Cyber Security for Beginners

Luthfiana Hudaya
 1 Computer System Fundamental

2 Network and Infrastructure

Basic Fundamental
Knowledge
2

3 Cyber Threats

4 Best Practices
Cyber Threats
References #1

● Microsoft has an unparalleled view of

the evolving threat landscape. With
industry-leading AI, we synthesize 65
trillion signals a day—across all types of
devices, apps, platforms, and
endpoints—a nearly eight times
increase from the 8 trillion daily signals
captured just two years ago.
References #2
BSSN Report: August 2023
Cyber Crime

● Cyber crimes are, as the name implies, crimes committed using

computers, phones or the internet.

● Some types of cyber crime include:

○ Illegal interception of data.
○ System interferences.
○ Copyrights infringements.
○ Sale of illegal items.

7
Cyber Security

• Cyber security is the body of technologies, processes and practices

involved in protecting individuals and organizations from cyber crime.

• It is designed to protect integrity of networks, computers, programs and

data from attack, damage or unauthorized access.
• Kill Chain, Zero-day attack, ransomware, alert fatigue and Man-in the
middle attack are just a few examples of common cyber attacks.

8
Kill Chain
OWASP
Threat Agent and Business Impact Relationship
Cyber Security Principles

● There are five key principles in cyber

security:
○ Confidentiality
○ Integrity
○ Availability
○ Accountability
○ Auditability

11
Cyber Security Principle Definitions

● Confidentiality:
○ A set of rules that limits access or place restrictions on certain type of information.
● Integrity:
○ Assurance that the information is trustworthy and accurate.
● Availability:
○ The guarantee of reliable access to the information by authorized people.
● Accountability:
○ Is an assurance that an individual or an organization will be evaluated on their
performance or behavior related to something for which they are responsible.
● Auditability:
○ A security audit is a systematic evaluation of the security of a company’s information
system by measuring how well it conforms to a set of established criteria.

12
Cyber Security Principles - Integrity

● This refers to the quality of something being unmodified or complete.

In Information Security, integrity is about assuring that data has not
been tampered with and can be trusted.
○ Countermeasures that protect data integrity comprise encryption, hashing, digital
signatures, and digital certificates by trusted certificate authorities (CAs) to
organizations to verify their originality to website users, equivalent to the path a
passport or driver’s license can be used to verify an individual's identity.
Cyber Security Principles - Confidentiality

● Confidentiality in information security assures that information is

accessible only by authorized individuals. It involves the actions of an
organization to ensure data is kept confidential or private.
○ Confidentiality can be overstepped in many ways, for instance, via direct attacks
developed to acquire unauthorized access to servers, web apps, and backend
databases to breach or tamper with data. Network reconnoitering and other sorts of
scans, electronic eavesdropping, and escalation of privileges by an attacker are just a
few examples.
Cyber Security Principles - Availability

● Systems, applications, and data are of small worth to an organization

and its consumers if they are not available when authorized users
require them. Fairly simply, availability indicates that networks,
systems, and applications are up and operating.
○ Multiple things can threaten availability, including hardware collapse or software
issues, power failure, natural circumstances beyond one's control, and human error.
Perhaps the most well-known attack that jeopardizes availability is the denial-of-
service (DoD) or DDoS attack, in which the performance of a server, system, web app
or web-based service is knowingly and maliciously tarnished, or the system becomes
completely inaccessible.
Cyber Threat

• A Cyber threat is any malicious act that attempts to gain access to a

computer network without authorization or permission from the owners.

• It refers to the wide range of malicious activities that can damage or

disrupt a computer system, a network or the information it contain.

• Most common cyber threats: Social Engineered Trojans, Unpatched

Software, Phishing, Network worms, etc.

16
Sources of Cyber Threats

● Cyber threats can come from a wide variety of sources, some notable
examples include:
○ Terrorists.
○ Industrial secret agents.
○ Rogue employees.
○ Hackers.
○ Business competitors.
○ Organization insiders.
● Anyone with a motive and the needed technology can create cyber
threats.

