TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

1
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

Cyber Security
IT4204

Class Schedule

✓ Monday: 2:30 - 5:30 A.M Local Time

✓ Room: R16A

2
 Chapter outline
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

» Introduction
» Evolution of cyber security
» Targets of criminal hackers
» Principles of cyber security
» Implementing the principles
» Cyber security professionals
» Cyber security objectives
» General cyber security tips

3
 Chapter one: Introduction
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Cyberspace:
» The environment in which communication over computer networks occurs.
❖ Security:
» We could not find a clear cut definition for security.
» Security is a process of maintaining an acceptable level of perceived risk.
❖ Cyber Security:
» It is all about protecting computers, networks, programs and data from
unintended or unauthorized access, change or destruction.

4
 …Introduction
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Cyber Security (ITU Definition):

» Cyber security is the collection of tools, policies, security concepts, security
safeguards, guidelines, risk management approaches, actions, training, best
practices, assurance and technologies that can be used to protect the cyber
environment, organization and user’s assets.
❖ The organization and user’s assets :
» Connected computing devices, personnel, infrastructure,
» Applications, services,
» Telecommunications systems, and the totality of transmitted and/or stored
information in the cyber environment.

5
 …Introduction
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Information security :
» The system of designing mechanisms to maintain confidentiality, integrity and
availability of data.
❖ The CIA triad of information security:
» Confidentiality: Ensures that data or information systems are accessed only by
authorized users.
» Integrity: Ensures that data is edited only by authorized users and remains in
its original state when at rest.
» Availability: Data and information systems are available when required.

6
 …Introduction
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Cyber crime:
» It is any crime that involves a computer and network. The computer can be
used as a weapon of crime, or it may be the target.
» We will try to see some of the most common cyber crimes types and their
respective prevention/mitigation mechanisms.
❖ Hacking/Cracking:
» An illegal intrusion into computer system or network.
» Government websites are the hot targets of many hackers due to the coverage
they receive.
» Prevention: Implementing proper IDS/IPS mechanism.

7
 …Introduction
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Phishing:
» Fraudulent attempt, usually made using email to steal your personal
information. The personal information can be username, password, credit card
details etc.
» Prevention: Unsolicited e-mail filtering mechanism
❖ Denial of Service (DoS/DDoS) :
» An act where criminals floods bandwidth of the victim's network.
» DoS: Attacks are launched from single host.
» DDoS: Attacks are launched from multiple hosts.
» Prevention: Availability service such as access control service (X.800 and RFC
2828) and implementing proper IDS/IPS on firewall.
8
 …Introduction
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

9
 …Introduction
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Email Spam:
» It is an electronic version of junk mail which involves sending unwanted
messages, often unsolicited advertisements to a large number of recipients. It
is used to deliver different types of malicious codes to the victim.

» Prevention: Unsolicited e-mail filtering mechanism, anti virus etc. 10

 …Introduction
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Malware: Malicious software (virus, worms and Trojan) which are specifically
designed to disrupt or damage computer systems or mobile devices. Hackers use
them as a means to extract personal information such as passwords, usernames
and credit card details.
» Virus: Attach themselves to a computer and file and then circulate to other
files and computers in the network with the intention of altering or deleting
the files.
» Worms: They don’t attach themselves to other files but they make many
copies of themselves to eat up the system’s available memory.
» Trojan: Act themselves as something important, fun or helpful while their
intention is causing harm or stealing information.
» Prevention: Installing antivirus, using anti-adware and spy-ware tools 11
 …Introduction
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Ransom ware:
» Hackers use this program to lock you out of your device and demand a ransom
in return for access.
» Prevention: Install antivirus software, protect ports and harden endpoints.
❖ ATM Skimming:
» Installing a skimming machine keypad on top of the genuine ATM machine
keypad which appears as genuine part of the true machine to the user.
» It then collect credit card number and corresponding PIN which will help them
to make fraudulent transaction later on.
» Prevention: Make a quick scan, check the keypad before using it or use other
options like mobile wallets.
12
 Evolution of cyber security
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Although cyber security has evolved hugely over the past two decades, the
evolution of cyber-security has gone hand in hand with the developments of
communication technology.
❖ Let’s take a look at some of the more notable incidents in the history of hacking
and cyber security.
❖ The first hacker:
» Technically, the very first cyber-attack occurred in France in 1834.
» In 1940, Rene Carmille became the first ethical hacker.
» In 1962, the first computer passwords had been set up by MIT to limit students’ time on
the computers and provide privacy for their computer use.
» The first computer virus is believed to have been used in 1969 at the University of
Washington Computer Center.
» Kevin Mitnick is often referred to as the first cybercriminal. 13
 …Evolution of cyber security
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Cyber-security: Started in 1971 when Bob Thomas a computer programmer with

