“Remember, the most successful cyber

assaults are those that exploit human

weakness, not technological flaws.”
- James Scott
Introduction to ICT Security
What is ICT Security?
• Protection of information systems and data
• Maintaining confidentiality, integrity, and availability
• Critical component of modern business operations
• Foundation of digital trust
The Security Triangle
Three Pillars of Information Security
1. Confidentiality - protection
2. Integrity - accuracy and completeness
3. Availability - accessible to authorized users

Also known as the CIA Triad

Real-World Application:
1. Banking Systems:
• Confidentiality: Protecting customer financial data
• Integrity: Ensuring accurate transaction records
• Availability: Maintaining 24/7 ATM services
2. Healthcare Systems:
• Confidentiality: Protecting patient records (HIPAA)
• Integrity: Maintaining accurate medical records
• Availability: Ensuring critical systems are always accessible
3. E-commerce:
• Confidentiality: Protecting customer payment information
• Integrity: Maintaining accurate product and pricing data
• Availability: Keeping the online store accessible
Challenges in Maintaining the CIA Triad:
1. Technical Challenges
2. Human Factors
3. Resource Constraints
Understanding Cyberattacks:
Protecting Your Digital World
What is a Cyberattack?
• refers to any malicious attempt to disrupt, damage, or gain
unauthorized access to computer systems, networks, or devices,
often with the intent to steal data, extort money, or cause harm.
• These attacks can target various elements of the digital infrastructure,
including software, hardware, data, and information systems.
• Cyberattacks can take many forms, including:
1. Malware
2. Phishing
3. Insider Threats
Types of Hackers in Cybersecurity
Classification by Ethics and Intent
1. White Hat Hackers - Ethical hackers who work to protect systems
2. Black Hat Hackers - Malicious hackers who breach systems for
personal gain
3. Grey Hat Hackers - Operate in the moral grey area between white
and black hats
Types of Hackers in Cybersecurity
Classification by Skill Level and Specialization
1. Script Kiddies - Inexperienced hackers who use existing tools and
scripts
2. Elite Hackers - Highly skilled professionals who create their own
tools
3. Hacktivist - Hackers motivated by social or political causes
4. State-Sponsored Hackers - Hackers employed by government
agencies
Understanding Malware: The
Threat Within
An Introduction to Malicious Software
Introduction to Malware
• short for malicious software, refers to any software intentionally
designed to cause damage to a computer, server, client, or computer
network.
• Malware is specifically created with malicious intent, such as stealing
sensitive information, damaging files, disrupting operations, or
gaining unauthorized access to systems.
Types of Malware
1. Virus
2. Worm
3. Trojan Horse
4. Ransomware
5. Spyware
6. Adware
Virus
• are malicious programs that infect files or software on a computer.
• is a piece of code or software program that is designed to infect,
replicate, and spread to other files or systems.

Example: "I Love You" virus (Onel de Guzman, May 2000)

Worm
• are self-replicating malware that spread across networks without
needing to attach themselves to other files or programs.
• A worm is a standalone malware program that replicates itself and
spreads independently without requiring user interaction.

Example: “Conficker” worm (Downadup or Kido, 2008)

Trojan Horse
• They trick users into downloading or installing them by appearing
harmless or useful. Once installed, Trojans can perform various
malicious activities, such as stealing sensitive information, providing
remote access to the attacker, or damaging files and systems.
• Named after the mythological wooden horse, Trojan horses are
malware disguised as legitimate software or files.
Ransomware
• is a type of malware that encrypts files or locks down a computer
system, rendering it inaccessible to the user. Attackers then demand
payment (usually in cryptocurrency) from the victim in exchange for
providing the decryption key or restoring access to the system.

Example: “WannaCry” (2017)

Spyware
• is malware designed to secretly monitor and collect information
about a user's activities on their computer or device.
• This information may include keystrokes, browsing history, login
credentials, and personal data. Spyware often operates stealthily in
the background without the user's knowledge or consent,
compromising their privacy and security.

Example: “FinFisher spyware” (FinSpy, 2011)

Adware
• is a type of malware that displays unwanted advertisements to users,
often in the form of pop-up ads, banners, or browser redirects.
• While adware itself may not be as harmful as other types of malware,
it can be intrusive and disruptive to the user's browsing experience.
Adware is typically bundled with free software or distributed through
deceptive advertising tactics.

Example: “Superfish adware”, (2014,2015)

How Malware Spreads?
• Common infection vectors (email attachments, malicious websites,
infected USB drives)
• Social engineering tactics used to trick users into downloading or
executing malware
• Exploiting software vulnerabilities to infect systems
Signs of Malware Infection
• Slow computer performance
• Pop-up advertisements
• Unexplained changes to files or settings
• Unauthorized access to sensitive information
• System crashes or freezes
Impact of Malware
• Financial losses due to data theft or ransom payments
• Damage to reputation and customer trust
• Disruption of business operations
• Legal and regulatory consequences
• Potential loss of intellectual property
Preventing Malware Infections
• Use reputable antivirus software and keep it updated
• Exercise caution when downloading files or clicking on links
• Keep operating systems and software patched and up to date
• Enable firewall protection
• Educate users about safe computing practices
Responding to Malware Infections
• Run antivirus scans to detect and remove malware
• Restore files from backups if necessary
• Report incidents to IT security personnel or authorities
PHISHING
• A cyber attack that uses disguised emails, websites, or messages as a
weapon.
• Aims to trick people into revealing sensitive information
• Attempts to deploy malicious software through deceptive links or
attachments
Types of Phishing:
1. Spear Phishing
• Targeted attacks aimed at specific individuals or organizations
• Uses personalized information to appear more credible
2. Whaling
• Highly sophisticated and well-researched attacks
• Often involves high-value financial transfers
3. Clone Phishing
• Replicates legitimate emails previously sent
• Uses trusted email addresses or domains
4. Vishing (Voice Phishing)
• Phone-based phishing attacks
• Often claims urgent action needed
INSIDER THREATS
Security risks that originate from within the organization

1. Malicious insiders
• Deliberate damage
• Data theft
• Sabotage
2. Negligent insiders
• Accidental exposure
• Policy violations
• Poor security practices
ESSENTIAL SECURITY SAFEGUARDS -
TECHNICAL CONTROL
1. FIREWALLS AND ANTIVIRUS
2. ENCRYPTION SYSTEMS
3. ACCESS CONTROL
4. NETWORK MONITORING
5. BACKUP SYSTEMS
1. Firewalls
• Network security device that monitors and filters incoming/outgoing
traffic.
• Acts as a barrier between trusted and untrusted networks
1. Antivirus Software
Primary Functions:
• Detect malware
• Remove threats
• Prevent infections
• Real-time protection
2. ENCRYPTION SYSTEMS
• Process of converting plaintext into ciphertext
• Uses mathematical algorithms
• Requires encryption keys
• Provides data confidentiality and security
3. ACCESS CONTROL SYSTEMS
• Security technique controlling who/what can view, use, or access
resources
• Enforces security policies
• Protects system resources
• Ensures data confidentiality and integrity
Ex:
1. Passwords
2. Security Questions
3. PINs
4. NETWORK MONITORING
• Continuous observation of network systems
• Security surveillance
• Issue detection and resolution
5. BACKUP SYSTEMS
• a set of redundant components, procedures, and resources designed
to maintain critical operations and protect assets in case primary
systems fail.
Purpose:
• Prevents data/functionality loss
• Maintains security during failures
• Enables quick recovery
Thank you!!!