INTRODUCTION TO CYBERSECURITY
Organisational Data:
-Traditional Data:
- Transactional Data (Buying & Selling)
- Intellectual Property (Patents & Trademarks)
- Financial Data (Income Statements)
- IoT and Big Data:
- Network that consists of physical objects such as sensors, software
and other equipment. They have the ability to capture and share data.
THE CUBE (McCumber Cube):
This security model has three dimensions:
1. Foundational Principles for protecting information systems:
- Confidentiality: methods to ensure confidentiality include data
encryption, identity proofing and 2fA.
- Integrity: methods to ensure integrity include using a hash functions
and checksums.
- Availability: methods to ensure availability include maintaining the
equipment, hardware repairs and keeping the OS and software up-to
date.
2. Protection of information:
- Processing refers to data that is being used to perform operations
such as updating record in database.
� - Storage refers to data that is being stored in a memory or a
permanent storage device.
- Transmission refers to data travelling between information systems.
3. Security measures used to protect data:
- Awareness, training and education are the measures put in place by
an organisation to ensure users are knowledgeable.
- Technology refers to the software and hardware-based solutions
designed to protect information systems such as firewalls.
- Policy and procedure refer to the administrative controls that provide
foundation of how an organisation implements information assurance.
Consequences of security breach:
- Reputational Damage
- Vandalism
- Theft
- Loss of revenue
- Damaged Intellectual Property
Types Of Attackers:
- Amateurs also known as script kiddies, who use tools found on the
internet to perform attacks.
- Hackers:
- White hat attackers are those who break into networks, identify
weaknesses and try to improvise security.
- Gray hat attackers are those who find vulnerabilities in systems and
report to owner or publish so that others can exploit it.
- Black hat attackers are those who take advantage of vulnerabilities
for illegal purposes and financial gain.
�- Organised hackers are those who belong to an organisation of
hackers.
ATTACKS, CONCEPTS AND TECHNIQUES
Types of malwares:
- Spyware is designed to track and spy on you. It monitors online activity.
This is done by modifying security settings on your device.
- Adware is designed to automatically deliver advertisements to you.
- Backdoor is used to gain unauthorized access by bypassing the normal
authentication process to access a system.
- Ransomware is designed to hold a computer system or data in the
system until ransom is received.
- Scareware is used to trick users into taking specific actions.
- Rootkit is designed to modify the OS to create a backdoor, which
attackers can use to access computers remotely.
- Virus is a computer program that replicates itself when executed and
attaches itself to other executable files by inserting its own code.
- Trojan Horse is a malware that carries out malicious operations by
masking its true intent.
- Worms is another malware that replicates itself to move from one
computer to another.
