ARTICLES FOR READING

APPROACHES TO CYBERCRIME & ASPIONAGE.

Course Expected Learning Outline (Elo)

 Understand and have a global perspectives towards cybercrime & Espionage.
 To Understand Core Information Assurance Principles
 To Identify Key Components Of Cyber Security Architecture
 The Learner To Apply Cyber Security Principles
 Identify Security Tools And Hardening Techniques
 Distinguish Systems And Applying Security Threats And Vulnerabilities
 Define Types, Categories, Responses And Incidences Of Cyber Security
Learning Activity 1:
Gain a good internet access to the FOUR links provided below; (Cybercrime Magazine Cyber
security ventures.com & cisomag.com). Read and make self-assessment to Evaluate and make
your analysis summary view points on the Major events happening in the Society highlighted.

i. https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
ii. https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
iii. https://cisomag.eccouncil.org/uk-cops-becoming-ethical-hackers/
iv. https://www.itjobswatch.co.uk/jobs/uk/cyber%20security.do#job_vacancy_trend

PRINCIPLES OF CYBER SECURITY

Two of the things valued by a Cyber Security Specialist:
 Privacy
 Anonymity
 Pseudonomity
Privacy – about maintaining confidentiality and keeping secrets.
Anonymity – keeping your actions and activities separate from your true identity.
Pseudonomity – when you wish to retain a reputation against an identity.

Page 1 of 9
This relates to why some of the assets like (public relation, private information) are important to
you.
e.g: you may wish your emails to remain private.
wishing your identity to remain unknown.
SECURITY, VULNERABILITIES AND THREATS

ROLES OF CYBER SECURITY PROFFESIONS

1. Protecting information from unauthorized access, duplication, modification or
destruction.
2. Analyzing security measures taken to protect information.
3. Testing for and correcting possible weaknesses or openings.
4. Configuring security programs and tools.
5. Running vulnerability tests and updating defensive protocols and systems accordingly.
6. Granting access and credentials to authorized users.
7. Monitoring all access to the information.
8. Checking for unregistered changes of information.
9. Running defensive protocols and programs when breaches occur.

Page 2 of 9
 10. Understanding the information that needs to be protected.
 Determining security measures best suited for type of information.
 Explaining security measures taken to employers using non-technical language.
11. Protecting sensitive or personal information from unauthorized access/use.
 Identifying potential security risks.
 Designing strategies and defensive systems against intruders.
 Monitoring systems for unusual activities e.g (unauthorized access, modification,
duplication or information destruction)
 Running counteractive protocols.
 Reporting incidents.
12. Testing security strategies and defenses.
 Attempting to break or uncover potential weaknesses.
 Acting like a hacker to test defensive systems.
 Trying to access information without proper credentials.
 Trying to break through firewalls and security applications.
 Writing reports based on test results
13. Developing new defensive systems and protocols.
 Creating new layers of protection.
 Updating security systems.
 Developing new counteractive protocols.
14. Granting permission and privileged to authorized users.
15. Running diagnostics of information changes to check for undetected breaches that may
have occurred.
16. Analyzing new methods pf intrusion by cyber criminals.
 Keeping up to date on trends and new procedures in the industry.
 Taking necessary precautions, updating and fortifying defenses accordingly.

DIFFERENCES BETWEEN INFORMATION SECURITY AND CYBER SECURITY

--Data security: its all about securing data
--Data and information
 Data- unmeaningful information which becomes information when interpreted in a
context and given meaning.
 Information- data which has meaning.
N.B: All information is data but all data is not information.
--When certain tings are stored in a computer system, they are considered data.
--Its until its actually processed that it becomes information.
--Once it becomes information is when it now needs protection from outside sources.

Page 3 of 9
1. CYBER SECURITY
This is the practice of protecting information and data from outside sources on the internet.
Cyber Security professions provide protection for networks, servers, intranets and computer
systems.
Ensures only authorized people have access to that information.

2. INFORMATION SECURITY
This is all about protecting information and information systems from unauthorized use, assess,
modification or removal to provide confidentiality, integrity, availability (CIA) of the
information.
Its similar to data security which has to do with protecting data from being hacked or stolen.

CYBER SECURITY PRINCIPLES (TRIAD)

1. Confidentiality
Means that information is only being seen or used by people who are authorized to access it.
2. Integrity
Means any changes to the information by unauthorized user are impossible (or at least detected)
and changes by unauthorized users are tracked.
3. Availability
Information is accessible when authorized user needs it.
4. Authentication
A technical concept. It’s the process of verifying who you are like (user ID etc.)
5. Non-repudiation
Assurance that someone cannot deny validity of something
A legal concept that is widely used in information security and refers to a service which provides
proof of the origin of data and data integrity.
Digital signatures (combined with other measures can offer non-repudiation when it comes to
online transactions.)

