MODLUE 5:

CYBERSECURITY AWARENESS
OBJECTIVES:

At the end of the module, you are expected to:

1. Understand what cyber security all about;

2. Understand the cyber threats and types of cyber security and the source of threats;
3. Know the tips on how to avoid online scams; and
4. Learn and understand the offences related to cyber.

Cyber security awareness refers to how much end users know about the cyber
security threats their networks face and the risks they introduce. End users are considered the
weakest link and the primary vulnerability within a network.

Cyber security is the protection of internet-connected systems such as hardware, software and
data from cyber-threats. The practice is used by individuals and enterprises to protect against
unauthorized access to data centers and other computerized systems.

The goal of implementing cyber security is to provide a good security posture for computers,
servers, networks, mobile devices and the data stored on these devices from attackers with
malicious intent. Cyber-attacks can be designed to access, delete, or extort an organization’s or
users’ sensitive data; making cyber security vital. Medical, government, corporate and financial
organizations, may all hold vital personal information on an individual, for example.

Cyber security is a continuously changing field, with the development of technologies that open
up new avenues for cyber attacks. Additionally, even though significant security breaches are
the ones that often get publicized, small organizations still have to concern themselves with
security breaches, as they may often be the target of viruses and phishing.

To protect organizations, employees and individuals, organizations and services should

implement cyber security tools, training, risk management approaches and continually update
systems as technologies change and evolve.

Cyber security refers to the collection of tools, policies, risk management approaches, actions,
training, best practices, assurance and technologies that can be used to protect the cyber
environment and organization and user’s assets.

TYPES OF CYBER SECURITY THREATS 

The process of keeping up with new technologies, security trends and threat intelligence is a
challenging task. However, it's necessary in order to protect information and other assets from
cyber threats, which take many forms. Cyber threats can include:

 Malware which is a form of malicious software, which any file or program can be used to
harm a computer user, such as worms, computer viruses, Trojan horses and spyware.
  Ransomware attacks are a type of malware that involves an attacker locking the victim's
computer system files – typically through encryption – and demanding a payment to
decrypt and unlock them.

 Social engineering is an attack that relies on human interaction to trick users into
breaking security procedures to gain sensitive information that is typically protected.

 Phishing is a form of fraud where fraudulent emails are sent that resemble emails from
reputable sources; however, the intention of these emails is to steal sensitive data, such
as credit card or login information.

WHAT IS CYBER THREAT? 

For an expert, the Oxford dictionary defines cyber threat as "the possibility of a malicious
attempt to damage or disrupt a computer network or system." Moreover, it is an attempt to
access files and infiltrate or steal data.

In this definition, the threat is defined as a possibility. However, in the cyber security community,
the threat is more closely identified with the actor or adversary attempting to gain access to a
system. Or a threat might be identified by the damage being done, what is being stolen or the
Tactics, Techniques and Procedures (TTP) being used.

TYPES OF CYBER THREATS 

In 2012, Roger A. Grimes provided this list, published in Infoworld, of the top five most common
cyber threats:

1. Social Engineered Trojans

2. Unpatched Software (such as Java, Adobe Reader, Flash)
3. Phishing
4. Network traveling worms
5. Advanced Persistent Threats

But since the publication of this list, there has been widespread adoption of several different
types of game-changing technology: cloud computing, big data, and adoption of mobile device
usage, to name a few.

In September 2016, Bob Gourley shared the video containing comments from Rand Corporation
testimony to the House Homeland Security Committee, Subcommittee on Cyber security,
Infrastructure Protection and Security Technologies regarding emerging cyber threats and their
implications. The video highlights two technology trends that are driving the cyber threat
landscape in 2016:

1. Internet of things – individual devices connecting to internet or other networks

2. Explosion of data – stored in devices, desktops and elsewhere

Today’s cybercrime landscape is diverse. Cyber threats typically consist of one or more of the
following types of attacks:
 Advanced Persistent Threats – as the name "advanced" suggests, an advanced
persistent attack (APT) uses continuous, clandestine, and sophisticated hacking
techniques to gain access to a system and remain inside for a prolonged period of time,
with potentially destructive consequences.

 Phishing – is the fraudulent practice of sending emails purporting to be from reputable

companies in order to induce individuals to reveal personal information, such as
passwords and credit card numbers.

 Trojan – is a type of malware that is often disguised as legitimate software. Trojans can

be employed by cyber-thieves and hackers trying to gain access to users' systems.
Users are typically tricked by some form of social engineering into loading and
executing Trojans on their systems.

 Botnets - (short for “robot network”) is a network of computers infected by malware that

are under the control of a single attacking party, known as the “bot-herder.” Each
individual machine under the control of the bot-herder is known as a bot. They are also
used to spread bots to recruit more computers to the botnet.

