SlideShare a Scribd company logo

CA_Module_1.pdf

E
EhabRushdy1

network

Education
1 of 22
Download to read offline
Module 1: The Danger CyberOps Associate v1.0
2 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Module Objectives Module Title: The Danger Module Objective: Explain why networks and data are attacked. Topic Title Topic Objective War Stories Explain why networks and data are attacked. Threat Actors Explain the motivations of the threat actors behind specific security incidents. Threat Impact Explain the potential impact of network security attacks.
3 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.1 War Stories
4 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Hijacked People • Hackers can set up open “rogue” wireless hotspots posing as a genuine wireless network. • Rogue wireless hotspots are also known as “evil twin” hotspots. Evil twin attacks and how to prevent them
5 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Ransomed Companies • Employees of an organization are often lured into opening attachments that install ransomware on the employees’ computers. • This ransomware, when installed, begins the process of gathering and encrypting corporate data. • The goal of the attackers is financial gain, because they hold the company’s data for ransom until they are paid.
6 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Targeted Nations • Some of today’s malware is so sophisticated and expensive to create that security experts believe only a nation state or group of nations could possibly have the influence and funding to create it. • Such malware can be targeted to attack a nation’s vulnerable infrastructure, such as the water system or power grid. • One such malware was the Stuxnet worm that infected USB drives and infiltrated Windows operating systems. It then targeted Step 7 software that was developed by Siemens for their Programmable Logic Controllers (PLCs). Zero Days, a film released in 2016, documents what is known about the Stuxnet targeted malware attack.
7 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Video - Anatomy of an Attack Watch this video to view details of a complex attack.
8 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Lab - Installing the Virtual Machine In this lab, you will complete the following objectives: • Install VirtualBox on your personal computer • Download and install the CyberOps Workstation Virtual Machine (VM).
9 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Lab - Cybersecurity Case Studies In this lab, you will analyze the given cases and answer questions about them.
10 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.2 Threat Actors
11 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Threat Actors • Threat actors are individuals or groups of individuals who perform cyberattacks. They include, but are not limited to: • Amateurs • Hacktivists • Organized crime groups • State-sponsored groups • Terrorist groups • Cyberattacks are intentional malicious acts meant to negatively impact another individual or organization.
12 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Threat Actors (Contd.) Amateurs • They are also known as script kiddies and have little or no skill. • They often use existing tools or instructions found on the internet to launch attacks. • Even though they use basic tools, the results can still be devastating. Hacktivists • These are hackers who publicly protest against a variety of political and social ideas. • They post articles and videos, leaking sensitive information, and disrupting web services with illegitimate traffic in Distributed Denial of Service (DDoS) attacks. Financial Gain • Much of the hacking activity that consistently threatens our security is motivated by financial gain. • Cybercriminals want to gain access to bank accounts, personal data, and anything else they can leverage to generate cash flow. Trade Secrets and Global Politics • At times, nation states hack other countries, or interfere with their internal politics. • Often, they may be interested in using cyberspace for industrial espionage. • The theft of intellectual property can give a country a significant advantage in international trade.
13 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors How Secure is the Internet of Things? • The Internet of Things (IoT) helps individuals connect things to improve their quality of life. • Many devices on the internet are not updated with the latest firmware. Some older devices were not even developed to be updated with patches. These two situations create opportunity for threat actors and security risks for the owners of these devices.  In October 2016, a DDoS attack against the domain name provider Dyn took down many popular websites.  The attack came from a large number of webcams, DVRs, routers, and other IoT devices that had been compromised by malicious software.
14 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Lab - Learning the Details of Attacks In this lab, you will research and analyze IoT application vulnerabilities.
15 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.3 Threat Impact
16 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact PII, PHI, and PSI • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual, for example, name, social security number, birthdate, credit card numbers etc. • Cybercriminals aim to obtain these lists of PII that can then be sold on the dark web. Stolen PII can be used to create fake financial accounts, such as credit cards and short-term loans. • A subset of PII is protected health information (PHI): The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI), another type of PII, includes usernames, passwords, and other security-related information that individuals use to access information or services on the network.
17 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Lost Competitive Advantage • The loss of intellectual property to competitors is a serious concern. • An additional major concern is the loss of trust that comes when a company is unable to protect its customers’ personal data. • The loss of competitive advantage may come from this loss of trust rather than another company or country stealing trade secrets.
18 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Politics and National Security • It is not just businesses that get hacked. • In February 2016, a hacker published the personal information of 20,000 U.S. Federal Bureau of Investigation (FBI) employees and 9,000 U.S. Department of Homeland Security (DHS) employees. The hacker was apparently politically motivated. • State-supported hacker warriors can cause disruption and destruction of vital services and resources within an enemy nation. • The Stuxnet worm was specifically designed to impede Iran’s progress in enriching uranium that could be used in a nuclear weapon. Stuxnet is a prime example of a network attack motivated by national security concerns. • The internet has become essential as a medium for commercial and financial activities. Disruption of these activities can devastate a nation’s economy.
19 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Lab - Visualizing the Black Hats In this lab, you will research and analyze cybersecurity incidents to create scenarios highlighting how organizations can prevent or mitigate an attack. The biggest cyber attacks of 2022 The Top 10 Biggest Cyber Attacks Of 2021
20 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.4 The Danger Summary
21 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Summary What Did I Learn in this Module? • Threat actors can hijack banking sessions and other personal information by using “evil twin” hotspots. • Threat actors include, but are not limited to, amateurs, hacktivists, organized crime groups, state sponsored, and terrorist groups. • As the Internet of Things (IoT) expands, webcams, routers, and other devices in our homes are also under attack. • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual. • The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI) includes usernames, passwords, and other security- related information that individuals use to access information or services on the network.
CA_Module_1.pdf

