Please enable JavaScript.
Coggle requires JavaScript to display documents.
Chapter 1 The need for cybersecurity (Online and offline identity (Online…
Chapter 1 The need for cybersecurity
Cybersecurity
It is an ongoing effort to protect networked systems and data from unauthorized use or harm.
Online and offline identity
Online identity is how you present yourself to others online
Offline identity is the person who your friends and family interact with on daily basis at home, school, work, etc.
Data
Any information about you, can be considered to be your data. This personal data can uniquely identify you as an individual
Medical record, education records, employments and financial records
Personal data as a target
Online credentials are valuable, these credentials give you access to your accounts. A criminal could also take advantage of your relationships, criminals also want your identity (
identity theft
)
CIA Triad
It is a guideline for information security for an organization
Confidentiality
or privacy ensure that only authorized individuals access to data, by restricting access through
authentication encryption
The data may be
compartmentalized
according to the security or sensitivity level of the information
A program developer should not have to access to the personal information of
all
employees
Employees should receive
training
to understand the best practices in safeguarding sensitive information to protect themselves and the company from attacks.
Integrity
assures that the information is
accurate
and
trustworthy
during its entire life cycle.
Version control can be used to
prevent accidental changes
by authorized users.
Backups
must be available to restore any corrupted data, and
checksum
hashing
can be used to verify integrity of the data during transfer.
After a file is downloaded, you can
verify its integrity by verifying the hash values
from the source with the one you generated using any hash calculator. By comparing the hash values, you can ensure that the file has not been
tampered
with or corrupted during the transfer.
Some of the common checksums are MD5, SHA-1, SHA-256, and SHA-512
Availability
ensures that the
information is accessible
to authorized people.
Security equipment or software, such as firewalls, guard against downtime due to attacks such as denial of service
The Consequences of a Security Breach
Ruined reputation
Vandalism
Theft
Revenue lost
Damaged intellectual property
Types of Attackers
Attackers are individuals or groups who
attempt to exploit vulnerability
for personal or financial gain
Amateurs
or Script Kiddies
They are usually attackers with
little or no skill
Often
using existing tools
or instructions found on the Internet to launch attacks
They may be using basic tools, but the results can still be devastating.
Hackers
This group of attackers
break into computers or networks to gain access.
Depending on the
intent
of the break-in, these attackers are classified as:
The
white hat attackers
(ethical hackers) break into networks or computer systems to discover weaknesses so that the security of these systems can be
improved
.
These break-ins are done with
prior permission
and any results are reported back to the owner.
Black hat attackers
take advantage of any vulnerability for
illegal personal, financial or political gain
The
gray hat attackers
may find a vulnerability in a system and report it to the owners of the system if that action coincides with their agenda.
Some gray hat hackers publish the facts about the vulnerability on the Internet so that other attackers can exploit it.
Organized Hackers
They are usually groups of professional criminals focused on control, power, and wealth.
These hackers include
Hacktivists
make political statements to create awareness to issues that are important to them.
State-sponsored
attackers gather intelligence or commit sabotage on behalf of their government.
others: terrorist, organizations of cyber criminals
Internal and External Threats
Internal Security Threats
An internal user, such as an employee or contract partner have the potential to cause greater damage than external threats, because internal users have
direct access
to the building and its infrastructure devices.
External
threats from amateurs or skilled attackers can exploit vulnerabilities in network or computing devices, or use social engineering to gain access.
Cyberwarfare
Nations can carry out conflicts without the clashes of traditional troops and machines.
Cyberwarfare is an
Internet-based conflict
that involves the penetration of computer systems and networks of other nations.
An example of a state-sponsored attack involved the
Stuxnet
malware that was designed to damage Iran’s nuclear enrichment plant. It was designed to
damage physical equipment
that was controlled by computers.