LESSON 2

CYBERSECURITY

Overview:
This lesson covers about cybersecurity. The purpose of cybersecurity and
different types of cyber-attacks is also discussed. It also covers the basic protection
from cyber-attacks.
Learning Outcomes:
At the end of the lesson, the students can:
1. define Cybersecurity;
2. differentiate the types of cyber-attacks;
3. identify the types of malwares;
4. draw the flow of the man-in-the-middle attacks.
Learning Content:
What Is Cybersecurity?
Cybersecurity is the practice of securing networks, systems and any other
digital infrastructure from malicious attacks. With cybercrime damages projected to
exceed a staggering $6 trillion by 2021, it’s no wonder banks, tech companies,
hospitals, government agencies and just about every other sector are investing in
cybersecurity infrastructure to protect their business practices and the millions of
customers that trust them with their data.
What’s the best cybersecurity strategy? A strong security infrastructure includes
multiple layers of protection dispersed throughout a company’s computers, programs
and networks. With cyber-attacks occurring every 14 seconds, firewalls, antivirus
software, anti-spyware software and password management tools must all work in
harmony to outwit surprisingly creative cybercriminals. With so much at stake, it’s not
hyperbolic to think that cybersecurity tools and experts act as the last line of defense
between our most vital information and digital chaos.
So when talking about cybersecurity, one might wonder “What are we trying to
protect ourselves against?” Well, there are three main aspects we are trying to control,
name:
  Unauthorized Access
 Unauthorized Deletion
 Unauthorized Modification
These three terms are synonymous with the very commonly known CIA triad
which stands for Confidentiality, Integrity, and Availability. The CIA triad is also
commonly referred to as the three pillars of security and most of the security policies of
an organization are built on these three principles.
The CIA Triad
The CIA triad which stands for Confidentiality, Integrity, and Availability is a
design model to guide companies and organizations to form their security policies. It is
also known as the AIC triad to avoid confusion with Central Intelligence Agency(CIA).
The components of the triad are considered to be the most important and fundamental
components of security. So let me brief you all about the three components

Confidentiality
Confidentiality is the protection of personal information. Confidentiality means
keeping a client’s information between you and the client, and not telling others
including co-workers, friends, family, etc.
Integrity
 Integrity, in the context of computer systems, refers to methods of ensuring that
data is real, accurate and safeguarded from unauthorized user modification.
Availability
Availability, in the context of a computer system, refers to the ability of a user to
access information or resources in a specified location and in the correct format.

Types of Cyber-attacks

Cyber-attacks come in all shapes and sizes. Some may be overt ransomware
attacks (hijacking important business products or tools in exchange for money to
release them), while some are covert operations by which criminals infiltrate a system to
gain valuable data only to be discovered months after-the-fact, if at all. Criminals are
getting craftier with their malicious deeds and here are some of the basic types of cyber-
attacks affecting thousands of people each day.
1. Malware
Malware is used to describe malicious software, including spyware, ransomware
and viruses. It usually breaches networks through a vulnerability, like clicking on
suspicious email links or installing a risky application. Once inside a network, malware
can obtain sensitive information, further produce more harmful software throughout the
system and can even block access to vital business network components
(ransomware).

2. Phishing
Phishing is the practice of sending malicious communications (usually emails)
designed to appear from reputable, well-known sources. These emails use the same
names, logos, wording, etc., as a CEO or company to dull suspicions and get victims to
click on harmful links. Once a phishing link is clicked, cyber criminals have access to
sensitive data like credit card, social security or login information.
3. Password Attacks
Password attack is a hacking method where someone tries to gain
unauthorized access to an account, system, or device by cracking or stealing the
password.
4. DDoS Attack
DDoS attack is when many infected computers or devices (a botnet) flood a website or
online service with tons of traffic all at once to overwhelm it and make it slow or
completely unavailable to real users.
A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the
normal traffic of a targeted server, service or network by overwhelming the target or its
surrounding infrastructure with a flood of Internet traffic.

