Chapter 1 – Cyber Security Introduction and Overview

Source: https://www.pngegg.com/en/png-wjpvk

Today, we can send and receive any form of data, may be an e-mail or an audio or video file, just by the click of a button, but did we ever think how securely his data is being transmitted or sent to the other person safely without any leakage of information? Security breaches can occur when we use paper records, send information using fax machines and even verbally. However, the consequences of security breaches with digital information are potentially far more severe, as information can be distributed more easily and to a far wider audience. The answer lies in cybersecurity. Today the Internet is the fastest-growing infrastructure in everyday life.

Cybersecurity is the name for the safeguards taken to avoid or reduce any disruption from an attack on data, computers or mobile devices. Cybersecurity covers not only safeguarding confidentiality and privacy, but also the availability and integrity of data, both of which are vital for the quality and safety of care.

Cybersecurity is a constantly changing area with lots of jargon and sometimes can seem quite confusing. However, many effective and relatively simple steps can be taken to protect information and protect you and your organization. Taking some simple actions and practicing safe behaviours will reduce online threats.

Cyber-breaches are costly – in terms of expense, recovery time, and damage to reputation. That is why cybersecurity is a high priority for business and why all staff must be aware of how to implement protective measures.

Individuals should also be aware of basic cybersecurity safeguards for personal use and when participating in the management and coordination of their care and support.

By the end of this module, you will learn:

• Understanding of cyberspace,
• the need, and the importance of cybersecurity,
• concepts, and fundamentals of cybersecurity.
• the cybersecurity landscapes

Cyberspace

Cyberspace consists of various connected computer systems and integrated telecommunications systems. It has become a feature of modern society, enhancing and enabling rapid communication, distributed command and control systems, mass data storage and transfer, and a range of highly distributed systems.

All of these are now taken for granted by society and have become essential to business, our daily lives, and the delivery of services. This ubiquity of and dependency on cyberspace can be seen even in military spheres, where communications, command and control, intelligence, and precision strike elements all rely on many “cyber systems” and related communication systems.

The ubiquity of these interconnected systems has brought a measure of dependency and vulnerability to individuals, industries, and governments that are difficult to forecast, manage, mitigate, or prevent. Some nations view such vulnerable dependencies as emerging national security or national defense concern and have tasked existing elements of their security forces to respond, while other nations have created wholly new organizations charged with managing or coordinating national cybersecurity policies.

Cybersecurity has emerged as an important cross-cutting issue that requires responses from individuals, private businesses, non-government organizations, the “whole of government”, and a range of international agencies and bodies.

Importance of Cybersecurity

Part of living in the digital era is understanding that our private information is more vulnerable than ever before. News stories about ID theft and data breaches abound, with the effects being felt by millions of consumers. And while companies and institutions are constantly working to protect themselves with increasing security measures, you can play a role in this fight as well. Cybersecurity doesn’t involve just businesses and the government. Your computer, tablet, and mobile phone probably contain information that hackers and other criminals would love to have, like other people’s email addresses, names, and birthdates. Suppose, for example, a hacker had access to your contact information. He could then send an email or text message to everyone you know, using your name, encouraging them to click on a link containing malware, like “Hey There, I thought you’d love this! Click here.”

Anything that relies on the internet for communication or is connected to a computer or other smart device, can be affected by a breach of security. This includes:

• communication systems, like email, phones, and text messages
• transportation systems, including traffic control, car engines, airplane navigation systems
• government databases, including Social Security numbers, licenses, tax records
• financial systems, including bank accounts, loans, and paychecks
• medical systems, including equipment and medical records
• educational systems, including grades, report cards, and research information

Cybersecurity risk is increasing, driven by global connectivity and usage of cloud services, like Amazon Web Services, to store sensitive data and personal information. Widespread poor configuration of cloud services paired with increasingly sophisticated cyber criminals means the risk that your organization suffers from a successful cyber-attack or data breach is on the rise. It now seems that monthly, or sometimes even weekly, there is a segment in the news dedicated to discussing the results of a data breach at a major company or a notice that hackers have captured a local computer network and are holding it hostage in exchange for vast sums of money (also called ransomware.)

Fundamentals of Cybersecurity

The Cybersecurity on a whole is a very broad term but is based on three fundamental concepts known as “The CIA Triad“. It consists of Confidentiality, Integrity, and Availability. This model is designed to guide the organization with the policies of Cyber Security in the realm of Information security.

Confidentiality – It defines the rules that limit the access of information. Confidentiality takes on the measures to restrict sensitive information from being accessed by cyber attackers and hackers. In an organization, peoples are allowed or denied access to information according to their category by authorizing the right persons in a department. They are also given proper training about the sharing of information and securing their accounts with strong passwords. They can change the way data is handled within an organization to ensure data protection. Various ways to ensure confidentiality, like two-factor authentication, Data encryption, data classification, biometric verification, and security tokens.

