Information Security

and
Cyber Security
 Information Security
Is the Protection of information against:
 unauthorized access or modification whether this information in storage, processing or
transfer.
 the denial of service to authorized users .
Confidentiality
CIA triangle known as security triad tells the Ensuring that information
is accessible only to those
primary goals of information security. authorized to have access
 A new goal enforced by the
operation of e-markets is non-
repudiation Availability Integrity
 non-repudiation Ensuring that Ensuring that the
information is available for
Ensuring that the
information has not been
an entity cannot deny previous use when you need it changed
actions.
 Cyber Security
 Is a branch of Information security describes a set of practices, measures and
actions you can take to protect your personal information over the internet.

 This means that everyone who uses a computer or mobile device needs to
understand how to keep their computer, device and data secure.

To Understand cyber security

How to implement and

What are the Cyber
maintain Cyber Security
security problems
around us.
 Cyber Security Problems

Malware

Hacker

Password Cracking

Denial of Service Attacks (DoS)

 Malware
 Software that has a malicious purpose that attaches itself to other
software by:-
Downloading a file
Installing a program
Opening an attachment
Opening spurious Web pages
Copying a file from someone else
 Then it propagates itself to other computers via networks or a removable
media.
Types of Malware
Types of Malware
 Hackers

• A person who uses his abilities to gain unauthorized access to systems or

networks in order to commit crimes.
• Types of hackers :
• White hat: hackers who hired to do penetration test to find and report
security vulnerabilities.
• Black hat: hackers who gain unauthorized access to networks and systems
with malicious intent wither to steal data, spade malware or otherwise
damage systems.
• Gray hat: hackers who gain access to the systems in order to bring its
security weakness without malicious intent. However he may broad
casting this vulnerability in public.
 Password Cracking
• Password is a string of characters which is to be kept secret used for user
authentication to prove identity or to gain access to resources.
• Password cracking is the process of recovering password from data that
have been stored in or transmitted by a computer system to gain
unauthorized access to the system.
• Adversaries use two methods to attack passwords.
• Brute force: Try all key combination in the password space.
• Dictionary: Use a dictionary of known words and try each word along
with their combinations

Denial of service attacks

• The attacker floods the bandwidth of the victims network or fills the victim e-mail
box with spam mail preventing him from the services he is entitled to access.
 Identity Theft

• Identity theft occurs when someone illegally obtains and uses someone’s personal
identification, credit or account information.
• Thieves Obtain Identification Information through :
• Take your wallet.
• Steal information from trash or from a business.
• Trick persons into handing over passwords and/or other sensitive financial or
personal information this can be don by asking questions, the attacker may
collect enough information to break into a Victim system.
• This information can be used to:
• Drain your bank account
• Open new accounts in your name
• Take out loans for large purchases.
• Purchase goods and services on the Internet.
 How can this threats effect
CIA of information security

• Unauthorized access (malware, spyware) limits our ability to protect the

confidentiality of the data.
• Malicious programs can alter the data values, destroying the integrity of the data
• Denial of Service (DoS) attacks can shut down a server and/or network, making
the system unavailable.
• Efforts to correct costs corporations time and money!
SO HOW DO WE
OVERCOME
THESE
PROBLEMS?
Cyber Security Measures
1. Install OS/Software Updates
2. Run Anti-virus Software
3. Prevent Identity Theft
4. Turn on Personal Firewalls
5. Avoid Spyware
6. Protect Passwords
7. Back up Important Files
13
 1. Install OS/Software Update.

 Updates-sometimes called patches-fix problems with your operating system and

software programs.
 Most new operating systems are set to download updates by default. After
updates are downloaded, you will be asked to install them. Click yes!
 Be sure to restart your computer after updates are installed so that the patches
can be applied immediately.

14
 2. Run Anti-virus Software

 To avoid computer problems caused by viruses, install and run an anti-virus program.
 Periodically, check to see if your anti-virus is up to date by opening your anti-virus
program and checking the Lastest updated.
 Anti-virus software removes viruses, quarantines and repairs infected files, and can
help prevent future viruses.

15
 3. Prevent Identity Theft

 Don't give out financial account numbers, ID number, driver’s license number or
other personal identity information unless you know exactly who's receiving it.
Protect others people’s information as you would your own.
 Never send personal or confidential information via email or instant messages as
these can be easily intercepted.
 Beware of a fraud email messages that appear to be from a honest business in an
attempt to gain personal or account information.
 Never enter personal information into an online form you accessed via a link in an
email you were not expecting.
 Make sure that your bank statements are accurate and include only those activities
you have authorized.

