CYB-201

Introduction to cyber security

and strategy.
Mr. Achor Shedrach Sunday
 introduction
Cyber security is the most concerned matter as cyber
threats and attacks are overgrowing. Attackers are
now using more sophisticated techniques to target the
systems. Individuals, small-scale businesses or large
organization, are all being impacted. So, all these firms
whether IT or non-IT firms have understood the
importance of Cyber Security and focusing on adopting
all possible measures to deal with cyber threats.
 What is cyber security?
"Cyber security is primarily about people, processes,
and technologies working together to encompass the
full range of threat reduction, vulnerability reduction,
deterren ce, in tern ation al en gagemen t, in ciden t
response, resiliency, and recovery policies and
activities, including computer network operations,
information assurance, law enforcement, etc."
Cyber security is the body of technologies, processes, and
practices designed to protect networks, computers, programs
and data from attack, damage or unauthorized access.
• The term cyber security refers to techniques and
practices designed to protect digital data.
• The data that is stored, transmitted or used on an
information system.
Cyber security is the protection of Internet-connected systems,
including hardware, software, and data from cyber attacks.
It is made up of two words one is cyber and other is security.
• Cyber is related to the technology which contains systems,
network and programs or data.
• Whereas security related to the protection which includes
systems security, network security and application and
information security.
 Why is cyber security important?
Listed below are the reasons why cyber security is so important in
what’s become a predominant digital world:
• Cyber attacks can be extremely expensive for businesses to
endure.
• In addition to financial damage suffered by the business, a data
breach can also inflict untold reputational damage.
• Cyber-attacks these days are becoming progressively
destructive. Cybercriminals are using more sophisticated ways
to initiate cyber attacks.
• Regulations such as GDPR are forcing organizations into
taking better care of the personal data they hold.
Because of the above reasons, cyber security has become an
important part of the business and the focus now is on
developing appropriate response plans that minimize the
damage in the event of a cyber attack.
But, an organization or an individual can develop a proper
response plan only when he has a good grip on cyber security
fundamentals.
Cyber security concepts or Fundamentals
• Confidentiality
• integrity
• availability
 – Confidentiality:
Confidentiality is about preventing the disclosure of
data to unauthorized parties.
It als o mean s try i n g to keep th e i den ti ty o f
authorized parties involved in sharing and holding
data private and anonymous.
Often confidentiality is compromised by cracking
poorly encrypted data, Man-in-the-middle
(MITM) attacks, disclosing sensitive data
Standard measures to establish confidentiality
include:
• Data encryption
• Two-factor authentication
• Biometric verification
• Security tokens
Integrity
Integrity refers to protecting information from being
modified by unauthorized parties.
Standard measures to guarantee integrity include:
• Cryptographic checksums
• Using file permissions
• Uninterrupted power supplies
• Data backup
 Availability
Availability is making sure that authorized parties
are able to access the information when needed.
Standard measures to guarantee availability include:
• Backing up data to external drives
• Implementing firewalls
• Having backup power supplies
• Data redundancy
 Cyber attack
A cyber-attack is an exploitation of computer systems
and networks. It uses malicious code to alter computer
code, logic or data and lead to cybercrimes, such as
information and identity theft.

Cyber-attacks can be classified into the following

categories:
1) Web-based attacks
2) System-based attacks
 Web-based attacks
These are the attacks which occur on a website or
web applications. Some of the important web-based
attacks are as follows-
1. Injection attacks
It is the attack in which some data will be injected into a web application
to manipulate the application and fetch the required information.
Example- SQL Injection, code Injection, log Injection, XML Injection etc.

2. DNS Spoofing
DNS Spoofing is a type of computer security hacking. Whereby a data is
introduced into a DNS resolver's cache causing the name server to
return an incorrect IP address, diverting traffic to the attackers
computer or any other computer. The DNS spoofing attacks can go on
for a long period of time without being detected and can cause serious
security issues.
3. Session Hijacking
It is a security attack on a user session over a protected
network. Web applications create cookies to store the state
and user sessions. By stealing the cookies, an attacker can
have access to all of the user data.