Integrity: This assures that the data is consistent, accurate, and trustworthy over its period. It means that the data within the transit should not be changed, altered, deleted, or illegally being accessed. Proper measures should be taken in an organization to ensure its safety. File permissions and user access control are the measures controlling the data breach. Also, there should be tools and technologies implemented to detect any change or a breach in the data. Various Organizations uses a checksum, and even cryptographic checksum to verify the integrity of data. To cope with data loss or accidental deletion or even cyber-attacks, regular backups should be there. Cloud backups are now the most trusted solution for this.

Availability: Availability in terms of all necessary components like hardware, software, networks, devices, and security equipment should all be maintained and upgraded. This will ensure the smooth functioning and access to Data without any disruption. Also providing constant communication between the components by providing enough bandwidth. It also involves opting for extra security equipment in case of any disaster or bottlenecks. Utilities like firewalls, disaster recovery plans, proxy servers, and a proper backup solution should ensure to cope with DoS attacks. For a successful approach, it should go through multiple layers of security to ensure protection to every constituent of Cyber Security. Particularly involving computers, hardware systems, networks, software programs, and the data which are shared among them.

In an organization, to accomplish an effective Cyber Security approach, the peoples, processes, computers, networks, and technology of an organization either big or small should be equally responsible. If all components will complement each other then, it is very much possible to stand against the tough cyber threat and attacks.

The Cybersecurity Landscape

The landscape of cybersecurity is always changing. Attackers are constantly probing for new weaknesses and vulnerabilities to exploit in corporate networks, while organizations are being forced to take new, more open approaches to IT systems to support trends like Bring-Your-Own-Device and cloud computing

From phishing to ransomware, the cybersecurity landscape comprised attacks that grew increasingly sophisticated as the year progressed, reminding businesses that while cybersecurity tools and protection practices have grown increasingly sophisticated, so too have methods of attack.

To understand the need for Cyber Security measures and its practices, let’s have a quick look at the few popular types of threats and attacks in cyberspace.

Ransomware: Ransomware is a file encryption software program that uses a unique robust encryption algorithm to encrypt the files on the target system. The authors of the Ransomware threat generate a unique decryption key for each of its victims and save it in a remote server. Thus, users cannot access their files by any application. The ransomware authors take advantage of this and demand a considerable ransom amount from the victims to provide the decryption code or decrypt the data. But such attacks have any guarantee of recovery of data even after paying the ransom.

Botnets Attacks: Botnets were initially designed to carry out a specific task within a group. It is defined as a network or group of devices connected with the same network to execute a task. But this is now being used by bad actors and hackers that attempt to access the network and inject any malicious code or malware to disrupt its working. Some of the botnet attacks include:

• Distributed Denial of Service (DDoS) attacks
• Spreading spam emails
• Stealing of confidential data

Botnets attacks are generally carried out against large-scale businesses and organizations due to its huge data access. Through this attack, hackers can control a large number of devices and compromise them for their evil motives.

Social Engineering Attacks: Social engineerings are now common tactics used by cybercriminals to gather user’s sensitive information.  It may trick you by displaying attractive advertisements, prizes, huge offers and so and ask you to feed your personal and bank account details. All the information you enter there is cloned and used for financial frauds, identity frauds and so. It is worth saying about the ZEUS virus that is active since 2007 and is being used as a social engineering attack method to steal banking details of the victims. Along with financial losses, Social engineering attacks can download other destructive threats to the concerned system.

Cryptocurrency Hijacking: Cryptocurrency hijacking is a new addition to this cyber world. As the digital currency and mining are becoming popular, so it is among cybercriminals. They have found their evil benefit to crypto-currency mining which involves complex computing to mine virtual currency like Bitcoin, Ethereum, Monero, Litecoin so on. Cryptocurrency investors and traders are the soft targets for this attack. Cryptocurrency hijacking was also known as “Cryptojacking”. It is a program designed to inject mining codes silently to the system. Thus, the hacker silently uses the CPU, GPU, and power resources of the attacked system to mine for the cryptocurrency. It also lessens the lifespan of the affected device.

Phishing: Phishing is a fraudulent action of sending spam emails by imitating to be from any legitimate source. Such mails have a strong subject line with attachments like an invoice, job offers, big offers from reputable shipping services, or any important mail from higher officials of the company. The phishing scam attacks are the most common cyber-attacks that aim to steal sensitive data. Like Login credentials, credit card numbers, bank account information, and so on. To avoid this, you should learn more about phishing email campaigns and their preventive measures. One can also use email filtering technologies to avoid this attack. Along with these, 2019 will seek the potential in biometric attacks, AI (Artificial intelligence) attacks, and IoT (Internet of Things) attacks. Many companies and organizations are witnessing large-scale cyber-attacks and there is no stop for them. Despite the constant security analysis and updates, the rise of cyber-threat is consistent. Thus, it is worth educating yourself with the basics of cybersecurity and its implementations.

In summary, as more and more sophisticated cyber threats come along, the best approach is constant vigilance. Never assume you will not be the victim of a big data breach or major hack – your company will always need to have managed threat management and intelligence in place as well as detection and response systems and services.