 Ransomware – is malicious software that infects your computer and displays messages

demanding a fee to be paid in order for your system to work again. This class of
malware is a criminal moneymaking scheme that can be installed through deceptive
links in an email message, instant message or website.

 Distributed Denial of Service (DDoS) – is a malicious attempt to disrupt the normal traffic
of a targeted server, service or network by overwhelming the target or its surrounding
infrastructure with a flood of Internet traffic.

 Wiper Attacks – involve wiping/overwriting/removing data from the victim. Unlike typical
cyber attacks which tend to be for monetary gain, wiper attacks are destructive in nature
and often do not involve a ransom. Wiper malware may however be used to cover the
tracks of a separate data theft.

 Intellectual Property Theft - (IP) theft is defined as theft of material that is copyrighted,

the theft of trade secrets, and trademark violations. A copyright is the legal right of an
author, publisher, composer, or other person who creates a work to exclusively print,
publish, distribute, or perform the work in public.

 Theft of Money – online scams; hackers steal money

 Data Manipulation – essentially, it is a fraudulent cyber activity wherein a malicious actor

alters, tweaks, or modifies the valuable digital documents and critical data instead of
straight away stealing the data to damage the organization and make of the misery.

 Data Destruction – data stored on tapes, disks, hard drives, USBs, and other physical
hardware are purged before old devices are thrown away, re-used, or sold and data no
longer in use that’s stored on networks and in the cloud should be systematically
destroyed in the interest of organizing relevant data and keeping it out of the hands of
criminals.
  Spyware/Malware – is a type of malicious software – or malware – that is installed on a
computing device without the end user's knowledge. It invades the device, steals
sensitive information and internet usage data, and relays it to advertisers, data firms or
external users.

 Man in the Middle (MITM) – is a type of eavesdropping attack, where attackers interrupt

an existing conversation or data transfer. After inserting themselves in the "middle" of
the transfer, the attackers pretend to be both legitimate participants.

 Drive-By Downloads – refers to the unintentional download of malicious code to your

computer or mobile device that leaves you open to a cyber attack.

 Malvertising – is an attack in which perpetrators inject malicious code into legitimate

online advertising networks. The code typically redirects users to malicious websites.

 Rogue Software – Rogue security software is a form of malicious software and internet

fraud that misleads users into believing there is a virus on their computer and aims to
convince them to pay for a fake malware removal tool that actually installs malware on
their computer.

 Unpatched Software – seemingly the simplest vulnerability, can still lead to the largest
leaks. Every software has the potential to have bugs and holes making hackers to easily
access files and accounts. Unpatched software means there are vulnerabilities in a
program or code that a company is aware of and will not or cannot fix. Users can also be
responsible for their unpatched software if they refuse to check for and perform regular
updates.

SOURCE OF CYBER THREATS

In identifying a cyber threat, more important than knowing the technology or TTP, is knowing
who is behind the threat. The TTPs of threat actors are constantly evolving. But the sources of
cyber threats remain the same. There is always a human element; someone who falls for a
clever trick. But go one step further and you will find someone with a motive. This is the real
source of the cyber threat – a threat to Philippine security.

Most Common Sources of Cyber Threats

 Nation states or national governments

 Terrorists
 Industrial spies
 Organized crime groups
 Hacktivists and hackers
 Business competitors
 Disgruntled insiders

CYBER THREAT INTELLIGENCE IS NECESSARY FOR ENTERPRISES 

Advanced threat actors such as nation-states, organized cybercriminals and cyber espionage
actors represent the greatest information security threat to enterprises today. Many
organizations struggle to detect these threats due to their clandestine nature, resource
sophistication, and their deliberate "low and slow" approach to efforts. For enterprises, these
more sophisticated, organized and persistent threat actors are seen only by the digital traces
they leave behind. For these reasons, enterprises need visibility beyond their network borders
into advanced threats specifically targeting their organizations and infrastructure. This is known
as threat intelligence.

Cyber threat researchers can begin by knowing a background profile of assets beyond the
network border and being aware of offline threats such as those reported here by Luke
Rodenheffer of Global Risk Insights. They should then monitor mission-critical IP addresses,
domain names and IP address ranges (e.g., CIDR blocks). This can grant advanced warning
while adversaries are in the planning stages. With this enhanced visibility, you can gain
improved insight into ongoing exploits, identification of cyber threats and the actors behind
them. This allows you to take proactive steps to defend against these threats with an
appropriate response.

The internet has become a space riddled with malicious links, trojans and viruses. Data
breaches are becoming more frequent, and unsuspecting users are more vulnerable than ever
before. When one click can cost thousands, and even millions, users need actionable to-do’s
that can help them stay alert and safe online. Here are our top 10 cyber security tips for your
users:

1. Clicking Without Thinking Is Reckless

Just because you can click, doesn’t mean you should. Remember, it can cost you a hefty
sum. Malicious links can do damage in several different ways, so be sure to inspect links
and ensure they’re from trusted senders before clicking.