BBN, created and deployed a virus that served as a security test.
» It was not malicious but did highlight areas of vulnerability and security flaws.
» The virus was named “Creeper,” and it was designed to move across ARPANET
(Advanced Research Projects Agency Network) – the forerunner to what we
now call the internet. ARPANET was established by the U.S. Department of
Defense.
» In response, Ray Tomlinson, Thomas’ colleague created the Reaper Program. It
moves through the ARPANET, replicating itself, and finds copies of the Creeper.
When it locates the copies, it logs them out. The Reaper was the first attempt
at cyber-security – the first antivirus software program.
14
 …Evolution of cyber security
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Reading assignment: Crucial moments in cyber history: Read and know more about
these cyber security incidents.
» The first network freeze, 1988
» The Department of Homeland Security, 2002
» The birth of Anonymous, 2003
» Operation Aurora, 2009
» Stuxnet, 2010
» Eternal Blue and ransom-ware attacks, 2017
» General Data Protection Regulation (GDPR), 2018
» The Twitter hack, 2020
» Remote work - The new norm, more security features coming in 2021
» Artificial intelligence (AI) enabled cyber security 15
 Targets of criminal hackers
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Organization design, filings and registrations

» Organizations that provide detailed descriptions of devices they have access
to, including the type of software and hardware that they have installed easily
are primary targets of hackers.
» Once hackers know that a certain person holds access to a possibly vulnerable
point in an organization’s tech security, they get an idea on who they should
hack first.
» By digging online, you can find all forms of registration such as public bidding,
publicly accessed files, subscribers, and many more.
» Having that knowledge can easily help a hacker prepare for a massive online
attack that can take down an entire organization’s website and database.
16
 …Targets of criminal hackers
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Subscriptions and payments

» Hackers are most likely to hack devices and accounts owned by a person that
make online payments or purchases.
» Smartphones, emails and online payment systems contain a wealth of
personal information; including credit cards and banking statements.
» Hacking these systems make it easy for every criminal hacker to achieve
identity theft.

17
 …Targets of criminal hackers
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Social media accounts, emails, passwords

» After hackers gain access to social media accounts of individuals, it enables
them to gain access to other personal details, such as passwords, emails, and
mobile phone numbers.
» Emails serve as the hub of your personal information because it serves as a
control point for all your passwords, online payment accounts, among others.
» Once hackers are able to find a single password, they are almost certain that a
user may use them for different accounts or use a variation of it for other
logins.

18
 …Targets of criminal hackers
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Physical hardware
» It is easiest to steal information when you have physical access to a device
such as a smartphone or a personal computer.
» You can easily check all accessed accounts through the registry, browser
history, or saved passwords without even having to use a code.
» Having physical access to a device also enables you to make it possible to plant
a listening device into its system in order to phish out any additional
information at any point in the future.

19
 …Targets of criminal hackers
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Target locations
» If a hacker cannot find any vulnerability in a system that he wants to hack, the
next thing that he will try to find is where the computer system is located.
» This will allow him to further study vulnerabilities through social engineering,
dumpster diving, or even gaining physical access to a targeted device.
» Every device connected through the internet has an IP address and can be
easily searched for in order to figure out where it is located.
» A hacker, on the other hand, knows how to hide his location in order to
remain undetected while he launches an attack.

20
 Principles of cyber security
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ The purpose of cyber security principles is to provide strategic guidance on how an

organization can protect their systems and data from cyber threats.
❖ These cyber security principles are grouped into four key activities:
» Govern
» Protect
» Detect
» Respond

