1
5.3 : Cyber
Security Issue
Click icon to add picture
5.3 : Cyber Security Issue
2
5.3.1 Describe the concept and legal act of cyber security
5.3.2 Identify the effect of cyber crimes on a particular sector
5.3.3 Identify issues in hacking, fake news and identifying theft
5.3.1 Describe the
concept and legal act of
cyber security
3
What is Cyber Security ?
4
Cyber Security is the technology
and process that is designed to
protect computer system, networks
and devices from attack, damage,
or unauthorized access.
Why Cyber Security ?
5
Confidentiality, Integrity,
Availability have served as the
industry standard Computer
Security since the time of first
main frame.
Key components of the legal act of
cybersecurity include:
6
1. Data Protection Laws: These laws regulate the collection, use, and
storage of personal data, imposing obligations on organizations to
protect the privacy and confidentiality of individuals' information.
2. Cybersecurity Regulations: Governments may enact specific
regulations that mandate cybersecurity standards and practices for
organizations operating within their jurisdiction. These regulations
often require entities to implement measures such as risk
assessments, incident response plans, and security controls to
mitigate cyber threats.
Key components of the legal act of
cybersecurity include:
7
3. Cybercrime Legislation: Laws addressing cybercrime define
criminal offenses related to computer systems and networks,
such as hacking, malware distribution, identity theft, and cyber
fraud. They establish penalties for offenders and outline
procedures for investigating and prosecuting
4. National Security Measures: Governments may implement
national security measures to protect critical infrastructure,
sensitive information, and government systems from cyber
threats. These measures may involve collaboration between
government agencies, intelligence services, and private sector
entities to detect and respond to cyber attacks.
Key components of the legal act of
cybersecurity include:
8
5. International Cooperation: Cybersecurity efforts often require
cooperation between nations to address cross-border cyber threats
effectively. International agreements, treaties, and frameworks
facilitate information sharing, collaboration on cyber defense
strategies, and the extradition of cybercriminals.
6. Regulatory Compliance: Organizations may be subject to industry-
specific cybersecurity regulations and compliance requirements
imposed by regulatory bodies or industry standards organizations.
Compliance with these regulations typically involves implementing
security controls, conducting audits, and reporting on cybersecurity
practices.
5.3.2 Identify the
effect of cyber crimes
on a particular sector
9
10
Cybercrimes can have significant and varied effects on different
sectors, depending on the nature of the attacks and the specific
vulnerabilities of each sector. Here are some examples of how
cybercrimes can impact a particular sector:
1. Financial Sector: Cybercrimes targeting the financial sector can lead
to financial losses, fraud, and reputational damage for banks,
investment firms, and other financial institutions. Attacks such as
phishing, malware, and ransomware can compromise customer
accounts, disrupt financial transactions, and undermine trust in the
banking system.
11
2. Healthcare Sector: In the healthcare sector, cybercrimes can
jeopardize patient safety, compromise sensitive medical
records, and disrupt healthcare services. Ransomware attacks
targeting hospitals and healthcare providers can result in the
encryption of patient data, leading to operational disruptions
and delays in patient care.
3. Government Sector: Cybercrimes targeting government
agencies can compromise national security, undermine public
trust, and disrupt government operations. Attacks such as data
breaches and espionage can result in the theft of classified
information, intellectual property, and sensitive government
documents.
12
4. Critical Infrastructure: Cybercrimes targeting critical infrastructure,
such as energy, transportation, and water systems, can have far-
reaching consequences for public safety and national security.
Attacks on infrastructure networks can disrupt essential services,
cause physical damage to infrastructure components, and result in
widespread economic disruption.
5. Retail Sector: Cybercrimes targeting the retail sector can lead to
data breaches, financial fraud, and reputational damage for
retailers and e-commerce platforms. Breaches involving payment
card data can result in financial losses for both businesses and
customers, as well as damage to brand reputation.
13
6. Manufacturing Sector: Cybercrimes targeting the manufacturing
sector can disrupt production processes, compromise intellectual
property, and undermine supply chain security. Attacks such as
industrial espionage and sabotage can result in the theft of trade
secrets, the disruption of manufacturing operations, and the loss of
competitive advantage.
7. Education Sector: Cybercrimes targeting the education sector can
compromise student data, disrupt academic activities, and
undermine the integrity of educational institutions. Attacks such as
ransomware, data breaches, and phishing can result in the loss of
sensitive student information, financial losses, and reputational
damage for schools and universities.
