Cybersecurity Flashcards
Cybersecurity definition
technique of protecting internet-connected systems and data from computer attacks
Cybersecurity tasks
- Guaranteeing confidentiality of information
- Protection from unauthorized access
- Ensuring availability of resources
CIA triad
- Confidentiality
- Integrity
- Availability
Confidentiality
= protecting from access of unauthorized users
Tools:
- Encryption: making info unreadable for unauthorized users (encryption + decryption key)
- Access Control: rules and policies for limiting acess (credentials + privileges)
- Authentication: cofmiring user identity (credentials)
- Authorization: verifying authenticated user’s access rules (privilges)
- Physical security: depends from legislation, physical access to IT infrastructure
Integrity
= authentic, accurate data, safeguarded by unauthorized modifications
Tools:
- checksum: to verify that data is in original format, as data changes output of checksum changes
- backups: periodi duplication of data
- data correcting codes: storing data so that small changes can be detected and corrected
Availability
= information available always for authorized users
Tools:
- computational redundancies
- Physical protection: info available during physical challenges
Why cybersecurity
- attack technology develops in open source environment -> fast
- many weak systems connected to the internet
- attacksa transcend national borders
- defensive strategies are reactionary
Cybersecurity principles
- Risk management regime: establishing and communicating cibersecurity policies
- Secure configuration: e.g. disabling useless functions
- Network security
- Managing user privileges -> minimum priv
- User education and awareness
- Incident management
- Malware preventions: anti-virus for business practices more exposed to attacks
- Monitoring
- Removable media control
- Home and remote connections
Cyberattack definition
exploitation of a computer system or network, it uses malicious code to alter a computer’s logica, data or code
Actors of cyberattacks
States
Organizations
Administrators and Users
Why are cyberattacks damaging
Reasons of state
Economic reasons
- financial loss
- customer loss
- legal costs
- recovery and additional technology
- stock market loss
- production loss
Ethical and social reasons
Cyberattacker definition
Individual or organization who performs malicious activities to destry, alter, make unauthorized use of an asset
Types of cyberattackers
- Hacktivist: political agenda, religious belief, social ideology
- State-sponsored: aligned objectives
- Insider threat: from within, can be malicious, accidental, negligent (avoid organization’s cybersecurity policies)
- Cybercriminal
Cybercriminal types
Ransom artist
hacker
rogue employee
spear phisher
social engineer
Types of cybercrimes
Spoofing
Identity theft
Phishing
Non-payment
Personal data breach
Extortion
Confidence/Romance fraud
Misrepresentation
Reasons why cyber attacks are possible
- organization’s weakness
- user weakness
- technological wekaness
- technological problem
- programming: bugs, complexity
- environment (network)
- design (authentication)
- security control
- application problem
- sensitive info in cookies
- password stored without encryption in db
- inventing a protection system
- buffer overflow
Kinds of cyber attacks
- hacking: system penetration by a hacker
- Error
- Malware
- social: exploit user ignorance
Kinds of cyber attacks (based on)
System based
- worm
- virus
- backdoor
- trojan horse
- bots
Web based
- DNS spoofing
- URL interpretation
- brute force
- Man in the middle
- File inclusion attacks
- Dictionary attacks
- Session hijacking
- phishing
denial of service
