Cyber Security (Copy)

Cyber Security Overview

• Definition: Cyber security refers to the set of practices, processes, and technologies designed to protect systems, networks, programs, and data from digital attacks, damage, or unauthorized access.
• Aim:
  • Protect data confidentiality, integrity, and availability.
  • Prevent disruption of services.
  • Ensure trust in digital communications and transactions.

1. Cyber Security Threats

Brute-force attack

• Definition: A trial-and-error method where an attacker tries all possible combinations of passwords or encryption keys until the correct one is found.
• Process:
  1. Attacker uses automated software tools to generate many possible combinations.
  2. Every guess is tested until access is granted.
• Aim: Gain unauthorized access to systems, user accounts, or encrypted data.
• Impact:
  • Can be slow if passwords are long and complex.
  • Can lead to complete account takeover.
• Prevention:
  • Use strong, complex passwords (including uppercase, lowercase, numbers, symbols).
  • Implement account lockouts after multiple failed attempts.
  • Use two-factor authentication.

Data interception

• Definition: Unauthorized monitoring or capturing of data as it travels over a network.
• Process:
  1. An attacker positions themselves between the sender and receiver (man-in-the-middle).
  2. Captures sensitive information such as passwords, credit card numbers, and messages.
• Aim: Steal personal or confidential data.
• Impact:
  • Loss of privacy.
  • Potential identity theft.
• Prevention:
  • Use encryption (SSL/TLS).
  • Use secure networks instead of public Wi-Fi.
  • Implement VPNs (Virtual Private Networks).

Distributed Denial of Service (DDoS) attack

• Definition: Overwhelming a server or network with excessive requests from multiple sources, causing legitimate requests to be delayed or denied.
• Process:
  1. The attacker uses a botnet (network of compromised devices) to send huge amounts of traffic.
  2. The targeted server becomes overloaded and crashes or becomes slow.
• Aim: Make a website or service unavailable to legitimate users.
• Impact:
  • Website downtime.
  • Revenue loss for businesses.
  • Damage to reputation.
• Prevention:
  • Use DDoS protection services.
  • Implement traffic filtering and rate-limiting.

Hacking

• Definition: Gaining unauthorized access to systems or networks.
• Process:
  1. Exploiting vulnerabilities in software, hardware, or human behavior.
  2. Bypassing authentication controls.
• Aim: Steal, alter, or destroy data; disrupt services.
• Impact:
  • Data breaches.
  • Service disruption.
• Prevention:
  • Regular software updates and patching.
  • Firewalls and intrusion detection systems.
  • Strong authentication methods.

Malware

• Definition: Malicious software designed to harm, disrupt, or gain unauthorized access to systems.
• Types:
  • Virus: Attaches to files and spreads when infected files are shared.
  • Worm: Self-replicates and spreads without user action.
  • Trojan horse: Disguised as legitimate software but contains malicious code.
  • Spyware: Secretly monitors user activities.
  • Adware: Displays unwanted advertisements.
  • Ransomware: Encrypts files and demands payment for their release.
• Prevention:
  • Install and update anti-malware software.
  • Avoid downloading from untrusted sources.
  • Keep backups of important files.

Pharming

• Definition: Redirecting users from legitimate websites to fake ones without their knowledge.
• Process:
  • Changing DNS entries or exploiting vulnerabilities in DNS servers.
• Aim: Steal login details or financial information.
• Prevention:
  • Use secure DNS services.
  • Check URLs carefully.
  • Keep systems updated.

Phishing

• Definition: Fraudulent attempts to obtain sensitive information by pretending to be a trustworthy entity via email, SMS, or instant messaging.
• Process:
  • Attacker sends a message containing a fake link or attachment.
  • User is tricked into entering personal data.
• Aim: Steal credentials or install malware.
• Prevention:
  • Be cautious of unsolicited requests for sensitive information.
  • Check sender addresses.
  • Hover over links to verify URLs.

Social engineering

• Definition: Manipulating individuals into revealing confidential information or performing actions that compromise security.
• Techniques:
  • Pretending to be technical support.
  • Urgency tactics to trick the target.
• Prevention:
  • User awareness training.
  • Verification of requests before action.

2. Cyber Security Solutions

Access levels

• Assign permissions to users based on their roles.
• Example: Employees can only access data relevant to their work.

Anti-malware software

• Anti-virus: Detects and removes malicious code.
• Anti-spyware: Identifies and removes spyware.
• Must be regularly updated to detect new threats.

Authentication

• Username and password: Basic security method; passwords should be strong.
• Biometrics: Fingerprint, facial recognition, iris scans.
• Two-step verification: Adds a secondary confirmation step, such as a code sent to a mobile device.

Automating software updates

• Ensures systems have the latest patches to close security gaps.

Checking communications

• Spelling and tone: Poor grammar or unusual tone may indicate phishing.
• Check URL links: Hover over links to see the real destination.

Firewalls

• Control incoming and outgoing network traffic.
• Block unauthorized access while permitting legitimate communication.

Privacy settings

• Limit what information is shared online, especially on social media.

Proxy servers

• Act as intermediaries between users and the internet.
• Can filter content, hide user IP addresses, and enhance privacy.

Secure Socket Layer (SSL)

• Encrypts data transmitted between a web browser and server.
• Indicated by https:// in the address bar and a padlock icon.