2. Use Two-Factor Authentication

It’s important to have a strong password, but it’s even more imperative to have two-
factor, or multi-factor, authentication. This method provides two layers of security
measures so if a hacker can accurately guess your password, there is still an additional
security measure in place to ensure that your account is not breached.

3. Look Out for Phishing Scams

With over 3 billion fake emails sent daily, phishing attacks are some of the greatest cyber
security threats as they are very easy to fall for. In a phishing attack, a hacker will pose
as someone that the recipient may be familiar with to trick them into opening a malicious
link, divulging important credentials, or opening software that infects the recipient’s
system with a virus. The best way to be on the lookout for phishing scams is by avoiding
emails from unfamiliar senders, look for grammatical errors or any inconsistencies in the
email that looks suspicious, and hover over any link you receive to verify what the
destination is.
4. Keep Track of Your Digital Footprint
When you monitor your accounts, you can ensure you catch suspicious activity. Can you
recall everywhere you have online accounts and what information is stored on them, like
credit card numbers for easier payments? It’s important to keep track of your digital
footprint, including social media, and to delete accounts you’re not using, while ensuring
you set strong passwords (that you change regularly).

5. Keep Up With Updates

Software patches can be issued when security
flaws are discovered. If you find these software
update notifications to be annoying, you’re not
alone. But you can consider them the lesser of two
evils when weighing up rebooting your device
versus putting yourself at risk for malware and
other types of computer infection.

6. Connect Securely
Cyber security tips about this have been dished out by nearly every tech expert under
the sun, but many still don’t follow this advice. You might be tempted to connect your
device to an unsecured connection, but when you weigh the consequences, it’s not
worth it. Only connect to private networks when possible, especially when handling
sensitive information.

7. Secure Your Mobile Device

Security doesn’t end at your desktop. It’s important
to get into the habit of securing your presence
through your mobile device as well. Use strong
passwords and biometric features, ensure you turn
off your Bluetooth, don’t automatically connect to
any public Wi-Fi, and download with caution.

8. Beware of Social Engineering

When hackers can’t find security vulnerability, they’ll attack in other ways. Enter social
engineering. This type of attack is more of an attack on the mind of the user, rather than
on the device, to gain access to systems and information. Especially with the information
publicly available online and over social media, cyber criminals come up with creative
ways to dupe users.

9. Back-Up Your Data

These days, storage doesn’t cost much. There’s no excuse not to have a backup of
important data. Back it up on a physical location and on the cloud. Remember, malicious
threats and hackers don’t always want to steal your data, but sometimes the end-goal is
to encrypt or erase it. Back it up to have an ultimate recovery tool.

10. You’re Not Immune

The most harmful thought you can have is “it
won’t happen to me,” or “I don’t visit unsafe
websites.” Cybercriminals don’t discriminate in
targeting all sorts of users. Be proactive. Not all
mistakes can be undone with “ctrl + Z”.
Simple cyber security tips like these can go a long way in preventing a catastrophe, but they’ve
only scratched the surface of how your users can be educated and protected.

CYBER OFFEENSES. 

The following acts constitute the offense of cybercrime punishable under this Act:

1. Illegal Access is unauthorized access (without right) to a computer system or

application.

2. Illegal Interception is unauthorized interception of any non-public transmission of

computer data to, from, or within a computer system.

3. Data Interference is unauthorized alteration, damaging, deletion or deterioration of

computer data, electronic document, or electronic data message, and including the
introduction or transmission of viruses. Authorized action can also be covered by this
provision if the action of the person went beyond agreed scope resulting to damages
stated in this provision.

4. System Interference is unauthorized hindering or interference with the functioning of a

computer or computer network by inputting, transmitting, damaging, deleting,
deteriorating, altering or suppressing computer data or program, electronic document, or
electronic data messages, and including the introduction or transmission of viruses.
Authorized action can also be covered by this provision if the action of the person went
beyond agreed scope resulting to damages stated in this provision.

5. Misuse of Devices is the unauthorized use, possession, production, sale, procurement,

importation, distribution, or otherwise making available, of devices, computer program
designed or adapted for the purpose of committing any of the offenses stated in
Republic Act 10175.Unauthorized use of computer password, access code, or similar
data by which the whole or any part of a computer system is capable of being accessed
with intent that it be used for the purpose of committing any of the offenses under
Republic Act 10175.

