History of Cybersecurity & Evolution PDF
Document Details
Uploaded by Deleted User
Indian Institute of Information Technology, Sri City
Tags
Related
- Information Systems Security PDF
- Philippine Cyberspace: Legal and Ethical Imperatives for Cyber Infrastructure Protection PDF
- ITSM Midterm Reviewer PDF
- Borg El Arab Technological University Lecture 1 - Cyber Security PDF
- Introduction to Cybersecurity Operations PDF
- Cybercrime and Threats in Saudi Arabia PDF
Summary
This document provides a history of cybersecurity and its evolution, covering key periods and trends. It discusses important topics such as the growing threat landscape, the rising cybersecurity skills gap, and the impact of digital transformation. This document is from the Indian Institute of Information Technology Dharwad.
Full Transcript
Module 1 History of Cybersecurity and Evolution Indian Institute of Information Technology Dharwad Ittigatti Road, Near Sattur Colony, Dharwad 580009 Course Structure Preparation Each sub-topic to have the following - 1. Not more tha...
Module 1 History of Cybersecurity and Evolution Indian Institute of Information Technology Dharwad Ittigatti Road, Near Sattur Colony, Dharwad 580009 Course Structure Preparation Each sub-topic to have the following - 1. Not more than 5 slides of content in bullet form per Course Learning Objective 2. Out of 5 slides – 2 slide should have industrial references or real life case scenarios (See examples) 3. Quiz at the end of the each sub-topic on the areas covered in the sub-topic (not more than 10 questions) 4. A detailed document on the entire sub-topic that can be referred by students or faculties at later stage 2 of 26 2 Course Learning Objectives Understand the difference between Information Security, Physical Security, Digital Security & Cybersecurity Student will learn the history and evolution of Cybersecurity starting from Physical information threats Digital Information Threats and beyond Students will understand the impact of Cybersecurity in atleast 4 different industries Students will learn on how various strategies are adopted based on industry or threat landscapes Students should be able to interpret and explain the difference between Confidentiality, Integrity & availability 3 3 of 26 What is CyberSecurity? Practice of protecting internet-connected systems from digital attacks. Used by individuals and enterprises to protect against unauthorized access to data centers and other computerized systems. Develop secure software, identify and respond to cyber threats, and critically analyse digital evidence to solve and prevent crimes. 4 of 26 4 Why do we need Cybersecurity? Cybersecurity is no longer an option, it's a necessity Escalating Financial Impact: In 2021, cybercrime cost the world $6 trillion. By 2025, these costs are projected to increase to $10.5 trillion. Growing Threat Landscape: As digital technologies evolve, the number of cyberattacks is expected to increase, putting more entities at risk. Widespread Vulnerability: Individuals, governments, for-profit companies, not-for-profit organizations, and educational institutions are all potential targets for cyberattacks and data breaches. Complexity of Global Supply Chains: The increasing complexity of global supply chains adds to the vulnerability of systems, making robust cybersecurity measures essential. Critical Role of Data: In the digital economy, data is becoming more critical, and its security is paramount to minimize the risk of attacks and secure systems. 5 of 26 5 History - 1960 to 1980 Increased Connectivity and Time-Sharing: Multiple users on a single computer raised unauthorized access concerns. Protecting user files and systems became crucial due to expensive computing time. Birth of Passwords: Password accounts were introduced to control access, establishing a legacy of password protection. ARPANET and Early Malware: ARPANET facilitated innovation, including the development of email and early malware like Creeper and Reaper. Early Security Discussions: Best practices for secure systems were not yet established. Initial discussions about cybersecurity began, including a notable 1975 paper. Emergence of Malware: The shift to the Internet Protocol Suite increased the attack surface. The 1980s saw sophisticated malware and the Morris Worm incident, highlighting large-scale cyberattack dangers. 6 of 26 6 History - 1980 - 1990 Age of Viruses: Widespread internet access in homes led to a surge of personal computer viruses. Unskilled attackers ("script kiddies") used readily available malware. Rise of Anti-Malware: The prevalence of viruses fueled the growth of the anti-malware industry. Cybersecurity awareness increased, with companies prioritizing security improvements. Real-World Impact: Rampant malware attacks on home computers highlighted the importance of cybersecurity to the public. Reactive Security Measures: IT security primarily relied on antivirus and firewalls as defensive perimeters. Companies had limited proactive security measures and knowledge. Compliance and Underinvestment: Information security regulations were complex, making compliance difficult. Security requests received minimal funding in the 1990s. 7 of 26 7 History - 2000 and 2010 Digital Transformation: Increased digitization, especially in financial transactions, created valuable targets