The Cyberspace/ Cybersecurity

Computers and digital technology

• go together and had given way for humanity to use electronic medium for
communications and interactions across interconnected computer networks

Cyberspace

• was originally used by William Gibson in his 1984 novel Neuromancer.

• the birth of the so-called cyberspace or virtual world where real-time interactions do not
have to be done physically.

Present Generation

• are techno-natives being born to this era of digital technology where virtual, augmented
and extended reality are all mixed-up and Artificial Intelligence is a common thing.

Virtual

• may be defined as (Oxford Languages) carried out, accessed, or stored by means of a

computer, especially over a network, or something that is not physically existing as such
but made by software to appear to do so.

Artificial Intelligence (AI),

• on the other hand, refers to the capability of computers or machines to process and
simulate human intelligence.
Virtual worlds

• were initially limited to text and document sharing (chat rooms, via conferencing systems).
• The advancement of two-dimensional and three-dimensional graphics rendering
technologies has paved the way to graphical models called avatars as the symbol of virtual
worlds.
• Virtual worlds of today represent a world that is very similar to reality with the application
of real-world rules and real time actions and communications.
• Avatars may be real world or fictionally adapted personalized characters that depict
humans, pets or other imaginary characters that inhabit in the virtual worlds.
• Today’s avatars are three-dimensional, interactive icons that exist in realistic virtual
worlds.

Internet and Network Security Fundamentals

Network Security

• is a collective term for all of the steps done to protect the integrity of a computer network
and everything on it.
• It is essential because it ensures the reliability of the network and shields critical data from
internet attacks. Successful network security strategies employ a variety of security
techniques to protect users and businesses against malware and online threats like
distributed denial of service.
• It involves creating security measures for only for the infrastructure itself but also for the
devices, applications and users of the network. It combines multiple defense layers
(software and hardware tools), each of which applies controls and policies where
authorized users are given access to network resources but malicious actors are blocked.

Common Network Security Vulnerabilities

Network security

• planning relies in the understanding of common network security vulnerabilities,

threats and issues.
• Complex networks need more complicated solutions, unlike simple problems that
may be fixed easily. All computer networks are possible target of outside attackers,
devices and networks remain accessible for attack through their flaws.
 • Network condition or its hardware may be the vulnerability of the network.
Sometimes, it is the users that unknowingly compromise the security of the network.

Some of the most common network vulnerabilities are:

• Improperly installed hardware or software

• Operating systems or firmware that have not been updated
• Misused hardware or software
• Poor or a complete lack of physical security
• Insecure passwords
• Design flaws in a device’s operating system or in the network
• Users

A vulnerability does not necessarily guaranty that an attacker or hacker will target the network
but this makes it easier for them to gain access to it.

Importance of Network Security

Network security helps prevent cybercriminals from accessing valuable data and sensitive
data/information. Such data can be taken by hackers that can be used to commit identity
theft, asset theft, and reputational damage, among other crimes.

Four of the most important reasons why protecting networks and the data they hold is
important:

1. Operational risks
• Disruption of operations is always at risk for an organization without adequate
sufficient network security. Networks, both personal and business, rely on
hardware and software that may become inoperable in the presence of
malware, viruses, and cyberattacks. In addition, businesses mostly
communicate internally and externally through networks.
2. Financial risks for compromised personally identifiable information (PII)
• Data breaches may be costly both for organization and individuals. Passwords,
Birthdays and Social Security numbers are examples of personally identifiable
information (PII) that must be protected by organizations handling it. Exposures
may cost the victims money in fines, compensation and repairing of compromised
devices. At the same time, exposure and data breaches can ruin company’s
 reputation and land it in legal hot water (lawsuit). According to IBM's "Cost of a
Data Breach 2022 Report," which was conducted by Ponemon Institute, the
average cost of a data breach climbed to $4.35 million in 2022 from $4.24 million
in 2021.

3. Financial risk for compromised intellectual property.

• Stolen intellectual property is very costly especially for organizations. Ideas,
inventions and products lost can also lead to loss of business and competitive
advantages.

4. Regulatory issues
• Many nations have data security laws which they require for companies to follow.
These laws address different network security problems that are not limited to
the field of Information Technology. Medical Institutions have their own security
standard to follow for the protection of their clients’ data. Breaking these rules
may result in penalties, prohibitions, and even jail time.

