Lecture 1 - Part I(1) (2).pdf

Full Transcript

THE BASICS
 WHAT IS COMPUTER SECURITY? IS IT:

1 Information Privacy
- -
-

2- Data Integrity

-I

- Availability
3

Cybersecurity and Digital Forensics 15
 -
PURPOSE OF COMPUTER SECURITYC

2 Ensures integrity of 3 Business processes
-

business processes are not broken
is maintained 4
- Ensures resources
1 Ensure valuable i.e. data in databases
are available to the
resources remain e.g. No disruption in and computer systems
supply chain logistics does not get changed, right people at the
protected intentionally or right time
unintentionally

Cybersecurity and Digital Forensics 16
 CONSEQUENCES

o Inability to have the right access to data and
information
o Inadequate or flawed decision making
o Non-availability of information is a typical
consequence of both intentional and unintentional
compromises
o Possibly because someone – human or a machine
– is a hurdle in the process

Cybersecurity and Digital Forensics 17
 MAINTAINING CONFIDENTIALITY

o No doubt, one needs to ensure that the person one
claims to be, is indeed the one
o Authenticity
o In modern institutions, information resources are
never located or stored in one place
o So, it is important to ensure that data and
information do not change as it moves from one
location to the other
o Non-repudiation (denial or negation)

Cybersecurity and Digital Forensics 18
 CORE CONCEPTS OF COMPUTER SECURITY
-

o Protection of information resources of an institute –
or a firm,
o Protection accomplished by ensuring:
o Confidentiality
o Integrity
o Availability of data information
o CIA

Cybersecurity and Digital Forensics 19
 CORE CONCEPTS OF COMPUTER SECURITY (CIA)

All data and All data and Assurance that
information is information is all data and
kept private and timely, accurate, information is
is not disclosed complete and available when
to unauthorized consistent required and that
individuals there is no DoS

Confidentiality Integrity Availability

Cybersecurity and Digital Forensics 20
COMPUTER-BASED
SYSTEM
VULNERABILITIES
 SYSTEM VULNERABILITIES
o Consistent increase in the number and complexity of
cyber threats
o For example,
o In 2011
o 82 targeted attacks/day
o In 2012
o Symantec reported 81% increase in malicious attacks
o 232 million identity theft
o In 2024:
o studies conducted by the University of Maryland's A. James Clark
School of Engineering found that more than 2,200 cyberattacks occur
each day
o When broken down, that means someone becomes a victim of a data
breach, phishing attack, or other cybercrime every 39 seconds

Cybersecurity and Digital Forensics 22
 COMMON CYBER THREATS
Identity Theft:

Hacking:

Malware:

Phishing:

Cybersecurity and Digital Forensics 23
 COMMON CYBER THREATS
Identity Theft: Obtaining unauthorized access to personal
information—such as UID, SSN, bank accounts and
passwords, for the purpose of committing crimes such as
fraud or theft.

Hacking:

Malware:

Phishing:

Cybersecurity and Digital Forensics 24
 COMMON CYBER THREATS
Identity Theft: Obtaining unauthorized access to personal
information—such as UID, SSN, bank accounts and
passwords, for the purpose of committing crimes such as
fraud or theft.

Hacking: Hacking is defined as secretly getting access
to a computer system to steal information or cause
damage.

Malware:

Phishing:

Cybersecurity and Digital Forensics 25
 COMMON CYBER THREATS
Identity Theft: Obtaining unauthorized access to personal
information—such as UID, SSN, bank accounts and
passwords, for the purpose of committing crimes such as
fraud or theft.

Hacking: Hacking is defined as secretly getting access
to a computer system to steal information or cause
damage.

Malware: Malware (short for "malicious software") is any
program or file that is harmful to a computer user,
including computer viruses, worms, Trojans and
spyware.

Phishing:

Cybersecurity and Digital Forensics 26
 COMMON CYBER THREATS
Identity Theft: Obtaining unauthorized access to personal
information—such as UID, SSN, bank accounts and
passwords, for the purpose of committing crimes such as
fraud or theft.

Hacking: Hacking is defined as secretly getting access
to a computer system to steal information or cause
damage.

Malware: Malware (short for "malicious software") is any
program or file that is harmful to a computer user,
including computer viruses, worms, Trojans and
spyware.

Phishing: Stealing personal information by tricking victims
into clicking a link or entering username & password.
Phishing comes in many forms: emails, phone calls, website
downloads.

