CYBER SECURITY:OBJECTIVES

THE CIA TRIAD

The CIA Triad is one of the most fundamental concepts in cybersecurity. It

stands for confidentiality, integrity, and availability, and it represents the
three main goals of cybersecurity.

 Confidentiality refers to the need to protect information from

unauthorized access.
 Integrity refers to the need to ensure that information is accurate and
complete.
 Availability refers to the need to ensure that information is accessible to
authorized users when they need it.

Authenticity
Cyber security strives to verify the authenticity of users, devices, and data
within digital environments. Through techniques like multi- factor
authentication, biometrics, and certificate authorities, it ensures that entities
are who they claim to be, thus preventing identity theft, spoofing, or
impersonation attacks.

Risk Management
Cyber security plays a crucial role in helping organizations meet regulatory
requirements, industry standards, and best practices. It also helps mitigate the
risks associated with cyber threats, such as financial losses, reputational
damage, and legal liabilities.
ROLES IN CYBER SECURITY
There are many different roles in cybersecurity, each with its own specific
focus. Some of the most common cybersecurity roles are:

Chief Information Security officer (CISO) : The CISO is responsible for

developing, implementing, and overseeing an organization's overall cyber
security strategy and policies.
Security Analyst : Security analysts monitor and analyze network traffic,
identify potential threats, and investigate security incidents.
Penetration Tester : Penetration testers simulate cyber attacks to identify
vulnerabilities in an organization's systems and networks, helping to improve
security measures.
Incident Response Specialist : These professionals are
responsible for responding to and mitigating the impact of
security incidents, such as data breaches or malware infections.
Cryptographer : Cryptographers design and implement secure encryption
algorithms and protocols to protect sensitive data.
Security Engineers : Security engineers develop, deploy, and maintain
secure systems, applications, and infrastructure.
Security Auditor : Security auditors assess an organization's compliance
with security standards, identify vulnerabilities, and recommend
improvements.
Cyber Security Educator : These professionals train and educate employees
on cyber security best practices, awareness, and response procedures.
Unit: 2
 Cyber Crime and Cyber Activism: An Overview
 Typologies of Cyber Crimes: Generic Cyber Crimes, Advanced
Persistent Threats (APTs), Cyber Threat in Mobile Technology, Cloud
Computing and BYOD
 Cyber Crime Identification, Risk Assessment, Management and Control

Overview

In the digital age, where technology permeates every aspect of society, the
rise of Cybercrime presents a rampant threat in today's digital world. Cyber
criminals leverage advanced tactics to exploit vulnerabilities, steal sensitive
information, disrupt services, and inflict widespread harm. Understanding the
nature of cyber crime, implementing effective mitigation strategies, and
enhancing control mechanisms are essential in combating this pervasive threat.
This Chapter Provide insights into the overview of Cyber crime and cyber
activism. Further the Typologies of the cyber crime is provided in detail and
then Identification management and Control Measures has been discussed.

Cyber crime poses a significant threat to individuals, businesses, and

governments worldwide. By gaining insights into the evolving threat
landscape, implementing effective mitigation strategies, and enhancing
control mechanisms through legislation, regulation, international cooperation,
and public-private partnerships, stakeholders can bolster their defenses and
mitigate the impact of cyber crime. In a digital world where the stakes are
high, proactive efforts to combat cyber crime are essential to safeguarding the
integrity, privacy, and security of cyberspace.
CYBER CRIME
This term refers to the illegal activities conducted in cyberspace that
targets or uses computers, networks, and digital devices.
These activities includes stealing data, disrupting operations, or extorting
money hacking, identity theft, phishing, and spreading malware or viruses.
Cybercriminals are like digital outlaws who exploit vulnerabilities for
personal gain.

MOTIVATIONS : Cybercriminals can be individuals, organized groups, or

even nation-states. Their motivations vary widely, from financial gain through
stealing sensitive information or extorting money to ideological or political
reasons. Some engage in cybercrime for the thrill of breaking into secure
systems or for the challenge it presents.

TARGETS : Anyone can fall victim to cybercrime, including individuals,

businesses, governments, and even critical infrastructure like power grids or
transportation systems. Small businesses are often targeted due to their weaker
security measures compared to larger corporations.

IMPACT: The impact of cybercrime can be devastating. It can lead to

financial losses, reputational damage, loss of sensitive data, disruption of
services, and even physical harm in cases where critical infrastructure is
targeted. Beyond the immediate effects, cybercrime can erode trust in online
systems and hinder technological innovation.

GLOBAL NATURE : Cybercrime knows no borders. Criminals can operate

from anywhere in the world and target victims in distant locations. This
presents challenges for law enforcement agencies, as jurisdictional issues and
differing legal frameworks can complicate investigations and prosecution.

