CYBER SECURITY 1
Cybersecurity is the safeguard of internet-connected systems, including hardware, software and data,from cyberattacks
Figure 1:Cyber Security
Cybersecurity refers to a set of technique used to defend the integrity of networks, programs and data from attack, damage or unauthorized way in.
Figure 2 Frame work of cybersecurity(N, 2018)
Graph 1: Total & Average Investment Value
Major area covered in cyber security are
• Network Security
Chart 1: Cyber security Concern Areas
Application security is the apply of software, hardware, and practical methods to protect applications from external threats.Some basic techniques are:
• Input parameter validation
• User/Role Authentication & Authorization
• Session management, parameter manipulation & exception management,
• Auditing and logging.
Information security protects information from unauthorized access to avoid identity theft and to protect privacy.
Figure 3:Information Security
Major techniques are:
• Identification, authentication & authorization of user
Graph 2 Evolution Of Information security
The UK Network and Information Systems Regulations 2018 (NIS Regulations) come into force on 10 May 2018 to apply the EU Network and Information Security Directive (EU) 2016/1148 (NIS Directive).
The NIS Regulations create a legal framework to impose security and notification obligations on:
• operators of essential services (OES) including electricity, gas, water supply, transport;
• relevant digital service providers (RDSP) being online search engines, online marketplaces and cloud computing service providers.(Barisi, 2018)
Graph 3 Quality Of Recent Information Security
Disaster recovery planning is a process that includes performing risk assessment, establishing priorities, developing recovery strategies in case of a disaster.
Figure 4:Disaster Recovery
Graph 4 Disaster & Recovery Time
Chart 2 Causes of Disaster
Network security includes activities to guard the usability, reliability, integrity and safety of the network.
Figure 5: Networking
Network security components include:
• Anti-virus and anti-spyware
• Firewall, to block unauthorized access to your network
• Intrusion prevention systems (IPS), to identify fast-spreading threats, such as zero-day or zero-hour attacks
3.TYPES OF CYBERSECURITY THREATS
Ransomware is a type of malicious software. It is planned to extort money by jamming access to files or the computer system until the ransom is paid. Paying the ransom does not guarantee that the files will be recovered or the system restored. (Faslow, 2018)
Phishing is the practice of sending fraudulent emails that look like emails from trustworthy sources. The aim is to take sensitive data like credit card numbers and login information. It’s the most common type of cyber attack. You can help protect yourself through education or a technology solution that filters malicious emails. (/www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html, 2018)
3.3.SOCIALLY ENGINEERED MALWARE
Socially engineered malware,recently often led by data-encrypting ransomware, provides the No. 1 method of attack (not a buffer overflow, misconfiguration or advanced exploit). An end-user is somehow tricked into running a Trojan horse program, often from a website they trust and visit often. The otherwise innocent website is temporarily compromised to bring malware instead of the normal website coding.
The maligned website tells the user to install some new piece of software in order to access the website, run fake antivirus software, or run some other “critical” piece of software that is unnecessary and malicious. The user is often instructed to click past any security warnings emanating from their browser or operating system and to disable any pesky defenses that might get in the way. (CSO, 2017)
At times,the Trojan program pretends to do something legitimate and other times it fades away into the background to start doing its rogue actions. Socially engineered malware programs are answerable for hundreds of millions of successful hacks each year. Against those numbers, all other hacking types are just noise.
Social engineered malware programs are best handled through ongoing end-user education that covers today’s terrorization (such as trusted websites). Enterprises can further protect themselves by not allowing users to surf the web or answer email using elevated credentials. An up-to-date anti-malware program is a necessary evil, but strong end-user education provides better bang for the buck. (CSO, 2017)
3.4.PASSWORD PHISHING ATTACKS
Approximately 60 to 70 percent of email is spam, and much of that is phishing attacks looking to trick users out of their logon ID. Fortunately, anti-spam vendors and services have made great strides, so most of us have sensibly clean inboxes. Nonetheless, I get several spam emails each day, and a least a few of them each week are darned good phishing replicas of legitimate emails. (CSO, 2017)
The main countermeasure to password phishing attacks is to have logons that can’t be given away. This means two-factor authentication (2FA), smartcards, biometrics and other out-of-the-band (e.g., phone call or SMS message) authentication methods. If you can aid something other than simple logon name/password combinations for your logons, and need only the stronger methods, then you’ve beat the password-phishing game.
