This document provides an overview of cyber security concepts and threats. It discusses the CIA triad of confidentiality, integrity and availability. It then outlines various cyber threats like insider threats, social engineering, dumpster diving, phishing and types of attacks against personal computers and networks. The document also defines cyber security terms and categories of threats. It discusses tools used in attacks like botnets, adware, spyware and spam. Finally, it provides examples of network attacks and recommendations for defending networks through policies, procedures and technical safeguards.
2. Objectives
Cyber Security & Information
Assurance Triad
Cyber threats/risks
Vulnerabilities
Countermeasures
Safeguarding
Promoting a culture of security
.
3. Fundamental Concepts of Information
Assurance
• Information Assurance CIA Triad
• Confidentiality (privacy)
• Integrity (quality, accuracy,
relevance)
• Availability (accessibility)
5. Who & What is At Risk?
• U.S. Economy
• U.S. Defense
• Transportation Departments
• Medical Industry
• U.S. Government
• Telecommunications Industry
• Energy Sector
• U.S. Critical Infrastructure
• Personal devices -
Computers/Cable
TV/Phones/Games/tablets
.
6. Cyber Security Terms
Asset – A computer, a server, an application, a database, etc.
Vulnerability - A weakness that threatens the confidentiality, integrity,
or availability (CIA) of an asset.
Risk – The probability of a threat exploiting a vulnerability.
Threat – Something or someone that may result in harm to an asset.
Unintentional – Human errors like unsecure coding.
Intentional – Spyware, Adware, Spam, Phishing
Exploit – A tool or technique that takes advantage of a vulnerability.
.
6
7. Security Threat Categories
Insider threats (intentional) - most common, difficult to recognize
• Includes sabotage and unauthorized disclosure of information
Social Engineering (mostly unintentional) - multiple techniques
are used to gain information from authorized employees in hopes of
using that info to carry out an attack
Dumpster Diving & Phishing - Personnel are often not aware of
the value of information they have access to
Network & Computer System Exploitation & Attacks - Hacking
8. Social Engineering
• Being fooled into giving someone access when the person has no
business having the information.
9. Dumpster Diving and Phishing
Dumpster Diving - rummaging through company’s garbage for
discarded documents
Phishing - usually takes place through fraudulent emails requesting
users to disclose personal or financial information. The e-mail
appears to come from a legitimate organization ( like Bank of
America or PayPal)
12. Botnets
A network of hijacked computers that are controlled remotely—typically
to launch spam or spyware. Also called software robots. Botnets are
linked to a range of malicious activity, including identity theft and spam.
12
13. Adware
• Adware, or advertising-supported software, is any software package which
automatically renders advertisements in order to generate revenue for its author. The
advertisements may be in the user interface of the software or on a screen presented
to the user during the installation process.
13
14. Spyware
Spyware is software that aids in gathering information about a person or organization without
their knowledge and that may send such information to another entity without the consumer's
consent, or that asserts control over a computer without the consumer's knowledge. Spyware"
is mostly classified into four types: system monitors, trojans, adware, and tracking cookies.
14
15. Spam
Electronic spamming is the use of electronic messaging systems to send
unsolicited messages (spam), especially advertising, as well as sending
messages repeatedly on the same site.
15
16. Cyber Attacks
• How to Recognize a Cyber Attack
Signs indicating a computer system is under attack may include:
Unusually sluggish or non-responsive applications.
Unexpected changes in system behavior.
Persistent pop-up messages.
Missing or corrupt data.
• How to Prevent a Cyber Attack
Use plug-ins to block ads (Ad-Block Plus).
Use PGP for sender verification and encryption with e-mail.
Ensure anti-virus is turned on.
18. Types of Network Attacks
DOD (Denial of Service): an attack on system availability, total
consumption of system resources
Hack: to exploit a vulnerability to gain unauthorized access to the
system
Backdoor: An access method that bypasses the normal security of the
system
Memory issues: Memory is not erased before given to another program
Escalation of privileges: user exploits vulnerability to gain
unauthorized access
Default settings: most OS ship with simplest configuration, security
disabled
19. How to defend a Network
Policies & Procedures (P & P)
Acceptable use policy – specifies what actions users may perform while using
company computers andor assets
Employees sign an array of other policies upon being hired
Personnel controls - need to know, separation of duties (Accounting vs.
Human Resources vs. Creatives Dept. etc.)
Hiring and termination practices - background checks, orientation, exit
interviews, escorting procedures, etc.
Technical Network Safeguards – anti-virus, Intrusion Detection Systems
(IDS), Encrypted e-mail system, etc.
Security minded Practices – HIPAA and other compliance standards
Information handling practices