Recommended

CA_Module_1.pptx
CA_Module_1.pptxCA_Module_1.pptx
CA_Module_1.pptxYazanSalileh
 
Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Mukesh Chinta
 
ENSA_Module_3.pptx
ENSA_Module_3.pptxENSA_Module_3.pptx
ENSA_Module_3.pptxSkyBlue659156
 
Cisco Cyber Essentials - Instructor materials.ppt
Cisco Cyber Essentials - Instructor materials.pptCisco Cyber Essentials - Instructor materials.ppt
Cisco Cyber Essentials - Instructor materials.pptjdenbryston
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptxSonakshiMundra
 
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdfRakeshPatel583282
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxtjane3
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxlmelaine
 

Recommended

CA_Module_1.pptx
CA_Module_1.pptxCA_Module_1.pptx
CA_Module_1.pptxYazanSalileh
 
Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Mukesh Chinta
 
ENSA_Module_3.pptx
ENSA_Module_3.pptxENSA_Module_3.pptx
ENSA_Module_3.pptxSkyBlue659156
 
Cisco Cyber Essentials - Instructor materials.ppt
Cisco Cyber Essentials - Instructor materials.pptCisco Cyber Essentials - Instructor materials.ppt
Cisco Cyber Essentials - Instructor materials.pptjdenbryston
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptxSonakshiMundra
 
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdfRakeshPatel583282
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxtjane3
 
Final Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxFinal Research Project - Securing IoT Devices What are the Challe.docx
Final Research Project - Securing IoT Devices What are the Challe.docxlmelaine
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisEmerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisIRJET Journal
 
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET Journal
 
Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2FitCEO, Inc. (FCI)
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxRambilashTudu
 
Application security meetup 27012021
Application security meetup 27012021Application security meetup 27012021
Application security meetup 27012021lior mazor
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx56ushodayareddy
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptxPradeeshSAI
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?360mnbsu
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?Spire Research and Consulting
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Vrince Vimal
 
BYOD and Security Trends
BYOD and Security TrendsBYOD and Security Trends
BYOD and Security TrendsCisco Russia
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT Ahmed Banafa
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trendsSsendiSamuel
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAbhishekDas794104
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptxRishabhDwivedi70
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityAhmed Habib
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Securityinside-BigData.com
 
Part#1_Logic_Design.pptx LOGIC Circuit Course
Part#1_Logic_Design.pptx LOGIC Circuit CoursePart#1_Logic_Design.pptx LOGIC Circuit Course
Part#1_Logic_Design.pptx LOGIC Circuit CourseEhabRushdy1
 