Cybersecurity and Digital Forensics 27
 CYBER THREATS CATEGORIES im
-

&
1. Automated attacks

2. Malicious intent cyber attacks
&

&
3. Internal employee cyber attacks (insider attack)
-

4. Social engineering (cyber attacks because of
&
social engineering) (phishing)

&
5. Privacy attacks (loss of privacy and identity -
related attacks)
-51
g
6. Cyber espionage - related attacks (espionage)

Cybersecurity and Digital Forensics 28
AUTOMATED ATTACKS
 AUTOMATED ATTACKS

o Main reason for chaos
o Can go unnoticed for long periods of time
o Originated by humans
o Human involvement is limited, once propagated
o Hackers are very fond of automated attacks
o SQL injection, in particular
o Remote File Inclusion
o Sqlmap, Havji, NetSparker are some of several tools
available

Cybersecurity and Digital Forensics 30
 REASONS FOR CHOOSING AUTOMATED ATTACKS

o Tools used require little technological skills
o Often available for free (hacker sites, or testing
businesses)
o Hackers can attack a vast number of sites quickly
o Make use of compromised and rented servers

Cybersecurity and Digital Forensics 31
 SQL INJECTION

o Standard Query Language Injection
o Fields available for users’ data
o Allow SQL statements to pass through
o Consequently, allows querying the database directly

Cybersecurity and Digital Forensics 32
 REMOTE FILE INCLUSION (RFI)

o RFI attack is when an attacker can upload a
malicious file on a server using a service
o Usually through script
o A symptom of a possible poor validation check
o Improper checks allow for a code to be executed in
a website or on the server

Cybersecurity and Digital Forensics 33
MALICIOUS INTENT
CYBER ATTACKS
 TARGETS AND REASONS
o Infrastructures attacks
o 2012
o Energy sector (82 reported by DHS)
o Water industry (29 reported)
o Chemical plants (7 reported)
o Nuclear companies (6 reported)
o Banks (0xOmar and 0xOmer)
o TV broadcasts (South and North Korea 2013)
o 2023
o more than 2 in 5 ransomware attacks targeted organizations in a
critical infrastructure sector
o 1,193 out of 2,825 hit critical infrastructure organizations (over 42%)
o Reasons
H o Political (main reason)
=

o Theft
2-

Cybersecurity and Digital Forensics 35
INTERNAL EMPLOYEE
-
Insider)
CYBER ATTACKS
 REASONS
& Personal 2- Work 3 Opportunities
circumstances situations
-

Financial Hostile Workplace
hardships relationships offers
Sour with a boss e.g.
relationships Denied WikiLeaks
promotion
=

Psychological
pressure

Cybersecurity and Digital Forensics 14
SOCIAL ENGINEERING
(Phishing)
 ATTACK SCENARIO

o The victim is tricked to respond to a series of questions
o Questions may be sought over a phone E-mail SMS,
,
,
---

o The victim may be directed to a certain website
o The purpose is to gain as much information about the
victim or victim’s organization
o Such information raise the chance of breaking into
computer systems
o Most common
o Breaking news alert
o Greeting cards
o Lottery winnings

Cybersecurity and Digital Forensics 16
PRIVACY AND IDENTITY
RELATED ATTACKS
 IDENTITY THEFT

o Occurs when someone steals credentials of another
o Uses them without permission
o Examples:
o SSN
o Credit card details ID Passport,
, ,...

o Reasons (among others):
o Renting apartments or cars
o Applying for credit cards
o Seek medical treatment

Cybersecurity and Digital Forensics 18
CYBER ESPIONAGE
ATTACKS
 IT IS CLEARLY ILLEGAL, ISN’T IT?

o Economist survey (March 2012)
o 82% felt it is clearly illegal (not very clear, huh !!)
o 78% felt it is a shared responsibility to stop it
o 61% felt espionage cases are underreported
o No one is ideal
o 2013 Huawei case
o Huawei accused by the US government of espionage in
cooperation with China

Cybersecurity and Digital Forensics 20
SAFETY OF SYSTEMS Usability
vs.
AND DATA Security
 INNOVATION AND PROSPERITY

o There is a fine balance between systems’ usability
and security
o Companies cannot afford high level of security?such
why
that systems are too difficult to use
o The question is not always about “What is the best
security technology available?”
o The right question is “What is most appropriate
technology for the solution?”

Cybersecurity and Digital Forensics 22