Cybersecurity & Cyber Attacks: Introduction, Concepts, and Techniques, Study notes of Computer science

Get some idea about Cyber Security And cyber Attacks.

Typology: Study notes

2021/2022

Uploaded on 06/24/2022

hasitha-sanjaya
hasitha-sanjaya 🇱🇰

4.3

(4)

6 documents

1 / 13

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
CYBER SECURITY & CYBER ATTACKS
(Core Content – Draft Document 01)
When considering the topic cyber security, we can dive deep into a huge
ocean of information further and more. We can narrow down this huge knowledge
base into 4 ideal modules for our ease of clarifications.
1: Introduction to Cybersecurity
2: Attacks, Concepts and Techniques
3: Protecting your Data and Privacy
4: Protecting the Organization
These are the key areas, what we gonna cover up today with our
presentation.
So, now we are going to dig a bit deeper from here on.
1: Introduction to Cybersecurity
This module aims to help you understand the growing need for
cybersecurity. Faced with an unprecedented surge in cyber-attacks, never before has the
demand for cybersecurity professionals been so high. Find out more about what
cybercriminals want and what you can do to ensure that a cyber threat never becomes a
reality.8
Let me start you on our “Cyber Security and Cyber Attacks” acknowledgement journey
from here.
The World of Cybersecurity
1
pf3
pf4
pf5
pf8
pf9
pfa
pfd

Partial preview of the text

Download Cybersecurity & Cyber Attacks: Introduction, Concepts, and Techniques and more Study notes Computer science in PDF only on Docsity!

CYBER SECURITY & CYBER ATTACKS

(Core Content – Draft Document 01) When considering the topic cyber security, we can dive deep into a huge ocean of information further and more. We can narrow down this huge knowledge base into 4 ideal modules for our ease of clarifications. 1: Introduction to Cybersecurity 2: Attacks, Concepts and Techniques 3: Protecting your Data and Privacy 4: Protecting the Organization These are the key areas, what we gonna cover up today with our presentation. So, now we are going to dig a bit deeper from here on.

1: Introduction to Cybersecurity

This module aims to help you understand the growing need for cybersecurity. Faced with an unprecedented surge in cyber-attacks, never before has the demand for cybersecurity professionals been so high. Find out more about what cybercriminals want and what you can do to ensure that a cyber threat never becomes a reality. Let me start you on our “Cyber Security and Cyber Attacks” acknowledgement journey from here.

The World of Cybersecurity

What Is Cybersecurity?

Cybersecurity is the ongoing effort to protect individuals, organizations and governments from digital attacks by protecting networked systems and data from unauthorized use or harm.

Personal

On a personal level, you need to safeguard your

identity, your data, and your computing devices.

Organizational

At an organizational level, it is everyone’s responsibility

to protect the organization’s reputation, data and

customers.

Government

As more digital information is being gathered and

shared, its protection becomes even more vital at the

government level, where national security, economic

stability and the safety and wellbeing of citizens are at

stake.

Protecting Your Personal Data

Personal data is any information that can be used to identify

you, and it can exist both offline and online.

Offline Identity

Your offline identity is the real-life persona that you present on a daily basis at home, at school or at work. As a result, family and friends know details about your personal life, including your full name, age and address.

Medical Records Educational Records Financial Records

Where Is Your Data?

This has got you thinking. Only yesterday, you shared a couple of photos of your first day on the job with a few of your close friends. But that should be OK, right? Let’s see… You took some photos at work on your mobile phone. Copies of these photos are now available on your mobile device You shared these with five close friends, who live in various locations across the world. All of your friends downloaded the photos and now have copies of your photos on their devices. One of your friends was so proud that they decided to post and share your photos online. The photos are no longer just on your device. They have in fact ended up on servers located in different parts of the world and people whom you don’t even know now have access to your photos.

What’s More…

This is just one example that reminds us that every time we collect or share personal data, we should consider our security. There are different laws that protect your privacy and data in your country. But do you know where your data is? Following an appointment, the doctor will update your medical record. For billing purposes, this information may be shared with the insurance company. In such cases, your medical record, or part of it, is now accessible at the insurance company. Store loyalty cards may be a convenient way to save money on your purchases. However, the store is using this card to build a profile of your purchasing behavior, which it can then use to target you with special offers from its marketing partners.