User Authentication and Authorization in a Network

• Network access to servers and applications should be limited to authenticated and

authorized users only. Authentication and authorization of network access can be
conditional and limited. An authenticated user may only be given access to some
resources that they would need for their work.

a. Network Authentication. Network authentication should be configured to confirm the

identity oof users. There are different ways to implement network-level authentication:

1. Password Authentication
o is the most familiar authentication method where the user enters a secret code to
gain access to a network. Secure passwords need more complicated format like
having combinations of different letters in lower and uppercase along with special
characters/symbols and numbers.
2. Two-factor authentication
o is a method that lets users confirm an authentication attempt. To verify identity,
the user must enter a one-time code that was delivered to their smartphone via
text message or a code produced by a mobile app (Authenticator app).

3. Token authentication or token-based authentication

o the two-factor authentication and token-based authentication are comparable. An
authentication device designed specifically for this purpose can be used instead of
a potentially hacked cellphone. A token can be a smart-card or a USB-enabled
device and businesses should ensure that the user returns the device after using
it.

4. Biometric authentication
o The bodily characteristics of the user are used for authentication in biometric
authentication. Like voices, facial traits, or fingerprints, these qualities are specific
to humans. However, because specialized scanners are needed to process this
data, implementing biometric-based authentication may be expensive. Concerns
about user privacy can also be problematic.

5. Transactional authentication
o Transactional authentication relies on user characteristics like what is being used
for work from home log in. The user location is detected and when it changes,
additional verification steps is done to validate the user authenticity. Transactional
authentication provides additional layer of protection for the network.

6. CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans
Apart)
o is used to verify if the identity of the entity attempting to access a system.
Attackers are able to develop programs that automate account login procedures.
CAPTCHA

- asks the user to describe what they see after displaying an obscured picture of a situation,
letters, or numbers.
- Applications have trouble distinguishing distorted images, characters, and numbers
compared to people. Most of the time, a distorted image can still be understood by
humans. However, this method can not be used by people with vision problems.

1. Computer Recognition Authentication

- This type of authentication relies on the device being used to access the network. First
time use of a device requires installation of a mini software which serves as the
cryptographic device marker. When a user signs in, the device marker if examined to
determine whether the user is using the approved device. If users are only permitted to
log in from a single device, computer recognition authentication becomes quite helpful.
However, this approach can become challenging if users frequently swap between
devices.

2. Single sign-on

- With single sign-on, users just need to enter their credentials once to authenticate
themselves across a variety of tools and applications. This authentication can save time
with a single sign-on that can be used to log in a person across all tools he uses to control
storage and network security. However, there is a greater risk for an attacker to be able to
access several platforms, tools, and apps by successfully breaking into just one of those
with a single sign-on.
CYBER CRIMES

• Following the most recent developments in networks and the computer sector, the word
"cybercrime" was coined.
• Cybercrimes are seen as a serious risk since they can result in severe consequences such
as monetary losses, the loss of private information, system failure, and damage to an
organization's reputation.
• Cybercrimes are increasing because of reasons such as vulnerable devices, financial
motivation and personal motivation.
• Cybercrimes may be done by targeting computers or using computers.
• Cybercrime can be defined as the committing or facilitating an illegal act by using any
communication device.
• It either intentionally uses or targets a computer or several computers in a network for
the purpose of harming individuals, business groups or even governments.

Cybercriminals

• These are persons who maliciously acts and do illegal activities by applying their
technological know-how.
• Cybercriminals take advantage of the weaknesses and security holes in a system. Security
holes can be in the form of weak passwords or authentication process, lack of strict policy
and models that can be used for exploitation in order to take a foothold inside the targeted
environment.
• Cybercriminals can be easily found in the “Dark Web” where they offer their illegal
products or services.

Examples of cybercriminals include the following:

a. Cyberstalkers
b. Cyber terrorists
c. Scammers
d. Hackers
Hacking

• is recognized as a cybercrime, not every hacker is a cybercriminal because some of them

work to check and reveal vulnerabilities for the purpose of improvement as in the case of
“white hat hackers”.
• Black hat hackers, on the other hand, perform hacking with malicious purposes. Hackers
are usually classified based on their intensions, legality and target’s consent.