Page 4 of 9
INFORMATION SECURITY (IS) WITHIN LIFE CYCLE MANAGEMENT
1. Plan and Organize
a. Establish management commitment.
b. Establish oversight committee.
c. Assess business drivers.
d. Carry out threat profile on the organization.
e. Carry out a risk assessment.
f. Develop security architecture at an organization, application, network and
component level.
g. Identify solutions per architecture level.
h. Obtain management approval to move forward.
2. Implement
a. Assign roles and responsibilities.
b. Develop and implement security policies, procedures, standards, baselines and
guidelines.
c. Identify sensitive data at rest and in transit.
d. Implement programs.
i. Asset identification and management.
ii. Risk management.
iii. Vulnerability management.
iv. Compliance.
v. Identity management and access control.
vi. Charge control.
vii. Software development life cycle.
viii. Business continuity planning.
ix. Awareness and training.
x. Physical security.
xi. Incident response.
e. Implement solutions per program.
f. Develop auditing and monitoring solutions per program.
g. Establish programs and metrics per programs.

3. Operate and Maintain

a. Follow procedures to ensure that all baselines are met in each implemented
program.
b. Carry out internal and external audits.
c. Carry out tasks outlined per program.
d. Manage service level agreements per program.
4. Monitor and Evaluate
a. Review logs, audit results, collected metric values and SLAs per program.

Page 5 of 9
 b. Assess goal accomplishments per program.
c. Carry out quarterly meetings with steering committee.
d. Develop improvement steps and integrate into plan and organize phase.

PLAN AND ORGANISE

MONITOR AND IMPLEMENT

EVALUATE

OPERATE AND
MAINTAIN

Page 6 of 9
 TOP THREE THINGS TO DO TO STAY SAFE ONLINE
We will compare Cyber Security zone and non-cyber security practices.
To stay safe online:

1. Update system.
2. Use unique system.
3. Strong passcodes.
4. Password managers.
5. Check if HTPS is working.
6. Don’t share information.
7. Use antivirus.
8. Linux use.
9. Verified softwares.
10. Be suspicious of everything.
11. Visit only known websites.
12. Delete cookies.
13. Change passwords.
Cyber Security is an arm race between offensive and defensive capabilities.
However, most of the organizations are losing the battle as we want better technologies but less
security.
Majority of threats come from hackers, crackers and cyber criminals.
Hackers originally was a positive term to describe someone who kept hacking a problem until it
was done. But now, its someone who is out to cause mischief of the internet or a computer.
Type of Hackers:
1. White hacker- hacks for good e.g ethical hacker, penetration tester.
2. Black hat acker- a cyber-criminal.
3. Grey hat hacker-

Page 7 of 9
TYPES OF MALWARES

MALWARES

Macro virus Trojan

Stealth virus Firmware Rootkit Worms

Remote Access Tool (RAT) Polymorphic virus

OS rootkit Boots and Zombies Spyware

Self-burgling virus Key logger

Logic bombs Email + Spam

1. Logic bombs – Malicious programs uses trigger to awake malicious codes.

2. Ransomware – Holds computer system or its data captive until the target makes payment.
It works by encrypting data in the computer.
3. Backdoors and rootkits – Refers to a program code that introduces a criminal who has
compromised the system. Rootkits modifies the OS to create a backdoor.
4. Email spam/junk mail – Unsolicited email mostly used for advertising however they can
send harmful things spreading malware by showing deceiving contents.
5. Spyware – Software that enable criminal to obtain information about a user computer
activity. It may be put to monitor your keystrokes.
6. Adware – Displays annoying pop ups to generate revenue.
7. Scareware – Persuades a user to take a specific action based on fear.

8. Phishing
a) Spear phishing – sends customized emails to a specific person.
b) Vishing – use of voice communication technology.
c) Firming – impersonation of a legitimate website in an effort to deceive users.
d) Whaling – Phishing attack that targets high profile in an organization E.g, CEO.

Page 8 of 9
9.Plug-ins- The flash and short-wave plug-ins and others enable development of interesting
graphics and cartoons hence the hackers will use the plug-ins to display or attack comps while
displaying images.
10. Search Engine Optimization (SEO) poisoning – A technique used to improve web tracking
by search engine while many legitimate companies specialize in optimizing websites, SEO
poisoning is used to make a malicious website appear higher in search results.
11. Browser Hijacker – A malware that alters a computer browser setting to redirect the users to
websites played for by cyber criminals.
12. Social engineering – A complete non-technical means of a criminal to gather information of a
target.
13. Pretexting – When an attacker calls an individual and lies to them in attempt to gain access to
privileged data.
14. Something for something – Attacker request personal information from a target in exchange
of a gift.
15. Shoulder surfing and dumpster diving – Refers to picking of pins, access codes and credit
cards where an attacker is in close proximity with his victim.
16. Impersonation & Hoaxes – Imitation.
17. Piggybacaiging
18. Online trickery.

Page 9 of 9