Introduction to Cybersecurity

UNIT-1

5/29/2025 Prepared By>Mr. Daniel Salifu Samura

What IS
Cybersecurity?
Cybersecurity is the
practice of protecting
critical systems and
sensitive information
from digital attacks.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

5/29/2025 Prepared By>Mr. Daniel Salifu samura
 The Trinity of IT Security

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Evolution of cybersecurity
• 1. The Early Days (1960s–1980s): Security Through Obscurity
• Context: Computers were isolated, mainly used by governments and
large institutions.
• Security Focus: Physical access control; cybersecurity wasn’t even a
term.
• Notable Event: In the 1970s, the CREEPER virus appeared on
ARPANET, followed by the REAPER, which was considered the first
antivirus program.
• Philosophy: If someone had access to your machine, you were
already doomed.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Evolution of cybersecurity
• 2. The Virus Era (1980s–1990s): Birth of Malware and Antivirus
• Context: Personal computers became widespread; floppy disks and
dial-up internet spread data and viruses.
• Threats: Boot sector viruses, Trojans like the Brain virus (1986),
Morris Worm (1988) — one of the first worms to spread via the
internet.
• Defence: Signature-based antivirus software emerged — think
McAfee and Norton.
• Mindset: Reactive defence — wait for the threat, then patch it.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Evolution of cybersecurity
• 3. The Internet Boom (1990s–Early 2000s): Firewalls, Worms, and Spam
• Context: Internet access exploded; businesses went online.
• New Threats: Email spam, phishing attacks, network worms like ILOVEYOU,
Code Red, and SQL Slammer.
• Defensive Tools:
• Firewalls (network and host-based)
• Intrusion Detection Systems (IDS)
• Email filters
• Security Culture: Began shifting from IT-only to organisational
responsibility.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Evolution of cybersecurity
• 4. The Data Breach Era (Mid-2000s–2010s): Corporate Espionage and
Targeted Attacks
• Context: Digital transformation of businesses, rise of cloud services and
mobile computing.
• Major Attacks:
• Target, Sony, Yahoo, and Equifax breaches.
• Stuxnet (2010): a nation-state-grade worm targeting Iran’s nuclear program.
• New Focus:
• Encryption, multi-factor authentication, endpoint protection, Security Information
and Event Management (SIEM).
• Compliance with regulations like HIPAA, PCI-DSS, GDPR.
• Mindset Shift: From "prevent breaches" to "detect and respond".

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Evolution of cybersecurity
• 5. AI, Nation-States, and Ransomware (2010s–2020s): Cyberwarfare and
Cybercrime-as-a-Service
• Context: Everything moved online — data, infrastructure, services.
• Emerging Threats:
• Ransomware-as-a-Service (RaaS) (e.g., WannaCry, NotPetya, Conti)
• Advanced Persistent Threats (APTs) from countries like China, Russia, Iran, and North Korea.
• Deepfake-based phishing, AI-driven password attacks.
• Defensive Measures:
• Zero Trust Architecture
• Threat hunting, SOC automation
• Cloud-native security tools
• AI/ML for anomaly detection
• Realization: It’s not “if” you’ll be breached, but “when” and how well you
recover.
5/29/2025 Prepared By>Mr. Daniel Salifu samura
Evolution of cybersecurity
• 6. The Present and Near Future (2020s–): AI, IoT, and Quantum Threats
• Trends:
• AI-powered security & AI-powered threats
• IoT vulnerabilities due to billions of devices with poor security
• Supply chain attacks (e.g., SolarWinds)
• Quantum computing is on the horizon, threatening current encryption
• Cutting-Edge Responses:
• Behavioral analytics
• Deception technology (honeynets, fake systems)
• Post-quantum cryptography research
• Culture: Cybersecurity is now a boardroom concern and a national security
issue.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Blacklist - Used to refer to a list of banned IP addresses, Risk - This refers to the likelihood of something bad
Basic applications or users.
Whitelist - The exact opposite of a blacklist
happening. A risk requires both a threat and a
vulnerability to exist.

