Cyber Security Threats Flashcards
Social engineering
Impersonating someone to get to someone or get privileged info
Forms:
Phishing - mass targeted SE attack
Spear phishing - targeted SE attack
CEO fraud- attempt to command someone to do something by impersonating ceo
BOT nets and ddos
Bot net- controlled system of computers which can be controlled by an actor
Distributed denial of service - use of botnets to target a firm and exhaust their resources and make them unavailable for service
Ransome ware and crypto blockers
Ransome ware- malware infection that denies access to a computer until a ransom is paid
Example
Crypto blockers - encrypt files using a key which is only returned to the hostage once the ransom is paid
Nation state actors
Hired by governments (license to hack)
Goal to cause chaos and undermine other countries
Advanced well planned attack’s
Insider threats
Mostly employees
Motives can be unintentional or for money/revenge
Can cause substantial damage
Can provide sensitive corporate data to others or sabotage systems
Hacktivists
Online hack groups like anonymous
Motives often reactionary as they be sad
A lot of time and resources
Ddos attacks persistent hate mobs
Organised crime
Motive to maximise income
Can be substantial damage
For fun hackers
Script kiddies
Motives - fun and bragging rights
Capability - often limited
Ddos common methods but anything goes
Steps of cyber kill chain
Reconnaissance - select target
Weaponisation - create remote access weapon
Delivery - send weapon to target
Exploitation - malware code triggers
Installation - installs access point (back door)
Command and control - gives hands on keyboard
Actions on objective- takes action to achieve goals
How criminals hack
Recon
Establish foothold
Move in network
Objectives
Why is there no magical solution to security
Negative assurance (security can not be proved )
Tools can be faulty,manipulated, circumvented
Hypponens law - if it’s smart it’s vulnerable (hardware costs gone down , computer power going up)
Human error- trust exploited, people empathetic, lazy, ignorant , lack of awareness
What can we do
Spread awareness-(using tools, developing and maintaining them)
Kerckhoffs principle in cryptography- a cryptographic system should be secure even if everything about he system (except the key) is known
Shannon’s maxim- one ought to design systems under the assumption that the enemy will immediately gain full familiarity with them
What can we do : layers of defence
Castle - data base system
Guard post - identify and access management
Outer walls - firewalls and DMZ
Inner walls - system hardening mitigation’s
Guard towers - security monitoring
Assume breach:
Don’t rely on locked door secure every room m
What can we do
Fail fast and often
Iterate fast and often:
Learn from mistakes
Be agile to changing requirements
Get feedback from audience
Align incentive structures and responsibility : -one team goal -shared responsibility -implement layers of defence
