Module 3 Week 5 to 12

AIS ELEC 2- Updates in Information Systems and Services

Week 5-12: SECURITY UPDATES

Agenda:

 Introduction to Security Updates

 Current cybersecurity threats and vulnerabilities.
 Security frameworks and best practices.
 Threat detection and incident response.
 Ethical hacking and penetration testing.

1. INTRODUCTION TO SECURITY UPDATES

Security updates are a critical aspect of maintaining the security and integrity of
computer systems, software, and devices. These updates are designed to patch
vulnerabilities and weaknesses in the software or operating system, making it more
resistant to security threats and attacks.

Purpose: The primary purpose of security updates is to address known vulnerabilities

that could be exploited by malicious actors. They are a proactive measure to protect
your system and data.

Types of Security Updates:

1. Operating System Updates: These updates are released by the operating

system provider (e.g., Windows, macOS, Linux) to fix vulnerabilities in the core
software.
2. Software Updates: Applications, including web browsers, office suites, and
other software, release security updates to address vulnerabilities in their
products.

3. Firmware Updates: Devices like routers, printers, and IoT devices often
receive firmware updates to enhance their security.
4. Patch Management: Organizations and individuals should regularly monitor for
available security updates and apply them promptly. Automated patch
management tools can assist in this process.

5. Vulnerability Assessment: Periodic vulnerability assessments can help identify

weaknesses in your system, making it easier to prioritize and apply security
updates.

6. Zero-Day Vulnerabilities: Security updates are also essential for addressing

"zero-day" vulnerabilities - flaws that are actively exploited by attackers but are
not yet publicly known.
It's called "zero-day" because the vulnerability is exploited or made public on the same day it's
discovered, which gives the developer or vendor zero days to fix it or provide a patch.

Best Practices:
-Keep software and operating systems up to date.
-Use strong, unique passwords and employ multi-factor authentication.
-Regularly back up your data.
-Be cautious of phishing and suspicious emails or links.
-Install and update antivirus and anti-malware software.

Sources of Updates: Security updates come from various sources, including the
software provider's official websites, built-in update mechanisms (e.g., Windows
Update), and package managers in the case of Linux systems.

Importance: Neglecting security updates can leave your system vulnerable to

cyberattacks, data breaches, and other security risks. Hackers often target systems with
known vulnerabilities, so timely updates are crucial for maintaining your digital security.
 2. CURRENT CYBER SECURITY THREATS AND
VULNERABILITIES

Cybersecurity, also known as computer security or IT security, is the practice of

protecting computer systems, networks, and data from theft, damage, or unauthorized
access. It encompasses various technologies, processes, and practices designed to
safeguard digital information and assets against a wide range of threats and
vulnerabilities, such as hacking, malware, data breaches, and other cyberattacks.

CYBER SECURITY THREATS OF 2023

1. Vulnerability in the Cloud

There are many advantages to cloud storage — encrypted servers with limited access,
consistent cybersecurity measures and built-in firewalls, among others. And while cloud
storage is typically far more secure than saving files on a hard drive, it still comes with
certain risks. The National Security Agency has cautioned against four types of cloud
vulnerabilities — misconfiguration, poor access control, shared tenancy and supply
chain vulnerabilities. Other cloud vulnerabilities may include insecure APIs and lack of
multi-factor authentication.
 2. Data Breaches
Data breaches have, unfortunately, become all too common, and they don’t seem to be
going away any time soon.
Some of the biggest data breaches of the 21st century include top companies like
Yahoo, LinkedIn, Facebook and Marriott International. According to Comparitech, the
U.S. has experienced the most data breaches with 212.4 million people affected in 2021
(compared with 174.4 million people in 2020). The closest country behind the U.S. was
Iran with 156.1 million people affected by a data breach in 2021.

3. Risky Hybrid or Remote Work Environments

The COVID-19 pandemic greatly popularized the concepts of hybrid and remote work.
According to Gallup, about half of full-time workers in the U.S. (60 million people)
report that “that their current job can be done remotely working from home, at least
part of the time.” Pre-pandemic, approximately 8% of workers were exclusively remote;
that number rose to 39% in 2022. It’s now projected at 24% for 2023 and beyond.
While hybrid and remote work environments offer a variety of benefits to both
employees and employers, they do come without added threats. Some of the most
common remote work security risks include accessing sensitive data through unsafe Wi-
Fi networks, using personal devices for work, using weak passwords and practicing
unencrypted file sharing
 4. Mobile Attacks
The average cell phone user in the U.S. spent 4 hours and 23 minutes on their device in
2021. Smartphones are everywhere; not only are they used for personal connection and
communication, but they are often essential for business, which makes them even more
vulnerable to cyber threats. Just like computers and laptops, smartphones are
susceptible to many security threats, including phishing (especially via text messaging),
poor password security, spyware and malicious apps.
 5. Phishing Gets More Sophisticated
Phishing attacks, in which carefully targeted digital messages are transmitted to fool
people into clicking on a link that can then install malware or expose sensitive data, are
becoming more sophisticated.
Now that employees at most organizations are more aware of the dangers of email
phishing or of clicking on suspicious-looking links, hackers are upping the ante — for
example, using machine learning to much more quickly craft and distribute convincing
fake messages in the hopes that recipients will unwittingly compromise their
organization’s networks and systems. Such attacks enable hackers to steal user logins,
credit card credentials and other types of personal financial information, as well as gain
access to private databases.

6. Ransomware Strategies Evolve

Ransomware attacks are believed to cost victims billions of dollars every year, as
hackers deploy technologies that enable them to literally kidnap an individual or
organization’s databases and hold all of the information for ransom. The rise of
cryptocurrencies like Bitcoin is credited with helping to fuel ransomware attacks by
allowing ransom demands to be paid anonymously.
As companies continue to focus on building stronger defenses to guard against
ransomware breaches, some experts believe hackers will increasingly target other
potentially profitable ransomware victims such as high-net-worth individuals.
 7. Cryptojacking
The cryptocurrency movement also affects cybersecurity in other ways. For
example, cryptojacking is a trend that involves cyber criminals hijacking third-party
home or work computers to “mine” for cryptocurrency. Because mining for
cryptocurrency (like Bitcoin, for example) requires immense amounts of computer
processing power, hackers can make money by secretly piggybacking on someone
else’s systems. For businesses, cryptojacked systems can cause serious performance
issues and costly downtime as IT works to track down and resolve the issue.

8. Cyber-Physical Attacks
The same technology that has enabled us to modernize and computerize critical
infrastructure also brings risk. The ongoing threat of hacks targeting electrical grids,
transportation systems, water treatment facilities, etc., represent a major vulnerability
going forward. According to a recent report in The New York Times, even America’s
multibillion-dollar military systems are at risk of high-tech foul play.
 9. State-Sponsored Attacks
Beyond hackers looking to make a profit through stealing individual and corporate data,
entire nation states are now using their cyber skills to infiltrate other governments and
perform attacks on critical infrastructure. Cybercrime today is a major threat not just for
the private sector and for individuals but for the government and the nation as a whole.
As we move into 2022, state-sponsored attacks are expected to increase, with attacks
on critical infrastructure of particular concern.
State-sponsored cyber warfare is a form of cyber warfare in which a government or
state sponsors or carries out cyber attacks against other governments, businesses,
organizations, or individuals

10. IoT Attacks

Internet of Things- the number of devices connected to the IoT is expected to reach 75
billion by 2025). It includes laptops and tablets, of course, but also routers, webcams,
household appliances, smart watches, medical devices, manufacturing equipment,
automobiles and even home security systems.