1.

Introduction to Cyber Security

1.1.1 What Is Cybersecurity?

Cybersecurity is the ongoing effort to protect individuals, organizations and

governments from digital attacks by protecting networked systems and data from
unauthorized use or harm.

Personal
On a personal level, you need to safeguard your identity, your data, and your computing
devices.

Organizational
At an organizational level, it is everyone’s responsibility to protect the organization’s
reputation, data and customers.

Government
As more digital information is being gathered and shared, its protection becomes even
more vital at the government level, where national security, economic stability and the
safety and wellbeing of citizens are at stake.

1.1.2 Protecting Your Personal Data

Personal data is any information that can be used to identify you, and it can exist
both offline and online.

Offline Identity
Your offline identity is the real-life persona that you present on a daily basis at home, at
school or at work. As a result, family and friends know details about tour personal life,
including our full name, age and address.
It is important not to overlook the importance of securing your offline identity. Identity
thieves can easily steal your data from right under your nose when you are not looking.
Online Identity.
Your online identity is not just a name, it’s who you are and how you present yourself to
others online. It includes the username or alias you use for your online accounts, as well
as the social identity you establish and portray online communities and websites.
You should take care to limit the amount of personal information you reveal through
your online identity.
Many people think that if they don’t have any social media or online accounts set up, then they
don’t have an online identity. This is not the case. If you use the web, you have an online
identity.

1.1.3 Your Online Identity

It’s your first day on the job, and it’s time to choose a username for your online identity. Which of
the following options would you choose?
This is your first chance to gain some valuable defender points at eLearning company @Apollo,
so take your time and think carefully before making your choices.
Choose two correct answers, then Submit.

That’s not quite right.

When choosing a username, it’s important not to reveal any personal information.

Some other useful tips to help you generate your username:

 Don’t use your full name or parts of your address or phone number.
 Don’t use your email username.
 Don’t use the same username and password combination, especially on financial
accounts.
 Don’t choose a super-odd username and then reuse it again and again — it
makes you easier to track.
 Don’t choose a username that gives clues to your passwords such as a series of
numbers/letters, the first part of a two-part phrase, such as knock-knock or
starlight, or the department in which you work, such as IT.
 Do choose a username that’s appropriate for the type of account, i.e., business,
social or personal.

That’s right, well done! You sure know how to keep your online identity safe.

When choosing a username, it’s important not to reveal any personal information. It
should be something appropriate and respectful and should not lead strangers to think
you are an easy target for cybercrimes or unwanted attention.

Some other useful tips to help you generate your username:

 Don’t use your full name or parts of your address or phone number.
 Don’t use your email username.
 Don’t use the same username and password combination, especially on financial
accounts.
 Don’t choose a super-odd username and then reuse it again and again — it
makes you easier to track.
  Don’t choose a username that gives clues to your passwords such as a series of
numbers/letters or the first part of a two-part phrase, such as knock-knock or
starlight, or the department in which you work, such as IT.
 Do choose a username that’s appropriate for the type of account, i.e., business,
social or personal.

1.1.4 Your Data

Personal data describes any information about you, including your name, social security
number, driver license number, date and place of birth, your mother’s maiden name,
and even pictures or messages that you exchange with family and friends.

Cybercriminals can use this sensitive information to identify and impersonate you,
infringing on your privacy and potentially causing serious damage to your reputation.

Medical records
Every time you visit the doctor, personal information regarding your physical and mental
health and wellbeing is added to your electronic health records (EHRs). Since the
majority of these records are saved online, you need to be aware of the medical
information that you share.

And these records go beyond the bounds of the doctor’s office. For example, many
fitness trackers collect large amounts of clinical data such as your heart rate, blood
pressure and blood sugar levels, which is transferred, stored and displayed via the
cloud. Therefore, you should consider this data to be part of your medical records.

Education records
Educational records contain information about your academic qualifications and
achievements. However, these records may also include your contact information,
attendance records, disciplinary reports, health and immunization records as well as
any special education records including individualized education programs (IEPs).

Employment and financial records

Employment data can be valuable to hackers if they can gather information on your past
employment, or even your current performance reviews.

Your financial records may include information about your income and expenditure.
Your tax records may include paychecks, credit card statements, your credit rating and
your bank account details. All of this data, if not safeguarded properly, can compromise
your privacy and enable cybercriminals to use your information for their own gain.
1.1.5 Where Is Your Data?
This has got you thinking. Only yesterday, you shared a couple of photos of your first
day on the job with a few of your close friends. But that should be OK, right? Let’s see
i. You took some photos at work on your mobile phone. Copies of these photos
are now available on your mobile device.
ii. You shared these with five close friends, who live in various locations across
the World.
iii. All of your friends downloaded the photos and now have copies of your
photos on their devices.
iv. One of your friends was so proud that they decided to post and share your
photos online. The photos are no longer just on your device. They have in fact
ended up on servers located in different parts of the world and people whom
you don’t even know now have access to your photos.

