CYBERSECURITY

Attack on Information Technology (IT) network is one thing; but attack on mobile
networks is a matter of life and death especially with mobile networks being the
critical information infrastructure (CII).
INFORMATION

An item of information or intelligence; a fact or circumstance of which one is told. (OED)

Geographical – nation, culture, language, physical community.
Social – interests, pastimes.
Educational – level of education, subjects studied.
Professional – area of professionalism, career history
“Information is data endowed with relevance and purpose. Converting data into
information thus requires knowledge. Knowledge by definition is specialized.” (Blyth and
Kovacich, p. 17)
And what characteristics should information possess to be useful? It should be: accurate, timely,
complete, verifiable, consistent, available.
INFORMATION

According to Raggad (pp. 14ff), the following are all distinct conceptual resources:
Noise: raw facts with an unknown coding system
Data: raw facts with a known coding system
Information: processed data
Knowledge: accepted facts, principles, or rules of thumb that are useful for specific domains.
Knowledge can be the result of inferences and implications produced from simple information
facts.
ASSURANCE

According to the U.S. Department of Defense, IA involves:

Actions taken that protect and defend information and information systems by ensuring their
availability, integrity, authentication, confidentiality and non-repudiation. This includes providing
for restoration of information systems by incorporating protection, detection and reaction
capabilities.
Information Assurance (IA) is the study of how to protect your information assets from
destruction, degradation, manipulation and exploitation. But also, how to recover should
any of those happen.
Notice that it is both proactive and reactive.
ASSURANCE

According to the DoD definition, these are some aspects of information needing
protection:
Availability: timely, reliable access to data and information services for authorized users;
Integrity: protection against unauthorized modification or destruction of information;
Confidentiality: assurance that information is not disclosed to unauthorized persons;
Authentication: security measures to establish the validity of a transmission, message, or
originator.
Non-repudiation: assurance that the sender is provided with proof of a data delivery and
recipient is provided with proof of the sender’s identity, so that neither can later deny
having processed the data.
SECURITY

The simple truth is that IT security cannot be accomplished in a vacuum, because there
are a multitude of dependencies and interactions among all four security engineering
domains. (Herrmann, p. 10)
Physical security
Personnel security
IT security
Operational security

“So threats/risks to IA should be considered along these dimensions as well.”

SECURITY

Into which of these would you put the following?

Enforcing hard-to-guess passwords
Encrypting your hard drive
Locking sensitive documents in a safe
Stationing a marine guard outside an embassy
Assigning security clearances to staffers
Using SSL for data transfers
Having off-site backup of documents
SECURITY

Physical security refers to the protection of hardware, software, and data against physical
threats to reduce or prevent disruptions to operations and services and loss of assets.
Personnel security is a variety of ongoing measures taken to reduce the likelihood and
severity of accidental and intentional alteration, destruction, misappropriation, misuse,
misconfiguration, unauthorized distribution, and unavailability of an organization’s logical
and physical assets, as the result of action or inaction by insiders and known outsiders, such
as business partners.
IT security is the inherent technical features and functions that collectively contribute to an
IT infrastructure achieving and sustaining confidentiality, integrity, availability,
accountability, authenticity, and reliability.
SECURITY

Operational security involves the implementation of standard operational security

procedures that define the nature and frequency of the interaction between users,
systems, and system resources, the purpose of which is to
Achieve and sustain a known secure system state at all times, and
Prevent accidental or intentional theft, release, destruction, alteration, misuse, or sabotage of
system resources.
Are these domains purely defensive, or might they be offensive? Compare and contrast
Herrmann’s view of IA with the government view outlined before.
CYBERSECURITY
Attack on Information Technology (IT) network is one thing; but attack on mobile
networks is a matter of life and death especially with mobile networks being the
critical information infrastructure (CII).
CYBERSECURITY

Cyber security is the practice of defending computers, servers, mobile devices, electronic
systems, networks, and data from malicious attacks. It's also known as information
technology security or electronic information security.
DIGITALIZATION

Digitization is becoming the basis of future development in our society and economy.
Now is the era of Internet and smart mobile devices. In today’ s world, People, devices
and machines are networked through wired or wireless means.
Internet has touched every human being and has changed the way we perform our
everyday activities like working, playing, shopping, seeing movies and serials, talking on
the phone, listening to our favorite music, ordering food, paying bills, making friends, and
greeting our friends and relatives on their special occasions.
Due to every time and everywhere connectivity, track of every user and the objects is
possible using the IP address. At this point, users cannot stop using Internet but they expect
it to be secure, privacy preserving and trustworthy.
CYBER THREATS

Figure 1.1 depicts different vulnerabilities surrounding us every day. There are emerging
number of vulnerabilities (Shah and Ravi 2018) including spyware, virus, malware, phishing,
hacking, spam, Internet worm, identify thefts, password scams, firewall vulnerabilities, etc.
Cyberterrorism is the intentional use of Information
and Communication Technology devices and
techniques for malign purposes.
Computers, mobile devices, networks and Internet
can be used for destructive causes for personal gains
or political benefits.
CYBER THREATS