5.3.3 Identify issues in
hacking, fake news and
identifying theft
14
15
Hacking, fake news, and identity theft pose significant
challenges in the realm of cybersecurity and information
integrity. Here are some key issues associated with each:
16
Hacking:
1. Data Breaches: Hacking often leads to data breaches where
sensitive information such as personal data, financial records, or
intellectual property is stolen or exposed. This can result in financial
losses, reputational damage, and regulatory penalties for affected
organizations.
2. Infrastructure Vulnerabilities: Hacking exploits vulnerabilities in
computer systems, networks, and software applications. As
technology advances, hackers continually discover new ways to
bypass security measures, making it challenging for organizations to
defend against cyber attacks.
17
Hacking:
3. Cyber Espionage: Hacking is frequently used for cyber espionage
purposes, where attackers infiltrate systems to steal sensitive
information, intellectual property, or classified data. This poses a
threat to national security, economic competitiveness, and
corporate secrets.
4. Ransomware: Hacking techniques such as ransomware encrypt data
or block access to computer systems until a ransom is paid.
Ransomware attacks can disrupt business operations, cause
financial losses, and result in data loss if backups are unavailable or
compromised.
Ransomware
18
Email
attachments
Website
downloads
Email links
Website links
Type of malware that encrypts data specifically
asking for payment in order to restore access.
How?
Regular backups
Updates
Verify emails
Protect Yourself
Don’t PAY!
19
Fake News:
1. Misinformation Spread: Fake news disseminates false or
misleading information through online platforms, social media,
and news websites. This can manipulate public opinion, influence
elections, and incite social unrest, undermining trust in the media
and democratic institutions.
2. Algorithmic Amplification: Social media algorithms often prioritize
sensational or controversial content, making fake news more
likely to reach a wider audience. This amplification effect can lead
to the rapid spread of misinformation and make it challenging to
distinguish between credible and false information.
20
Fake News:
3. Social Engineering: Fake news can be used as a tool for social
engineering, where attackers manipulate individuals' beliefs or
behaviors to gain access to sensitive information or perpetrate
cybercrimes. This can involve phishing scams, scam websites, or fake
social media profiles designed to deceive users.
21
Identity Theft:
1. Data Breaches: Identity theft often occurs in conjunction with
data breaches, where cybercriminals steal personal information
such as Social Security numbers, credit card numbers, or login
credentials. This stolen data is then used to impersonate
individuals or commit financial fraud.
2. Financial Fraud: Identity theft can lead to various forms of
financial fraud, including credit card fraud, identity fraud, and tax
fraud. Cybercriminals may use stolen identities to open fraudulent
accounts, make unauthorized purchases, or file fraudulent tax
returns, causing financial losses for victims.
22
Identity Theft:
3. Privacy Violations: Identity theft violates individuals' privacy rights
by exposing their personal information to unauthorized parties.
This can lead to feelings of insecurity, loss of trust in online
services, and long-term consequences for victims' financial and
personal well-being.
Why is Cyber awareness so important?
23
• Everything is CONNECTED!
• Personal documents
• Identity
• Finances
• Digital footprint
How can I protect
myself?
• Long and strong. Passphrases
• Enable 2FA where possible
• Change default passwords
• Don’t reuse passwords across accounts
• Use a Password manager (LastPass is FREE)
Passwords
• Ensure all devices are on their latest updates.
• Turn on AUTOMATIC UPDATES
• Make time for updates
• Spring clean your apps regularly
Updates
1. Phishing - email
2. Vishing – phone call
3. Smishing – text messages
Look out for:
4. Urgency
5. Asking for personal/financial information
6. Unsolicited
7. Contain links and downloadable files
8. Bad grammar
9. Too good to be true
Be aware of Scams
• Privacy controls
• Be mindful of what you share
• Review app privacy collection
Search Yourself (Digital
Footprint)
• Are my devices secure?
• Using VPN to access University systems?
• Beware of using FREE Wi-Fi
• Do I have anti virus installed?
• Am I backing up my important files? Cloud & Local
• Are my devices up to date?
• Enable two-factor authentication (2FA) where possible
• STOP. THINK BEFORE YOU CLICK.
Creating a Cyber secure home checklist
How can you help?
• Report suspicious emails : spam-report@unimelb.edu.au
• Got a question? Service Now ticket
• Yammer & Slack
• Sign up for free cyber alerts (Australian Cyber Security
Centre)
• GET IN TOUCH!
• Scamwatch
• Stay Smart Online
• SANS Security Awareness Blog
Helpful Websites
Thank you!

Cybersecurity note for students reference

  • 1.
    1 5.3 : Cyber SecurityIssue Click icon to add picture
  • 2.