Internet of Things – Technical landscape (1).pptx
Internet of Things – Technical landscape (1).pptxInternet of Things – Technical landscape (1).pptx
Internet of Things – Technical landscape (1).pptxEhabRushdy1
 

More Related Content

Similar to CA_Module_1.pdf

Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisEmerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisIRJET Journal
 
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET Journal
 
Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2FitCEO, Inc. (FCI)
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxRambilashTudu
 
Application security meetup 27012021
Application security meetup 27012021Application security meetup 27012021
Application security meetup 27012021lior mazor
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptxPradeeshSAI
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?360mnbsu
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Vrince Vimal
 
BYOD and Security Trends
BYOD and Security TrendsBYOD and Security Trends
BYOD and Security TrendsCisco Russia
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT Ahmed Banafa
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trendsSsendiSamuel
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptxRishabhDwivedi70
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityAhmed Habib
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Securityinside-BigData.com
 

Similar to CA_Module_1.pdf (20)

Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisEmerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
 
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear AttacksIRJET- Minimize Phishing Attacks: Securing Spear Attacks
IRJET- Minimize Phishing Attacks: Securing Spear Attacks
 
Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2Internet of Things - A Different Kind of Scary v2
Internet of Things - A Different Kind of Scary v2
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptx
 
Application security meetup 27012021
Application security meetup 27012021Application security meetup 27012021
Application security meetup 27012021
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
Brian Isle: The Internet of Things: Manufacturing Panacea - or - Hacker's Dream?
 
220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?220715_Cybersecurity: What's at stake?
220715_Cybersecurity: What's at stake?
 
Security Requirements in IoT Architecture
Security Requirements in IoT Architecture Security Requirements in IoT Architecture
Security Requirements in IoT Architecture
 
BYOD and Security Trends
BYOD and Security TrendsBYOD and Security Trends
BYOD and Security Trends
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
106 Threat defense and information security development trends
106 Threat defense and information security development trends106 Threat defense and information security development trends
106 Threat defense and information security development trends
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptx
 
CCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network securityCCNA Security 02- fundamentals of network security
CCNA Security 02- fundamentals of network security
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Security
 

More from EhabRushdy1

Part#1_Logic_Design.pptx LOGIC Circuit Course
Part#1_Logic_Design.pptx LOGIC Circuit CoursePart#1_Logic_Design.pptx LOGIC Circuit Course
Part#1_Logic_Design.pptx LOGIC Circuit CourseEhabRushdy1
 
Internet of Things – Technical landscape (1).pptx
Internet of Things – Technical landscape (1).pptxInternet of Things – Technical landscape (1).pptx
Internet of Things – Technical landscape (1).pptxEhabRushdy1
 
Ch1 Internet of IoT.ppt ----------------
Ch1 Internet of IoT.ppt ----------------Ch1 Internet of IoT.ppt ----------------
Ch1 Internet of IoT.ppt ----------------EhabRushdy1
 
CA_Module_13.pdf
CA_Module_13.pdfCA_Module_13.pdf
CA_Module_13.pdfEhabRushdy1
 

More from EhabRushdy1 (6)

Part#1_Logic_Design.pptx LOGIC Circuit Course
Part#1_Logic_Design.pptx LOGIC Circuit CoursePart#1_Logic_Design.pptx LOGIC Circuit Course
Part#1_Logic_Design.pptx LOGIC Circuit Course
 
Internet of Things – Technical landscape (1).pptx
Internet of Things – Technical landscape (1).pptxInternet of Things – Technical landscape (1).pptx
Internet of Things – Technical landscape (1).pptx
 
Ch1 Internet of IoT.ppt ----------------
Ch1 Internet of IoT.ppt ----------------Ch1 Internet of IoT.ppt ----------------
Ch1 Internet of IoT.ppt ----------------
 
Qam.pptx
Qam.pptxQam.pptx
Qam.pptx
 
CA_Module_13.pdf
CA_Module_13.pdfCA_Module_13.pdf
CA_Module_13.pdf
 
CA_Module_2.pdf
CA_Module_2.pdfCA_Module_2.pdf
CA_Module_2.pdf
 

Recently uploaded

Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxAvyJaneVismanos
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfadityarao40181
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxiammrhaywood
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaVirag Sontakke
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17Celine George
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTiammrhaywood
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxJiesonDelaCerna
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxsocialsciencegdgrohi
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersSabitha Banu
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitolTechU
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,Virag Sontakke
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...jaredbarbolino94
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerunnathinaik
 