for attackers. Cybercriminals shifted focus to financial gain through credit card breaches, hacktivism, and ransomware. Rise of Data Breaches: Massive data breaches compromised millions of credit cards and sensitive information. Businesses faced significant consequences, including downtime, reputation damage, and financial penalties. Advanced Persistent Threats (APTs): Nation-state attacks became more frequent, targeting strategic corporate and government assets. Well-funded APT groups launched sophisticated cyber campaigns. Escalating Threats: Large-scale cyber incidents like WannaCry and NotPetya caused widespread disruption. Ransomware attacks became prevalent, leading to business shutdowns and financial losses. Focus on Security Programs: The severity of cyber threats forced companies to prioritize and enhance their cybersecurity 8 of 26 8 programs. Evolution Of Information Security after 2000s Technological Advancements and Heightened Awareness: Digital signatures emerged to protect personal information. Increased focus on security due to rising cyber threats and data breaches. Increased Investment and Security Integration: More funding for information security as its importance grew. Security best practices integrated into the Software Development Life Cycle. Reputation Management: Executives invested in advanced security to protect brand reputation from data breaches. Rise of Cloud Computing: Need for new security strategies to protect data in cloud environments. Security expanded to include mobile devices and personal machines. Future Focus: Ongoing prioritization of information security as threats increase. Security is now a key part of corporate strategy for organizational well-being. 9 of 26 9 Evolution Of Internet Of Things 1832-1982: 2019-2023: 19th Century: Concept of interconnected 1994-2008: 2019-2023: Rise of sophisticated attacks from devices originated. 1994: Amsterdam's "digital city" explored data nation-states and ransomware. 1970s: Advancements in technology laid the collection for a smart future. Cybersecurity industry booms with new 1999: The term "Internet of Things" was coined. defensive tools. groundwork for IoT. Early example: smart 2000s: Rise of cloud computing boosted IoT growth. Emerging technologies like blockchain & vending machines. 2008: Connected devices surpassed the human quantum computing offer both benefits and 1982: IoT aims to simplify lives through a population. risks. network of communicating devices. 1982-1993: 2010-2017: 1980-1990: Early connected devices (vending 2010s: IoT booms, but security flaws emerge (Mirai machines, webcams) emerged. botnet, Jeep hack). 1994: Pioneering projects like Amsterdam's "digital Attacks highlight need for stronger defenses - even city" laid groundwork for data collection in IoT. everyday devices (fish tank thermometers) vulnerable. Importance of robust IoT security alongside its benefits is clear. 10 of 26 10 Evolution Of Data Security From Silos to Synergy: Traditional data security focused on isolated systems. Cloud reliance necessitates unified security across platforms and devices. Data and network security are converging for comprehensive protection. Context Matters: Cloud sprawl creates "blind spots" in traditional security. Contextual awareness is key to identifying sensitive data (e.g., salaries, intellectual property). Consistent policies and automation ensure data security everywhere. The Power of AI and Automation: AI and Data Security Platform Management (DSPM) offer advanced solutions. Improved data visibility, access control, and faster threat response. Integrated AI, DSPM, and Data Loss Prevention (DLP) technologies combat unseen threats. Benefits: Prevents data breaches and loss. Protects sensitive information in the cloud. 11 of 26 11 Provides robust data protection in today's complex digital environment. Data Breaches Data breaches have a long history, even pre-dating computers. While regulations try to safeguard information, the explosion of digital data in recent decades has made breaches a major concern, potentially impacting millions with a single attack. Types of DOS ❖ Ransomware - Malicious software that locks down valuable data and demands a ransom to unlock it, often targeting businesses. ❖ Malware - Software designed to harm computer systems, often disguised as legitimate software to trick users into downloading it. ❖ Phishing - Deceptive emails or messages imitating a trusted source to steal sensitive data like passwords or credit card info. ❖ DoS/DDoS - Denial-of-service attacks overwhelm a website or service with traffic, making it inaccessible to legitimate users. DDoS attacks are large-scale DoS attacks launched from multiple 12 of 26 12 devices. Cybersecurity trends Focus on Artificial The Growing The Rise of Evolving Cloud Intelligence and Cybersecurity Skills Ransomware Security Challenges Machine Learning Gap Threat Shared High Demand Increased Detection and Responsibility for Sophistication Response Model Professionals Predictive Focus on Verifying All Focus on Analytics and Ransomware Users and Training and Automation Mitigation Devices Upskilling 13 of 26 13 Quiz What is Cyber Security and why is it important? Write a note on evolution of Information security. What do you understand by data breaches? Explain the history of cyber security in detail. 14 of 26 14