cybersecurity 1. intro to cybersecurity
DESCRIPTION
Introduces the concept of cybersecurityTRANSCRIPT
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 1
Cybersecurity 1
Introduction to cybersecurity
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 2
What is cybersecurity?• A very wide-ranging term with no
standard definition.
• It covers all aspects of ensuring the protection of citizens, businesses and critical infrastructures from threats that arise from their use of computers and the internet.
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 3
Internet-enabled crime
• Criminals see lower risks and high rewards from cyber crime than through ‘physical’ crime
• Stealing confidential and national secrets by intelligence agencies and others now involves illegally accessing digitised information.
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 4
Internet-enabled crime
• Nation states have the potential to disrupt an enemy’s economy and perhaps reach their strategic objectives without risk to their armed forces
• There are fewer online barriers to anti-social behaviour on the net than in face to face interaction.
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 5
Scope of cybersecurity• Techniques of threat and attack
analysis and mitigation
• Protection and recovery technologies, processes and procedures for individuals, business and government
• Policies, laws and regulation relevant to the use of computers and the Internet
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 6
Cybersecurity is not…
• Computer security
• Security engineering
• Encryption
• Computer crime
• Computer forensics
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 7
Cybersecurity is…
• A socio-technical systems problem
• Security problems almost always stem from a mix of technical, human and organisational causes
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 8
Cyber attack
• A malicious attempt, using digital technologies, to cause personal or property loss or damage, and/or steal or alter confidential personal or organisational data
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 9
Insider attacks
• Attacks to an organisation carried out by someone who is inside that organisation
• Difficult to counter using technical methods as the insider may have valid credentials to access the system
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 10
External attacks
• Attacks to an organisation carried out by an external agent
• Requires either valid credentials or the exploitation of some vulnerability to gain access to the systems
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 11
© Infosecurity magazine 2012
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 12
Malware
• Software that has some malicious intent and which is installed on a user’s computer without that user’s consent
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 13
Malware
• Key loggers
– Software installed on a computer that captures key strokes and sends these to a remote system
– Used to try and get personal information to gain access to sites such as banks
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 14
Malware
• Ransomware– Software that runs on a user’s
computer and demands that the user pays some other organisation. If they don’t, the information on their computer will be destroyed.
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 15
Malware transmission
• Malware can usually spread itself from one computer to another either as a virus or as a worm
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 16
Viruses and worms
• Virus – malware attached to a carrier such as an email message or a word processing document
• Worm – malware can autonomously spread itself without a carrier, using information about connected computers
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 17
Malicious and accidental damage
• Cybersecurity is most concerned with
– Cyber attacks
• Cyber-accidents– Accidental events that can
cause loss or damage to to an individual, business or public body
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 18
• Many of the same technologies used to protect against external attack also protect against cyber-accidents.
• However, sometimes protecting against cyber attacks increases the probability of cyber-accidents.
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 19
• Adding protection increases system complexity which increases the likelihood of introducing bugs into the system and for humans to make mistakes.
• For example– An attack detection system might
mistakenly detects an external attack and shut down part of the system in response to this.
Cybersecurity 1: Introduction to cybersecurity 2013 Slide 20
Summary• Cybersecurity all about protecting,
repelling and recovering from cyberattacks
• Need to be aware of the potential for both insider and external cyber attacks
• Malware is malicious code that is installed on a computer without the owner’s consent.