Recently uploaded (20)

Final demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptxFinal demo Grade 9 for demo Plan dessert.pptx
Final demo Grade 9 for demo Plan dessert.pptx
 
Biting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdfBiting mechanism of poisonous snakes.pdf
Biting mechanism of poisonous snakes.pdf
 
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptxECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
ECONOMIC CONTEXT - PAPER 1 Q3: NEWSPAPERS.pptx
 
Painted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of IndiaPainted Grey Ware.pptx, PGW Culture of India
Painted Grey Ware.pptx, PGW Culture of India
 
How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17How to Configure Email Server in Odoo 17
How to Configure Email Server in Odoo 17
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
 
OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...OS-operating systems- ch04 (Threads) ...
OS-operating systems- ch04 (Threads) ...
 
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPTECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
ECONOMIC CONTEXT - LONG FORM TV DRAMA - PPT
 
CELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptxCELL CYCLE Division Science 8 quarter IV.pptx
CELL CYCLE Division Science 8 quarter IV.pptx
 
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptxHistory Class XII Ch. 3 Kinship, Caste and Class (1).pptx
History Class XII Ch. 3 Kinship, Caste and Class (1).pptx
 
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
call girls in Kamla Market (DELHI) 🔝 >༒9953330565🔝 genuine Escort Service 🔝✔️✔️
 
Full Stack Web Development Course for Beginners
Full Stack Web Development Course for BeginnersFull Stack Web Development Course for Beginners
Full Stack Web Development Course for Beginners
 
Capitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptxCapitol Tech U Doctoral Presentation - April 2024.pptx
Capitol Tech U Doctoral Presentation - April 2024.pptx
 
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,भारत-रोम व्यापार.pptx, Indo-Roman Trade,
भारत-रोम व्यापार.pptx, Indo-Roman Trade,
 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...Historical philosophical, theoretical, and legal foundations of special and i...
Historical philosophical, theoretical, and legal foundations of special and i...
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
internship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developerinternship ppt on smartinternz platform as salesforce developer
internship ppt on smartinternz platform as salesforce developer
 