17
Cyber Threat Classifications

● Threats can be classified by multiple criteria:

○ Attacker's Resources
○ Attacker's Organization
○ Attacker's Funding

● On basis of these criteria, threats are of 3 types:

○ Unstructured Threats
○ Structured Threats
○ Highly Structured threats

18
Unstructured Cyber Threats

● Resources: Individual or small group.

● Organization: Little or no organization.

● Funding: Negligible.

● Attack: Easy to detect and make use of freely available cyberattack

tool.

● Exploitation based on documented vulnerabilities.

19
Structured Cyber Threats

● Resources: Well trained individual or group.

● Organization: Planning.
● Funding: Available.
● Attack: Against particular individual or organizations.
● Exploitation based on information Gathering.

20
Highly Structured Cyber Threats

● Extensive organization, resources and planning over time.

● Attack: Long term attack on particular machine or data.

● Exploitation with multiple methods:

○ Technical, social and insider help.

21
Cyber Security Threat Index Level

● Cyber threats are evaluated daily by the CTU (counter threat unit) and
associated with a threat index level.

● The threat index levels are:

○ Level 1: Guarded.
○ Level 2: Elevated.
○ Level 3: High.
○ Level 4:Critical.

22
Types of Cyber Attacks

Advanced Persistent Threat (APT):

A network attack in which an unauthorized person gains access to network and stays there undetected for a long
period of time.
Backdoor:
Method of bypassing normal authentication and gaining access in OS or application.
Buffer Overflow:
An exploit that takes advantage of the program that is waiting for a user’s input.
Man-in-the-middle Attack
This attack intercepts and relays messages between two parties who are communicating directly with each other.
Cross-Site Scripting (XSS):
A code injection attack that allows an attacker to execute malicious JavaScript in another user’s browser.
Denial of Service Attack:
Any attack where the attackers attempt to prevent the authorized users from accessing the service.
SQL injection:
A very common exploited web application vulnerability that allows malicious hacker to steal and alter data in
website’s database.
Zero-day exploit:
A vulnerability in a system or device that has been disclosed but is not yet patched.

23
Impacts of Cyber Attacks

● A successful cyber attack can cause major damage to organizations or

systems, as well as to business reputation and consumer trust.

● Some potential results include:

○ Financial loss.
○ Reputational damage.
○ Legal consequences.

24
Types of Malicious Code

● Virus:
○ Malicious software program, when it is executed, it replicates itself by modifying other computer
programs and inserting its own code.
● Network Worm:
○ Standalone malware which replicates itself in order to spread to other computers.
● Trojan Horse:
○ A program that claims to free your computer from viruses but instead introduces viruses onto your
system.
● Botnet:
○ Used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and
allow the attacker access to the device and its connection.
● Keylogger:
○ A type of surveillance technology used to monitor and record each keystroke typed on specific
computer’s keyboard.
● Rootkit:
○ Collection of tools or programs that enable administrator-level access to computer or computer
network.

25
Types of Malicious Code Continued

● Spyware:
○ Software that is hidden from the user in order to gather information about internet
interaction, keystrokes, passwords, and other valuable data.

● Adware:
○ Designed to display advertisements on your computer and redirect your search
requests to advertising websites to collect marketing data about you.

26
Types of Malicious Code Continued

● Ransomware:
○ Malware that prevents or limits users from accessing their system, either by locking
the system’s screen or by locking the user’s files unless a ransom is paid.
● A cyber-security term that refers to a flaw in a system that can leave it
open to attack.
● Vulnerability is the composition of three elements:
○ A flaw in system.
○ Access of attacker to that flaw.
○ Capability of attacker to exploit the flaw.

27
Vulnerabilities

● Classification of Vulnerabilities ● Some of the vulnerability in the

are classified according to the system occur due to:
asset: ○ Missing patches.
○ Hardware. ○ Cleartext credentials.
○ Software. ○ Using unencrypted channels.
○ Network. ○ RF Emanation.
○ Personal.
○ Physical site.
○ Organizational.

28
Thank you!
website : www.datascience.or.id
email : km@datascience.or.id