Professional Documents
Culture Documents
Insy50 Information Security
Insy50 Information Security
CYBERSECURITY THREATS
1. Malware Attack - Users may be asked to take an action, such as clicking a link or opening an
attachment.
> Ransomware — prevents access to the data of the victim and threatens to delete or publish it unless a
ransom
is paid.
> Spyware — this malware enables malicious actors to gain unauthorized access to data, including
sensitive information like payment details and credentials.
> Phishing — attackers send fraudulent correspondence that seems to come from legitimate sources,
usually via email.
> Pretexting — occurs when a threat actor lies to the target to gain access to privileged data.
> Malvertising — online advertising controlled by hackers, which contains malicious code that infects a
user’s computer when they click, or even just view the ad.
> Vishing — voice phishing (vishing) attacks use social engineering techniques to get targets to divulge
financial or personal information over the phone.
3. Distributed Denial of Service - The objective of a denial of service (DoS) attack is to overwhelm
the resources of a target system and cause it to stop functioning, denying access to its users.
- Distributed denial of service (DDoS) is a variant of DoS in which attackers compromise a large number of
computers or other devices, and use them in a coordinated attack against the target system.
CYBERTHREAT ACTORS
> Terrorists — terrorists may attack government or military targets, but at times may also
> Organized crime groups — criminal groups infiltrate systems for monetary gain. Organized crime
groups use phishing, spam, and malware to carry out identity theft and online fraud. There are organized
crime groups who exist to sell hacking services to others as well, maintaining even support and services
for profiteers and industrial spies alike.
> Hackers — Hacking in simple terms means an illegal intrusion into a computer system and/or network.
It is also known as CRACKING. Government websites are the hot target of hackers due to the press
coverage it receives. Hackers enjoy media coverage.
TYPES OF HACKERS
> White Hat - an ethical hacker who attempts to find vulnerabilities in computers and network systems by
identifying security weaknesses and informing the appropriate personnel.
> Black Hat - describes a deceptive user, computer hacker, or an individual who attempts to break into a
computer system or computer network.
> Gray Hat - is a reference to a computer hacker who acts illegally to expose a security threat but does
not use that threat maliciously against the vulnerable party.
I. Confidentiality
> When protecting information, we want to be able to restrict access to those who are allowed to see it;
everyone else should be disallowed from learning anything about its contents.
II. Integrity
> Integrity is the assurance that the information being accessed has not been altered and truly represents
what is intended.
III. Availability
> Availability means that information can be accessed and modified by anyone authorized to do so in an
appropriate timeframe. Depending on the type of information, appropriate timeframe can mean different
things.
I. Authentication
> Tools for authentication are used to ensure that the person accessing the information is, indeed, who
they present themselves to be. II. Access Control
> Access control determines which users are authorized to read, modify, add, and/or delete information.
III. Encryption
> Encryption is a process of encoding data upon its transmission or storage so that only authorized
individuals can read it.
Password Security
Backups
> Another essential tool for information security is a comprehensive backup plan for the entire
organization. Not only should the data on the corporate servers be backed up, but individual computers
used throughout the organization should also be backed up.
> A UPS is a device that provides battery backup to critical components of the system, allowing them to
stay online longer and/or allowing the IT staff to shut them down using proper procedures in order to
prevent the data loss that might occur from a power failure.
2. Alternate, or “hot” sites.
> Some organizations choose to have an alternate site where an exact replica of their critical data is
always kept up to date. When the primary site goes down, the alternate site is immediately brought online
so that little or no downtime is experienced.
Physical Security
> Physical security is the protection of the actual hardware and networking components that store and
transmit information resources. To implement physical security, an organization must identify all of the
vulnerable resources and take measures to ensure that these resources cannot be physically tampered
with or stolen.
1. Locked doors
3. Secured equipment
4. Environmental monitoring
5. Employee training