Week 1: Team 2 Assignment
The role of cyber security frameworks and standards in reducing vulnerabilities
1. All software will be vulnerable at some point in time in its lifecycle 2. the vulnerabilities will be exploited by malignant actors
Incident Response Framework
Prepare, detect and analyze, contain, eradicate, and recover
Cyber attacks
DDoS (Distributed Denial of Service), Data breaches, ransomware attacks, MitM (Man in the middle) attacks, SQL injection attacks, Brute force attacks, cryptojacking attacks
Malware
Common cyberattack and compromises security by stealing information Malware is short for malicious software: a software that is installed on a computer without the user's content and performs malicious actions The attack vectors occur typically through email, text, or compromised websites. But, they can extend further through physical media such as a USB or CD.
Cyber Attacks
Deliberate actions or activities carried out with the intention of exploiting vulnerabilities in information systems or networks, causing harm or compromise Ex: DDoS, Data Breach, Ransomware Attack, MitM Attack, and Social engineering
Foundational Actions
Develop incident response plan and training
Consequences of Cyber Attacks
For individuals and orgs: criminal charges, imprisonment, lawsuits, fines, and reputation damage Cyber retaliation: potential counterattacks with similar motivations Responsibility of ethical hackers: ethical hacking involves responsibility, knowledge, documentation, confidentiality and trustworthiness
legal frameworks and regulations
General data protection and regulation (GDPR), Computer fraud and abuse act (CFAA) , Budapest convention, Health insurance portability and accountability act (HIPPA), Payment card industry data security standard (PCI DSS), North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP)
the impact of cyber threats, attacks, and vulnerabilities
It can cause big problems: Individuals face privacy breaches and financial loss. Organizations suffer data breaches, damage to their reputation, and financial harm. Society experiences compromised infrastructure and national security threats.
Phishing
Phishing, a form of social engineering, tricks users into downloading malware and sharing sensitive information by masquerading as a person or organization the victim may trust. - The most common attack vector is email and these emails deliver ransomware to organizations and individuals which later cause data breaches
Strategies to mitigate cyber threats, attacks, and vulnerabilities
Planning and implementing strategies to mitigate is paramount to safeguarding confidential information, critical structure, and personal privacy
Cyber Threats
Potential dangers or malicious activities that can exploit vulnerabilities in computer systems, networks, or digital information, aiming to compromise the confidentiality, integrity, or availability of data or resources Ex: Malware, phising, insider threats, and advanced persistent threats
Ethical considerations
Privacy violation, har to innocent parties, exploitation of vulnerabilities, motivations and intentions
Phishing Threats
Spear phishing, whaling (targeting high-profile individuals), vishing (voice phising), and smishing (SMS phishing)
Social Engineering
The tactic of manipulating, influencing, or deceiving the victim in order to gain control over a computer system and differs from other cyber attack techniques as it relies heavily on psychological manipulation Examples of attack techniques: - Pretexting: A pretext is a made-up scenario developed by actors for the purpose of stealing a victim's personal data - Quid pro quo: Something for something which means that a social engineer offers a service, such as tech support, in exchange for sensitive information
Malware Threats
Viruses, worms, trojans, ransomware, spyware, adware
The importance of regular vulnerability assessments and patch management
Vulnerability assessments are like security check ups (they identify weaknesses) Patch management is about keeping your computer's software updated with the latest security fixes By regularly conducting these assessments, you can minimize the risk of unauthorized access, data breaches, and cyber-attacks
Vulnerabilities
Weaknesses, flaws, or gaps in the security of a system, network, or application that can be exploited by cyber attackers to facilitate an attack Ex: Software vulnerability, weak passwords, unpatched systems, misconfigured settings, insider threats
SQL injection attacks
a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database
weak passwords
easily guessable or common passwords that provide entry points for attackers
unpatched systems
failing to apply security patches, leaving systems vulnerable
hardware vulnerabilities
flaws in computer hardware, such as microprocessor vulnerabilities
Software vulnerabilities
flaws in operating systems and applications that can be exploited
backdoors
hidden or intentionally created access points in software or hardware
misconfigured settings
inadequate security settings or open ports that provide attack opportunities
Insider threats
malicious insiders, negligent insiders
