yazan

Cybersecurity
Introduction: -
In an age where digital technology is
central to our lives, cybersecurity has
emerged as a critical priority. From
individuals to multinational corporations
and governments, everyone faces the risk
of cyberattacks. For instance, in June
2011, the hacker group LulzSec breached
the U.S. Senate’s website, exposing
internal files. While the data leaked was
neither sensitive nor classified, this
incident underscored significant
vulnerabilities in government systems.
Similar breaches have targeted
organizations like MasterCard and PayPal,
raising questions: how can we protect
ourselves? How do companies and
countries safeguard their systems from
such threats?
What is cybersecurity?
Cybersecurity - is the practice of defending
computers, servers, mobile devices, electronic
systems, networks, and data from malicious
attacks.
The term "cybersecurity" applies in a variety
of contexts, from business to mobile
computing, and can be divided into a few
common categories.
Network security: Protects computer
networks from intruders, including
attackers and malware.
Application security: Ensures software and
devices are threat-free, starting from the
design stage to safeguard data.
Operational security: Manages data
protection, including user permissions
and procedures for data storage and
sharing.
Cybersecurity is crucial for protecting
personal information and ensuring that
businesses and nations can operate securely
in an increasingly interconnected world.
Confidentiality
Refers to the safeguarding of information
against unauthorized access or disclosure.
Ensures that sensitive or private data is not
shared with or accessed by unauthorized
individuals, organizations, or systems.
Why Confidentiality Matters:
\Protecting Personal Privacy: Safeguards
individuals' sensitive information from
being exposed
Maintaining Business Competitiveness:
Secures proprietary information and
intellectual property, preserving a
competitive edge.
Compliance with Regulations: Ensures
adherence to legal and industry
standards for data protection.
Categories of Security Controls
Security controls are classified into four
main categories:

(1( Technical Control

These involve the use of technology,
hardware, and software to reduce risks
and enhance security.
Examples include firewalls, encryption,
and antivirus systems.
)2( Managerial Controls
Also known as administrative controls,
they focus on security governance and
strategic planning.
Include activities such as creating
policies, conducting risk assessments,
and implementing security frameworks.
)3( Operational Controls
Comprise procedures and practices
performed daily to safeguard data.
Primarily rely on human actions and
internal processes, such as access
control and incident response.
)4( Physical Controls
It consists of tangible measures to
protect physical assets and
environments.
Examples include surveillance cameras,
locks, and secure facility access systems.

Cybersecurity threats

Cyber threats: offensive actions are taken by

a hacker. These are used to target computer
systems and devices; they cause damage to
crucial data and information.
Cybersecurity faces various types of
threats, which can be categorized as
follows:
Cybercrime:
Perpetrated by individuals or groups, this
involves targeting systems for financial gain
or to disrupt operations. Common examples
include phishing, ransomware attacks, and
identity theft.
Cyberattacks:
These are politically driven actions, often
carried out by state-sponsored actors or
hacktivist groups, aiming to steal sensitive
data, conduct espionage, or damage critical
infrastructure.
Cyberterrorism:
Designed to create fear or panic,
cyberterrorism involves deliberate attacks
on electronic systems, often targeting
critical sectors like energy, transportation,
or healthcare.
Type of cyber-attack: -

-phishing: -is used to

steal user data,
including login details
and debit or credit
card numbers.
Phishing is executed
mainly through emails, massaging and phone
calls.
-Ransomware: is a cyber-attack that uses
encryption to hold a user’s information at
ransom.
If they fail to meet the timeline in paying a
ransom declared by cybercriminals they
would lose their data.
-Malware: is a short form for malicious
software.
Malware includes writing malware code to
hack devices by the hacker.
-malware is intrusive software used to cause
damage to computers and computer systems.
- man in the middle attack: this attack takes
place when hacker places himself between
client and owner. And hackers also can place
themselves between users and the server.
- trojan horse is a malware program to break
into electronic and digital devices.
The hacker disguises the malware program as
a necessary software.
The hackers use this to have unauthorized
access to crucial information and data.
- Virus is a type of malicious software designed
to spread from one device to another,
disrupting normal operations. It can corrupt
data, disable functionality, or steal sensitive
information. Viruses often attach themselves
to legitimate programs or files and execute
when the host is activated.
A Detailed Comparison of Phishing and
Malware Attacks
Phishing and malware are both common
cyber threats, but they differ significantly in
their methods and objectives.
Phishing typically involves social engineering
techniques to manipulate individuals into
revealing personal information, such as login
credentials or bank details. In phishing
attacks, the victim is usually deceived into
believing they are interacting with a
legitimate entity, like a bank or trusted
company. The attacker might send an email or
message with a fraudulent link that leads to a
fake website, where the victim is prompted to
input sensitive information.
On the other hand, malware refers to harmful
software designed to infiltrate a device,
either to cause damage, steal data, or gain
control over it. Unlike phishing, which relies
on manipulation through social engineering,
malware takes advantage of technical
vulnerabilities in a system to spread and
perform its malicious tasks. Once installed,
malware can perform various harmful actions,
such as encrypting files for ransom
(ransomware) or logging keystrokes to steal
personal information (keyloggers).
In summary, phishing uses social engineering
to deceive individuals into giving up sensitive
information, while malware exploits technical
vulnerabilities to compromise systems and
steal data.
Note on Social Engineering:
Social engineering involves manipulating
people into revealing confidential information
or performing actions that compromise
security, using psychological tactics rather
than technical methods. Common techniques
include phishing
(deceptive emails),
pretexting
(fabricating
scenarios), baiting
(offering
incentives), and impersonation (pretending to
be someone else). The attacker exploits trust,
fear, or curiosity to bypass security measures.
How to Protect Yourself and Organizations
1. Adopt Strong Password Practices: Use
complex passwords and enable multi-
factor authentication.
2. Regular Updates: Keep software and
systems updated to patch vulnerabilities.
3. Education and Awareness: Train
employees and individuals to recognize
phishing and other scams.
4. Backup Data: Regularly back up critical
information to minimize damage from
ransomware attacks.
5. Implement Advanced Security Measures:
Use intrusion detection systems, firewalls,
and endpoint security tools.
Conclusion
Cybersecurity is no longer optional; it is a
necessity. As cyber threats evolve, staying
vigilant and adopting comprehensive security
measures is crucial for individuals,
organizations, and governments. By
understanding the threats and proactively
implementing safeguards, we can ensure a
safer digital future.
*
Source
/Cybersecurity for dummies.
/CompTIA Security+ (SY0-701) Study Guide.
/ Wikipedia.

written by: -Yazan Anas Alshareef.