CYBER SECURITY
OBJECTIVES
To understand:
 Definition of Cyber Security
 Importance Cyber Security
 Cyber Security Objectives
 Major Security Problems in Cyber Field
 How to Implement and Maintain Security of a
Cyber Field Around Us
Meaning of the Word CYBER
 It is combining from relating to information
technology, the Internet and virtual reality.
DEFINITION OF CYBER SECURITY
 The term cyber security is used to refer the
security offered through online services to
protect your online information.
 With an increasing amount of people getting
connected to Internet, the security threats that
cause massive harm are increasing also.
 Cyber Security and Information Security differs
only in its response and reduction/prevention
 Cyber Security encompasses all aspects of
security namely, physical, technical,
environmental, regulations and compliance
including third parties involved in delivering an
objective
CYBER SECURITY OBJECTIVES
 Integrity – authenticity
 Confidentiality – disclosure
 Availability- Access
1. INTEGRITY
 The property of safeguarding the accuracy
and completeness of assets
 Integrity refers to ensuring the authenticity of
information—that information is not altered,
and that the source of the information is
genuine.
 Imagine that you have a website and you sell
products on that site. Now imagine that an
attacker can shop on your web site and
maliciously alter the prices of your
products, so that they can buy anything
for whatever price they choose. That would
be a failure of integrity, because your
information—in this case, the price of a
product—has been altered and you didn't
authorize this alteration
 For example, you wouldn’t be given access to
view or change the payroll systems in a
company unless you worked in the finance
department
2. CONFIDENTIALITY
 The property that information is not made
available or disclosed to unauthorized
individuals, entities, or processes
 Confidentiality refers to protecting information
from being accessed by unauthorized parties. In
other words, only the people who are authorized
to do so can gain access to sensitive data.
 A failure to maintain confidentiality means that
someone who shouldn’t have access has managed
to get it, through intentional behavior or by
accident. Such a failure of confidentiality,
commonly known as a breach
 Your bank account data, for example, is more
sensitive than your email address, and so online
banking security is stronger than accessing your
email account. Passwords, data encryption
methods, and security tokens are all examples of
methods to protect privacy and keep our
information confidential.
3. AVAILABILITY
 The property of being accessible and usable upon
demand by an authorized entity.
 Availability means that information is
accessible by authorized users.
 Information and other critical assets are
accessible to customers and the business when
needed. Note, information is unavailable not only
when it is lost or destroyed, but also when
access to the information is denied or delayed
 Imagine a flood or fire damages your computer,
for example—would you be prepared for the
consequences? Backing up your data frequently
and having a disaster recovery plan could help
should the worst ever happen.
 WHY CYBERSECURITY IS IMPORTANT?
 • Our world today is ruled by technology and we
can’t do without it at all. From booking our flight
tickets, to catching up with an old friend,
technology plays an important role in it.
 • However, the same technology may expose you
when it’s vulnerable and could lead to loss of
essential data. Cyber security, alongside physical
commercial security has thus, slowly and
steadily, become one of the most important topics
in the business industry to be talked about.
 • Cyber security is necessary since it helps in
securing data from threats such as data theft or
misuse, also safeguards your system from viruses.
MAJOR SECURITY PROBLEMS
 Virus
 Hacker
 Malware
 Trojan Horses
  Password Cracking
1. VIRUSES AND WORMS
 Virus is a malware attached to a carrier such
as an email message or a word processing
document
 Virus – malware attached to a carrier such as
an email message or a word processing
document
 A virus is a program that loaded on to your
computer without your knowledge and runs
against your wishes.
 Worm is a malware that can autonomously
spread itself without a carrier, using
information about connected computers
 Examples:
 ILOVEYOU – referred to as Love Bug or
Love letter for you, this computer virus
caused $10 billion worth of damages
 MEliSSA – a mass-mailing macro virus
that targeted MS Word and Outlook based
system. It caused $80 million worth of
damages
 Code Red- a computer worm that attacked
Microsoft’s IIS web server and caused
damage of $2 billion
 Mydoom- a worm also known as Win32.
Mydoom affected Windows computer and
caused $38.5 billion worth of damages
Solution: Install a security suite that protects the
computer against threats such as viruses and worms.