21
 …Principles of cyber security
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Govern principles:
» G1: A Chief Information Security Officer provides leadership and oversight of
cyber security.
» G2: The identity and value of systems, applications and data is determined and
documented.
» G3: The confidentiality, integrity and availability requirements for systems,
applications and data are determined and documented.
» G4: Security risk management processes are embedded into organizational risk
management frameworks.
» G5: Security risks are identified, documented, managed and accepted both
before systems and applications are authorized for use, and continuously
throughout their operational life. 22
 …Principles of cyber security
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Protect principles:
» P1: Systems and applications are designed, deployed, maintained according to
their value and their confidentiality, integrity and availability requirements.
» P2: Systems and applications are delivered and supported by trusted suppliers.
» P3: Systems and applications are designed and configured to reduce the attack
surface.
» P4: Only trusted and supported operating systems, applications and computer
code can execute on systems.
» P5: Data is encrypted at rest and in transit between different systems.
» P6: Data, applications and configuration settings are backed up in a secure and
proven manner
23
 Principles of cyber security
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Detect principles:
» D1: Event logs are collected and analyzed in a timely manner to detect cyber
security events.
» D2: Cyber security events are analyzed in a timely manner to identify cyber
security incidents.
❖ Respond Principles:
» R1: Cyber security incidents are reported both internally and externally to
relevant bodies in a timely manner.
» R2: Cyber security incidents are contained, eradicated and recovered from in a
timely manner.
» R3: Business continuity and disaster recovery plans are enacted when
required. 24
 Implementing the principles
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ A given organization can use the following maturity model to assess the
implementation of individual principles, groups of principles or the cyber security
principles as a whole.
» Incomplete: The principles are partially implemented.
» Initial: The cyber security principles are implemented, but in a poor or ad hoc
manner.
» Developing: The principles are sufficiently implemented on a project-by-
project basis.
» Managing: The cyber security principles are established as standard business
practices and robustly implemented throughout the organization.
» Optimizing: A continuous improvement exists for the implementation of the
cyber security principles throughout the organization 25
 Cyber security professionals
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Cyber security professionals are the rock-stars of the computer world today. There
are many different positions in this field and can be found in businesses, voluntary
agencies, government agencies etc.
❖ They can work as:
» Ethical hackers
» Source code auditors
» Security architects
» Computer crime investigators
» Security consultants
» Cryptographers
» Security analysts

26
 Cyber security objectives
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Protect critical assets

» Critical assets are responsible to ensure the smooth functioning of a business.
» Protecting Infrastructure, systems, data, Intellectual property, and business
continuity of the given organization is critical because their compromise can
have severe consequences, such as financial loss, damage to reputation, or
legal consequences.
» One way to protect critical assets is by implementing robust security measures
such as firewalls, encryption, and access controls.
» Regularly updating software and hardware, as well as training employees on
cyber security best practices can also help prevent cyber-threats.
» Additionally, organizations should have a comprehensive disaster recovery
(DR) plan in place in case of any cyber-attack or security breach. 27
 …Cyber security objectives
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Disruption to ongoing operations

» Cyber-attacks can disrupt business operations which can lead to loss of
productivity, revenue, and customer trust.
» Implement a robust disaster recovery plan that outlines the steps to be taken
in the event of a cyber-attack or other emergency.
» It is also important to invest in robust cyber-security measures such as
intrusion detection systems and backup systems that can help prevent or
mitigate the impact of cyber-threats.
» Organizations must ensure that their systems and networks remain operational
by having an incident response plan in place and regularly testing the system
for vulnerabilities.
28
 …Cyber security objectives
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Protect the privacy of customer data

» It is a prime responsibility of businesses to protect customer data such as
credit card information, names, addresses, and social security numbers
(SSNs) from unauthorized access, theft, or misuse.
» To protect customer data, organizations can implement security measures such
as data encryption, secure servers, and strong passwords.
» Regularly monitoring for security breaches and promptly addressing any
vulnerability can help also prevent data breaches.
» Organizations should also have a security/privacy policy in place that outlines
how customer data is used, stored, and shared

29
 …Cyber security objectives
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Demonstrate trust externally

» Partners and stakeholders expect organizations to take adequate measures to
protect their data and systems.
» Obtaining security certifications: PCI DSS (Payment Card Industry Data Security
Standard) ISO 27001 (Information Security Management System) which show
that an organization has implemented robust security measures and is
committed to protecting sensitive information.
» Organizations should ensure that they have clear policy detailing how
customer data is used, stored, and shared.
» Additionally, organizations should conduct third-party audits to ensure
security measures.
30
 …Cyber security objectives
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Maintain compliance with regulations

» Maintaining compliance with regulations in cyber-security is essential for
organizations to protect their assets and ensure the security and privacy of
their customers‘ information.
» These include measures such as regular security assessments, employee
training on security best practices, and the use of secure technology such as
firewalls and encryption.
» To maintain compliance, organizations must stay up to date with the relevant
regulations and implement the required security measures.
» Regularly reviewing and updating security policies and procedures can help
ensure compliance with changing regulations.
31
 …Cyber security objectives
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

❖ Ensure productivity among the workforce

» Effective cyber-security measures protect against cyber-threats that can
disrupt employee productivity such as phishing attacks or malware infections.
» Implementing robust security measures such as anti-virus software and
employee training programs can help prevent threats and ensure that
employees can work without worrying about disruptions.
» Organizations must ensure that their systems and networks are secure and
reliable and that the workforce can access the data they need to do their job
efficiently.

32
 General cyber security tips
TESFAY G/SILASSIE [ M-Tech ] CYBER SECURITY [ IT4204 ] MU-MIT

» Use updated antivirus software

» Use properly configured firewall
» Uninstall unnecessary software
» Maintain backups timely
» Usually check security settings
» Never visit websites that you don’t know
» Don’t share your personal information with strange people

33