Cyber Security
1
�Definitions and
Principles
2
�Introduction
• The Internet's Growth
─ The internet has grown rapidly, with almost everyone using it
today.
─ Millions of websites are available to the public, offering
endless opportunities.
• Rise of Cybercrime
─ While the internet offers many benefits, it has also opened the
door to a new type of crime.
• Cybercrime
• Cybercrime refers to illegal activities that use computers, the
internet, and the worldwide web.
Naseer Ahmad 3
�Cyberspace
• The "Nebulous Place" of Human Interaction Online
─ is a virtual, online world where people interact using computer
networks.
─ Today, the term Cyberspace refers to the Internet and other
computer networks.
• Cyberspace = Online World
─ A place where we chat, explore, research, and play online.
• How it Works
─ It's made up of worldwide computer networks using a
special communication system called TCP/IP (Transmission
Control Protocol/Internet Protocol).
Naseer Ahmad 4
�Cybersquatting
is the act of illegally registering domain names that are similar
to famous brands, trademarks, or personal names, with the
intent to profit from them.
• Origin of the Term
─ The word “Cybersquatting” comes from the idea of squatting—
occupying a space (like an abandoned building) without
permission.
• How Cybersquatting Works
─ A person registers a domain name that’s similar or identical to
a company or person's trademark, brand, or name.
─ They do this to profit by selling the domain name later or
causing confusion.
Naseer Ahmad 5
�Cybersquatting
• Bad Faith Intent
─ The registrants have bad intentions, using the domain to take
advantage of the brand's reputation.
• Protection Against Cybersquatting
─ The U.S. government and the Internet Corporation for
Assigned Names and Numbers (ICANN) work to protect
trademarks and businesses from cybersquatting.
• In Short
─ Cybersquatting is a harmful practice where someone takes a
domain name similar to a well-known trademark to make a
profit.
Naseer Ahmad 6
�Cyberterrorism
Cyberterrorism is the use of the Internet to carry out violent
acts or threats with the goal of causing harm or achieving
political or ideological objectives.
• Definition
─ Cyberterrorism involves using the Internet to cause loss of life,
serious injury, or fear, often with a political or ideological
purpose.
• Types of Attacks
─ Disrupting computer networks or systems—especially those
connected to the Internet—using tools like:
• Viruses
• Worms
• Phishing Naseer Ahmad 7
�Cyberterrorism
• Purpose of Cyberterrorism
─ The goal is to cause fear or intimidation, sometimes through
large-scale disruptions or attacks on personal or public
computer systems.
• In Short
─ Cyberterrorism is the use of the Internet to carry out harmful
attacks for political or ideological purposes, often causing
widespread damage to computer systems.
Naseer Ahmad 8
�Cyber Crime
• Cyber crimes are, as the name implies, crimes
committed using computers, phones or the internet.
• Some types of cyber crime include:
─ Illegal interception of data.
─ System interferences.
─ Copyrights infringements.
─ Sale of illegal items.
Naseer Ahmad 9
�Alternative Definition of Computer
Crime
• Use of Computer Knowledge
─ Any illegal act where having special knowledge of
computer technology is necessary for the crime,
investigation, or prosecution.
• Traditional Crimes with a Digital Twist
─ Crimes that have become larger or more complex due to
the use of computers (e.g., online fraud, digital theft).
• Financial Dishonesty Online
─ Crimes like fraud, embezzlement, or other forms of
financial dishonesty that happen in the computer
environment.
Naseer Ahmad 10
�Alternative Definition of Computer
Crime
• Threats to Computer Systems
─ Crimes that target the computer hardware or software,
such as:
• Theft
• Sabotage
• Ransom demands (e.g., ransomware attacks)
Naseer Ahmad 11
�Cyber Security
Cyber security is the body of technologies, processes and
practices involved in protecting individuals and organizations
from cyber crime.
It is designed to protect integrity of networks, computers,
programs and data from attack, damage or unauthorized
access.
Kill Chain, Zero-day attack, ransomware, alert fatigue and Man-
in the middle attack are just a few examples of common cyber
attacks.
Naseer Ahmad 12
�Cyber Security Principles
• There are five key principles in cyber security:
─ Confidentiality
─ Integrity
─ Availability
─ Accountability
─ Auditability
Naseer Ahmad 13
�Cyber Security Principles Definitions
• Confidentiality
─ Rules that limit access to certain information or restrict
who can view it.
─ Goal:
• Keep sensitive information private and protected.
• Integrity
─ Assurance that information is accurate and trustworthy.
─ Goal:
• Prevent unauthorized changes or tampering with data.
Naseer Ahmad 14
�Cyber Security Principles Definitions
• Availability
─ Ensuring authorized people can access information when
needed.
─ Goal:
• Guarantee reliable access to data at all times.
• Accountability
─ Ensures that individuals or organizations are responsible for
their actions and will be evaluated based on their behavior or
performance.
─ Goal:
• Hold people or entities responsible for their actions, especially when it
comes to handling sensitive information.
Naseer Ahmad 15
�Cyber Security Principles Definitions
• Auditability
─ A security audit is a detailed review of how well a company’s
information systems follow established security standards.
─ Goal:
• Evaluate the effectiveness of security practices to ensure the system
is protected and compliant.
• In Short
─ To protect information, we focus on Confidentiality,
Integrity, and Availability—keeping it private, accurate, and
accessible.
─ Accountability means people are responsible for their
actions, while Auditability involves reviewing and measuring
security practices to ensure they meet set standards. 16
Naseer Ahmad
�Cyber Threats
17
�Cyber Threat
Cyber Threat refers to any malicious activity aimed at
gaining unauthorized access to a computer system or
network.
