Blue Modern Futuristic Cyber Security Presentation.pdf
Document Details
Uploaded by BlissfulPluto
Tags
Full Transcript
CYBER SECURITY 2 TYPES OF DATA INCLUDE: Personal Protect your identity, data, and devices. Organizational Everyone should help protect the organization's reputation, data, and customers. Government With more digital info being...
CYBER SECURITY 2 TYPES OF DATA INCLUDE: Personal Protect your identity, data, and devices. Organizational Everyone should help protect the organization's reputation, data, and customers. Government With more digital info being collected and shared, protecting it is crucial for national security, economic stability, and citizen safety 02 PROTECTION OF PERSONAL DATA Offline Identity This is who you are in real life, like at home, school, or work. Family and friends know your personal details, such as your full name, age, and address Online Identity This is who you are online. It includes your usernames, social media profiles, and how you interact with others on websites and online communities. 02 Avoid using your full name, address, or phone TIPSFOR CREATINGA number. Don't use your email username. Use different usernames and passwords for different accounts, especially for financial ones. USERNAME Avoid usernames that hint at your passwords, like using "IT" for work-related accounts. Pick a username that suits the type of account, whether it's for business, social, or personal use. 03 04 Money: Hackers often want to steal money. They can access your accounts, impersonate family members, and send messages asking for money, claiming they are stranded abroad and need help. Banking WHAT DO HACKERS Hackers can steal your data to get into your bank accounts, credit cards, and other online WANT? accounts. They might even take out loans using your name. Medical Theft Hackers can steal your medical insurance to use the benefits for themselves. 05 internet Service Provider (ISP) Tracks your online activity and can sell this data to advertisers. May share your information with government agencies when required by law. Advertisers Monitor your online activities to send you targeted ads. Search Engines and Social Media Platforms WHO ELSE WANTS Collect data on your gender, location, phone number, and political/religious views based on your searches and online activity. YOUR DATA? Sell this information to advertisers. Websites You Visit Use cookies to track your activities for a personalized experience. This data can be linked to your online identity and sold to advertisers 06 The Cube, created by John McCumber in 1991, is a security model with three dimensions: THE CUBE 1. Foundational principles for protecting information systems. 2. Protection of information in its various states. 3. Security measures used to protect data. The foundational principles for protecting information systems The CIA triad: it is a common model that forms the basis for the development of security systems 07 Confidentiality Rules prevent sensitive information from being shared with unauthorized people. Methods include data encryption, identity verification, and two-factor authentication Integrity Ensures system information is protected from changes. One method is using a hash function. Availability Authorized users can access systems and data as needed, while unauthorized users cannot. Maintain equipment, perform repairs, update software, and create backups to ensure availability 08 Processing THE PROTECTION Data being used for an operation (data in process). Storage OF DATA IN EACH Data saved in memory or on a hard drive, SSD, or USB (data at rest). STATE: Transmission Data moving between systems (data in transit). THE SECURITY Awareness, Training, and Education MEASURES USED Ensures users know about security threats and how to protect systems. Technology TO PROTECT DATA Uses software and hardware solutions to prevent malicious incidents. Policy and Procedure Administrative controls that guide how an organization secures information. 09 SECURITY BREACHES A security breach is unauthorized access to a device, facility, program, network, or data. It involves bypassing security measures, often leading to private data being copied, shared, or stolen. How Security Breaches Occur 1. Malware: Attackers infect a system with malware to steal data, use resources, or damage the system. 2. Phishing: Attackers send fake emails to trick users into revealing sensitive data, like login details for online banking. 3. Physical: Attackers steal or tamper with equipment to access systems or steal data. 4. Insider Threats: Employees misuse their access to view sensitive data or 10 unintentionally cause breaches with weak passwords. CONSEQUENCES OF A SECURITY BREACH Reputational Damage: A breach can harm an Attackers organization's long-built reputation. Attackers exploit vulnerabilities to break into computers Vandalism: Hackers may deface a website with or networks for personal or financial gain. false information. Theft: Sensitive personal data can be stolen in a Types of Attackers breach. White Hat Attackers: Break into systems to find and fix Loss of Revenue: Hackers can take down a weaknesses. website, stopping online business. Gray Hat Attackers: Find vulnerabilities and may report them if it suits their agenda. Black Hat Attackers: Unethical criminals who break into systems for personal gain or malicious reasons. 11 Cybersecurity Criminals Script Kiddies: Teenagers or hobbyists who mostly engage in vandalism, using existing tools or online instructions to launch attacks. Vulnerability Brokers: Grey hat hackers who find exploits and report them to vendors, sometimes for rewards. Hacktivists: Grey hat hackers who protest political or social issues by publicly protesting against organizations or governments, often leaking sensitive information. State-Sponsored Hackers: Hackers who steal government secrets, gather intelligence, and sabotage networks, targeting foreign governments and terrorist groups. 12 THREATS TO ORGANIZATIONAL DATA Internal Threats External Threats LEmployees, contract staff, or trusted partners can accidentally or intentionally: Amateurs or skilled attackers outside Mishandle confidential data. the organization can: Facilitate attacks by connecting infected USB devices. Exploit network vulnerabilities. Invite malware by clicking on malicious Gain unauthorized access to emails or websites. computing devices. Threaten internal servers or network infrastructure. 12 Cyberwarfare involves using technology to attack another nation's information systems and computer networks, aiming to cause damage, disrupt, or shut down service Cyberwarfare can destabilize a nation, disrupt commerce, and erode citizens' trust in their government. Purposes: Steal defense secrets and gather technology information to close gaps in industries and military capabilities. Disrupt another nation's infrastructure. A cyber attack : is a malicious attempt to access or damage a computer or network system to steal, alter, disable, or destroy information through unauthorized access. 13 Spyware Purpose: Tracks and spies on user activities. Capabilities: Logs keystrokes and captures sensitive data, including personal and financial information. Method: Alters device security settings to monitor activities. Adware Purpose: Delivers advertisements automatically. Characteristics: Often comes with certain software versions, leads to constant pop-up ads on the screen. Target: Web browsers are the primary target for ad delivery. Backdoor Purpose: Provides unauthorized access by bypassing authentication processes. Capabilities: Allows hackers to gain remote access and execute commands within the system. Detection: Runs in the background, making it difficult to detect. 15 Ransomware Purpose: Holds systems or data captive until a ransom is paid. Method: Encrypts data, making it inaccessible. Spread: Often through phishing emails or exploiting system vulnerabilities. Scareware Purpose: Uses scare tactics to trick users into taking certain actions. Method: Displays fake warnings about system risks to prompt users to run specific programs, which then infect the system with malware. Rootkit Purpose: Modifies the operating system to gain control. Capabilities: Installs other malware, enables unauthorized remote access, and creates backdoors. Detection: Difficult to detect and remove due to deep system integration. 16 virus Purpose: Replicates and attaches to executable files. Characteristics: Requires user interaction to activate and can be harmless or destructive. Effects: Can display images, modify, or delete data. Trojan Horse Purpose: Executes malicious operations by exploiting user privileges. Characteristics: Often hidden in image files, audio files, or games. Worms Purpose: Self-replicates to spread across computers. Characteristics: Does not need a host program to run and spreads without user participation. Spread: Can propagate quickly over networks. 17 SYMPTOMS OF MALWARE Slow device performance and frequent crashes. Unknown files/programs and unauthorized emails. Slower web browsing and network issues. Modified or deleted files and unknown processes running. 18