Introduction to Cybersecurity – CYBS6278

1
Week 1

Introduction to Cybersecurity

Course Learning Outcomes:

1. Define Cybersecurity
2. Describe different types of data used (personal, governments,
organization)
3. Enumerate some examples of cybersecurity incidents
4. Describe the characteristics and motives of an attacker
5. Describe the impact of a security breach

What is Cyber Security?

Cyber Security involves protecting key information and devices from cyber threats. It is a
critical part of companies that collect and maintain huge databases of customer
information, social platforms where personal information are submitted and government
organizations where secret, political and defense information are involved. It describes
how personal and key government data is protected against vulnerable attacks that possess
threat to important information, may it be on the cloud, across various applications,
networks and devices. Lot of money are invested in protecting all this information in an
online platform. With the number of people accessing the information online increasing
each day, threats to the information are also increasing, with the cost of online crimes
estimated in billions.
Cybersecurity is the ongoing effort to protect these networked systems and all of the data
from unauthorized use or harm. On a personal level, you need to safeguard your identity,
your data, and your computing devices. At the corporate level, it is everyone’s
responsibility to protect the organization’s reputation, data, and customers. At the state
level, national security, and the safety and well-being of the citizens are at stake.

Personal and Organizational Data

Personal Data
Any information about you can be considered to be your data. This personal information
can uniquely identify you as an individual. This data includes the pictures and messages
that you exchange with your family and friends online.
Personally identifiable information (PII) is any information that can be used to positively
identify an individual. Examples of PII include:
 Name
 Social security number
 Birthdate
 Credit card numbers
 Bank account numbers
Introduction to Cybersecurity
  Government issued ID
 Address information (street, email, phone numbers)
One of the more lucrative goals of cybercriminals is obtaining lists of PII that can then be
sold on the dark web. The dark web can only be accessed with special software and is used
by cybercriminals to shield their activities. Stolen PII can be used to create fake accounts,
such as credit cards and short-term loans.
Medical Records
Every time you go to the doctor’s office, more information is added to your electronic
health records (EHRs). The prescription from your family doctor becomes part of your
EHR. Your EHR includes your physical health, mental health, and other personal
information that may not be medically-related. For example, if you had counseling as a
child when there were major changes in the family, this will be somewhere in your medical
records. Besides your medical history and personal information, the EHR may also include
information about your family.
Medical devices, such as fitness bands, use the cloud platform to enable wireless transfer,
storage and display of clinical data like heart rates, blood pressures and blood sugars.
These devices can generate an enormous amount of clinical data that could become part of
your medical records.
Education Records
As you progress through your education, information about your grades and test scores,
your attendance, courses taken, awards and degrees rewarded, and any disciplinary
reports may be in your education record. This record may also include contact information,
health and immunization records, and special education records including individualized
education programs (IEPs).
Employment and Financial Records
Your financial record may include information about your income and expenditures. Tax
records could include paycheck stubs, credit card statements, your credit rating and other
banking information. Your employment information can include your past employment and
your performance.

Organizational Data
Traditional Data - Corporate data includes personnel information, intellectual properties,
and financial data. The personnel information includes application materials, payroll, offer
letters, employee agreements, and any information used in making employment decisions.
Intellectual property, such as patents, trademarks and new product plans, allows a
business to gain economic advantage over its competitors. This intellectual property can be
considered a trade secret; losing this information can be disastrous for the future of the
company. The financial data, such as income statements, balance sheets, and cash flow
statements of a company gives insight into the health of the company.
Internet of Things and Big Data
With the emergence of the Internet of Things (IoT), there is a lot more data to manage and
secure. IoT is a large network of physical objects, such as sensors and equipment that
extend beyond the traditional computer network. All these connections, plus the fact that
we have expanded storage capacity and storage services through the cloud and
virtualization, lead to the exponential growth of data. This data has created a new area of
interest in technology and business called “Big Data". With the velocity, volume, and variety
 Introduction to Cybersecurity – CYBS6278
3
Week 1

of data generated by the IoT and the daily operations of business, the confidentiality,
integrity and availability of this data is vital to the survival of the organization.

