Professional Documents
Culture Documents
IT NS 1 - Chapter 1b Types of Attacks and Detection
IT NS 1 - Chapter 1b Types of Attacks and Detection
CHALLENGES
Chapter I
Introduction to Cybersecurity – Part 2
Introduction
Cybersecurity is a critical issue that affects both individuals and organizations
alike. With the increasing amount of sensitive data being stored and transmitted
electronically, it is essential to maintain robust cybersecurity measures to protect against
cyber-attacks, data breaches, and other malicious activities. However, cybersecurity
measures alone are not enough to protect against these threats. It is also important for
individuals and organizations to be aware of the risks and take proactive steps to prevent
and mitigate them. In this context, cybersecurity awareness plays a crucial role in
promoting safe online behavior and ensuring the security of information systems and data.
Learning Outcome
At the end of the unit, the student should be able to:
Explain the principles of confidentiality, integrity, and availability in cybersecurity
Define the different types of cyber-attacks
Analyze the different risk management frameworks and their application in
cybersecurity.
Learning Content
Cyber-attacks refer to malicious activities that are carried out through digital channels with the
intent to harm or gain unauthorized access to computer systems, networks, or devices. Cyber-
attacks can take various forms, including malware infections, phishing, social engineering, denial-
of-service attacks, ransomware, and more. These attacks can result in a range of consequences,
such as data breaches, financial losses, reputational damage, and even physical harm.
Cyber detection, on the other hand, refers to the process of identifying, analyzing, and responding
to cyber threats in order to prevent or mitigate their impact. Cyber detection involves various
techniques and tools, such as intrusion detection systems, network monitoring, threat
intelligence, and incident response planning. By implementing effective cyber detection
strategies, organizations can better protect their systems, data, and assets from cyber-attacks
and minimize the risk of cyber threats.
There are various types of cyber-attacks, and the methods used by cybercriminals are
continuously evolving. Here are some common types of cyber-attacks:
1. Phishing attacks: These attacks use social engineering to trick victims into divulging
personal information or downloading malware.
2. Malware attacks: Malware refers to any software designed to harm a computer system.
Malware can take many forms, including viruses, trojans, and ransomware.
3. Denial of Service (DoS) attacks: A DoS attack floods a system with traffic or requests,
making it inaccessible to legitimate users.
5. SQL injection attacks: SQL injection attacks exploit vulnerabilities in web applications to
access sensitive information or execute unauthorized commands.
There are several other types of cyber-attacks that organizations should be aware of.
1. Advanced Persistent Threats (APTs): APTs are long-term targeted attacks that are
typically carried out by sophisticated cybercriminals. These attacks often involve multiple
stages and can go undetected for long periods.
4. DNS spoofing: DNS spoofing involves redirecting a user to a fake website by altering the
DNS records of a legitimate site. This can be used to steal login credentials or other
sensitive information.
7. Watering hole attacks: In a watering hole attack, attackers compromise a website that is
frequently visited by the target group and inject malware into it. When the target group
visits the website, the malware infects their devices.
10. IoT attacks: Attacks on Internet of Things (IoT) devices involve exploiting the
vulnerabilities of connected devices such as smart home devices, medical devices, and
industrial control systems.
12. Insider attacks: Insider attacks involve individuals with authorized access to an
organization's systems or data, intentionally or unintentionally causing harm by stealing
or leaking sensitive data, installing malware, or disrupting network operations.
It's important to remember that cyber-attacks can take many forms, and new types of attacks are
constantly emerging. It's essential for organizations to regularly review and update their
cybersecurity measures to protect against the latest threats.
In addition to cyber-attacks, there are various methods of cyber-detection that organizations can
use to identify potential threats. Some common methods include:
1. Firewalls: Firewalls are network security devices that monitor incoming and outgoing
traffic and block unauthorized access.
2. Intrusion Detection Systems (IDS): IDSs monitor network traffic for suspicious behavior
and alert security teams when they detect potential threats.
3. Anti-malware software: Anti-malware software can scan for and remove malicious
software from systems.
4. Network Behavior Analysis (NBA): NBA systems monitor network traffic patterns to
detect abnormal activity that may indicate a cyber-attack.
5. Security Information and Event Management (SIEM): SIEM systems consolidate and
analyze security-related data from across an organization's systems to identify potential
threats.
6. Endpoint Detection and Response (EDR): EDR solutions are installed on endpoints such
as laptops, servers, and mobile devices to detect and respond to cyber threats. They
collect and analyze data from the endpoint, identify suspicious behavior, and alert
security teams.
7. User and Entity Behavior Analytics (UEBA): UEBA solutions use machine learning
algorithms to analyze user behavior and detect anomalies that could indicate a cyber
attack. This includes identifying unusual login activity, data access patterns, and
abnormal network behavior.
11. Penetration Testing: Penetration testing involves simulating a cyber attack to identify
weaknesses in an organization's systems and infrastructure. This can help organizations
understand their security posture and prioritize security improvements.
12. Network Traffic Analysis (NTA): NTA solutions monitor and analyze network traffic to
detect and respond to cyber threats. They use machine learning algorithms to identify
anomalies in network behavior and alert security teams to potential threats.
13. Security Information and Event Management (SIEM): SIEM solutions collect and analyze
security event data from various sources, including network devices, servers, and
endpoints. They correlate this data to identify potential threats and generate alerts for
security teams.
15. Artificial Intelligence (AI): AI technologies, such as machine learning and natural
language processing, can be used to analyze large amounts of data and identify
potential threats. AI-powered solutions can detect and respond to threats more quickly
and accurately than traditional methods.
16. Incident Response (IR): Incident response involves preparing for and responding to
cyber attacks. It involves identifying the source and scope of the attack, containing the
damage, and restoring systems and data to normal operation.
2_______________________________ 2_____________________________
3_______________________________ 3_____________________________
4_______________________________ 4_____________________________
5_______________________________ 5_____________________________
Now that you have answered confidently the activity above, you are now ready to
takethe quiz. Login to your Schoology app in your computer or phone and take the quiz,
or contactme if you have problem taking the online quiz.
Face to Face
Classroom discussion
Assessment activities
Hands-on activities
Online (synchronous)
Zoom Meeting as scheduled
Messenger Application
Remote (asynchronous)
Schoology Application. Instructions can be viewed at www.erickabuzo.com/class
Printed Module
Assessment Task
Login to your Schoology app in your computer or phone and take the online
activity, orcontact me if you have problems in taking the online activity.
References
National Institute of Standards and Technology. (2014). Framework for improving critical
infrastructure cybersecurity. Retrieved from https://www.nist.gov/cyberframework
Winkler, I. (2021). Advanced persistent security: A cyberwarfare approach to
implementing adaptive enterprise protection, detection, and response. Apress.
Grimes, R. A. (2021). Cybersecurity for Dummies. John Wiley & Sons.
Halevi, T. (2019). Cyber intelligence: The intersection of threat and opportunity. John
Wiley & Sons.
,