committing crimes such as fraud or theft. Hacking: Malware: Phishing: Cybersecurity and Digital Forensics 24 COMMON CYBER THREATS Identity Theft: Obtaining unauthorized access to personal information—such as UID, SSN, bank accounts and passwords, for the purpose of committing crimes such as fraud or theft. Hacking: Hacking is defined as secretly getting access to a computer system to steal information or cause damage. Malware: Phishing: Cybersecurity and Digital Forensics 25 COMMON CYBER THREATS Identity Theft: Obtaining unauthorized access to personal information—such as UID, SSN, bank accounts and passwords, for the purpose of committing crimes such as fraud or theft. Hacking: Hacking is defined as secretly getting access to a computer system to steal information or cause damage. Malware: Malware (short for "malicious software") is any program or file that is harmful to a computer user, including computer viruses, worms, Trojans and spyware. Phishing: Cybersecurity and Digital Forensics 26 COMMON CYBER THREATS Identity Theft: Obtaining unauthorized access to personal information—such as UID, SSN, bank accounts and passwords, for the purpose of committing crimes such as fraud or theft. Hacking: Hacking is defined as secretly getting access to a computer system to steal information or cause damage. Malware: Malware (short for "malicious software") is any program or file that is harmful to a computer user, including computer viruses, worms, Trojans and spyware. Phishing: Stealing personal information by tricking victims into clicking a link or entering username & password. Phishing comes in many forms: emails, phone calls, website downloads. Cybersecurity and Digital Forensics 27 CYBER THREATS CATEGORIES im - & 1. Automated attacks 2. Malicious intent cyber attacks & & 3. Internal employee cyber attacks (insider attack) - 4. Social engineering (cyber attacks because of & social engineering) (phishing) & 5. Privacy attacks (loss of privacy and identity - related attacks) -51 g 6. Cyber espionage - related attacks (espionage) Cybersecurity and Digital Forensics 28 AUTOMATED ATTACKS AUTOMATED ATTACKS o Main reason for chaos o Can go unnoticed for long periods of time o Originated by humans o Human involvement is limited, once propagated o Hackers are very fond of automated attacks o SQL injection, in particular o Remote File Inclusion o Sqlmap, Havji, NetSparker are some of several tools available Cybersecurity and Digital Forensics 30 REASONS FOR CHOOSING AUTOMATED ATTACKS o Tools used require little technological skills o Often available for free (hacker sites, or testing businesses) o Hackers can attack a vast number of sites quickly o Make use of compromised and rented servers Cybersecurity and Digital Forensics 31 SQL INJECTION o Standard Query Language Injection o Fields available for users’ data o Allow SQL statements to pass through o Consequently, allows querying the database directly Cybersecurity and Digital Forensics 32 REMOTE FILE INCLUSION (RFI) o RFI attack is when an attacker can upload a malicious file on a server using a service o Usually through script o A symptom of a possible poor validation check o Improper checks allow for a code to be executed in a website or on the server Cybersecurity and Digital Forensics 33 MALICIOUS INTENT CYBER ATTACKS TARGETS AND REASONS o Infrastructures attacks o 2012 o Energy sector (82 reported by DHS) o Water industry (29 reported) o Chemical plants (7 reported) o Nuclear companies (6 reported) o Banks (0xOmar and 0xOmer) o TV broadcasts (South and North Korea 2013) o 2023 o more than 2 in 5 ransomware attacks targeted organizations in a critical infrastructure sector o 1,193 out of 2,825 hit critical infrastructure organizations (over 42%) o Reasons H o Political (main reason) = o Theft 2- Cybersecurity and Digital Forensics 35 INTERNAL EMPLOYEE - Insider) CYBER ATTACKS REASONS & Personal 2- Work 3 Opportunities circumstances situations - Financial Hostile Workplace hardships relationships offers Sour with a boss e.g. relationships Denied WikiLeaks promotion = Psychological pressure Cybersecurity and Digital Forensics 14 SOCIAL ENGINEERING (Phishing) ATTACK SCENARIO o The victim is tricked to respond to a series of questions o Questions may be sought over a phone E-mail SMS, , , --- o The victim may be directed to a certain website o The purpose is to gain as much information about the victim or victim’s organization o Such information raise the chance of breaking into computer systems o Most common o Breaking news alert o Greeting cards o Lottery winnings Cybersecurity and Digital Forensics 16 PRIVACY AND IDENTITY RELATED ATTACKS IDENTITY THEFT o Occurs when someone steals credentials of another o Uses them without permission o Examples: o SSN o Credit card details ID Passport, , ,... o Reasons (among others): o Renting apartments or cars o Applying for credit cards o Seek medical treatment Cybersecurity and Digital Forensics 18 CYBER ESPIONAGE ATTACKS IT IS CLEARLY ILLEGAL, ISN’T IT? o Economist survey (March 2012) o 82% felt it is clearly illegal (not very clear, huh !!) o 78% felt it is a shared responsibility to stop it o 61% felt espionage cases are underreported o No one is ideal o 2013 Huawei case o Huawei accused by the US government of espionage in cooperation with China Cybersecurity and Digital Forensics 20 SAFETY OF SYSTEMS Usability vs. AND DATA Security INNOVATION AND PROSPERITY o There is a fine balance between systems’ usability and security o Companies cannot afford high level of security?such why that systems are too difficult to use o The question is not always about “What is the best security technology available?” o The right question is “What is most appropriate technology for the solution?” Cybersecurity and Digital Forensics 22