S-ITCS111Module 2: Digital Security

What is Cybersecurity?
- Cybersecurity is the effort to protect individuals, organizations, and governments from
malicious digital attacks by protecting networked systems and data from unauthorized
use or harm.
There are three levels of protection that currently in the world today:
1. Personal
o These are data on a personal level, you need to safeguard your identity, your
data, and your computing devices from malicious attacks.
2. Organizational
o At an organizational level, it is everyone's responsibility to protect the
organization's reputation, data and customers.
3. Government
o Its protection becomes even more vital at the government level, where national
security, economic stability and the safety and wellbeing of citizens are at stake.

Personal Data
- Any information that can be used to identify you whether it would be your name, age,
birthday, or address and it can exist in offline and online
o Offline Identity
▪ Real-life persona that you present in the real world
▪ People close to you like family, friends, and co-workers know about every
detail of your personal life
o Online Identity
▪ Activities you present to others online
▪ Username or alias you use for your online accounts, as well as the social
identity

How do hackers obtain your data?

1. Medical Records
2. Educational records
3. Employment and financial records

Identity Theft
- Long-term gain by using identity theft to their advantage
- Stealing once identity to access your bank account and commit other crimes

Not all people who wants your data are criminals, there are huge companies and
business that uses data from their users to build their own profile about you and cater to
your needs. These are examples of them:
- Your internet provider (ISP)
o Tracks your online activity
o In some countries, they are legally allowed to sell this data to advertisers for a
profit.
- Advertisers
o Monitor and track your online activities such as your shopping habit, sites you
visit, and personal preferences and send those target ads your way.
- Search engines and social media platforms
o Gathers information based on your search history and online identity.
 - Websites your visit
o Use cookies to track your activities in order to provide a more personalized
experience.

Organizational Data
- Traditional data is typically generated and maintained by all organizations, big and small.
This can include the following:
o Transactional Data
▪ Details relating to buying and selling, productions activities and basic
organizational operation such as any information used to help make
employment decisions.
o Intellectual Property
▪ These are patents, trademarks, and new product plans, which allows an
organization to gain economic advantage over its competitors.
▪ This information is often sensitive or considered as an organization trade
secret and losing it could prove disastrous for the future of the company.
o Financial Data
▪ Such as income statements, balance sheets, and cash flow statements,
which provide insight into the health of the company's assets.

Internet of Things (IoT) and Big Data

- Large network of physical objects, such as sensors, software and other equipment.
- All of these 'things' are connected to the Internet, with the ability to collect and share
data.
o And given that storage options are expanding through the cloud and
virtualization, it's no surprise that the emergence of IoT has led to an exponential
growth in data, creating a new area of interest in technology and business called
'Big Data'.

McCumber Cube
- Model framework created by John McCumber in 1991
- Help organizations establish and evaluate information security initiatives by considering
all of the related factors that impact them.
- This security model has three dimensions:
o The foundational principles for protecting information systems.
▪ Confidentiality
• Set of rules that prevents sensitive information from being
disclosed to unauthorized people, resources and processes.
• This includes data encryption, identity proofing and two factor
authentication.
▪ Integrity
• Ensures that system information or processes are protected from
intentional or accidental modification.
• Use a hash function or checksum.
▪ Availability
• Authorized users are able to access systems and data anytime,
anywhere and those who do not meet those conditions cannot.

o The protection of information in each of its possible states.

▪ Processing
 • Data that is being used to perform an operation such as updating
a database, creating a new database, or destroying a record.
▪ Storage
• Data stored in memory or on a permanent storage device such as
a hard drive, solid-state drive, M.2, or Flash drive.
▪ Transmission
• Data traveling between information systems in data transit.
o The security measures used to protect data.
▪ Awareness, training and education
• Measures put in place by an organization to ensure that users
know about potential security threats and actions that they can
take to protect themselves and their organization.
▪ Technology
• Software and hardware-based solutions design to protect the
information of the organizations. This could be firewalls, which
continuously monitor the network for any bad actors or malicious
incidents that may occur.
▪ Policy and procedure
• Administrative controls that provide a foundation for how an
organization implements information assurance, such as incident
response plans and best practice guidelines.

Phishing
- Fraudulent practice of sending emails or other messages that is imitating reputable
companies or organization in order to induce or convince the individual to enter their
information such as passwords, credit card information, or personal information out of
sheer fear or manipulation.

Consequences of a Security Breach

- Reputational Damage
o A breach may create a long-term impact as investors, consumers, and the public
eye would lose trust quickly if knowing that the organization neglected to protect
their private data from bad actors.
o Customers that may have been affected by the breach may ask for
compensation from the company, causing a huge stir of scandals and loss of
money.
- Vandalism
o A hacker group may cause damage or prevent an organization to use their
services while also posting untrue information.
o They might even make a few edits inside the organizations databases, causing
huge confusion and can cause hindrances on the organization workflow.
- Theft
o Breach could cause massive leak of sensitive data that may become available
online for everyone to see, destroying its credibility and the organizations trust
with its consumers.
- Loss of revenue
o Financial impact of a security breach can be devastating.
o Hackers can take down an organization’s website, prevent it from doing it
business.
 oA loss of customers, maybe lead to loss of revenue and funds for the
organization to stay afloat.
o Organization may also face large fines or penalties for losing its users data.
- Damaged intellectual property
o Hacker may destroy an organization's documents, trade secrets, or destroy
intellectual property.