• A cyber threat is any act trying to damage, disrupt, or
gain access to a system or network without permission.
• Types of Cyber Threats:
─ Social Engineered Trojans
─ Unpatched Software (vulnerabilities in software)
─ Phishing (fraudulent attempts to steal data)
─ Network Worms (self-replicating malicious software)
─ And many more...
Naseer Ahmad 18
�Sources of Cyber Threats
• Cyber threats can come from many different sources,
including
─ National Governments
• Governments may target other nations or organizations for espionage
or political gain.
─ Terrorists
• Groups using cyberattacks for political or ideological purposes.
─ Industrial Secret Agents
• Individuals who steal trade secrets or sensitive business information for
personal or corporate gain.
─ Rogue Employees
• Employees with malicious intent who misuse their access to systems or
data.
Naseer Ahmad 19
�Sources of Cyber Threats
• Cyber threats can come from many different sources,
including
─ Hackers
• Individuals or groups who exploit vulnerabilities in systems for personal
gain, fame, or to cause disruption.
─ Business Competitors
• Rival companies trying to steal information or disrupt business
operations.
─ Organization Insiders
• Trusted individuals within an organization who intentionally or
unintentionally compromise security.
Naseer Ahmad 20
�Cyber Threat Classifications
• Cyber threats can be classified based on the
─ Attacker’s resources;
─ Attacker’s organization;
─ and Attacker’s funding.
• Based on these factors, threats are grouped into three
types:
─ Unstructured Threats
─ Structured Threats
─ Highly Structured threats
Naseer Ahmad 21
�Unstructured Cyber Threats
• Resources:
─ Individual or small group
• Organization:
─ Little or no planning or coordination
• Funding:
─ Very low or none
• Attack:
─ Simple to detect Uses easily available cyberattack tools
─ Targets known, documented vulnerabilities
Naseer Ahmad 22
�Structured Cyber Threats
• Resources:
─ Skilled individuals or organized groups
• Organization:
─ Well-planned and coordinated
• Funding:
─ Sufficient or available
• Attack:
─ Targets specific individuals or organizations
• Exploitation:
─ Based on careful information gathering before the attack
Naseer Ahmad 23
�Highly Structured Cyber Threats
• Organization:
─ Extensive planning and resources over a long period
• Attack:
─ Long-term focus on a specific target (machine, data, or
system)
• Exploitation:
─ Uses multiple attack methods, including:
• Technical (e.g., hacking, malware)
• Social (e.g., phishing, manipulation)
• Insider help (e.g., from someone inside the target organization)
Naseer Ahmad 24
�Cyber Security Threat Index Levels
Cyber threats are evaluated daily by the Counter Threat
Unit (CTU) and assigned a threat index level based on
severity.
• Threat Index Levels:
─ Level 1: Guarded
• Low risk, no immediate action required
─ Level 2: Elevated
• Moderate risk, monitoring in place
─ Level 3: High
• Significant risk, increased vigilance needed
─ Level 4: Critical
• Severe risk, immediate action required
Naseer Ahmad 25
�Who are cybercriminals?
• Cybercrime involves illegal activities such as:
─ Credit card fraud
─ Cyberstalking
─ Unauthorized access to computer systems
─ Violating copyright, software licensing, and trademarks
─ Overriding encryption to make illegal copies
─ Software piracy
─ Identity theft
• Cybercriminals are individuals or groups who engage in
these acts. They can be categorized into three main
groups based on their motivations
Naseer Ahmad 26
�Classification of Cybercriminals
• Hungry for recognition
─ Hobby hackers;
─ IT professionals (social engineering is one of the biggest
threat);
─ politically motivated hackers;
─ terrorist organizations.
• Not interested in recognition
─ Psychological
─ financially motivated
─ hackers (corporate espionage);
─ state-sponsored hacking (national espionage,
─ organized criminals. 27
Naseer Ahmad
�Classification of Cybercriminals
• The insiders
─ Disgruntled or former employees seeking revenge;
─ Competing companies using employees to gain economic
advantage through damage and/or theft.
Naseer Ahmad 28
�Cybercrimes Classification
“an act or commission of an act that is forbidden, or the
omission of a duty that is commanded by a public law
and that makes the offender liable to punishment by that
law.” (Webster Dictionary).
Naseer Ahmad 29
�Cybercrimes Classification
• Cybercrime against individual
─ Electronic mail (E-Mail) Spoofing and other online frauds.
─ Phishing, Spear Phishing and its various;
─ Spamming ;
─ Cyberdefamation;
─ Cyberstalking and harassment;
─ Computer sabotage;
─ Pornographic offenses;
─ Password sniffing.
Naseer Ahmad 30
�Cybercrimes Classification
• Cybercrime against property
─ Credit card frauds;
─ Intellectual property (IP) crimes;
─ Internet time theft.
Naseer Ahmad 31
�Cybercrimes Classification
• Cybercrime against property
─ Credit card frauds;
─ Intellectual property (IP) crimes;
─ Internet time theft.
Naseer Ahmad 32
�Cybercrimes Classification
• Cybercrime against organization
─ Unauthorized accessing of computer
─ Password Sniffing
─ Denial-of-service Attacks(known as DOS attacks)
─ Virus attack/dissemmation of viruses
─ E-Mai/ bombing/mail bombs
─ Salam attack/Salami technique
Naseer Ahmad 33
�Cybercrimes Classification
• Cybercrime against organization
─ Logic bomb
─ Trojan Horse
─ Data diddling
─ Industrial spying/industorrial espionage
─ Computer network intrusions
─ Software piracy
Naseer Ahmad 34
�Cybercrimes Classification
• Cybercrime against Society
─ Forgery
─ Cyberterrorism
─ Web jacking
Naseer Ahmad 35