HomeCategoriesAll Tags

Cybersecurity Basics

Information Security

  • Confidentiality
  • Integrity
  • Availability

Common Threats

  • Human

Motivation Financial gain, political agenda

  • Technical config error, malicious code

  • Environmental Fire, Flood

Controls

  • Physical
  • Technological
  • Administrative

Types of Controls

  • Preventive Lock on doors

  • Detective Alarm, Siren

Physical Security

  • Access
  • Clean Desk
  • Lock Computer/Device
  • Shred

Password/Authentication

  • Do not share with others
  • Do not disclose or store unsecured
  • Change passwords periodically.
  • Use Signle sign on if possible.
  • Avoid unknown Wi-Fi as it has risk of man-in-the-middle attacks.

Internet Browsing (SSL)

  • Others can view traffic.
  • Use encrypted channel.
  • Although encryptyted, may not be secure.

Keystroke Logging

  • Captures user input.
  • Often use to capture credentials
  • Hardware or software.
  • Do not use unknown systems.

Social Engineering

  • Attacking the human.
  • Often the weakest area of security.

Categories

  • Electronic
    1. Phishing/Smishing
    2. Pretext Calling/Vishing
    3. In-person

Preventive measures

  • Validate suspicious requests or actions.
  • Confirm via contact info.
  • Do not click on links.
  • Do not download or open files.

Administrative Controls

  • Non-Disclosure Agreements
  • Policies and Procedures

Incident

  • Attempts to gain unauthorized access to computer systems.
  • Any event that results in damage, corruption, misuse, or unauthorized exposure of confidential data.
  • Attempts to interfere with the normal functioning of information systems.
  • Theft or destruction of information systems.
  • Other violations of information security related policies.

Incident Response

  • Isolate

    • Disconnect network
    • Disable WiFi
  • Report

    • Appropriate channel
    • Supervisor

Reporting

  • Who
  • What
  • When

Summary - Best Practices

  • Do not try to bypass or circumbent security controls.
  • Physically secure confidential material.
  • Practice safe internet/email use.
  • Be aware of social engineering, such as phishing.
  • Report suspicious activity.

Cyber Security Full Course - Simplilearn

Types of Cyberattacks?

Malware attack

Trojan, Adware, Spyware. By downloading suspicious files. Virus are included along with some legitimate software and by installing that our system gets infected. Passing of USB devices. Keylogger keeps track of all the input keys pressed and send that data to the hacker. That's why some people use on screen keyboard for typing sensitive info.

Social Engineering Attack

It is the art of manipulating gullible people so that they end up sharing their confidential information.

Phishing attack

Fraudelent emails or links. Install malware or steal credit card info. Spear phishing is when the attacker targerts a specific individual or a group of people. Whaling phishing is when target is a wealthy or powerful and prominent individual.

Man-in-the-middle attack

Communication line is intercepted. Hacker takes over client's IP address.

Advanced Persistent Threat-

Hackers get access for prolonged period.

Denial of Service attack-

Network is flooded with traffic which intern leaves legitimate service request unattended. Distributed DoS when attack is launched from multiple sources.

SQL injection attack

Gain accesss to DB and temper with data tables.

Password attack

  1. Dictionary attack
  2. Brute force
  3. Keylogger
  4. Shoulder surfing
  5. Rainbow table

Network Attack

  1. Active attack. Man in the middle modifies the data and sends it.

Preventive measures

  1. Firewalls and Anti-virus Filter the incoming and outgoing traffic. Configure the firewall based on rules such as ip address, traffic limit.
  2. Intrusion Detection System (IDS) Designed to detect unauthorized access to a system. Looks at the behaviour of data and reports if it seems suspicious.
  3. Honeypots Dummy computer systems are used to attract attackers. Deceive attackers using this fake computer systems.

Motives

  1. Tempering with data.
  2. Disrupting business continuity.
  3. Monetory gains.
  4. Creating fear and chaos by disrupting critical infrastructure.
  5. Demanding ransom.
  6. Damaging reputation.
  7. Propagating religious or political benefits.

What is Cybersecurity

Cybersecurity refers to the practice of protecting networks, programs, computer systems, and their components from unauthorized digital access and attacks. Confidentiality, Integrity and Availability of data.

Cryptojacking is an attempt to install malware which in turn tries to gain cryptocurrency through cryptomining using victim's compute power.

Security Testing

It is a process of examining a system for weakness and issues before a potential hacker does. This process is an ongoing one and it should be carried out regularly.

Penetration testing simulates an attack from a malicious outsider. It checks for vulnerabilities which could be exploited by a hacker. This testing imitates the same method a hacker would use. It is the most aggresive form of testing. It includes black box, gray box and white box testing.

Ethical hacking

In simple words, we can say that ethical hacker is a good hacker that expoits all the vulnerability in our app but then report them to us so that we can fix them.

That's all the summary for now, let me know your feedback/suggestions in the comments.

- Ayush 🙂