    5.3 : CyberSecurity Issue 2 5.3.1 Describe the concept and legal act of cyber security 5.3.2 Identify the effect of cyber crimes on a particular sector 5.3.3 Identify issues in hacking, fake news and identifying theft
  • 3.
    5.3.1 Describe the conceptand legal act of cyber security 3
  • 4.
    What is CyberSecurity ? 4 Cyber Security is the technology and process that is designed to protect computer system, networks and devices from attack, damage, or unauthorized access.
  • 5.
    Why Cyber Security? 5 Confidentiality, Integrity, Availability have served as the industry standard Computer Security since the time of first main frame.
  • 6.
    Key components ofthe legal act of cybersecurity include: 6 1. Data Protection Laws: These laws regulate the collection, use, and storage of personal data, imposing obligations on organizations to protect the privacy and confidentiality of individuals' information. 2. Cybersecurity Regulations: Governments may enact specific regulations that mandate cybersecurity standards and practices for organizations operating within their jurisdiction. These regulations often require entities to implement measures such as risk assessments, incident response plans, and security controls to mitigate cyber threats.
  • 7.
    Key components ofthe legal act of cybersecurity include: 7 3. Cybercrime Legislation: Laws addressing cybercrime define criminal offenses related to computer systems and networks, such as hacking, malware distribution, identity theft, and cyber fraud. They establish penalties for offenders and outline procedures for investigating and prosecuting 4. National Security Measures: Governments may implement national security measures to protect critical infrastructure, sensitive information, and government systems from cyber threats. These measures may involve collaboration between government agencies, intelligence services, and private sector entities to detect and respond to cyber attacks.
  • 8.
    Key components ofthe legal act of cybersecurity include: 8 5. International Cooperation: Cybersecurity efforts often require cooperation between nations to address cross-border cyber threats effectively. International agreements, treaties, and frameworks facilitate information sharing, collaboration on cyber defense strategies, and the extradition of cybercriminals. 6. Regulatory Compliance: Organizations may be subject to industry- specific cybersecurity regulations and compliance requirements imposed by regulatory bodies or industry standards organizations. Compliance with these regulations typically involves implementing security controls, conducting audits, and reporting on cybersecurity practices.
  • 9.
    5.3.2 Identify the effectof cyber crimes on a particular sector 9
  • 10.
    10 Cybercrimes can havesignificant and varied effects on different sectors, depending on the nature of the attacks and the specific vulnerabilities of each sector. Here are some examples of how cybercrimes can impact a particular sector: 1. Financial Sector: Cybercrimes targeting the financial sector can lead to financial losses, fraud, and reputational damage for banks, investment firms, and other financial institutions. Attacks such as phishing, malware, and ransomware can compromise customer accounts, disrupt financial transactions, and undermine trust in the banking system.
  • 11.
    11 2. Healthcare Sector:In the healthcare sector, cybercrimes can jeopardize patient safety, compromise sensitive medical records, and disrupt healthcare services. Ransomware attacks targeting hospitals and healthcare providers can result in the encryption of patient data, leading to operational disruptions and delays in patient care. 3. Government Sector: Cybercrimes targeting government agencies can compromise national security, undermine public trust, and disrupt government operations. Attacks such as data breaches and espionage can result in the theft of classified information, intellectual property, and sensitive government documents.
  • 12.
    12 4. Critical Infrastructure:Cybercrimes targeting critical infrastructure, such as energy, transportation, and water systems, can have far- reaching consequences for public safety and national security. Attacks on infrastructure networks can disrupt essential services, cause physical damage to infrastructure components, and result in widespread economic disruption. 5. Retail Sector: Cybercrimes targeting the retail sector can lead to data breaches, financial fraud, and reputational damage for retailers and e-commerce platforms. Breaches involving payment card data can result in financial losses for both businesses and customers, as well as damage to brand reputation.
  • 13.
    13 6. Manufacturing Sector:Cybercrimes targeting the manufacturing sector can disrupt production processes, compromise intellectual property, and undermine supply chain security. Attacks such as industrial espionage and sabotage can result in the theft of trade secrets, the disruption of manufacturing operations, and the loss of competitive advantage. 7. Education Sector: Cybercrimes targeting the education sector can compromise student data, disrupt academic activities, and undermine the integrity of educational institutions. Attacks such as ransomware, data breaches, and phishing can result in the loss of sensitive student information, financial losses, and reputational damage for schools and universities.
  • 14.
    5.3.3 Identify issuesin hacking, fake news and identifying theft 14
  • 15.