LEGAL FRAMEWORKS: Governments around the world are enacting laws

and regulations to combat cybercrime. These include laws addressing hacking,
data breaches, online fraud, and the protection of personal information.
International cooperation is also essential for tackling cybercrime effectively.
EMERGING THREATS: As technology evolves, so do the tactics of
cybercriminals. Emerging threats include the rise of ransomware-as-a-service,
sophisticated phishing attacks, exploitation of Internet of Things (IoT)
devices, and the use of artificial intelligence for both defensive and offensive
purposes.

Protecting Yourself:
o Don't click on suspicious links or attachments in
emails.

o Use strong passwords and update them regularly.

o Install security software and keep it up to date.
o Be wary of online offers that seem too good to be true.
o Regularly back up your important data to a secure
location

CYBER ACTIVISM :

Cyber activism refers to the use of digital tools and platforms to promote and
advocate for social, political, economic and environmental causes. It is also
known as online activism or digital activism. It uses the power of the internet,
social media, and technology to effect change on a global scale. In an
increasingly interconnected world, cyber activism has emerged as a powerful
force for social justice and democratic participation.

 One of the key characteristics of cyber activism is its ability to

reach aglobal audience almost instantaneously.
 Twitter, Facebook, & Instagram provide activists with powerful
tools toraise awareness, mobilize supporters, & organize protests or
campaigns.
 Hashtags, viral videos, and online petitions can quickly gain
traction andspark conversations that transcend geographical
boundaries.
Forms of Cyber Activism
Raising Awareness : Social media campaigns can effectively spread
information about social injustices, environmental issues, or human rights
violations.
Mobilizing Action : Online petitions can garner millions of signatures, while
calls to action can encourage participation in protests or boycotts.

Crowdfunding : Online platforms like Kickstarter and GoFundMe enable

activists to raise funds for their causes, supporting legal battles, humanitarian
efforts, or independent media projects.
Challenging Power Stuctures: Hacktivist groups uses hacking techniques to
target government or corporate websites to expose corruption or disrupt their
operations (be aware that hacktivism can be illegal).
Online Harassment : Online harassment is the use of digital technologies to
harass or intimidate an individual or group. It can take many forms, including
cyberbullying, hate speech, and threats of violence.

Benefits of Cyber Activism

Benefits of Cyber Activism :
• There are many benefits to cyber activism,
including: It is a low-cost way to reach a large
audience.
• Raises awareness of important issues & hold
those in power accountable. Activists and
ordinary individuals can document and share
news, events, and human rights violations in real-
time.
• Information can be disseminated instantly across
borders, bypassing traditional media gatekeepers
and reaching a vast audience.
Challenges of Cyber Activism
There are also some challenges associated with cyber activism, including:
1. False information can spread rapidly online, making it difficult to
discerntruth from fiction.
2. Authoritarian regimes may suppress online activism by
monitoringcommunications and censoring dissent.
3. Social media algorithms can create echo chambers where users
are primarily exposed to information that confirms their
existing beliefs.
4. It can be difficult to avoid online harassment and other forms
of abuse.
5. It can be difficult to measure the impact of cyber activism.

TYPOLOGIES OF CYBER CRIME :

The ever-expanding digital landscape presents a vast playing field for

cybercriminals. To effectively defend ourselves, we need to understand the
different types of attacks they employ. Here's a breakdown of some key
cybercrime typologies:

GENERIC CYBER CRIMES :

Generic cyber crimes are common types of cyber crimes that affect
individuals and organizations. They often rely on tricking victims into
compromising their security. They include:

1) Cyberbullying: Harassment, intimidation, or

humiliation of individuals using online platforms.

2) Identity Theft: Unauthorized access and use of

someone else's personal information for fraudulent purposes.

3) Phishing: Deceptive techniques to acquire sensitive information such as

usernames, passwords, and credit card details.

4) Malware: Malicious software designed to disrupt, damage, or gain

unauthorized access to computer systems.

5) Denial-of-Service (DoS) Attacks: Flooding a network or server with

excessive traffic to render it unavailable to users.

6) Ransomware: Encrypting files or systems and demanding payment for

their release.

7) Online Fraud: Cybercriminals engage in various fraudulent activities,

including credit card fraud, auction fraud, and investment schemes.

ADVANCED PERSISTENT THREATS (APTS)

These are highly sophisticated attacks targeting high-value targets like
governments, financial institutions, and critical infrastructure.
These attacks involve a high level of planning and persistence.
APTs are meticulous and long-term, often employing
custom tools and techniques to evade detection.
APTs often employ multiple attack vectors and exploit
vulnerabilities over an extended period, making them challenging to
detect and mitigate.

CYBER THREATS IN MOBILE TECHNOLOGY

The widespread use of mobile devices has opened up new avenues for
cybercriminals. Mobile-specific cyber threats include:

1) Malicious Apps : Downloaded from unofficial app stores, these apps can
steal data, track user activity, or display intrusive ads.

