Module 1
Module 1
Cybersecurity is the ongoing effort to protect individuals, organizations and governments from
digital attacks by protecting networked systems and data from unauthorized use or harm.
Levels of protection
The Cube
The McCumber Cube is a model framework created by John McCumber in 1991 to help
organizations establish and evaluate information security initiatives by considering all of
the related factors that impact them. This security model has three dimensions:
Theft-A data breach often involves an incident where sensitive personal data
has been stolen. Cybercriminals can make this information public or exploit it to
steal an individual’s money and/or identity.
CYBER ATTACKERS
Attackers are individuals or groups who attempt to exploit vulnerability for personal or
financial gain.
Types of Attackers
1.Amateurs
The term 'script kiddies' emerged in the 1990s and refers to amateur or
inexperienced hackers who use existing tools or instructions found on the
Internet to launch attacks. Some script kiddies are just curious, others are
trying to demonstrate their skills and cause harm. While script kiddies may
use basic tools, their attacks can still have devastating consequences.
2.Hackers
This group of attackers break into computer systems or networks to gain
access. Depending on the intent of their break in, they can be classified as
white, gray or black hat hackers.
3.Organized hackers
These attackers include organizations of cyber criminals, hacktivists,
terrorists and state-sponsored hackers. They are usually highly
sophisticated and organized, and may even provide cybercrime as a
service to other criminals.
Hacktivists make political statements to create awareness about issues
that are important to them.
State-sponsored attackers gather intelligence or commit sabotage on
behalf of their government. They are usually highly trained and well-
funded and their attacks are focused on specific goals that are
beneficial to their government.
CYBER WARFARE
Cyberwarfare, as its name suggests, is the use of technology to penetrate and attack
another nation’s computer systems and networks in an effort to cause damage or
disrupt services, such as shutting down a power grid.
Besides industrial and military espionage, a nation can continuously invade another
nation’s infrastructure in order to cause disruption and chaos.