Terminologies Cat fishing - The process of creating a fake online profile

in order to trick people into believing they are someone
else for financial gain.
Zero Day - This is used to describe a threat that is
unknown to security specialists and has not been
addressed.
Hack Value - This describes a target that may attract
Authentication - The process of proving an individual is an above average level of attention from an
who they claim to be. attacker.
Data Mining - The activity of analyzing and/or searching Non-Repudiation - This is the concept that once an
through data in order to find items of relevance, action is carried out by a party it cannot be denied by
significance or value that same party.
Threat - This generally refers to anything that has the Logic Bomb - A malicious code that is only triggered
potential to cause our data, systems and networks harm. when a set of conditions are met.
Exploit - A clearly defined way to breach the security of a Obfuscation - A term used to describe the tactic of
system. making code unclear so that humans or programs
like an antivirus cannot understand it.
Vulnerabilities - These are weaknesses within a system
or network that can be exploited to cause us harm. Honey Pot - A decoy or trap for hackers
Spoof - The act of falsifying the identity of the source
of a communication or interaction

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Understanding the
frameworks, standards, and
technology that form what we
know as cybersecurity

A cybersecurity framework is a
collection of best practices that an
organization should follow to manage
its cybersecurity risk.
A cyber security standard defines both
functional and assurance requirements
within a product, system, process, or
technology environment.
The goal of cyber security standards is
to improve the security of information
technology (IT) systems, networks, and
critical infrastructures.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Hackers
A hacker is someone who explores
methods for breaching defenses
and exploiting weaknesses in a
computer system or network.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Types of Hackers

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Reconnaissance/foot printing
Exploitation

The Hacking Privilege Escalation

Methodology Establishing persistence
Attack Phase
Cover up

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Gathered as much information about the target

Reconnaissance/foot Passive Recon: Silent reconnaissance where the target

printing isn’t aware of it. Information gathered here include email
addresses, phone numbers, social media accounts etc.

Active Recon: More aggressive reconnaissance where the

target is actively engaged to discover vulnerabilities.
Information gathered here include passwords, IP
addresses, open ports, conversation with employees.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Exploitation means taking advantage of a vulnerability to gain
access.

Exploitation

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Privilege Escalation
refers to increasing
Privilege the control over the
exploited target.
Escalation
•Creating New Accounts
•Network Hijack
•Admin account access
5/29/2025 Prepared By>Mr. Daniel Salifu samura
 Establishing persistence
means ensuring continuous
access even after the
Establishing
persistence breach/attack has been
discovered by the victim.
• Adding backdoors
• Remote Access Control

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 When the actual attack
takes place

Attack Phase
Data extraction
Data corruption
Malware injection
5/29/2025 Prepared By>Mr. Daniel Salifu samura
 Avoiding detection
• Using ICMP Tunnels
Cover up • Clearing Event Logs
• Erasing the Command History

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Attacks

Malware

Defenses
5/29/2025 Prepared By>Mr. Daniel Salifu samura
 Cyber ATTACKS
A cyberattack is any intentional effort to https://www.youtube.com/watch?v=GX_XsdNv1PY
steal, expose, alter, disable, or destroy
data, applications, or other assets
through unauthorized access to a https://www.youtube.com/watch?v=j0EZpH_eIsY
network, computer system or digital
device. https://www.youtube.com/watch?v=aP8yrkkLWlM
Why do cyberattacks happen?
https://www.youtube.com/watch?v=7yHsiTmUnPk
The motivations behind cyberattacks can
vary, but there are three main categories:
1.Criminal
2.Political
3.Personal

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Types of Attacks

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Types of
Attacks

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Types of
Attacks

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Malware (short for “malicious software”) is a file or code,
Malware typically delivered over a network, that infects, explores, steals
or conducts virtually any behaviour an attacker wants.
And because malware comes in so many variants, numerous
methods exist to infect computer systems.
Though varied in type and capabilities, malware usually has one
https://www.youtube.com/watch?v=pbG0JG of the following objectives:
Y2U00 • Provide remote control for an attacker to use an infected
machine.
• Send spam from the infected machine to unsuspecting targets.
• Investigate the infected user’s local network.
• Steal sensitive data.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

