Cyber Security Layers , CyberCrime and Cyber Criminals

What do you mean by Cyber Security?

• Cybersecurity is the practice of protecting computer systems, networks, and data from theft, damage, or unauthorized access.
• It contains many ideas, strategies and techniques for protecting digital information in the increasingly interconnected world of cyberspace.
• This article will delve into various aspects of cybersecurity, from basic concepts to the evolving landscape of cyber threats and cybercriminals.

Basic Cyber Security Concepts

• Confidentiality
• Encryption
• Integrity
• Availability
• Authentication

What is Confidentiality?

• Confidentiality is the principle of ensuring that sensitive information is only accessible to authorized individuals or systems.
• Encryption is a fundamental technique to maintain confidentiality.
• For instance, when you log into your online banking account, your password is encrypted during transmission, making it unreadable to anyone reading the data.

What is Encryption?

• Encryption is like locking your message in a secret code that only you and the intended recipient can understand.
• For example, think of it as putting your message in a special box with a unique key – only the person with the right key can open and read the message, keeping it safe from others who may try to peek.

What is Integrity?

• Integrity focuses on the trustworthiness of data.
• It ensures that data remains accurate and unaltered during storage or transmission.
• Digital signatures and checksums are commonly used to verify the integrity of files.
• If someone maliciously alters a document, its checksum will change, alerting the recipient.

Why Availability?

• Availability ensures that data and systems are accessible when needed.
• Distributed Denial of Service (DDoS) attacks are a common threat to availability.
• These attacks flood a network or website with traffic, rendering it inaccessible to legitimate users.
• An example is the 2016 Dyn DNS attack, which disrupted major websites and services.

What is Authentication?

• Authentication is the process of verifying the identity of a user or system. 
• Authentication methods include username and password, biometrics, and two-factor authentication (2FA).
• For instance, when you log into your email account, you provide a username and password to prove your identity.

Layers of Cyber Security

• Perimeter Security
• Network Security
• Endpoint Security
• Application Security

Perimeter Security

• Perimeter security involves securing the network's boundary, often through firewalls and intrusion detection systems.
• A common example is a firewall that filters incoming and outgoing traffic to block malicious connections.

Network Security

• Network security focuses on protecting data in transit.
• Virtual Private Networks (VPNs) encrypt data while it travels between devices and across networks, preventing eavesdropping.
• VPNs are widely used by remote workers to secure their connections.

Endpoint Security

• Endpoint security safeguards individual devices like computers and mobile phones.
• Antivirus software and intrusion detection systems are examples.
• If your computer's antivirus software detects a malware threat, it takes action to remove or hold the threat.

Application Security

• Application security involves securing software and web applications to prevent vulnerabilities that cybercriminals could exploit.
• Regular software updates and patches are essential.
• A famous example is the Equifax breach in 2017, where attackers exploited a vulnerability in an unpatched web application to steal the personal data of millions.

What is Cyber Crime?

• Cybercrime refers to illegal activities committed using computers, the internet, or digital technology.
• It includes crimes like hacking, identity theft, online fraud, etc.

Types of Cyber Crimes

• Hacking
• Phishing
• Ransomware

Hacking

• Hacking involves unauthorized access to computer systems or networks.
• A prominent case is the 2013 Target breach, where hackers breached the retail giant's network and stole credit card information from millions of customers.

Phishing

• Phishing is a deceptive technique that tricks individuals into revealing sensitive information, often through fraudulent emails or websites.
• In 2016, the phishing attack on John Podesta, Hillary Clinton's campaign chairman, resulted in a massive data leak.

Ransomware

• Ransomware is malicious software that encrypts a victim's data, demanding a ransom for decryption.
• The WannaCry ransomware attack in 2017 affected hundreds of thousands of computers worldwide, including critical infrastructure systems.

Types of Cyber Criminals

• Hacktivists
• Cybercriminal Organizations
• Cyberspace
• Cyber Threats
• Cyber warfare

Hacktivists

• Hacktivists are individuals or groups who use hacking for political or social activism.
• Anonymous, a loosely organized collective, is an example of hacktivists.

Cybercriminal Organizations

• These are highly organized criminal groups that engage in cyber crimes for financial gain.
• The Russian-based criminal organization, REvil, gained notoriety for high-profile ransomware attacks.

Cyberspace

• Cyberspace is the interconnected domain of digital information, encompassing the internet and computer networks.
• It's the environment in which cyber threats and cybercrimes occur.

Cyber Threats

• Cyber threats include various risks to digital security, ranging from malware and viruses to social engineering attacks.
• For example, the Stuxnet worm was designed to target industrial systems, disrupting Iran's nuclear program.

Cyber warfare

• Cyber warfare involves nation-states using cyber attacks as a tool of warfare.
• The Stuxnet worm mentioned earlier is a prime example, allegedly developed by the U.S. and Israel to sabotage Iran's nuclear facilities.

Conclusion