CYBER

SECURITY

PRESENTED BY: DANIELLE ANNE MARIE G. MARAAN

INTRODUCTION AND OBJECTIVE OF THE TOPIC

able to know what is the meaning of cyber security and it's categories
able to be aware of some cyber threats that might encounter
able to know how to be safe in information technology

“It takes 20 years to build a reputation and few minutes of cyber-incident

to ruin it.”

– Stephane Nappo

 Definition of Terms
CYBER
SECURITY
of, relating to, or involving the state of being protected or safe
computers or computer from harm
networks (such as the
Internet) THREAT
an expression of intention to inflict
evil, injury, or damage

https://www.merriam-webster.com/dictionary/cyber
https://www.merriam-webster.com/dictionary/security
https://www.merriam-webster.com/dictionary/threat
 Definition of Terms

HACKER
Is an individual who uses computer,
networking or other skills to overcome
a technical problem.
May also refer to anyone who uses
their abilities to gain unauthorized
access to systems or networks in order
to commit crimes.

https://searchsecurity.techtarget.com/definition/hacker
 1. What is Cyber Security
Three Fundamental Concept
of Cyber Security
Content Outline Categories of Cyber Security
2. What is Cyber Threat
Scale of Cyber Threats(not
sure)
Types of cyber threats
Methods Used to Threaten
Cyber Security
Latest Cyber Threats
3. Types of hackers
4. Tips on Cyber Safety
 What is Cyber
Security?

•It is the practice of defending computers, servers,

mobile devices, electronic systems, networks, and
data from malicious attacks.
•Also known as information technology security or
electronic information security.
https://www.youtube.com/watch?v=GT0daScxO18
 Three Fundamental
Concept of Cyber
Security
•Confidentiality:Keeping
secrets secret
•Integrity:Ensuring information
is not modified
•Availability:Keeping electronic
doors open and IT shops
humming
 Categories of Cyber
Security
Network security
• Is the practice of securing a computer network
from intruders, whether targeted attackers or
opportunistic malware.
 Categories of Cyber
Security
Application security
• Focuses on keeping software and devices free of
threats. A compromised application could provide
access to the data its designed to protect.
Successful security begins in the design stage, well
before a program or device is deployed.
 Categories of Cyber
Security
Information security
•Protects the integrity and privacy of data, both in
storage and in transit.
 Categories of Cyber
Security
Operational security
•Includes the processes and decisions for handling
and protecting data assets. The permissions users
have when accessing a network and the
procedures that determine how and where data
may be stored or shared all fall under this umbrella.
 Categories of Cyber
Security
Disaster recovery and
business continuity
•Define how an organization responds to a cyber-
security incident or any other event that causes
the loss of operations or data. Disaster recovery
policies dictate how the organization restores its
operations and information to return to the same
operating capacity as before the event. Business
continuity is the plan the organization falls back on
while trying to operate without certain resources.
 Categories of Cyber
Security
End-user education
•Addresses the most unpredictable cyber-security
factor: people. Anyone can accidentally introduce a
virus to an otherwise secure system by failing to
follow good security practices. Teaching users to
delete suspicious email attachments, not plug in
unidentified USB drives, and various other
important lessons is vital for the security of any
organization.
https://www.youtube.com/watch?v=ZBVLQ3_pS7I
 What is Cyber
Threat?
•It is the possibility of a malicious
attempt to damage or disrupt a
computer network or system.
•Cyber threats can originate from
various actors, including corporate spies,
hacktivists, terrorist groups, hostile
nation-states, criminal organizations,
lone hackers and disgruntled employees.
Scale of the cyber
threat
Scale of the cyber
threat
 Types of Cyber
Security threats
1. CYBERCRIME

1includes single actors or groups

targeting systems for financial gain
or to cause disruption
 Examples of
Cybercrime
Email and internet fraud.
Identity fraud (where personal information is stolen
and used).
Theft of financial or card payment data.
Theft and sale of corporate data.
Cyberextortion (demanding money to prevent a
threatened attack).
Ransomware attacks (a type of cyberextortion).
Cryptojacking (where hackers mine cryptocurrency
using resources they do not own).
Cyberespionage (where hackers access government
or company data).
 Types of Cyber
Security threats
2. CYBER-ATTACK

Often involves politically motivated

information gathering.

3. CYBERTERRORISM

Is intended to undermine electronic

systems to cause panic or fear
 Malware
It means a malicious software.
The most common cyber threat.
It is a software that a cybercriminal
or hacker has created to disrupt or
damage a legitimate user’s
computer.
It could be spread via an unsolicited
email attachment or legitimate-
looking download.
Cybercriminals use malware to make
money or in politically motivated
cyber-attacks.
 Types of Malware
1. Virus: A self-replicating program that
attaches itself to clean file and
spreads throughout a computer
system, infecting files with malicious
code.