5/29/2025 Prepared By>Mr. Daniel Salifu samura
 Cyber defence is all about giving an entity the ability
Cyber Defence to prevent cyber attacks on the go through cyber
security.
It involves all processes and practices that will
defend a network, its data, and nodes from
unauthorized access or manipulation.
https://www.youtube.com/watch?v The most common cyber Defence activities include:
=ZAjK5maeNgk
• Installing or maintaining hardware and software
infrastructure that deters hackers
• Analyzing, identifying and patching system
https://www.youtube.com/watch?v vulnerabilities
=mZ132CLANCk • Real-time implementation of solutions aimed at
diffusing zero-hour attacks
• Recovering from partially or fully successful cyber
attacks

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 DEFENCES

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 DEFENCES

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 DEFENCES

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 DEFENCES

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 DEFENCES

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 DEFENCES

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 DEFENCES

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 DEFENCES

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Cybersecurity at the Workplace

5/29/2025 Prepared By>Mr. Daniel Salifu samura

Cyber warfare and Cyber attacks against companies

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Importance of cybersecurity
1. Protects Sensitive Data
2. Prevents Financial Loss
3. Preserves National Security
4. Secures Business Operations
5. Protects Individuals Online
6. Ensures Regulatory Compliance
7. Supports Innovation and Digital Transformation
8. Reduces Risk of Social Engineering Attacks

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Importance of cybersecurity
Cybersecurity is not just an IT issue — it's a life issue.
Whether you're a student, CEO, or government official, if you use a
phone, email, or internet-connected device, you need cybersecurity.
It's the insurance policy of the digital age.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Responsibilities of an entry-level Cybersecurity Analyst

The role of an entry-level cybersecurity analyst is like being the digital

security guard on the frontline. You are not expected to be a wizard
yet, but you are the first layer of defence, the eyes on the wall, and the
one who makes sure threats do not slip through the cracks unnoticed.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Responsibilities of an entry-level Cybersecurity Analyst

1. Monitoring Security Alerts and Events

• Watch over SIEM (Security Information and Event Management)
dashboards.
• Analyse logs from firewalls, antivirus tools, and servers.
• Escalate suspicious activity to senior analysts.
2. Incident Response Support
• Help investigate alerts and minor incidents (e.g., phishing clicks,
suspicious logins).
• Document incidents, track them in the ticketing system, and assist in
containment.
5/29/2025 Prepared By>Mr. Daniel Salifu samura
 Responsibilities of an entry-level Cybersecurity Analyst

3. Vulnerability Management
• Run vulnerability scans (e.g., Nessus, Qualys).
• Analyse scan results and flag outdated systems or unpatched
software.
• Work with IT teams to track patch status.
4. Security Tools Maintenance
• Help configure and update security tools: antivirus, endpoint
detection, and firewalls.
• Monitor alerts from tools like CrowdStrike, Defender for Endpoint, or
Splunk.
5/29/2025 Prepared By>Mr. Daniel Salifu samura
 Responsibilities of an entry-level Cybersecurity Analyst

5. Documenting and Reporting

• Write daily/weekly security reports and incident summaries.
• Update security runbooks and process documents.
6. Phishing and Awareness Campaigns
• Review suspicious emails reported by users.
• Support training campaigns and track user responses to simulated
phishing.

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 Responsibilities of an entry-level Cybersecurity Analyst

7. Access Control and Permissions Review

• Check for unauthorised access or privilege misuse.
• Assist in reviewing user permissions, especially when
onboarding/offboarding.
8. Compliance and Audit Support
• Assist with gathering evidence for audits (e.g., ISO, HIPAA, SOC 2).
• Help maintain documentation for compliance reports.
9. Learning and Development
• Stay updated on threats, tools, and vulnerabilities.
• Participate in internal training and possibly earn certifications (like
Security+, CEH, Splunk Core, Microsoft SC-200, etc.).

5/29/2025 Prepared By>Mr. Daniel Salifu samura

 END

5/29/2025 Prepared By>Mr. Daniel Salifu samura