16
 4. Turn on Personal Firewalls

 Check your computer's security settings for a built-in personal firewall. If you have one,
turn it on.
 Firewalls act as protective walls between computers and the internet.

5. Avoid Spyware
 Spyware take up memory and can slow down your computer or cause other
problems.
 Use Anti-Spyware to remove spyware from your computer.
 Watch for hints to spyware in user agreements before installing free software
programs.
 Be wary of downloading software from unknown internet sources.
17
 6. Protect Passwords

 Do not share your passwords, and always make new passwords difficult to guess by
avoiding dictionary words, and mixing letters, numbers and Symbols.
 Change your passwords periodically.
 When choosing a password:
o Mix upper and lower case letters
o Use a minimum of 8 characters
 Store passwords in a safe place. Avoid keeping passwords on a Post-it under your
keyboard, on your monitor or in a drawer near your computer.

18
 7. Back up Important Files

 Reduce your risk of losing important files to a virus, computer crash, theft or disaster
by creating back-up copies.
 Keep your critical files in one place on your computer’s hard drive so you can easily
create a back up copy.
 Save copies of your important documents and files to a DVD, online back up service,
USB drive, or a server.
 Store your back-up media in a secure place away from your computer, in case of fire
or theft.
 Test your back up media periodically to make sure the files are accessible and
readable.

19
 Individual Cyber Security Awareness

 After applying the necessary cyber security measures to your system . Connect your
technical support if you discover any security vulnerabilities or any suspicious
activity.
 Physically secure your computer by locking office doors and windows.
 Avoid leaving your laptop unsupervised and in plain view.
 Set up a user account and password to prevent unauthorized access to your
computer files.
 Do not install unnecessary programs on your computer.

20
Technical Cyber Security Awareness
 Creating a DMZ zone

Internet
 The Demilitarized Zone (DMZ) is a network
developed to seal the internal network from the
Web Server
outside world. Firewall
DMZ
 The DMZ contains all the servers that must be Client
Firewall

accessible from the outside world

Internal Network

 NOTE that we must always assume that servers in SMTP Server

the DMZ are going to be hacked at some point.

Client
 Firewalls

 Firewalls exist into types:

 Packet filters: Are operating on the protocol level.
They use a firewalling policy to allow the packet
to pass or to drop the packet.
 Proxy Servers: They operate at the application
level. They are always located between the user
requests and the servers response. Thus allowing
us to enforce policies on which users can access
the internet and on which port.
 Packet Filters are usually located on the router, while
Proxies are installed on computers
 A network may use any number of firewalls
depending its size and architecture.
 Intrusion Prevention System (IPS)

 An Intrusion Prevention System (IPS) is a network

security/threat prevention technology that examines network
traffic flows to detect and prevent vulnerability exploits.
Vulnerability exploits usually come in the form of malicious
inputs to a target application or service that attackers use to
interrupt and gain control of an application or machine
 The IPS has two main detection mechanisms:
 Signature based : They hold a database of known attacks
and they test packets against the data stored in the
database.
 Anomaly based:  takes samples of network traffic at
random and compares them to a pre-calculated baseline
performance level. When the sample of network traffic
activity is outside the parameters of baseline performance,
the IPS takes action to handle the situation.
 Cyber Security – Mitigation Techniques
Hardening
Insure all hosts run at a minimum level. Only mission critical software, services, ports and devices are
allowed.
Access Control
Strong authentication and Role Based Access Control (RBAC) is a natural requirement in any security
architecture, but is never stronger than the implementation.
Intrusion Detection/Prevention
Deploy sensors or agents on all hosts, perform log management of all devices, and use security
information and event management (SIEM) to detect and possibly respond to anomalies in the system.

Patch Management
Processes and technology to insure that all available security updates that are verified not to interfere
with
system operation are installed in all hosts.

1/12/21 © ABB Group | Slide 25

 Cyber Security – Mitigation Techniques (Cont’d)
Anti-Virus
Employs blacklist, heuristic, and behavioral detection and prevention of malware.
Application Whitelisting
Only allows pre-approved software to execute. Less intrusive than Anti-Virus.

Traffic Whitelisting
Only accepts pre-approved traffic through stateful and deep packet inspection.

1/12/21 © ABB Group | Slide 26

Thank You