2) phishing : This is a form of phishing that involves sending fraudulent

text messages to trick individuals into revealing personal information.

3) Mobile Malware: Designed to steal information, track location, or

disrupt phone functionality.

4) Unsecured Wi-Fi Networks : Public Wi-Fi networks are often exploited

to intercept data transmissions and launch attacks on connected devices.

CYBER THREATS IN CLOUD COMPUTING

Cloud computing has revolutionized the way businesses operate. As

businesses increasingly rely on cloud services for data storage and
processing, new vulnerabilities emerge. Common threats include:

1) Data Breaches : Hackers can exploit weaknesses in cloud

security to access sensitive data stored by businesses.

2) Insecure APIs : Application Programming Interfaces (APIs)

that connect cloud services can be exploited to access or manipulate data.

3) Data Loss : Accidental deletion or destruction of cloud-hosted data,

sometimes caused by service provider errors or infrastructure failures.

4) Account Hijacking : Unauthorized access to cloud accounts through

stolen credentials or social engineering techniques.

BYOD SECURITY RISKS :

BYOD abbreviates to Bring Your Own Device. It refers to the practice when
employees use personal devices for work purposes. It can introduce security
challenges for organizations, Such as –

1) Data Leakage : Sensitive corporate data may be exposed if devices are

lost or stolen.

2) Malware Infection: Personal devices may not have the same level of
security as corporate devices, making them more susceptible to malware
infections.

3) Unauthorized Access: Weak authentication or device control

mechanisms can allow unauthorized individuals to gain access to corporate
resources.

CYBER CRIME IDENTIFICATION

Cyber crime identification is the process of detecting and investigating
various forms of illegal activities conducted in cyberspace.
This is essential for law enforcement agencies, cybersecurity professionals,
and organizations to effectively respond to and mitigate cyber threats. It
involves a variety of techniques, Such as :
Digital Forensics: Digital forensics involves the collection, preservation,
analysis, and presentation of digital evidence to investigate cybercrimes.
Forensic experts use specialized tools and techniques to examine digital
devices, networks, and systems to identify traces of malicious activities.

Incident Response: Incident response teams are responsible for

detecting, analyzing, and mitigating cybersecurity incidents. They employ a
range of detection mechanisms, such as intrusion detection systems (IDS),
security information and event management (SIEM) tools, and
threat intelligence feeds to identify cyber threats in real-time.

Threat Intelligence: Threat intelligence involves gathering and

analyzing information about cyber threats, including tactics,
techniques, and procedures (TTPs) used by threat actors. By understanding
the tactics employed by cybercriminals, organizations can better identify and
defend against potential attacks.

ML and AI: Machine learning (ML) and artificial intelligence (AI)

technologies are increasingly being used to enhance cybercrime identification
capabilities. These technologies can analyze vast amounts of data to detect
patterns and anomalies associated with cyber threats, enabling faster and
more accurate identification of malicious activities.

COMMON SIGNS OF CYBER CRIME

1) Unusual System Activity: A sudden spike in network traffic, unauthorized

login attempts, Missing files or corrupted data can be red flags.
2) Performance Issues: Slowdowns, crashes, or unexpected behavior of your
devices or software can be signs of malware infection.
3) Suspicious Emails: Phishing attempts or messages containing malicious
attachments can be a gateway for cyberattacks.
4) Unexpected Installs: If new software or apps appear on your device
without your knowledge, it could be a sign of a malware infection.
5) Security Alerts: Antivirus, anti-malware, and intrusion detection systems
can generate alerts when suspicious activity is detected.
RISK ASSESSMENT
Risk assessment is the process of identifying, analyzing, and evaluating
potential risks to information assets, systems, and operations.
It plays a crucial role in developing effective cybersecurity strategies and
prioritizing resource allocation for organizations to mitigate risks.
Key steps for conducting a cyber risk assessment are :

1) Asset Identification : The first step in risk assessment is identifying and

cataloging the assets that are at risk of cyber attack, such as computer systems,
software, data, and intellectual property.

2) Threat Identification : This involves identifying the threats that could

potentially damage the assets, such as hackers, malware, technical failures and
natural disasters.

3) Assess Vulnerabilities : Evaluate your systems and processes to identify

weaknesses that attackers could exploit. This includes outdated software, weak
passwords, and unsecured networks.

4) Risk Analysis : Risk analysis involves evaluating the likelihood and

impact of the threats. This involves assessing factors such as the probability of
occurrence, severity of consequences, and effectiveness of existing controls.

5) Risk Mitigation : Risk mitigation involves implementing measures to

reduce the risk of cyber attack, such as implementing security controls, policies,
training employees, and backing up data or as per the need after assesment.