1.1.6 What's More.

This is just one example that reminds us that every time we collect or share personal
data, we should consider our security. There are different laws that protect your privacy
and data in your country. But do you know where your data is?
Example 1.
Following an appointment, the doctor will update your medical record. For billing
purposes, this information may be shared with the insurance company. In such cases,
your medical record or party of it, is now accessible at the insurance company.
Example 2.
Store loyalty cards may be a convenient way to save money on your purchases.
However, the store is using this card to build a profile of your purchasing behavior,
which it can then use to target you with special offer from its marketing partners.

1.1.7 Smart Devices

Consider how often you use your computing devices to access your personal data.
Unless you have chosen to receive paper statements, you probably access digital
copies of bank account statements via your bank’s website. And when paying a bill, it’s
highly likely that you’ve transferred the required funds via a mobile banking app.

But besides allowing you to access your information, computing devices can now also
generate information about you.

Wearable technologies such as smart watches and activity trackers collect your data for
clinical research, patient health monitoring, and fitness and wellbeing tracking. As the
global fitness tracker market grows, so also does the risk to your personal data.
 It might seem that information available online is free. But is privacy the price we pay
for this digital convenience?

For example, social media companies generate the majority of their income by selling
targeted advertising based on customer data that has been mined using algorithms or
formulas. Of course, these companies will argue that they are not ‘selling’ customer
data, but ‘sharing’ customer data with their marketing partners.

You can make up your own mind!

1.1.8 What Do Hackers Want?

So, with all this information about you available online, what do hackers want? Of
course, they want your money.
Can you think of an example that you have experienced yourself or that you have heard
or read about, where cybercriminals have accessed or tried to access financial
information online?

Cybercriminals are certainly very imaginative when it comes to gaining access to your
money. But that’s not all they are after — they could also steal your identity and ruin
your life.

Let’s find out more.

1.1.9 Identity Theft

Not content with stealing your money for short-term financial gain, cybercriminals are invested in the
long-term gain of identity theft.

1.1.10 Who Else Wants My Data?

Internet Service Provider.

Your ISP tracks your online activity and, in some countries, they can sell this data to
advertisers for a profit.

In certain circumstances, ISPs may be legally required to share your information with
government surveillance agencies or authorities

Advertiser
Targeted advertising is part of the Internet experience. Advertisers monitor and track your online
activities such as shopping habits and personal preferences and send targeted ads your way
Search engines and social media platforms.
These platforms gather information about your gender, geo-location, phone number and political
and religious ideologies based on your search histories and online identity. This information is
then sold to advertisers for a profit.
Websites you visit.
Websites use cookies to track your activities in order to provide a more personalized
experience. But this leaves a data trail that is linked to your online identity that can often end up
in the hands of advertisers!
It’s obvious that cybercriminals are becoming more sophisticated in their pursuit of valuable
personal data. But they also pose a huge threat to organizational data.
1.2.1 Types of Organizational Data
[Link] Traditional Data
Traditional data is typically generated and maintained by all organizations, big and small. It
includes the following:
Transactional data such as details relating to buying and selling, production activities and basic
organizational operations such as any information used to make employment decisions.
Intellectual property such as patents, trademarks and new product plans, which allows an
organization to gain economic advantage over its competitors. This information is often
considered a trade secret and losing it could prove disastrous for the future of a company.
Financial data such as income statements, balance sheets and cash flow statements, which
provide insight into the health of a company.

[Link] Internet of Things (IoT) and Big Data

IoT is a large network of physical objects, such as sensors, software and other equipment. All of
these ‘things’ are connected to the Internet, with the ability to collect and share data. And given
that storage options are expanding through the cloud and virtualization, it’s no surprise that the
emergence of IoT has led to an exponential growth in data, creating a new area of interest in
technology and business called 'Big Data’

1.2.2 The Cube

The McCumber Cube is a model framework created by John McCumber in 1991 to help
organizations establish and evaluate information security initiatives by considering all of
the related factors that impact them. This security model has three dimensions:

1. The foundational principles for protecting information systems.

2. The protection of information in each of its possible states.
3. The security measures used to protect data
Confidentiality is a set of rules that prevents sensitive information from being disclosed
to unauthorized people, resources and processes. Methods to ensure confidentiality
include data encryption, identity proofing and two factor authentication.

Integrity ensures that system information or processes are protected from intentional or
accidental modification. One way to ensure integrity is to use a hash
function or checksum.

Availability means that authorized users are able to access systems and data when
and where needed and those that do not meet established conditions, are not. This can
be achieved by maintaining equipment, performing hardware repairs, keeping
operating systems and software up to date, and creating backups.
 Processing refers to data that is being used to perform an operation such as
updating a database record (data in process).

 Storage refers to data stored in memory or on a permanent storage device such

as a hard drive, solid-state drive or USB drive (data at rest).

 Transmission refers to data traveling between information systems (data in

transit).
 Awareness, training and education are the measures put in place by an
organization to ensure that users are knowledgeable about potential security
threats and the actions they can take to protect information systems.

 Technology refers to the software- and hardware-based solutions designed to

protect information systems such as firewalls, which continuously monitor your
network in search of possible malicious incidents.