1. Trojans: A type of malware that is

disguised as legitimate software.
Cybercriminals trick users into
uploading Trojans onto their
computer where they cause damage
or collect data.
 Types of Malware
3. Spyware: A program that secretly
records what a user does, so that
cybercriminals can make use of this
information. For example, spyware
could capture credit card details.

4. Ransomware: Malware which locks

down a user’s files and data, with the
threat of erasing it unless a ransom
is paid.
 Types of Malware
5. Adware: Advertising software
which can be used to spread
malware.

6. Botnets: Networks of malware

infected computers which
cybercriminals use to perform tasks
online without the user’s permission.
 Methods Used to
Threaten Cyber-Security
SQL (STRUCTURE LANGUAGE QUERY)
INJECTION

Is a type of cyber-attack used to take

control of and steal data from a database.
Cybercriminals insert malicious code into
a database via a malicious SQL statement
to exploit vulnerabilities in data-driven
applications.
Which gives them access to the sensitive
information contained in the database.
 Methods Used to
Threaten Cyber-Security
PHISHING

It is an email received by the people that

appears to be from a legitimate company
asking for sensitive information.
It is often used to dupe people into
handing over credit card data and other
personal information.
 Methods Used to
Threaten Cyber-Security
MAN-IN-THE-MIDDLE ATTACK

It is a type of cyber threat where a

cybercriminal intercepts communication
between two individuals in order to steal
data.
For example, on an unsecure WiFi
network, an attacker could intercept data
being passed from the victim’s device and
the network.
 Methods Used to
Threaten Cyber-Security
DENIAL-OF-SERVICE ATTACK

It is where cybercriminals prevent a

computer system from fulfilling
legitimate requests by overwhelming the
networks and servers with traffic.
This renders the system unusable,
preventing an organization from carrying
out vital functions.
 Latest Cyber Threats
DRIDEX MALWARE

In December 2019, the U.S. Department of Justice (DoJ)

charged the leader of an organized cyber-criminal group for
their part in a global Dridex malware attack. This malicious
campaign affected the public, government, infrastructure and
business worldwide.
Dridex is a financial trojan with a range of capabilities.
Affecting victims since 2014, it infects computers though
phishing emails or existing malware. Capable of stealing
passwords, banking details and personal data which can be
used in fraudulent transactions, it has caused massive
financial losses amounting to hundreds of millions.
 Latest Cyber Threats
ROMANCE SCAMS

In February 2020, the FBI warned U.S. citizens to be aware of

confidence fraud that cybercriminals commit using dating
sites, chat rooms and apps. Perpetrators take advantage of
people seeking new partners, duping victims into giving away
personal data.
The FBI reports that romance cyber threats affected 114
victims in New Mexico in 2019, with financial losses
amounting to $1.6 million.
 Latest Cyber Threats
EMOTET MALWARE

In late 2019, The Australian Cyber Security Centre warned

national organizations about a widespread global cyber
threat from Emotet malware.
Emotet is a sophisticated trojan that can steal data and also
load other malware. It thrives on unsophisticated password: a
reminder of the importance of creating a secure password to
guard against cyber threats.
 TYPES OF HACKERS

•1) White Hat Hackers

•2) Black Hat Hackers
•3) Gray Hat Hackers
•4) Script Kiddies
•5) Green Hat Hackers
•6) Blue Hat Hackers
•7) Red Hat Hackers
•8) State/Nation Sponsored Hackers
•9) Hacktivist
•10) Malicious insider or Whistleblower
 TIPS ON CYBER SAFETY

1. Update your software and operating system

2. Use anti-virus software
3. Use strong passwords
4. Do not open email attachments from
unknown senders
5. Do not click on links in emails from unknown
senders or unfamiliar websites
6. Avoid using unsecure WiFi networks in public
places
 FINAL NOTE

We must be always aware of what we click in the

internet and email to open to secure our data to
not be stolen and used by others.

“Passwords are like underwear: don’t let people see it,

change it very often, and you shouldn’t share it with
strangers.”

– Chris Pirillo
 ACTIVITY

1. WHAT ARE THE FUNDAMENTAL CONCEPT

OF CYBER SECURITY?
2. ENUMERATE THE TYPES OF MALWARE
3. GIVE 5 TYPES OF HACKERS
4. AS A STUDENT, HOW COULD YOU BE SAFE
FROM THIS CYBER THREATS? (2-3
SENTENCE ONLY)