Type of Cyber Attackers

- Amateur Hacker
o The term 'script kiddies' emerged in the 1990s and refers to amateur or
inexperienced hackers who use existing tools or instructions found on the
Internet to launch attacks.
- Hackers
o This group of attackers break into computer systems or networks to gain access.
Depending on the intent of their break they can be classified as:
▪ White Hat
• Hackers break into networks or computer systems to identify any
weaknesses so that the security of a system or network can be
improved.
• They would soon notify their employer as these break-ins are
done prior and the results provided are then given back.
▪ Gray hat
• Attackers may set out to find vulnerabilities in a system, but they
will only report their findings to the owners of a system if doing so
coincides with their agenda or they may publish it to a journalist to
expose or give details about the exploitation.
▪ Black hat
• Attackers take advantage of any vulnerability for illegal personal,
financial or political gain.
• These types of people are often marked as criminals, stealing
valuable data, extorting organizations, or causing harm to others
with the data they received illegally.
- Organized hackers
o These attackers include organizations of cyber criminals, hacktivists, terrorists
and state-sponsored hackers.
o They are usually highly sophisticated and organized and may even provide
cybercrime as a service to other criminals for their own gain.
▪ Hacktivists
• Make political statements that disrupts and creates awareness
about issues that are important to them.
▪ State-sponsored
• Attackers gather intelligence or commit sabotage on behalf of their
government.
• They are highly trained, well-funded, and protected by a bigger
entity and work under the benefit of the government.

Internal Attacks
- employees, contracted staff or trusted partners can accidentally or intentionally
mishandle organizational data.
External attacks
- Amateurs or skilled attackers outside of the organization, these can be hired, criminal
intentions, or people who are looking to just exploit the system for fun

Cyberattacks (Malware and Methods of Infiltration)

Malware
- Code that can be used to steal data, bypass access controls, or cause harm to
compromise a system

Types of Malwares
- Spyware
o Designed to track and spy on you
o Monitors online and offline activity
- Adware
o Often installed with version of software
o Automatically deliver advertisements to a use through browser
- Backdoor
o Gain unauthorized access by bypassing authentication procedures
- Ransomware
o Hold computer system or data it contains captive until payment is made
- Scareware
o Scare tactics to trick into taking specific actions
o Operating system style windows that pop up to warn you that your system is at
risk and needs to run a specific program for it to return to normal operation
- Rootkit
o Modify the operating system to create a backdoor, which attackers can then use
to access your computer remotely
- Virus
o Computer program that, when executed, replicates and attaches itself to other
executable files, such as a document, by inserting its own code
o Require end-user interaction to initiate activation and can be written to act on a
specific date or time.
- Trojan Horse
o Carries out malicious operations by masking its true intent
- Worms
o Replicates itself in order to spread from one computer to another
o Worms can run by themselves

Symptoms of Malware
- Increase of CPU usage
- Decreased web browsing speed
- Unexplainable problems with network connection errors
- Modified or deleted files
- Presence of unknown files
- Unknown process in the background
- Programs turning off or opening by Themselves
- Send messages and emails without consent
Methods of Entrance

1. Social Engineering
o Manipulation of people into performing actions or divulging confidential
information
▪ Pretexting
• This is when an attacker calls an individual and lies to them in an
attempt to gain access to privileged data.
▪ Tailgating
• This is when an attacker quickly follows an authorized person into
a secure, physical location.
▪ Something for something
• This is when an attacker requests personal information from a
person in exchange for something, like a free gift.
2. Denial-of-Service
o Network attack that is relatively simple to carry out, even by an unskilled attacker
3. Distributed DoS
o Similar to a dos attack but originates from multiple, coordinated sources.
4. Botnet
o Bot computer is typically infected by visiting an unsafe website or opening an
infected email attachment or infected media file.
5. SEO Poisoning
o N You’ve probably heard of search engine optimization or SEO
o which is about improving an organization’s website so that it
o gains greater visibility in search engine results
6. Wi-Fi Password Cracking
o Similar to a dos attack but originates from multiple, coordinated sources.
7. Password Attacks
o Bot computer is typically infected by visiting an unsafe website or opening an
infected email attachment or infected media file.
▪ Password Spraying
• This technique attempts to gain access to a system by ‘spraying’ a
few commonly used passwords across a large number of
accounts.
▪ Dictionary Attacks
• A hacker systematically tries every word in a dictionary or a list of
commonly used words as a password in an attempt to break into a
password-protected account.
▪ Brute Force Attacks
• The simplest and most commonly used way of gaining access to a
password-protected site, brute-force attacks see an attacker using
all possible combinations of letters, numbers and symbols in the
password space until they get it right.
▪ Rainbow Attacks
• Passwords in a computer system are not stored as plain text, but
as hashed values (numerical values that uniquely identify data). A
rainbow table is a large dictionary of precomputed hashes and the
passwords from which they were calculated.
 8. Advanced Persistent Threats
o Bot computer is typically infected by visiting an unsafe website or opening an
infected email attachment or infected media file.

