ch1 Flashcards
(22 cards)
what’s cyber security
the protection of digital assets (data ,hardware ,software and network) by addressing possible threats that may result in unauthorized information disclosure, theft, or damage
Computer Security
- Fous : Protection of computer
- Computer secure when the computer does what it is supposed to do and only what it is supposed to do
Information Security
- Focus: Protection of information, regardless of format, including:
- Paper documents
- Digital and intellectual property
- Verbal or Visual communications
Common Threats To Security
- Viruses and worms
- Intruders
- Insiders
- Criminal organizations
- Terrorists and Information warfare
Viruses vs worm
viruses: need human action
worm: duplicate itself
Malware
is software that has a nefarious purpose, designed to cause
problems to you as an individual (for example, identity theft) or your
system.
two types of threats that fall under the
general heading of malware
Viruses and Worms
Intruders
- The act of deliberately accessing
computer systems and networks without
authorization is generally referred to as
“hacking”. - Individuals who conduct this activity
being referred to as “hackers”.
(hacker outside the organization)
explain why insiders are more dangerous in many respects than outside intruders
insiders have access and knowledge
necessary to cause immediate damage to an organization.
Attacks by criminal organizations usually fall into the structured threat category, which is characterized by:
- a greater amount of planning.
- a longer period of time to conduct the activity.
- more financial backing to accomplish it.
- possibly corruption of, or collusion with, insiders.
Information warfare
is warfare conducted against the information
and information processing equipment used by an adversary.
why Nation-States highly structured?
they have planning, resources and time
Attributes of Actors/ Different ways to differentiate the threat actors:
- by location (internal or external)
- by level of sophistication
- by level of resources or funding
- by intent or motivation
A particular computer system is generally attacked for one of two
reasons:
- Specific Target: In this case, the attacker has chosen the target not
because of the hardware or software the organization is running but for
another reason—perhaps a political reason. - Opportunistic Target: The attackers, in this case, are not targeting
the organization; instead, they have learned of a vulnerability and are
simply looking for an organization with this vulnerability that they can
exploit.
Three major considerations when securing a system:
- Correctness:
- Ensuring that a system is fully up to date, with all patches installed and proper
security controls in place. - Isolation:
- Protecting a system from unauthorized use, by means of access control and
physical security. - Obfuscation:
- Making it difficult for an adversary to know when they have succeeded.
Increasing the workload of an attacker makes it more difficult for them to
succeed in their attack.
steps of Cybersecurity Kill Chain to conduct attack
figure 1.2
Threat intelligence is broken down into three types, with different audiences and objectives for each:
- Strategic
- Broader trends typically meant for a non-technical audience
- Tactical
- Outlines of the tactics, techniques, and procedures of threat actors
for a more technical audience - Operational
- Technical details about specific attacks and campaigns
Open-Source Intelligence (OSINT)/ public source
is the term used to describe the processes used in the
collection of threat intelligence information from public sources.
example of open-source Intelligence (OSINT)
news articles, to blogs, to government reports
Ethics
set of moral principles that guides an
individual’s or group’s behaviour.
Threat intelligence is the basis of understanding adversary
Tactics, Techniques, and Procedures (TTPs).
Recent Trends in Cybersecurity
1- Increased Accessibility: Shifting from closed environments to global access complicates security.
2- Evolving Threats: Attackers prioritize financial gain over seeking notoriety.
