ICT 1218Y S1-Lecture 2.pdf

Full Transcript

BSc (hons) Cyber Security
Security Fundamentals ICT 12018Y
Department of Information & Communication Technologies

Faculty of Information, Communication & Digital
Technologies University of Mauritius
Associate Professor (Dr) Sheeba Armoogum
Lecture 2: Introduction to Cybersecurity and the Importance of Information
Security
What is Cybersecurity?
Cybersecurity is the practice of protecting computer systems, networks, and data

from unauthorized access, use, disclosure, disruption, modi8ication, or
destruction.
It's about safeguarding our digital assets and ensuring their con8identiality,

integrity, and availability.
In today's interconnected world, cybersecurity is no longer just an IT issue; it's a

critical business and societal concern.

The Importance of Cybersecurity in Today's World
Digital Transformation: Our lives are increasingly reliant on technology, making

cybersecurity essential.
Evolving Threats: Cybercriminals are constantly developing new and

sophisticated attack methods.
Economic Impact: Cyberattacks can result in signi8icant 8inancial losses for

individuals and organizations.
National Security: Cybersecurity is crucial for protecting critical infrastructure

and sensitive information.

@Copyright 2024 – No content of this lecture could be reproduced without permission.
Associate Professor (Dr) Sheeba Armoogum
1
Real-World Examples: Online Banking
Online banking relies heavily on cybersecurity to protect sensitive 8inancial

information.
Threats: Phishing attacks, malware infections, and man-in-the-middle attacks can
 compromise accounts.
Consequences: Financial losses, identity theft, and damage to credit scores.

Real-World Examples: Social Media
Social media platforms store vast amounts of personal information, making them

attractive targets for cybercriminals.
Threats: Account takeovers, data breaches, and the spread of misinformation.

Consequences: Identity theft, reputational damage, and privacy violations.

Real-World Examples: Healthcare
Healthcare organizations hold sensitive patient data, making cybersecurity

paramount.
Threats: Ransomware attacks, data breaches, and disruption of critical medical

devices.
Consequences: Life-threatening situations, 8inancial losses, and erosion of trust.

The Impact of Cyberattacks: Financial Loss
Direct Costs: Stolen funds, recovery expenses, regulatory 8ines. Indirect Costs:

Business disruption, reputational damage, loss of customer trust.

The Impact of Cyberattacks: Identity Theft
Personal Information: Cybercriminals can steal names, addresses, social security

numbers, and 8inancial data.
Consequences: Fraudulent accounts, unauthorized transactions, and damage to

credit history.

@Copyright 2024 – No content of this lecture could be reproduced without permission.
Associate Professor (Dr) Sheeba Armoogum
2
The Impact of Cyberattacks: Reputational Damage
Loss of Trust: Cyberattacks can erode customer trust and damage brand

reputation.
Negative Publicity: Data breaches and other security incidents can lead to
 negative media coverage.
Long-Term Impact: Recovering from reputational damage can be costly and

time-consuming.

Key Cybersecurity Terminology: Threat
Threat: Any potential danger to a computer system or network. Examples:

Hackers, malware, natural disasters, and even unintentional human error.

Key Cybersecurity Terminology: Vulnerability
Vulnerability: A weakness in a system or network that can be exploited by a

threat.
Examples: Software bugs, weak passwords, and miscon8igured systems.

Key Cybersecurity Terminology: Risk
Risk: The likelihood that a threat will exploit a vulnerability and cause harm. Risk

Assessment: Involves identifying assets, threats, and vulnerabilities to determine
the level of risk.

Key Cybersecurity Terminology: Exploit
Exploit: A piece of code or software that takes advantage of a vulnerability.

Zero-Day Exploit: An exploit that targets a vulnerability unknown to the software
vendor or security community.

Key Cybersecurity Terminology: Attacker
Attacker: An individual or group who attempts to exploit vulnerabilities for

malicious purposes.
Types of Attackers: Hacktivists, cybercriminals, nation-states.

@Copyright 2024 – No content of this lecture could be reproduced without permission.
Associate Professor (Dr) Sheeba Armoogum
3
Key Cybersecurity Terminology: Target
Target: The system, network, or data that an attacker is attempting to compromise.

High-Value Targets: Organizations with valuable data or critical infrastructure.
Different Types of Cyber Threats: Hackers
Hackers: Individuals with advanced computer skills who use their knowledge to

access systems or data without authorization.
Black Hat Hackers: Malicious hackers who exploit vulnerabilities for personal gain

or to cause harm.
White Hat Hackers: Ethical hackers who use their skills to identify and report

vulnerabilities to improve security.

Different Types of Cyber Threats: Malware
Malware: Malicious software designed to harm computer systems or steal data. o
 Viruses: Self-replicating programs that spread to other 8iles or systems. o
Worms: Standalone programs that spread through networks.
o Trojans: Disguise themselves as legitimate software but perform malicious

actions.
o Ransomware: Encrypts data and demands payment for decryption. o

Spyware: Secretly monitors user activity and steals information.

Different Types of Cyber Threats: Social Engineering Social Engineering:
Manipulating people into giving up con8idential information.
o Phishing: Deceptive emails or websites that trick users into revealing

sensitive data.
o Baiting: Offering something enticing to lure victims into a trap. o

Pretexting: Creating a false scenario to gain trust and extract information.

@Copyright 2024 – No content of this lecture could be reproduced without permission.
Associate Professor (Dr) Sheeba Armoogum
4
Different Types of Cyber Threats: Denial-of-Service Attacks

Denial-of-Service Attacks: Flood a system or network with traf8ic, making it
unavailable to legitimate users.
o Distributed Denial-of-Service Attacks: Use multiple compromised

systems to
amplify the
attack
traf8ic.
o
 Impact: Business disruption, 8inancial losses, reputational damage.

@Copyright 2024 – No content of this lecture could be reproduced without permission.
Associate Professor (Dr) Sheeba Armoogum
5