2. HACKER
 In common a hacker is a person who breaks into
computers, usually by gaining access to
administrative controls
 Examples:
o Kevin Mitnick – who is considered to be
the father of hacker& worlds most famous
hacker
o Sergey Glazunov- who is considered to be
the chrome hacker and wins 60,000
dollars
TYPES OF HACKERS
 White Hat Hacker
 Grey Hat Hacker
 Black Hat HackeR
1. WHITE HAT HACKERS
 The terms white hat in internet slang refers to
an ethical computer hacker, or a computer
security expert, who specializes in penetration
testing and in other testing methodologies to
ensure the security of an organization’s
information systems
 Examples:
 Tim Berners-Lee - One of the most famous
names in computer science, Berners-Lee is the
founder of the World Wide Web. Today he
serves as the director of the World Wide Web
Consortium (W3C), which oversees the
development of the web.
 Greg Hoglund -Computer forensics expert
Hoglund is best known for his work and
research contributions in malware detection,
rootkits and online game hacking. In the past,
he worked for the U.S. government and the
intelligence community.
 Richard M. Stallman - Founder of the GNU
project, a free software project that promotes
freedom with regard to the use of computers,
Stallman is a prime example of a “good guy”
hacker. Stallman founded the free software
movement in the mid-1980s, with the idea that
computers are meant to support cooperation,
not hinder it.
2. GRAY HAT HACKERS
 The term "grey hat", "greyhat" or "gray hat"
refers to a computer hacker or computer security
expert who may sometimes violate laws or typical
ethical standards, but does not have the malicious
intent typical of a black hat hacker.
 A hacker from Russia named Alexey tried on the
image of Robin Hood, hacking,
according to ZDNet, more than 100 thousand
MikroTik routers. True, his goal was not to obtain
confidential information, to set up a botnet or
other illegal activities. All Alex wanted was to
change the device settings to protect them from
outside intrusion.
3. BLACK HAT HACKERS
 A black hat hacker (or black-hat hacker) is a
hacker who "violates computer security for little
reason beyond maliciousness or for personal
gain".
 Kevin Mitnick
 Without a doubt, one of the best black hat
hackers to ever hit the tech world. He was, at one
point, the most wanted cybercriminal in the
world—and still remains one of the most
notorious in hacking history. He's even been
featured in documentaries abouthacking because
of how smart he is.
 Kevin Mitnick's crimes included stealing secrets
from major companies like IBM and Motorola,
and even hacking into the National Defense
warning system. He spent two stints in jail, but
that need to hack never quite went away.
 Richard Pryce and Matthew Bevan
 Believe it or not, these two were only 21 and 17
when they became known as two of the best
black hat hackers in the world. They had a bunch
of capers that made them wanted criminals—
including hacking into multiple US military
computers.
5. PASSWORD CRACKING
To prevent hacking
 It may be impossible to prevent computer
hacking.
, however effective security controls including
strong passwords, and the use of firewalls can
help.
To avoid trojans
 Security suites, such as Avast Internet
Security will prevent you from downloading
trojans
 Password attacks by the hackers that are able
to determine passwords or find passwords to
different protected electronic areas and social
networks sites.
 Example:

3. MALWARE
 The word "malware" comes from the
term "MALicious softWARE."
 Software that has some malicious intent
and which is installed on a user’s
computer without that user’s consent.
Examples:
 Key loggers – Software installed on a
computer that captures key strokes and
sends these to a remote system. Used
to try and get personal information to
gain access to sites such as banks
 Ransomware– Software that runs on a
user’s computer and demands that the
user pays some other organization. If
they don’t, the information on their
computer will be destroyed.
 Malware can usually spread itself
from one computer to another either as
a
 virus or as a worm
 To stop malware
 Download an anti-malware program that
also helps prevent infections.
 Do not download from unknown sources
 Activate Network Treat Protection,
Firewall, Antivirus

4. TROJAN HORSE
Trojan horses are email viruses that can duplicate
themselves, steal information, or harm the computer
system.
♦ These viruses are the most serious threats to
computers
 Examples
• CryptoLocker- a trojan horse that
infects the system and looks for files
to encrypt. It caused $3 million worth
of damages
• Storm Worm- a backdoor trojan horse
that affected windows operating
system. It caused $80 millionworth of
dmages