CA_Module_1.pdf

  • 1. Module 1: The Danger CyberOps Associate v1.0
  • 2. 2 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Module Objectives Module Title: The Danger Module Objective: Explain why networks and data are attacked. Topic Title Topic Objective War Stories Explain why networks and data are attacked. Threat Actors Explain the motivations of the threat actors behind specific security incidents. Threat Impact Explain the potential impact of network security attacks.
  • 3. 3 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.1 War Stories
  • 4. 4 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Hijacked People • Hackers can set up open “rogue” wireless hotspots posing as a genuine wireless network. • Rogue wireless hotspots are also known as “evil twin” hotspots. Evil twin attacks and how to prevent them
  • 5. 5 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Ransomed Companies • Employees of an organization are often lured into opening attachments that install ransomware on the employees’ computers. • This ransomware, when installed, begins the process of gathering and encrypting corporate data. • The goal of the attackers is financial gain, because they hold the company’s data for ransom until they are paid.
  • 6. 6 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Targeted Nations • Some of today’s malware is so sophisticated and expensive to create that security experts believe only a nation state or group of nations could possibly have the influence and funding to create it. • Such malware can be targeted to attack a nation’s vulnerable infrastructure, such as the water system or power grid. • One such malware was the Stuxnet worm that infected USB drives and infiltrated Windows operating systems. It then targeted Step 7 software that was developed by Siemens for their Programmable Logic Controllers (PLCs). Zero Days, a film released in 2016, documents what is known about the Stuxnet targeted malware attack.
  • 7. 7 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Video - Anatomy of an Attack Watch this video to view details of a complex attack.
  • 8. 8 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Lab - Installing the Virtual Machine In this lab, you will complete the following objectives: • Install VirtualBox on your personal computer • Download and install the CyberOps Workstation Virtual Machine (VM).
  • 9. 9 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Lab - Cybersecurity Case Studies In this lab, you will analyze the given cases and answer questions about them.
  • 10. 10 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.2 Threat Actors
  • 11. 11 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Threat Actors • Threat actors are individuals or groups of individuals who perform cyberattacks. They include, but are not limited to: • Amateurs • Hacktivists • Organized crime groups • State-sponsored groups • Terrorist groups • Cyberattacks are intentional malicious acts meant to negatively impact another individual or organization.
  • 12. 12 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Threat Actors (Contd.) Amateurs • They are also known as script kiddies and have little or no skill. • They often use existing tools or instructions found on the internet to launch attacks. • Even though they use basic tools, the results can still be devastating. Hacktivists • These are hackers who publicly protest against a variety of political and social ideas. • They post articles and videos, leaking sensitive information, and disrupting web services with illegitimate traffic in Distributed Denial of Service (DDoS) attacks. Financial Gain • Much of the hacking activity that consistently threatens our security is motivated by financial gain. • Cybercriminals want to gain access to bank accounts, personal data, and anything else they can leverage to generate cash flow. Trade Secrets and Global Politics • At times, nation states hack other countries, or interfere with their internal politics. • Often, they may be interested in using cyberspace for industrial espionage. • The theft of intellectual property can give a country a significant advantage in international trade.
  • 13. 13 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors How Secure is the Internet of Things? • The Internet of Things (IoT) helps individuals connect things to improve their quality of life. • Many devices on the internet are not updated with the latest firmware. Some older devices were not even developed to be updated with patches. These two situations create opportunity for threat actors and security risks for the owners of these devices.  In October 2016, a DDoS attack against the domain name provider Dyn took down many popular websites.  The attack came from a large number of webcams, DVRs, routers, and other IoT devices that had been compromised by malicious software.
  • 14. 14 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Lab - Learning the Details of Attacks In this lab, you will research and analyze IoT application vulnerabilities.
  • 15. 15 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.3 Threat Impact
  • 16. 16 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact PII, PHI, and PSI • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual, for example, name, social security number, birthdate, credit card numbers etc. • Cybercriminals aim to obtain these lists of PII that can then be sold on the dark web. Stolen PII can be used to create fake financial accounts, such as credit cards and short-term loans. • A subset of PII is protected health information (PHI): The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI), another type of PII, includes usernames, passwords, and other security-related information that individuals use to access information or services on the network.
  • 17. 17 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Lost Competitive Advantage • The loss of intellectual property to competitors is a serious concern. • An additional major concern is the loss of trust that comes when a company is unable to protect its customers’ personal data. • The loss of competitive advantage may come from this loss of trust rather than another company or country stealing trade secrets.
  • 18. 18 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Politics and National Security • It is not just businesses that get hacked. • In February 2016, a hacker published the personal information of 20,000 U.S. Federal Bureau of Investigation (FBI) employees and 9,000 U.S. Department of Homeland Security (DHS) employees. The hacker was apparently politically motivated. • State-supported hacker warriors can cause disruption and destruction of vital services and resources within an enemy nation. • The Stuxnet worm was specifically designed to impede Iran’s progress in enriching uranium that could be used in a nuclear weapon. Stuxnet is a prime example of a network attack motivated by national security concerns. • The internet has become essential as a medium for commercial and financial activities. Disruption of these activities can devastate a nation’s economy.
  • 19. 19 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Lab - Visualizing the Black Hats In this lab, you will research and analyze cybersecurity incidents to create scenarios highlighting how organizations can prevent or mitigate an attack. The biggest cyber attacks of 2022 The Top 10 Biggest Cyber Attacks Of 2021
  • 20. 20 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.4 The Danger Summary
  • 21. 21 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Summary What Did I Learn in this Module? • Threat actors can hijack banking sessions and other personal information by using “evil twin” hotspots. • Threat actors include, but are not limited to, amateurs, hacktivists, organized crime groups, state sponsored, and terrorist groups. • As the Internet of Things (IoT) expands, webcams, routers, and other devices in our homes are also under attack. • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual. • The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI) includes usernames, passwords, and other security- related information that individuals use to access information or services on the network.