DMD140 - Fundamentals of Cybersecurity

C O U R S E C O O R D I N AT O R : W A L E E D M A S M A L I
 Contents
•Introduction of cybersecurity
•Cyber-attacks
•Types and methods used in cyber attacks
•Objectives of cyber-attacks
 Introduction of cybersecurity
Cybersecurity is one of the most important domains in the field of information technology.
There are two spellings for it, “Cybersecurity” and “Cyber Security”

The short definition of cybersecurity is:

“The protection of software, hardware, and data resources connected and stored on the
Internet is known as the cybersecurity”. From an individual to a large corporation, everybody is
concerned about the security of their online data, software and information.

The protection of the personal, financial data, commercial data, business-critical information,
operational continuity, data integrity, and availability of online software services fall in the
cybersecurity domain
 Introduction of cybersecurity (Cont.)
Cybersecurity widely relates to the technological processes and procedures to keep the
valuable data and software resources safe and secure from the external threats emerging
through the Internet, but the physical security is also a big component that affects the
cybersecurity both directly and indirectly.

In our modern technological environments: software resources are the core components for
almost all businesses, public life activities, governmental organizations, defense systems and
many other fields. The availability, integrity, and confidentiality of those software resources
make your life run smoothly.

The failure of any of the above three major components :

Integrity, availability and confidentiality, will bring our entire life to a halt
 Introduction of cybersecurity (Cont.)
Nowadays, physical security is also becoming a part of cybersecurity issue. With the advent of
Internet of Things (IoT) technology, the automation of home, factories, commercial areas,
buildings, places, and many other installations is becoming a very commonplace practice. Thus,
the entire physical security will also be influenced by the cybersecurity threats through the
Internet.
 Introduction of cybersecurity (Cont.)
Cybersecurity can be classified into multiple elements:

1. Network security (NS)

2. Information security (IS)
3. Application security (AS)
4. Business continuity planning (BCP)/disaster recovery
5. Leadership commitment
6. Operational security (OPSEC)
7. End-user education
 Cyber-attacks
What is cyber-attack?
Getting access to the legitimate systems – servers, computers, network, or software programs – illegally
and establishing control over it for carrying out malicious activities such as information stealth, data
damage, system damage, and interruption in smooth operations of the legitimate networks and systems.

A cyber-attack is a deliberate and malicious electronic attempt by one party, which may be either an
organization or an individual to breach into the cyber environment of the other party an individual or an
organization to steal, delete, or damage the valuable information.
 Cyber-attacks (Cont.)
The main areas of attacks include the following:
1. Data servers
2. Application servers
3. Storage servers
4. Financial information
5. Operational systems
6. Computer networks

The main objective of the attacker is to get benefits from that malicious act. Many organizations from
the enemy countries try to destroy the important information to inflict losses to the enemy countries
and their institutes
 Cyber-attacks(Cont.)
There are many types and methods used for attacking the cyber environments:
1. Malware attacks
2. Phishing attacks
3. Structured Language Query, SQL Injection
4. Denial-of-service (DoS) attacks
5. Man-in-the-middle (MITM) attacks
 Malware attacks
The malware is a computer software program maliciously developed to install on the computers
without any consent of the users.

 The main objective of programs is to either establish the access to the targeted computers without
any permission of the user or to install the program to create annoyance for the users. The annoyance
can include:
1. Data theft.
2. Data damage.
3. Computer malfunction.
4. Service blockage, and spying on the users.
 Malware attacks(Cont.)
The Most Common Types of Malware Attacks:
1. Adware.
2. Fileless Malware.
3. Viruses.
4. Worms.
5. Trojans.
6. Bots.
7. Ransomware.
8. Spyware.
 Phishing attacks
Phishing is a type of cyber-attack in which the targeted person is bombarded with the emails that look
very similar to the emails coming from their banks, insurance companies and other service providers.

The main target of the phishing attack is to get the information about the credit card number, ATM pin
codes, passwords, user name and the related information.

There are three major modes of phishing used in the modern phishing activities as listed below:
1. Telephone calls commonly referred to as voice phishing.
2. Emails referred to as general phishing .
3. Small text messages (SMS) referred to as smashing.
 SQL Injection
Structured Query Language (SQL) injection is a type of malicious practice to steal the valuable data from
the database server.

This method exploits the vulnerabilities in the traditional Active Server Page (ASP) websites, PHP
applications, and SQL server forms.

The traditional ASP and hypertext preprocessor (PHP)-powered websites generate the dynamic SQL
within the front end of the application.

The malicious user appends an SQL command in the back end of the SQL form field.
 SQL Injection(Cont.)
The objective of that command is to break the original SQL script and run the malicious script attached
with the SQL form.

The malicious code gets data from the SQL database server and sends to the computer of the hacker.
 Denial-of-service (DoS) attacks
Denial of Service or DoS is an Internet security-related event in which the hackers attack a particular
server running some Internet services to prevent it from working normal or to stop the services.
 In this case, the servers are overwhelmed with the flooding of superfluous messages

The hacker actively exploits the server vulnerability and sends the bombardment of automated requests
and messages to that particular server to respond.

The server gets overwhelmed and choked and stops working normal.

In certain cases, the service stops working due to overloaded server.
 (DoS) attacks(Cont.)
The major symptoms of being the victim of DoS attacks include the following:
1. Inability in accessing a website
2. Delay in accessing online service
3. Huge delays in file opening on the websites
4. Increased volume of spam emails
5. Degradation of performance of services
 (DoS) attacks (Cont.)
The impact of the DoS attack can be mitigated by taking the following steps:

1. Routing the malicious traffic

2. Using load balancers to avoid heavy malicious traffic to strive the server
3. Using intrusion detection systems
4. Using intrusion prevention systems
5. Using security firewalls
 Man-in-the-middle (MITM) attacks
In the “Man-in-the-Middle” or MITM cyber-attack, the hacker intercepts the normal connection
between the user and the web server without any knowledge of both user and server.

The legitimate communication link between the two entities is exploited, intercepted, and decrypted to
steal the personal information for malicious use.
 (MITM) attacks (Cont.)
MITM attack consists of three major steps:
1. In the first step, the hacker scans the vulnerabilities of the system and network
2. Once the vulnerabilities are known, the phishing emails are sent to users; those emails contain the
wrong addresses of your services or bank accounts.
3. In the third step, they decrypt your information for stealing purpose.
 (MITM) attacks (Cont.)
The major types of MITM attacks include the following:
1. DNS spoofing
2. HTTP spoofing
3. IP spoofing
4. Email hijacking
5. SSL (Secure Sockets Layer) hijacking
6. Wi-Fi network eavesdropping
7. Stealing the cookies set on the browsers
 Objectives of cyber-attacks
The objectives of cyber-attacks may vary from person to person and from organization to organization

Some of the main objectives of a hacker for conducting cyber-attacks are listed below:
1. Achieving monetary gains
2. Damaging the brand value of the other party
3. Inflicting damages through cyber-terrorism
4. Obtaining government and business secrets
5. Warfare cyberattacks
6. Growth hacking email campaign

All of the above mentioned objectives can be achieved when any one or all of the following systems and data
breaches are achieved by a hacker. Breaching “CIA” triad – Confidentiality, Integrity and Availability.
 References
2020, Cybersecurity Fundamentals : A Real-World Perspective.By Kutub Al-Sakib Khan Pathan

Andress, J 2019, Foundations of Information Security