Cybercrime Incidents - Examples

In this topic, you will learn about three types of victims in cybercrime: individuals,
organizations, and nations.
Hijacked People
Sarah stopped by her favorite coffee shop to grab her afternoon drink. She placed her
order, paid the clerk, and waited while the baristas worked furiously to fulfill the
backup of orders. Sarah pulled out her phone, opened the wireless client, and
connected to what she assumed was the coffee shop’s free wireless network.
However, sitting in a corner of the store, a hacker had just set up an open “rogue”
wireless hotspot posing as the coffee shop’s wireless network. When Sarah logged
onto her bank’s website, the hacker hijacked her session, and gained access to her
bank accounts.
View the following video posted in 2008 to see a demonstration of how one wireless
network was vulnerable to hacking:
https://www.youtube.com/watch?v=zcmmFQGxMNU
Ransomed Companies
Rashid, an employee in the finance department of a major, publicly held corporation,
receives an email from his CEO with an attached PDF. The PDF is about the
company’s third-quarter earnings. Rashid does not remember his department
creating the PDF. His curiosity is peaked, so he opens the attachment.
The same scenario plays out across the organization as dozens of other employees
are successfully enticed to click the attachment. When the PDF opens, ransomware is
installed on the employees’ computers and begins the process of gathering and
encrypting corporate data. The goal of the attackers is financial gain, because they
hold the company’s data for ransom until they are paid.
View the following video to see a dramatization of how this ransomware attack could
happen:
https://www.youtube.com/watch?v=4gR562GW7TITargeted
Nations
Some of today’s malware is so sophisticated and expensive to create that security
experts believe only a nation state or group of nations could possibly have the
influence and funding to create it. Such malware can be targeted to attack a nation’s
vulnerable infrastructure, such as the water system or power grid.
This was the purpose of the Stuxnet worm, which infected USB drives. These drives
were carried by five Iranian component vendors, with the intention of infiltrating
nuclear facilities supported by the vendors. Stuxnet was designed to infiltrate
Windows operating systems and then target Step 7 software. Step 7 was developed
Introduction to Cybersecurity
 by Siemens for their programmable logic controllers (PLC). Stuxnet was looking for a
specific model of the Siemens PLCs that controls the centrifuges in nuclear facilities.
The worm was transmitted from the infected USB drives into the PLCs and eventually
damaged many of these centrifuges.
Zero Days, a film released in 2016, attempts to document the development and
deployment of the Stuxnet targeted malware attack.

Threat Actors
In this topic, you will learn about the motivations of the threat actors behind specific
security incidents.

Amateurs
Threat actors include, but are not limited to, amateurs, hacktivists, organized crime
groups, state-sponsored and terrorist groups. Threat actors are individuals or a
group of individuals who perform cyberattacks against another individual or
organization. Cyberattacks are intentional, malicious acts meant to negatively impact
another individual or organization.
Amateurs, also known as script kiddies, have little or no skill. They often use existing
tools or instructions found on the Internet to launch attacks. Some are just curious,
while others try to demonstrate their skills by causing harm. Even though they are
using basic tools, the results can still be devastating.

Hacktivists
Hacktivists are hackers who protest against a variety of political and social ideas.
Hacktivists publicly protest against organizations or governments by posting articles
and videos, leaking sensitive information, and disrupting web services with
illegitimate traffic in distributed denial of service (DDoS) attacks.

Financial Gain
Much of the hacking activity that consistently threatens our security is motivated by
financial gain. These cybercriminals want to gain access to our bank accounts,
personal data, and anything else they can leverage to generate cash flow.

Trade Secrets and Global Politics

The past several years have seen many stories about nation states hacking other
countries, or otherwise interfering with internal politics. Nation states are also
interested in using cyberspace for industrial espionage. The theft of intellectual
property can give a country a significant advantage in international trade.
Defending against the fallout from state-sponsored cyberespionage and
cyberwarfare will continue to be a priority for cybersecurity professionals

The Consequences of a Security Breach

To protect an organization from every possible cyberattack is not feasible, for a few
reasons. The expertise necessary to set up and maintain the secure network can be
expensive. Attackers will always continue to find new ways to target networks.
Eventually, an advanced and targeted cyberattack will succeed. The priority will then
 Introduction to Cybersecurity – CYBS6278
5
Week 1

be how quickly your security team can respond to the attack to minimize the loss of
data, downtime, and revenue.
By now you know that anything posted online can live online forever, even if you
were able to erase all the copies in your possession. If your servers were hacked, the
confidential personnel information could be made public. A hacker (or hacking
group) may vandalize the company website by posting untrue information and ruin
the company’s reputation that took years to build. The hackers can also take down
the company website causing the company to lose revenue. If the website is down for
longer periods of time, the company may appear unreliable and possibly lose
credibility. If the company website or network has been breached, this could lead to
leaked confidential documents, revealed trade secrets, and stolen intellectual
property. The loss of all this information may impede company growth and
expansion.
The monetary cost of a breach is much higher than just replacing any lost or stolen
devices, investing in existing security and strengthening the building’s physical
security. The company may be responsible for contacting all the affected customers
about the breach and may have to be prepared for litigation. With all this turmoil,
employees may choose to leave the company. The company may need to focus less on
growing and more on repairing its reputation.

Online Supplementary Reading Materials

1. https://www.asmltd.com/wp-content/uploads/2017/04/CyberSecurity-1.pdf
2. http://download.ern-co.com/el-library/Cisco%20Press%20-
%20CCNA%20Cybersecurity%20Operations%20Companion%20Guide%20Networki
ng%20Academy.pdf
3. https://static-course-assets.s3.amazonaws.com/CyberSec2.1/en/

Introduction to Cybersecurity