5. Man-in-the-Middle Attack
Man-in-the-Middle (MitM) attacks occur when criminals interrupt the traffic
between a two-party transaction. For example, criminals can insert themselves between
a public Wi-Fi and an individual’s device. Without a protected Wi-Fi connection, cyber
criminals can sometimes view all of a victim’s information without ever being caught.
6. Drive by Download
Drive-by download is when malicious software (malware) is automatically downloaded
and installed on your device just by visiting a compromised or malicious website,
without you clicking anything or giving permission.
Drive by download attacks specifically refer to malicious programs that install to your
devices — without your consent. This also includes unintentional downloads of any files
or bundled software onto a computer device.

7. Malvertising Attack

A relatively new cyberattack technique that injects malicious code within digital ads.
Difficult to detect by both internet users and publishers, these infected ads are usually
served to consumers through legitimate advertising networks. Because ads are
displayed to all website visitors, virtually every page viewer is at risk of infection.
8. Rogue Software

Rogue software is a type of malicious program that pretends to be legitimate software,

often posing as antivirus or security tools, but is actually fake and harmful.

How to Protect Yourself:

 Never trust pop-up warnings or “free scans” from random websites

 Only download software from official or trusted sources

 Use reputable antivirus software

 Keep your system and browser updated

 If you're unsure about a program, look it up before installing

BASIC PROTECTION
Cybersecurity Basics
A multi-layer cybersecurity approach is the best way to thwart any serious cyber-
attack. A combination of firewalls, software and a variety of tools will help combat
malware that can affect everything from mobile phones to Wi-Fi. Here are some of the
ways cybersecurity experts fight the onslaught of digital attacks.
AI FOR CYBERSECURITY
AI is being used in cybersecurity to thwart a wide variety of malicious
cybercrimes. Security companies are training artificial intelligence tools to predict data
breaches, alert to phishing attempts in real-time and even expose social engineering
scams before they become dangerous.
Securing Against Malware
Security against malware is certainly one of the most important issues today (and
it will continue to be as malicious software evolves). An anti-virus software package is
needed to combat any suspicious activity. These packages usually include tools that do
everything from warning against suspicious websites to flagging potentially harmful
emails.
Mobile Security
Mobile phones are one of the most at-risk devices for cyber-attacks and the
threat is only growing. Device loss is the top concern among cybersecurity experts.
Leaving our phones at a restaurant or in the back of a rideshare can prove dangerous.
Luckily, there are tools that lock all use of mobile phones (or enact multi-factor
passwords) if this incident occurs. Application security is also becoming another major
issue. To combat mobile apps that request too many privileges, introduce Trojan viruses
or leak personal information, experts turn to cybersecurity tools that will alert or
altogether block suspicious activity.
Web Browser Security & the Cloud
Browser security is the application of protecting internet-connected, networked
data from privacy breaches or malware. Anti-virus browser tools include pop-up
blockers, which simply alert or block spammy, suspicious links and advertisements.
More advanced tactics include two-factor authentication, using security-focused browser
plug-ins and using encrypted browsers.
Wi-Fi Security
Using public Wi-Fi can leave you vulnerable to a variety of man-in-the-middle
cyber-attacks. To secure against these attacks, most cybersecurity experts suggest
using the most up-to-date software and to avoid password-protected sites that contain
personal information (banking, social media, email, etc.). Arguably, the most secure way
to guard against a cyber-attack on public Wi-Fi is to use a virtual private network (VPN).
VPNs create a secure network, where all data sent over a Wi-Fi connection is
encrypted.
How is Cybersecurity implemented?
There are numerous procedures for actually implementing cybersecurity, but
there three main steps when actually fixing a security-related issue.
The first step is to recognize the problem that is causing the security issue, for example,
we have to recognize whether there is a denial-of-service attack or a man in the middle
attack. The next step is to evaluate and analyze the problem. We have to make sure we
isolate all the data and information that may have been compromised in the attack.
Finally, after evaluating and analyzing the problem, the last step is to develop a patch
that actually solves the problem and brings back the organization to a running state.

Steps to treat a Cyberattack

When identifying, analyzing and treating a cyber-attack, there are three principals that
are kept in mind for various calculations. They are:
 Vulnerability
 Threat
 Risk
Vulnerability, Threat and Risk – What is Cybersecurity – Edureka