Professional Documents
Culture Documents
CpE-302 INTROHDL
Research Activity:
Research topics regarding cybersecurity and types of hacks and attacks
I. What is Cyber Security?
Cybersecurity is about protecting systems, networks, and software from digital attacks
that aim to access, alter, or destroy confidential information, extort money via ransomware, or
disrupt normal operations. As more devices come online, and attackers become more innovative,
implementing effective cybersecurity measures is increasingly challenging. A successful
approach to cybersecurity requires multiple layers of protection, including people, processes, and
technology that work together to create an effective defense. Everyone benefits from advanced
cyber defense programs, including individuals who may face identity theft, extortion attempts, or
loss of personal data, as well as organizations critical to society, like hospitals and financial
service companies. Making internet a safer space for users.
II. What are the 5 types of cyber security?
1. Critical Infrustructure Security- This security plays a vital role in society's safety and
well-being by protecting cyber-physical systems, networks, and assets. Examples of
critical infrastructure include the electricity grid, water purification systems, hospitals,
and shopping centers. To fully understand CIS, the organization responsible for securing
it should understand the vulnerabilities of the associated infrastructure systems and create
a plan to prevent future damage.
2. Application Security – is crucial for protecting software application code and data from
cyber threats and breaches. It employs hardware and software techniques to address
external threats during the development, design, and deployment phases of an
application. Due to the accessibility of applications over networks, implementing security
standards, systems, and tools during all development stages is essential. Application
security includes various measures, such as authentication, authorization, encryption
programs, antivirus and antispyware software, firewalls, and application security testing
that help prevent unauthorized access to applications and protect sensitive data assets.
3. Network Security – It is essential in preventing unauthorized access to a user's internal
networks, which can be caused by malicious intentions. It safeguards the network
infrastructure and restricts access to the network. Security teams are utilizing machine
learning to identify abnormal traffic and provide real-time alerts to improve network
security monitoring. Network administrators are also implementing policies and
procedures to prevent unauthorized access, modification, and exploitation of the network.
4. Cloud Security- Cloud security is a software-based security tool that safeguards and
monitors data in cloud resources. Cloud providers are continuously developing and
implementing new security tools to assist enterprise users in enhancing their data
security. The belief that cloud computing is less secure than traditional methods is a
common myth. However, research has shown that control does not necessarily guarantee
security, and accessibility is more important than the physical location of data. According
to Alert Logic's Cloud Security Report, on-premises environment users are more
vulnerable to security incidents than service provider environment customers, with the
latter experiencing fewer attacks. Cloud computing security is comparable to traditional
Alipio,Shelby Lyn C.
CpE-302 INTROHDL
on-premise data centers, but without the burden of maintaining massive data facilities,
and the risk of security breaches is lower.
5. Internet of Things (IoT) Security - is the process of safeguarding internet-connected
devices and the networks they operate on from cyber threats and breaches. It includes
protection, identification, and monitoring of risks while addressing vulnerabilities in
devices that can pose security risks to businesses. IoT devices comprise critical and non-
critical cyber-physical systems, such as sensors, appliances, security cameras, Wi-Fi
routers, and printers. According to Bain & Company, IoT markets are predicted to
increase to $520 billion in 2021, with core technologies such as IoT's data center,
analytics, consumer devices, networks, legacy embedded systems, and connectors.
However, IoT devices are often shipped in a vulnerable state with minimal security
patching, creating unique security challenges for users.
III. Give at least 3 examples of hacking techniques and how we mitigate them.
1. Bait and Switch -is a hacking technique where hackers buy advertisement space
on websites and create an attractive advertisement to lure users into clicking it,
which redirects them to a malicious web page. This technique allows hackers to
install malicious code on the victim's system and steal their information.
To mitigate: In order to avoid falling prey to online scams, it is important to
use common sense, conduct research on merchants and their websites, and use
software tools like anti-malware, ad-blockers, and browser extensions to protect
against malicious activities. Additionally, users should be cautious when
navigating unfamiliar websites and avoid offers that seem too good to be true or
have vague or unclear phrasing. It is recommended to stick to known and trusted
websites and retailers to minimize the risk of falling victim to scams.
2. Virus, Trojan, and Other Spyware -are malicious codes that hackers use to gain
unauthorized access to a victim's computer. These codes can perform various tasks
like stealing data and diverting traffic.
To mitigate: To prevent malware attacks, it's crucial to only download and
install software from sources that are entirely trustworthy. Also, do not open
attachments or run programs from unknown senders via email. Keeping all
software on your computer up-to-date with the latest patches and ensuring that a
Trojan antivirus is installed and running on your computer can also help to protect
it from potential threats.
implementing automatic log-off when sessions are not in use. Automatic log-off
may be inconvenient but can wipe your session clean once work is over.
1. Malware attack is a common type of cyberattack that uses malicious software like
viruses, worms, spyware, ransomware, adware, and trojans. These programs enter
a system through vulnerabilities, such as clicking on dangerous links or opening
infected email attachments.
To mitigate: To prevent malware attacks, users can use antivirus software,
firewalls, avoid clicking suspicious links, and regularly update their operating
systems and browsers.
References:
Biasco, P. (2021, May 11). What is Cookie Theft and session hijacking? Privacy Bee. Retrieved
March 6, 2023, from https://privacybee.com/blog/what-is-cookie-theft-and-session-
hijacking/
Cisco. (2023, February 9). What is cybersecurity? Cisco. Retrieved March 6, 2023, from
https://www.cisco.com/c/en/us/products/security/what-is-cybersecurity.html#~how-
cybersecurity-works
GeeksforGeeks. (2022, June 8). 5 common hacking techniques used by hackers. GeeksforGeeks.
Retrieved March 6, 2023, from https://www.geeksforgeeks.org/5-common-hacking-
techniques-used-by-hackers/
Ilevičius, P. (2020, February 7). What is bait and switch? NordVPN. Retrieved March 6, 2023,
from https://nordvpn.com/blog/what-is-bait-and-switch/
M, S. (2023, February 8). 10 types of cyber attacks you should be aware in 2023.
Simplilearn.com. Retrieved March 6, 2023, from
https://www.simplilearn.com/tutorials/cyber-security-tutorial/types-of-cyber-attacks
Mindcore. (2018, September 5). 5 type of cyber security: Mindcore IT services. Mindcore.
Retrieved March 6, 2023, from https://mind-core.com/blogs/cybersecurity/5-types-of-
cyber-security/