By making use of cyber tools, cyber physical infrastructure such as finance, energy,
transport and government are targeted by cyberattacks to increase terror and physical
injuries or deaths (Ivanov 2019).
New cyber threats are emerging everyday including ransomware, endpoint attacks,
phishing, third party attacks, supply chain attacks, artificial intelligence and machine
learning driven attacks, crypto-jacking, cyber physical attacks, state sponsored attacks,
IoT attacks, threats to smart medical devices and electronics medical records, attacks on
connected cars, semi-autonomous vehicles and driverless cars (O’Brien 2018).
CYBERSECURITY

Global digitization brings huge opportunities and promises ease of life. (Smart Cities)
Cyber security is the collection of tools, policies, security concepts, security safeguards,
guidelines, risk management approaches, actions, training, best practices, assurance and
technologies that can be used to protect the cyber environment and organization and
user’s assets.
Organization and user’s assets include connected computing devices, personnel,
infrastructure, applications, services, telecommunications systems, and the totality of
transmitted and/or stored information in the cyber environment.
Cybersecurity strives to ensure the attainment and maintenance of the security properties
of the organization and user’s assets against relevant security risks in the cyber
environment” (ITU-T 2017).
“ASSESSMENT”

Instruction:
Use the format that I’ve already given to you. State/Describe/Define your answer in a form of
paragraph composing 250 words minimum. I will give you 5 minutes to PICTURE/CAPTURE this
part of the presentation and attached it to your assignment. Convert it into PDF. Filename:
LASTNAME, GIVEN NAME, MIDDLE NAME.
Question:
Give one (1) Global or local threat in the Cyber World. Research about where it came from?,
the reason why it was created?, the effect of the attack, how wide the attacked and how it
was resolved.
CYBER ATTACK CATEGORIZATION

The cyber- attack surveys indicate that almost every aspect of human life is suffering from
cyber- crimes.
From energy services to financial, manufacturing, public, travel, health, retail, professional
services are seen to be victims of one or the other cyber- crime.
CYBER ATTACK CATEGORIZATION

Various categories of cyber-attacks include malware, network attacks, network intrusion

attacks, social engineering attacks, cyber espionage, reconnaissance, network access
attacks, cyber terrorism, cyber warfare, etc., as shown in Table 2.1.
CYBER ATTACK CATEGORIZATION

Various categories of cyber-attacks include malware, network attacks, network intrusion

attacks, social engineering attacks, cyber espionage, reconnaissance, network access
attacks, cyber terrorism, cyber warfare, etc., as shown in Table 2.1.

 
TYPICAL ATTACK SEQUENCE

The basic steps cybercriminals follow during cyber- attack include finding vulnerabilities in the target
system, which is referred to as reconnaissance, then actual penetration into the network through
intrusion followed by insertion of malicious secret co des into target system referred to as mal ware and
the last step is to clear the visited track s which is referred to as clean up stage (Identity Week 2017; de
Ramos blog 2016).
1. Reconnaissance and Scanning: The attackers first study the system in details to find the weaknesses and then by
exploiting the vulnerabilities found, they enter into the cyber system using some kind of malware.
2. Access: Usually, the attackers make use of commonly available web apps to communicate with system’s
command and control server.
3. Escalation: The hackers continuously observe the network operations, map them and monitor the system with the
help of networking and hacking tools and then try to scale the infection.
4. Exfiltration: By using admin tools, attackers acquire the access to admin’ s machine or account.
5. Sustainment: Using remote desktop tools, attackers compromise the infected networked device s and try to
access new hosts by penetrating into the internal sub-networks.
6. Assault: It happens when the hackers alter the functionality of the victim’ s hardware or disable the hardware
totally. This is the rare step during cyberattacks.
7. Obfuscation: This step makes the victim more con fused about the attack by hiding the compromised track s and
also making it difficult to understand how it happened.
TYPES OF CYBER-ATTACKS

Cyber-attack is an illegitimate attempt to either gain information or monetary benefits. Roughly

cyber- attacks are classified as web based attacks and system based attacks. Some people
consider three types of cyber- attacks as natural attacks, human blunders or error s, and
intentional threats from insiders or outsiders, hackers, and cyber criminals. This section covers
various cyber-attacks like
Backdoors,
DoS attack,
Eavesdropping,
Spoofing,
Tampering,
Repudiation attack,
Social engineering attack,
Malware,
Adware, etc.
Module 2 “ASSESSMENT”

Instruction:
Use the format that I’ve already given to you. State/Describe/Define your answer in a form of
paragraph composing 250 words minimum. I will give you 5 minutes to PICTURE/CAPTURE this
part of the presentation and attached it to your assignment. Convert it into PDF. Filename:
LASTNAME, GIVEN NAME, MIDDLE NAME.
Question:
Among the classified cyber-attacks, pick one that is nasty threat in the cyber world. Elaborate
how does it works, how the victims drive-by the extortion on the digital world. Also elaborate
the machine or unit that has been infected by the attack.