CYBER SECURITY

LESSON 1
Define the term ‘cyber security’

• Cybersecurity is the art of protecting networks, devices, and data from

unauthorized access or criminal use and the practice of ensuring
confidentiality, integrity, and availability of information.
• Cyber security focuses on protecting computer systems from unauthorized
access or being otherwise damaged or made inaccessible. Information
security is a broader category that protects all information assets, whether in hard
copy or digital form.
Define the term ‘cyber security

• Cyber security is the practice of defending computers, servers, mobile

devices, electronic systems, networks, and data from malicious attacks. It's
also known as information technology security or electronic information
security.
Cyber security

• The term cyber security applies in a variety of contexts, from business to mobile computing, and
can be divided into a few common categories.
• Network security
• Application security 
• Information security 
• Operational security 
• Disaster recovery and business continuity
• End-user education  
Cyber security

• Network security is the practice of securing a computer network from intruders, whether
targeted attackers or opportunistic malware.
• Application security focuses on keeping software and devices free of threats. A
compromised application could provide access to the data its designed to protect.
Successful security begins in the design stage, well before a program or device is
deployed.
Cyber security

• Information security protects the integrity and privacy of data, both in storage and in
transit.
• Operational security includes the processes and decisions for handling and protecting
data assets. The permissions users have when accessing a network and the procedures that
determine how and where data may be stored or shared all fall under this umbrella.
Cyber security

• Disaster recovery and business continuity define how an organization responds to a cyber-

security incident or any other event that causes the loss of operations or data. Disaster recovery
policies dictate how the organization restores its operations and information to return to the same
operating capacity as before the event. Business continuity is the plan the organization falls back
on while trying to operate without certain resources.
• End-user education addresses the most unpredictable cyber-security factor: people. Anyone can
accidentally introduce a virus to an otherwise secure system by failing to follow good security
practices. Teaching users to delete suspicious email attachments, not plug in unidentified USB
drives, and various other important lessons is vital for the security of any organization.
What are the risks to having poor cybersecurity?

• There are many risks, some more serious than others. Among these dangers are
malware erasing your entire system, an attacker breaking into your system and altering
files, an attacker using your computer to attack others, or an attacker stealing your
credit card information and making unauthorized purchases.
• There is no guarantee that even with the best precautions some of these things won't
happen to you, but there are steps you can take to minimize the chances.
Hacker, attacker, or intruder

 These terms are applied to the people who seek to exploit weaknesses in software and
computer systems for their own gain. Although their intentions are sometimes benign
and motivated by curiosity, their actions are typically in violation of the intended use of
the systems they are exploiting.
The results can range from mere mischief (creating a virus with no intentionally negative
impact) to malicious activity (stealing or altering information).
Malicious code
• Malicious code (also called malware) is unwanted files or programs that can cause harm to a computer or
compromise data stored on a computer. Various classifications of malicious code include viruses, worms,
and Trojan horses.
• Malicious code may have the following characteristics:
• It might require you to actually do something before it infects your computer. This action could be
opening an email attachment or going to a particular webpage.
• Some forms of malware propagate without user intervention and typically start by exploiting a software
vulnerability. Once the victim computer has been infected, the malware will attempt to find and infect
other computers. This malware can also propagate via email, websites, or network-based software.
• Some malware claims to be one thing, while in fact doing something different behind the scenes. For
example, a program that claims it will speed up your computer may actually be sending confidential
information to a remote intruder.
Vulnerabilities

• Vulnerabilities are flaws in software, firmware, or hardware that can be exploited by an

attacker to perform unauthorized actions in a system. They can be caused by software
programming errors. Attackers take advantage of these errors to infect computers with
malware or perform other malicious activity.
Cyber security

• The three types are computer-assisted crimes, crimes where the computer itself
is a target, and crimes where the computer is incidental to the crime rather than
directly related to it.
• Cybercriminals usually try to profit off of their crimes using a variety of tactics,
including:
Types of Cyber Attacks

• Denial of Service, or DOS

Where a hacker consumes all of a server’s resources, so there’s nothing for legitimate users
to access
• Malware 
Where victims are hit with a worm or virus that renders their devices useless
• Man in the Middle 
Where a hacker puts himself between a victim’s machine and a router to sniff data packets
• Phishing 
Where a hacker sends a seemingly legitimate-looking email asking users to disclose personal
information
What Motivates Cyber Criminals?

• The main motive behind the cybercrime is to disrupt regular business activity and
critical infrastructure.
• Cybercriminals also commonly manipulate stolen data to benefit financially,
cause financial loss, damage a reputation, achieve military objectives, and
propagate religious or political beliefs. Some don’t even need a motive and might
hack for fun or simply to showcase their skills.
So who are these cybercriminals?

• Here’s a breakdown of the most common types:

• Black-Hat Hackers 
Black-hat hackers use fake identities to conduct malicious activities for a profit
• Gray-Hat Hackers 
They work both with malicious intent and as legitimate security analysts
• White-Hat Hackers
White-hat hackers work as security analysts to detect and fix flaws and protect
against malicious hackers
So who are these cybercriminals?

• Suicide Hackers (less skilled hackers)

They aim to openly bring down the critical infrastructure for a social cause
• Script Kiddies (using other developers programs)
They are unskilled hackers who run scripts and software created by more experienced
hackers
• Cyber Terrorists
They create fear by disrupting large-scale computer networks; motivated by religious or
political beliefs.
So who are these cybercriminals?

• State-Sponsored Hackers 
They penetrate government networks, gain top-secret information, and damage
information systems; paid by a hostile government
• Hacktivists 
Promote political agendas by secretly defacing and disabling websites
What can you do to improve your cybersecurity?

• Keep software up to date.

• Run up-to-date antivirus software.
• Use strong passwords.
• Change default usernames and passwords.
• Implement multi-factor authentication (MFA)
• Install a firewall
• Be suspicious of unexpected emails.