    15 Hacking, fake news,and identity theft pose significant challenges in the realm of cybersecurity and information integrity. Here are some key issues associated with each:
  • 16.
    16 Hacking: 1. Data Breaches:Hacking often leads to data breaches where sensitive information such as personal data, financial records, or intellectual property is stolen or exposed. This can result in financial losses, reputational damage, and regulatory penalties for affected organizations. 2. Infrastructure Vulnerabilities: Hacking exploits vulnerabilities in computer systems, networks, and software applications. As technology advances, hackers continually discover new ways to bypass security measures, making it challenging for organizations to defend against cyber attacks.
  • 17.
    17 Hacking: 3. Cyber Espionage:Hacking is frequently used for cyber espionage purposes, where attackers infiltrate systems to steal sensitive information, intellectual property, or classified data. This poses a threat to national security, economic competitiveness, and corporate secrets. 4. Ransomware: Hacking techniques such as ransomware encrypt data or block access to computer systems until a ransom is paid. Ransomware attacks can disrupt business operations, cause financial losses, and result in data loss if backups are unavailable or compromised.
  • 18.
    Ransomware 18 Email attachments Website downloads Email links Website links Typeof malware that encrypts data specifically asking for payment in order to restore access. How? Regular backups Updates Verify emails Protect Yourself Don’t PAY!
  • 19.
    19 Fake News: 1. MisinformationSpread: Fake news disseminates false or misleading information through online platforms, social media, and news websites. This can manipulate public opinion, influence elections, and incite social unrest, undermining trust in the media and democratic institutions. 2. Algorithmic Amplification: Social media algorithms often prioritize sensational or controversial content, making fake news more likely to reach a wider audience. This amplification effect can lead to the rapid spread of misinformation and make it challenging to distinguish between credible and false information.
  • 20.
    20 Fake News: 3. SocialEngineering: Fake news can be used as a tool for social engineering, where attackers manipulate individuals' beliefs or behaviors to gain access to sensitive information or perpetrate cybercrimes. This can involve phishing scams, scam websites, or fake social media profiles designed to deceive users.
  • 21.
    21 Identity Theft: 1. DataBreaches: Identity theft often occurs in conjunction with data breaches, where cybercriminals steal personal information such as Social Security numbers, credit card numbers, or login credentials. This stolen data is then used to impersonate individuals or commit financial fraud. 2. Financial Fraud: Identity theft can lead to various forms of financial fraud, including credit card fraud, identity fraud, and tax fraud. Cybercriminals may use stolen identities to open fraudulent accounts, make unauthorized purchases, or file fraudulent tax returns, causing financial losses for victims.
  • 22.
    22 Identity Theft: 3. PrivacyViolations: Identity theft violates individuals' privacy rights by exposing their personal information to unauthorized parties. This can lead to feelings of insecurity, loss of trust in online services, and long-term consequences for victims' financial and personal well-being.
  • 23.
    Why is Cyberawareness so important? 23 • Everything is CONNECTED! • Personal documents • Identity • Finances • Digital footprint
  • 24.
    How can Iprotect myself?
  • 25.
    • Long andstrong. Passphrases • Enable 2FA where possible • Change default passwords • Don’t reuse passwords across accounts • Use a Password manager (LastPass is FREE) Passwords
  • 26.
    • Ensure alldevices are on their latest updates. • Turn on AUTOMATIC UPDATES • Make time for updates • Spring clean your apps regularly Updates
  • 27.
    1. Phishing -email 2. Vishing – phone call 3. Smishing – text messages Look out for: 4. Urgency 5. Asking for personal/financial information 6. Unsolicited 7. Contain links and downloadable files 8. Bad grammar 9. Too good to be true Be aware of Scams
  • 28.
    • Privacy controls •Be mindful of what you share • Review app privacy collection Search Yourself (Digital Footprint)
  • 29.
    • Are mydevices secure? • Using VPN to access University systems? • Beware of using FREE Wi-Fi • Do I have anti virus installed? • Am I backing up my important files? Cloud & Local • Are my devices up to date? • Enable two-factor authentication (2FA) where possible • STOP. THINK BEFORE YOU CLICK. Creating a Cyber secure home checklist
  • 30.
    How can youhelp? • Report suspicious emails : spam-report@unimelb.edu.au • Got a question? Service Now ticket • Yammer & Slack • Sign up for free cyber alerts (Australian Cyber Security Centre) • GET IN TOUCH!
  • 31.
    • Scamwatch • StaySmart Online • SANS Security Awareness Blog Helpful Websites
  • 32.