ST4060CEM Digital Forensics Fundamentals

Submitted by: Submitted to:

Rajeev Kumar Shrestha Ganesh Bhusal
Student Id: 240186
Table of Contents
Introduction to Cybersecurity ............................................................................................................. 3

Password Security ............................................................................................................................. 4

Email Security ................................................................................................................................... 5

Social Engineering Awareness ......................................................................................................... 6

Device Security .................................................................................................................................. 7

Data Protection.................................................................................................................................. 8

Reporting Security Incidents ........................................................................................................... 9

Conclusion ........................................................................................................................................... 10

Introduction to Cybersecurity
Cybersecurity is about protecting computers, networks, and data from harm. In today's digital
world, attackers constantly look for ways to steal information, disrupt operations, or cause
damage.
 Real-Life Example:

In 2021, a ransomware attack

hit the Colonial Pipeline in
the US, shutting down fuel
supply to the East Coast for
days. This occurred because
attackers exploited a weak
password to access critical
systems.

Key Security Threats

• Malware: Malicious software like viruses, worms, and ransomware.

• Phishing: Deceitful tactics to trick users into revealing sensitive information.
• Denial-of-Service (DoS) Attacks: Overwhelming systems to prevent access.
• Social Engineering: Manipulating individuals to gain unauthorized access.
• Insider Threats: Malicious actions by employees or contractors.
• Data Breaches: Unauthorized access to sensitive data.
• Supply Chain Attacks: Targeting vulnerabilities in third-party software or hardware.
• Cloud Security Risks: Misconfigurations, data exposure, and unauthorized access in
cloud environments.

Password Security

Strong passwords act as the first line of defense against hackers.

Real-Life Example:

A major data breach at LinkedIn in 2016 exposed over 100 million passwords. Many were
simple ones like "123456," which made it easy for attackers to hack accounts.

Action:

Use a password manager like LastPass or Dashlane to generate and store secure passwords.

Email Security

Phishing emails remain one of the most common ways attackers gain access to sensitive data.
Real-Life Example:

In 2020, Twitter employees fell victim to a phishing attack where attackers posed as IT staff.
This led to a massive account hack, including those of public figures like Elon Musk and
Barack Obama.

How to Identify Phishing Emails:

1. Check the sender’s email address: Does it look official?

2. Look for urgent language: Scammers often say, "Act now!"
3. Avoid clicking links or downloading attachments unless you're sure they're safe.

Social Engineering Awareness

Attackers manipulate people into sharing sensitive information.

Real-Life Example:

In 2016, an attacker used pretexting to impersonate a CEO via email, tricking an employee
into transferring $47 million in a business email compromise (BEC) scam.

Device Security

Devices like laptops and smartphones are treasure troves for attackers.
Real-Life Example:

In 2019, Jeff Bezos’ smartphone was

hacked through a malicious video file
sent via WhatsApp. This breach exposed
sensitive data.

Data Protection

Sensitive data must always be safeguarded against unauthorized access.

Real-Life Example:

In 2023, a healthcare organization accidentally exposed patient data by failing to encrypt their
backups. This led to legal penalties and loss of trust.

Reporting Security Incidents

Prompt reporting can prevent minor issues from becoming major breaches.
Key Components of a Security Incident Report

• Incident Identification: Date, time, type, severity

• Incident Description: Detailed narrative, affected systems, potential impact
• Root Cause Analysis: Vulnerabilities, attack vectors, security control review
• Timeline: Discovery, notification, containment, investigation, remediation
• Affected Parties: Internal and external
• Evidence and Artifacts: Logs, network traffic, malware, screenshots
• Lessons Learned and Recommendations: Improvements, enhanced controls,
incident response plan review

Effective Reporting Practices

• Prompt Reporting: Report incidents immediately.

• Clear and Concise Communication: Use clear language.
• Document Thoroughly: Maintain detailed records.
• Collaborate with Experts: Seek assistance as needed.
• Regular Review: Review and update incident response plans.

Real-Life Example:

In 2013, Target failed to act quickly after a contractor reported unusual network activity. This
delay allowed attackers to steal 40 million credit card details.

How to Report at MeroXYZ:

• Email: [email protected]
• Call: [Insert Helpdesk Number]

When to Report:

• Suspicious emails or pop-ups.

• Unauthorized access to your device.
• Lost or stolen company devices.

Conclusion
Cybersecurity requires everyone’s participation. By following these best practices, you can
help protect MeroXYZ’s data, reputation, and operations.
Key Takeaways:

• Use strong, unique passwords.

• Stay cautious of phishing emails and social engineering.
• Secure your devices with encryption and locks.
• Report anything unusual to the security team immediately.

Closing Note:

Cybersecurity isn’t just a responsibility; it’s a mindset. Together, we can make MeroXYZ
safer for everyone.