6. Cyber-squatting is the acquisition of domain name over the Internet in bad faith to
profit, mislead, destroy reputation, and deprive others from the registering the same.
This includes those existing trademark at the time of registration; names of persons
other than the registrant; and acquired with intellectual property interests in it. Those
who get domain names of prominent brands and individuals which in turn are used to
damage their reputation – can be sued under this provision. Note that freedom of
expression and infringement on trademarks or names of person are usually treated
separately. A party can exercise freedom of expression without necessarily violating the
trademarks of a brand or names of persons.

7. Computer-related Forgery is the unauthorized input, alteration, or deletion of computer

data resulting to inauthentic data with the intent that it be considered or acted upon for
legal purposes as if it were authentic, regardless whether or not the data is directly
readable and intelligible; or The act of knowingly using computer data which is the
product of computer-related forgery as defined here, for the purpose of perpetuating a
fraudulent or dishonest design.
8. Computer-related Fraud is an unauthorized input, alteration, or deletion of computer
data or program or interference in the functioning of a computer system, causing
damage thereby with fraudulent intent.

9. Computer-related Identity Theft is the unauthorized acquisition, use, misuse, transfer,

possession, alteration or deletion of identifying information belonging to another, whether
natural or juridical.

10. Cybersex is the wilful engagement, maintenance, control, or operation, directly or

indirectly, of any lascivious exhibition of sexual organs or sexual activity, with the aid of a
computer system, for favor or consideration. There is a discussion on this matter if it
involves “couples” or “people in relationship” who engage in cybersex. For as long it is
not done for favor or consideration, I don’t think it will be covered. However, if one party
(in a couple or relationship) sues claiming to be forced to do cybersex, then it can be
covered.

11. Child Pornography is the unlawful or prohibited acts defined and punishable
by Republic Act No. 9775 or the Anti-Child Pornography Act of 2009, committed through
a computer system.

12. Libel is the unlawful or prohibited acts of libel as defined in Article 355 of the Revised
Penal Code, as amended committed through a computer system or any other similar
means which may be devised in the future. Revised Penal Code Art. 355 states: Libel
means by writings or similar means. A libel committed by means of writing, printing,
lithography, engraving, radio, phonograph, painting, theatrical exhibition,
cinematographic exhibition, or any similar means, shall be punished by prison
correctional in its minimum and medium periods or a fine ranging from 200 to 6,000
pesos, or both, in addition to the civil action which may be brought by the offended party.
The Cybercrime Prevention Act strengthened libel in terms of penalty provisions. The
electronic counterpart of libel has been recognized since the year 2000 when the E-
Commerce Law was passed. The E-Commerce Law empowered all existing laws to
recognize its electronic counterpart whether commercial or not in nature.

13. Aiding or Abetting in the Commission of Cybercrime happens when any person who
wilfully abets or aids in the commission of any of the offenses enumerated in the Act.

14. Attempt in the Commission of Cybercrime happens when any person wilfully
attempts to commit any of the offenses enumerated in the Act.

15. All crimes defined and penalized by the Revised Penal Code, as amended, and
special laws, if committed by, through and with the use of information and
communications technologies shall be covered by the relevant provisions of this
Act: Provided, That the penalty to be imposed shall be one (1) degree higher than that
provided for by the Revised Penal Code, as amended, and special laws, as the case
may be.

16. Corporate Liability. When any of the punishable acts herein defined are knowingly
committed on behalf of or for the benefit of a juridical person, by a natural person acting
either individually or as part of an organ of the juridical person, who has a leading
position within, based on:
 a. A power of representation of the juridical person provided the act committed falls
within the scope of such authority;
b. An authority to take decisions on behalf of the juridical person: Provided, That the
act committed falls within the scope of such authority; or
c. An authority to exercise control within the juridical person, It also includes
commission of any of the punishable acts made possible due to the lack of
supervision or control.

HOW TO AVOID ONLINE SCAMS

Regardless if it’s an email scam, social networking scam, or scare tactic, there are several ways
to protect yourself.

 Use common sense. If you recognize an email address, delete the message, and never
open the message in the first place.
 Never keep the same password across multiple accounts. Change password to all
important accounts every 6 months.
 Avoid opening email attachments. For example, reputable E-Card companies never
include attachments.
 Pay attention to spelling and grammar.
 Never share important financial information. Again, use common sense. A legitimate
organization will never ask for your Social Security Number or bank account number.
 If a deal or offer looks too good to be true, it is.
 Consider using security measures like two-factor authentication. This is especially
important when dealing with any form of mobile wallet or ePayment.
 Only make purchases or donations by known and legitimate organizations.
 Change your smartphone settings so that it won’t automatically join wifi networks.
 Install a good antivirus program. And, make sure that you keep it updated.

If you do believe that you’ve been a victim of cybercrime, contact your bank and credit-card
company and cancel your card immediately – or even close your account completely. It also
wouldn’t hurt to inform the authorities. And, don’t forget to turn off you computer and disconnect
it from your network so that it doesn’t spread to other devices.