Professional Documents
Culture Documents
(CSET 260)
IP Header Analysis
Information Warfare
Cyber Terrorism
Cyber Crime
Digital Fraud
REVIEW OF OSI REFERENCE MODEL (1/6)
Concept of Layer
We use the concept of layers in our daily life.
As an example, let us consider two friends who
communicate through postal mail.
The process of sending a letter to a friend would be
complex if there were no services available from the
post office.
Solution
There is an error in this packet. The 4 leftmost bits (0100) show
the version, which is correct.
The next 4 bits (0010) show an invalid header length (2 × 4 = 8).
The minimum number of bytes in the header must be 20. The
packet has been corrupted in transmission.
INTRODUCTION TO CYBER WORLD (1/3)
1. Malware:
The term “malware” encompasses various types of attacks including
spyware, viruses, and worms.
Malware uses a vulnerability to breach a network when a user clicks a
“planted” dangerous link or email attachment, which is used to install
malicious software inside the system.
Various types of malware are available nowadays. The most common types being:
Viruses
These infect applications attaching themselves to the initialization sequence.
The virus replicates itself, infecting other code in the computer system. Viruses
can also attach themselves to executable code or associate themselves with a file
by creating a virus file with the same name but with an. exe extension, thus
creating a decoy which carries the virus.
Trojans
Trojan, is a type of malicious code or software that looks legitimate but can take
control of your computer.
Trojan is a program hiding inside a useful program with malicious purposes.
Usually, a Trojan is designed to damage, disrupt, steal, or in general inflict some
other harmful action on your data or network.
CYBER ATTACK & CYBER SECURITY
Top 10 Common Types of Cybersecurity Attacks
Worms
Unlike viruses, they don’t attack the host, being self-contained
programs that propagate across networks and computers.
Worms are often installed through email attachments, sending a copy
of themselves to every contact in the infected computer email list.
They are commonly used to overload an email server and achieve a
denial-of-service attack.
Spyware
A type of program installed to collect information about users, their
systems or browsing habits, sending the data to a remote user.
The attacker can then use the information for blackmailing purposes
or download and install other malicious programs from the web.
CYBER ATTACK & CYBER SECURITY
Top 10 Common Types of Cybersecurity Attacks
Ransomware
A type of malware that denies access to the victim data, threatening
to publish or delete it unless a ransom is paid.
Advanced ransomware uses cryptoviral extortion, encrypting the
victim’s data so that it is impossible to decrypt without the decryption
key.
Normally loaded onto a computer via a download/attachment/link
from an email or website.
Wannacry attack 2017 - One of the biggest cyber attacks to occur.
Is said to have hit 300,000 computers in 150 countries.
Companies affected include; NHS, Renault, FedEx, Spanish telecoms
and gas companies, German railways.
CYBER ATTACK & CYBER SECURITY
Top 10 Common Types of Cybersecurity Attacks
2. Phishing
Phishing attacks are extremely common and involve sending mass amounts of
fraudulent emails to unsuspecting users, disguised as coming from a reliable
source.
The fraudulent emails often have the appearance of being legitimate but link the
recipient to a malicious file or script designed to grant attackers access to your
device to control it or gather recon, install malicious scripts/files, or to extract
data such as user information, financial info, and more.
Phishing attacks can also take place via social networks and other online
communities, via direct messages from other users with a hidden intent.
Phishers often leverage social engineering and other public information sources
to collect info about your work, interests, and activities—giving attackers an
edge in convincing you they’re not who they say.
CYBER ATTACK & CYBER SECURITY
l i t y
i de ntia
f
c on
inte
gr i t
y
i l i t y
i l a b
a va
More: NIST Special Publication 800-12, revision
1
An Introduction to Information Security section
1.4
CYBER ATTACK & CYBER SECURITY
Confidentiality Example:
Criminal steals customers’
It is a property used to prevent the access and disclosure of usernames, passwords, or
information to unauthorized individuals, entities or systems. credit card information
al i t y
i de nti
f
c on
CYBER ATTACK & CYBER SECURITY
Integrity
Example:
It is a property used to prevent any modification or
Someone alters payroll
destruction of information in an unauthorized manner
information or a proposed
product design
inte
g r it
y
CYBER ATTACK & CYBER SECURITY
Availability Example:
It is a property used to ensure timely and reliable access of Your customers
information assets and systems to an authorized entity. are unable to
access your
online services
i l i t y
i l a b
a va
CYBER/INFORMATION WARFARE
What is Cyber Warfare?
Cyber Warfare is a set of actions by a nation to penetrate another nation’s computers
or networks for the purposes of causing damage or disruption.
Military, Economic, Political, Social and Physical planes of society
Cyber Warfare is non-kinetic (less violent and more high-tech) only in the most
direct sense, if we view Cyber Operations separate from conventional operations.
As soon as we consider that conventional operations that rely on IT capability are
Cyber Operations then Cyber can become both Kinetic and Non-Kinetic in nature.
Cyber Attacks can be real-time events or time-delayed events. They can originate
from anywhere or be triggered from anywhere and originate from within our
perimeters.
They occur in multi-dimension Cyberspace as well as in conventional warfare
frames of reference.
CYBER/INFORMATION WARFARE
Is Traditional Cyber Law can Tackle Cyber War?
Existing international law does not completely cover some important aspects of
cyber warfare.
CYBER/INFORMATION WARFARE
Powerful Cyber Protected Countries