Security Vulnerabilities
- Hardware Vulnerability
o Hardware vulnerabilities are specific to device models and are not generally
exploited through random compromising attempts.
o While hardware exploits are more common in highly targeted attacks, traditional
malware protection and good physical security are sufficient protection for the
everyday user.
- Software Vulnerability
o Software vulnerabilities are usually introduced by errors in the operating system
or application code.
▪ Non-Validated Output
• Programs often require data input, but this incoming data could
have malicious content, designed to force the program to behave
in an unintended way.
▪ Buffer Overflow
• Buffers are memory areas allocated to an application. A
vulnerability occurs when data is written beyond the limits of a
buffer.
▪ Race Conditions
• This vulnerability describes a situation where the output of an
event depends on ordered or timed outputs.
▪ Access Control Problem
• Access control is the process of controlling who does what and
ranges from managing physical access to equipment to dictating
who has access to a resource, such as a file, and what they can
do with it, such as read or change the file.
▪ Weakness in Security Practice
• Systems and sensitive data can be protected through techniques
such as authentication, authorization and encryption.

Software Updates
- The goal of software updates is to stay current and avoid exploitation of vulnerabilities.

Protecting your Data & Privacy

- Steps to protecting your devices
o Turn the firewall on.
o Install anti-virus and antispyware
o Manage your Operating system and browser
o Set up password protection
Wi-Fi Security at Home
- Wireless networks allow Wi-Fi enabled devices, such as laptops and tablets, to connect
to the network by way of a preset network identifier, known as the service set identifier
(SSID).
o Hackers will be aware of the preset SSID and default password. Therefore, these
details should be changed to prevent intruders from entering your home wireless
network.

Public Wi-Fi Risks

- When you are away from home, you can access your online information and surf the
Internet via public wireless networks or Wi-Fi hotspots.
- However, there are some risks involved, which mean that it is best not to access or send
any personal information when using public Wi-Fi.

A Strong Password
- Do not use dictionary words or names in any languages
- Do not use common misspellings of dictionary words
- If possible, use special characters such as ! @ # $ % ^ & * ( )
- Do not use computer names or account names
- Use a password with more than ten characters

A Strong Password by NIST

- The United States National Institute of Standards and Technology (NIST) has published
improved password requirements:
o Passwords should be at least eight characters, but no more than 64 characters.
o Common, easily guessed passwords, such as “Password” or “abc123” should not
be used.
o There should be no composition rules, such as having to include lower and
uppercase letters and numbers.
o Users should be able to see the password when typing, to help improve
accuracy.
o All printing characters and spaces should be allowed.
o There should be no password hints.
o There should be no password expiration period.
o There should be knowledge-based authentication, such as having to provide
answers to secret questions or verify transaction history

Using a Passphrase
- Choose a statement that is meaningful
- Add special characters such as !@#$%^&*()
- The longer the better
- Avoid common or famous statements, for example, lyrics from a popular song
Encryption
- Encryption is the process of converting information into a form in which unauthorized
parties cannot read it.
- How do you Encrypt?
o Select one or more files or folders
o Right Click the selected data and go to “properties”.
o Find and click “Advanced.”
o Select the “Encrypt contents to secure data” check box.
o Files and folders that have been encrypted with EFS are displayed in green as a
show here.

Backing Up Data
- Home Network
o Storing your data locally means that you have total control of it.
- Secondary Location
o You could copy all of your data to a network attached storage device (NAS), a
simple external hard drive or maybe even back up important folders on thumb
drives, CDs, DVDs or tapes.
- The Cloud
o You could subscribe to a cloud storage service, like Amazon Web Services
(AWS). The cost of this service will depend on the amount of storage space you
need, so you may need to be more selective about what data you back up

Completely Deleting Data

- Overwrite Data
o The data must be overwritten with ones and zeroes multiple times, using tools
specifically designed to do just that.
- Destruction
o Completely destroying your hard drive physically will permanently delete data
and make it unusable.

Reading Terms of Service

- Data use Policy
o This outlines how the service provider will collect, use and share your data.
- Privacy Settings
o Allow you to control who sees your information about you and who can access
your profile or account data.
- Security Policy
o The security policy outlines what the company is doing to secure the data it
obtains from you.

Safeguarding Your Online Privacy

- Two-Factor Authentication
o Besides your username and password or personal identification number (PIN),
two factor authentication requires a second token to verify your identity.
- Open Authorization
o Open authorization (OAuth) is an open standard protocol that allows you to use
your credentials to access third-party applications without exposing your
password.
- Social Sharing
o Don’t share all your personal information online.
- Don’t Get Spoofed
o A simple forged or spoofed email can lead to a massive data breach and perhaps
cause irreversible damage to your reputation.
- Email and Web Browser Privacy
o These problems can be minimized by enabling the in-private browsing mode on
your web browser. Many of the most commonly used web browsers have their
own name for private browser mode