 Policy and procedure refers to the administrative controls that provide a

foundation for how an organization implements information assurance, such as
incident response plans and best practice guidelines.

1.2.4 Is This for Real?

Yes, phishing is very common and often works. For example, in August 2020,
elite gaming brand Razer experienced a data breach which exposed the personal
information of approximately 100,000 customers.
A security consultant discovered that a cloud cluster (a group of linked servers
providing data storage, databases, networking, and software through the
 Internet), was misconfigured and exposed a segment of Razer’s infrastructure to
the public Internet, resulting in a data leak.
It took Razer more than three weeks to secure the cloud instance from public
access, during which time cybercriminals had access to customer information
that could have been used in social engineering and fraud attacks, like the one
you uncovered just now.
Organizations therefore need to take a proactive approach to cloud security to
ensure that sensitive data is secured.

1.2.5 Data Security Breaches

The implications of a data security breach are severe, but they are becoming all too
common.

The Persirai botnet

In 2017, an Internet of Things (IoT) botnet, Persirai, targeted over 1,000 different models of
Internet Protocol (IP) cameras, accessing open ports to inject a command that forced the cameras
to connect to a site which installed malware on them. Once the malware was downloaded and
executed, it deleted itself and was therefore able to run in memory to avoid detection.

Over 122,000 of these cameras from several different manufacturers were hijacked and used to
carry out distributed denial-of-service (DDoS) attacks, without the knowledge of their owners. A
DDoS attack occurs when multiple devices infected with malware flood the resources of a
targeted system.
The IoT is connecting more and more devices, creating more opportunities for cybercriminals to
attack.

Equifax Inc.
In September 2017, Equifax, a consumer credit reporting agency in the United States, publicly
announced a data breach event: Attackers had been able to exploit a vulnerability in its web
application software to gain access to the sensitive personal data of millions of customers.

In response to this breach, Equifax established a dedicated website that allowed Equifax
customers to determine if their information was compromised. However, instead of using a
subdomain of [Link], the company set up a new domain name, which allowed
cybercriminals to create unauthorized websites with similar names. These websites were used to
try and trick customers into providing personal information.

Attackers could use this information to assume a customer’s identity. In such cases, it would be
very difficult for the customer to prove otherwise, given that the hacker is also privy to their
personal information.
If you are ever faced with a similar situation, quickly verify if your information was
compromised, so that you can minimize the impact. Keep in mind that, in a time of
crisis, you may be tricked into using unauthorized websites.

Always be vigilant when providing personally identifiable information over the Internet.
Check your credit reports regularly and immediately report any false information, such
as applications for credit that you did not initiate or purchases on your credit cards that
you did not make.

1.2.6 Consequences of a Security Breach

These examples show that the potential consequences of a security breach can be
severe.

Reputational damage

A security breach can have a negative long-term impact on an organization’s reputation

that has taken years to build. Customers, particularly those who have been adversely
affected by the breach, will need to be notified and may seek compensation and/or turn
to a reliable and secure competitor. Employees may also choose to leave in light of a
scandal.

Depending on the severity of a breach, it can take a long time to repair an organization’s
reputation.

Vandalism
A hacker or hacking group may vandalize an organization’s website by posting untrue
information. They might even just make a few minor edits to your organization’s phone
number or address, which can be trickier to detect.
In either case, online vandalism can portray unprofessionalism and have a negative
impact on your organization’s reputation and credibility.

Theft
A data breach often involves an incident where sensitive personal data has been stolen.
Cybercriminals can make this information public or exploit it to steal an individual’s
money and/or identity.

Loss of revenue
The financial impact of a security breach can be devastating. For example, hackers can
take down an organization’s website, preventing it from doing business online. A loss of
customer information may impede company growth and expansion. It may demand
further investment in an organization’s security infrastructure. And let’s not forget that
organizations may face large fines or penalties if they do not protect online data.

Damaged intellectual property

A security breach could also have a devastating impact on the competitiveness of an
organization, particularly if hackers are able to get their hands on confidential
documents, trade secrets and intellectual property.
Despite the best of intentions and all the safeguards you can put in place, protecting
organizations from every cyberattack is not feasible.
Cybercriminals are constantly finding new ways to attack and, eventually, they will
succeed.
When they do, it will be up to cybersecurity professionals, like you, to respond quickly to
minimize its impact.
1.3.1 Scenario 1
Security breaches today are all too common, with attackers constantly finding new and
innovative ways of infiltrating organizations in search of valuable information.

According to our sources, a well-known hotel chain that operates across the world has
reported a massive data breach, with the personal information of over three million
guests exposed to hackers.
The hotel discovered that hackers gained access to its customer database by using the
login details of one of its employees.
At this point, the hotel doesn’t believe that the hackers were able to access any account
passwords or financial information. Recent guests are encouraged to check the hotel
chain’s web portal to see if they have been impacted by this breach.

Select the correct answer, then Submit.

The hotel chain’s reputation

The card payment information of over three million guests

The username and password of all of the hotel’s employees

done
The names, email address and phone numbers of over three million hotel guests

1.3.4 What Exploits