3.5.SOCIAL MEDIA THREATS
Our online world is a social world led by Facebook, Twitter, LinkedIn or their country-popular counterparts. Social media threats usually appear as a rogue friend or application install request. If you’re unlucky enough to accept the request, you’re often giving up way more access to your social media account than you bargained for. Corporate hackers love exploiting corporate social media accounts for the embarrassment factor to collect passwords that might be shared between the social media site and the corporate network. Many of today’s worst hacks started out as simple social media hacking. (CSO, 2017)
End-user education about social media threats is a must. Also make sure that your users know not to share their corporate passwords with any other foreign website. Here’s where using more complicated 2FA logons can also help. Lastly, make sure all social media users know how to report a hijacked social media account, on their own behalf, or someone else’s. Sometimes it is their friends who notice something is amiss first. (CSO, 2017)
3.6.ADVANCED PERSISTENT THREATS
APTs usually gain a grip using socially engineered Trojans or phishing attacks.
A very popular method is for APT attackers to send a specific phishing campaign — known as spearphishing — to multiple employee email addresses. The phishing email contains a Trojan attachment, which at least one employee is tricked into running. After the initial implementation and first computer takeover, APT attackers can compromise an entire enterprise in a matter of hours. It’s easy to accomplish, but a royal pain to clean up. (CSO, 2017)
Detecting and preventing an APT can be difficult. Popular attack types such as SQL injection, cross-site scripting, pass-the-hash and password guessing aren’t seen at the high levels.
Lastly, avail yourself of a product or service that specializes in detecting APT-style attacks. These services either run on all your computers, like a host-based intrusion detection service, or collate your event logs looking for signs of maliciousness. (CSO, 2017)
Myriad vendors have now filled the earlier void and are waiting to sell you protection.
Overall, figure out what your enterprise’s most like threats will be and prepare for those the most. Too many companies waste resources concentrating on the wrong, less likely scenarios. Use their threat intelligence as compared to your environment’s make up and vulnerabilities, and determine what you should be preparing for the most. (CSO, 2017)
4.DOS(DENIAL OF SERVICE) ATTACKS
One of the simplest forms of cyber attack, DoS attacks shut down a target’s servers, making it impossible to access their websites or use their online services. This is most commonly done by flooding a target’s servers with traffic until they overload and crash. One of the most common forms DoS attack involves getting large numbers of attackers to flood their target’s servers at once, making it almost impossible to block the incoming traffic.
STRATEGIES FOR DOS ATTACKS
The simplest method for thwarting DoS attacks is having extra bandwidth. If you fear your business might be targeted for DoS attacks, simply having enough server space to handle the increased traffic can render the attacks moot. There are also third-party services who can help your company stay online during a DoS attack.
Advanced Persistent Threats.
• SQL Injection Attacks (SQLi)
• Cross-Site Scripting (XSS)
• Man-in-the-Middle (MITM) Attacks.
• Malware Attacks.
• Denial-of-Service Attacks.
• Spear Phishing Attacks.
• Advanced persistent attack
• Distributed Denial of Service (DDoS)
• Wiper Attacks.
• Intellectual Property Theft.
• Theft of Money
• Data Manipulation
• Data Destruction
• Man in the Middle (MITM)
• Drive-By Downloads
• Rogue Software
• Unpatched Software
5.MOST COMMON SOURCES OF CYBER THREATS
• 1Nation states or national governments
• Industrial spies
• Organized crime groups
• Hacktivists and hackers
• Business competitors
• Disgruntled insiders