4. Phishing
Phishing is a type of attack which attempts to steal sensitive
information like user login credentials and credit card number.
It occurs when an attacker is masquerading as a trustworthy
entity in electronic communication.
5. Brute force
It is a type of attack which uses a trial and error method. This attack
generates a large number of guesses and validates them to obtain
actual data like user password and personal identification number.
This attack may be used by criminals to crack encrypted data, or by
security, analysts to test an organization's network security.

6. Denial of Service
It is an attack which meant to make a server or network resource
unavailable to the users. It accomplishes this by flooding the target
with traffic or sending it information that triggers a crash. It uses
the single system and single internet connection to attack a server.
Denial of Service It can be classified into the following:-

Volume-based attacks- Its goal is to saturate the bandwidth

of the attacked site, and is measured in bit per second.
Protocol attacks- It consumes actual server resources, and
is measured in a packet.
Application layer attacks- Its goal is to crash the web
server and is measured in request per second.
7. Dictionary attacks
This type of attack stored the list of a commonly used
password and validated them to get original password.

8. URL Interpretation
It is a type of attack where we can change the certain parts
of a URL, and one can make a web server to deliver web
pages for which he is not authorized to browse.
9. File Inclusion attacks
It is a type of attack that allows an attacker to access
unauthorized or essential files which is available on the
web server or to execute malicious files on the web
server by making use of the include functionality.

10. Man in the middle attacks

It i s a ty pe o f attack th at allo w s an attacker to
intercepts the connection between client and server and
acts as a bridge between them. Due to this, an attacker
will be able to read, insert and modify the data in the
intercepted connection.
 System-based attacks
These are the attacks which are intended to
compromise a computer or a computer network.
Some of the important system-based attacks are
as follows-
1. Virus
It is a type of malicious software program that
spread throughout the computer files without
the knowledge of a user. It is a self-replicating
malicious computer program that replicates by
inserting copies of itself into other computer
programs when executed. It can also execute
instructions that cause harm to the system.
2. Worm
It is a type of malware whose primary function is to replicate itself
to spread to uninfected computers. It works same as the
computer virus. Worms often originate from email attachments
that appear to be from trusted senders.
3. Trojan horse
It is a malicious program that occurs unexpected changes to
computer setting and unusual activity, even when the computer
should be idle. It misleads the user of its true intent. It appears to
be a normal application but when opened/executed some
malicious code will run in the background.
4. ackdoorsB
It is a method that bypasses the normal authentication process. A
developer may create a backdoor so that an application or operating
system can be accessed for troubleshooting or other purposes.
5. Bots
A bot (short for "robot") is an automated process that interacts with
other network services. Some bots program run automatically, while
others only execute commands when they receive specific input.
Common examples of bots program are the crawler, chatroom bots, and
malicious bots.
The 7 layers of cyber security
The 7 layers of cyber security should centre on the mission
critical assets you are seeking to protect.
1: Mission Critical Assets – This is the data you need to
protect
2: Data Security – Data security controls protect the storage
and transfer of data.
3: Application Security – Applications security controls protect
access to an application, an application’s access to your
mission critical assets, and the internal security of the
application.
4: Endpoint Security – Endpoint security controls protect the
connection between devices and the network.
5: Network Security – Network security controls protect an
organization’s network and prevent unauthorized access of the
network.
6: Perimeter Security – Perimeter security controls include both
the physical and digital security methodologies that protect the
business overall.
7: The Human Layer – Humans are the weakest link in any cyber
security posture. Human security controls include phishing
simulations and access management controls that protect mission
critical assets from a wide variety of human threats, including
cyber criminals,
malicious insiders, and negligent users.
THANK YOU
ALL