Smart Devices

Identity Theft

Not content with stealing your money for short-term financial gain, cybercriminals are invested in the long-term gain of identity theft.

Medical theft

Rising medical costs have led to an increase in medical identity

theft, with cybercriminals stealing medical insurance to use the

benefits for themselves. Where this happens, any medical

procedures carried out in your name will then be saved in your

medical records.

Banking

Stealing private data can help cybercriminals access bank

accounts, credit cards, social profiles and other online accounts.

Armed with this information, an identity thief could file a fake tax

return and collect the refund. They could even take out loans in

your name and ruin your credit rating (and your life as well).

Who Else Want Your Data?

It’s not just criminals who seek your personal data.

 Your Internet Service Provider (ISP)

Your ISP tracks your online activity and, in some countries, they can sell this data to advertisers for a profit. In certain circumstances, ISPs may be legally required to share your information with government surveillance agencies or authorities.

 Advertisers

Targeted advertising is part of the Internet experience. Advertisers monitor and track your online activities such as shopping habits and personal preferences and send targeted ads your way.

 Search engines and social media platforms

These platforms gather information about your gender, geolocation, phone number and political and religious ideologies based on your search histories and online identity. This information is then sold to advertisers for a profit.

 Websites You Visit

Websites use cookies to track your activities in order to provide a more personalized experience. But this leaves a data trail that is linked to your online identity that can often end up in the hands of advertisers!

Over 122,000 of these cameras from several different manufacturers were hijacked and used to carry out distributed denial-of- service (DDoS) attacks, without the knowledge of their owners. A DDoS attack occurs when multiple devices infected with malware flood the resources of a targeted system. The IoT is connecting more and more devices, creating more opportunities for cybercriminals to attack.

Equifax Inc.

In September 2017, Equifax, a consumer credit reporting agency in the United States, publicly announced a data breach event: Attackers had been able to exploit a vulnerability in its web application software to gain access to the sensitive personal data of millions of customers. In response to this breach, Equifax established a dedicated website that allowed Equifax customers to determine if their information was compromised. However, instead of using a subdomain of equifax.com, the company set up a new domain name, which allowed cybercriminals to create unauthorized websites with similar names. These websites were used to try and trick customers into providing personal information. Attackers could use this information to assume a customer’s identity. In such cases, it would be very difficult for the customer to prove otherwise, given that the hacker is also privy to their personal information.

A Word for You.

If you are ever faced with a similar situation, quickly verify if your information was compromised, so that you can minimize the impact. Keep in mind that, in a time of crisis, you may be tricked into using unauthorized websites. Always be vigilant when providing personally identifiable information over the Internet. Check your credit reports regularly and immediately report any false information, such as applications for credit that you did not initiate or purchases on your credit cards that you did not make.

Consequences of a Security Breach

 Reputational Damage

A security breach can have a negative long-term impact on an organization’s reputation that has taken years to build. Customers, particularly those who have been adversely affected by the breach, will need to be notified and may seek compensation and/or turn to a reliable and secure competitor. Employees may also choose to leave in light of a scandal. Depending on the severity of a breach, it can take a long time to repair an organization’s reputation.

 Vandalism

Despite the best of intentions and all the safeguards you can put in place,

protecting organizations from every cyberattack is not feasible.

Cybercriminals are constantly finding new ways to attack and, eventually,

they will succeed.

Q2: Where to Inform in case of emergency?

Imagine that your computer is suddenly attacked by

ransomware while surfing the Internet. You need to know your next

steps to recover or reduce the damage you are facing and take

legal action. What is the institution in Sri Lanka To inform and

regulates such issues?

1. Bar Association of Sri Lanka (BASL)

2. Financial Crimes Investigation Division (FCID)

3. Telecommunications Regulatory Commission of Sri Lanka

(TRCSL)

4. Department of Government Information (DGI)