Scribd
Upload
13 views16 pages

Cyber Security Introduction

Uploaded by

Manas Monu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views16 pages

Cyber Security Introduction

Uploaded by

Manas Monu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

1/16/2024

Fundamentals of Cyber
security & Types of Cyber
Attacks
Kazi Muhammad Salatuzzaman
System Analyst, NAPD

14 January 2024

Cyber Security
Introduction

1
1/16/2024

What is Information Security?

2
1/16/2024

Need for Security

Elements of Information Security

3
1/16/2024

The Security, Functionality, and Usability Triangle

Security Challenges

4
1/16/2024

Motives, Goals, and Objectives of Information Security Attacks

Classification of Attacks

10

5
1/16/2024

Classification of Attacks (cont’d)

11

Information Security Attack Vectors

12

6
1/16/2024

Information Security Attack Vectors (Cont’d)

13

Definitions and Principles

7
1/16/2024

Cyber Crime

• Cyber crimes are, as the name implies, crimes


committed using computers, phones or the internet.

• Some types of cyber crime include:


• Illegal interception of data.
• System interferences.
• Copyrights infringements.
• Sale of illegal items.

15

Cyber Security Kill Chain, Zero-


day attack,
ransomware and
Man-in the
• Cyber security is the body of technologies, processes middle attack
and practices involved in protecting individuals and are just a few
examples of
organizations from cyber crime.
common cyber
attacks.

• It is designed to protect integrity of networks,


computers, programs and data from attack, damage
or unauthorized access.

16

8
1/16/2024

Cyber Security Principles

There are five key principles in cyber security:


• Confidentiality
• Integrity
• Availability
• Accountability
• Auditability

17

Cyber Security Principle Definitions

• Confidentiality:
• A set of rules that limits access or place
restrictions on certain type of information.

• Integrity:
• Assurance that the information is trustworthy
and accurate.

• Availability:
• The guarantee of reliable access to the
information by authorized people.

18

9
1/16/2024

Cyber Security Principle Definitions

• Accountability:
• Is an assurance that an individual or an
organization will be evaluated on their
performance or behavior related to something
for which they are responsible.

• Auditability:
• A security audit is a systematic evaluation of
the security of a company’s information system
by measuring how well it conforms to a set of
established criteria.

19

Cyber Threats

10
1/16/2024

Cyber Threat

• A Cyber threat is any malicious act that attempts to


gain access to a computer network without
authorization or permission from the owners.

• It refers to the wide range of malicious activities that


can damage or disrupt a computer system, a network
or the information it contain.

• Most common cyber threats: Social Engineered


Trojans, Unpatched Software, Phishing, Network
worms, etc.

21

Sources of Cyber Threats Anyone with a


motive and the
needed
technology can
• Cyber threats can come from a wide variety of create cyber
sources, some notable examples include: threats.

• National governments.
• Terrorists.
• Industrial secret agents.
• Rogue employees.
• Hackers.
• Business competitors.
• Organization insiders.

22

11
1/16/2024

Cyber Threat Classifications

• Threats can be classified by multiple criteria:


• Attacker's Resources
• Attacker's Organization
• Attacker's Funding

• On basis of these criteria, threats are of 3 types:


• Unstructured Threats
• Structured Threats
• Highly Structured threats

23

Unstructured Cyber Threats


• Resources: Individual or small group.

• Organization: Little or no organization.

• Funding: Negligible.

• Attack: Easy to detect and make use of freely


available cyberattack tool.

• Exploitation based on documented vulnerabilities.

24

12
1/16/2024

Structured Cyber Threats


• Resources: Well trained individual or group.

• Organization: Well planned.

• Funding: Available.

• Attack: Against particular individual or organizations.

• Exploitation based on information Gathering.

25

Highly Structured Cyber Threats


• Extensive organization, resources and planning over
time.

• Attack: Long term attack on particular machine or


data.

• Exploitation with multiple methods:


• Technical, social and insider help.

26

13
1/16/2024

Vulnerabilities

What is a Vulnerability?

• A cyber-security term that refers to a flaw in a system


that can leave it open to attack.

• Vulnerability is the composition of three elements:


1. A flaw in system.
2. Access of attacker to that flaw.
3. Capability of attacker to exploit the flaw.

28

14
1/16/2024

Classification of Vulnerabilities

• Vulnerabilities are classified according to the asset:


• Hardware.
• Software.
• Network.
• Personal.
• Physical site.
• Organizational.

29

Causes

• Some of the vulnerability in the system occur due to:


• Missing patches.
• Cleartext credentials.
• Using unencrypted channels.

30

15
1/16/2024

31

Thanks

32

16

You might also like