MAIN TYPES OF HACKERS

1. White Hat Hackers – they do legal hacking to increase users' digital security. They are
compensated for breaking into digital systems in order to detect possible security flaws
and reporting back to their clients. By using white hat hacking, businesses and
organizations can fix security flaws before malevolent hackers can take advantage of them.

2. Black Hat Hackers - plan frauds and take advantage of weaknesses with the intention of
causing harm in exchange for money. They use a variety of techniques but the most
common ones include outright theft of funds, password cracking to obtain data that may
be sold on the dark web, or hold private information ransom. They are the most dangerous
among the hackers and they usually go to considerable measures to conceal their
identities. Occasionally, hackers form gangs to carry out massive hacks.

3. Gray Hat Hackers - they don't employ weaknesses to their advantage; instead, they breach
systems without the permission of their targets and then notify the hacked parties to assist
them in strengthening their security. Sometimes, details are given away in exchange of
payment but no damage is done if victims don’t pay.

4. Red Hat Hackers - they consider themselves to be the "superheroes." Usually, they go after
black hat hackers in an effort to thwart or counterattack them. Red hat hackers employ
identical methods to compromise black hat rings or people, despite their steadfast
opposition to black hats. They might initiate large-scale assaults to take down black hat
servers or pilfer their assets and give them back to the offended parties.

5. Blue Hat Hackers – these are hackers with white hat backgrounds who work for a company.
Their responsibility is to guard the organization's cybersecurity and stop intrusions. When
blue hats start working for a corporation or organization, they are typically not referred to
as "hackers." They may not be in charge of carrying out hacks alone; instead, they
 frequently operate in teams. They typically work for large organizations' IT departments.
Alternatively, they could be employed by cybersecurity firms that provide clients with
white hat hacking services.

6. Script Kiddies and Green Hat Hackers - are frequently used synonymously, yet they have
different meanings. Both terms allude to unskilled hackers; however, whereas script kiddies
nearly invariably have malevolent intentions and employ pre-existing malware and scripts
written by other hackers to carry out their attacks, green hat hackers may hope to become
white or black hats. Since script kiddies lack the technical knowhow to carry out more
complex attacks, they may also rely on social engineering. This implies that they can send
phony emails and assume other identities in an effort to persuade their targets to divulge
private information. Green hat hackers, on the other hand, aim to acquire the technological
know-how necessary to turn into white or blue hat hackers in the future. Some may wind
up going down the dark path because they don't have a definite motivation at this point.

7. Hacktivists - are those who breach systems in an effort to retaliate against perceived
injustices in politics or society. Hacktivists frequently attempt to reveal corporate or
governmental wrongdoing by breaching secure networks and revealing confidential data.

8. State/Nation-Sponsored Hackers - Governments employ hackers with state sponsorship.

While some hackers utilize white hat techniques to strengthen national cybersecurity,
others employ black hat strategies to cause harm to other nations. Statesponsored hacking
is frequently an attempt by states to obtain intelligence from other governments through
espionage. Governments may launch their own subversive assaults or use the information
gleaned from state-sponsored hackers to prepare for or avert impending harm.

9. Malicious Insider (Whistleblower) – someone who works for an organization and exposes
wrongdoings from within for different reasons. They can confidential information anytime
because they have the needed security access.
Classifications of Cybercrimes

Cybercrimes in general can be classified into four categories:

• Individual Cyber Crimes – targets individuals and includes phishing, spoofing, spam,
cyberstalking and others.

• Organization Cyber Crimes – targets organizations and is usually done by criminal teams.
It includes malware attacks and denial of service (DoS).

• Property Cybercrimes – targets properties like credit cards or even intellectual property
rights.

• Society Cybercrimes – includes cyber-terrorism.

Most Common Cyber Crimes

Some of the most common cybercrimes committed are:

1. Phishing - is a kind of social engineering assault wherein an attacker sends fictitious emails
and messages to a target system in an attempt to fool them into divulging personal
information about themselves or attempt to download malicious software in order to take
advantage of it.

2. Pharming - internet fraud in which victims are lured to spoof websites using harmful code
in an effort to steal their personal information and login credentials.

3. Ransomware Attack – this particular kind of malware has the capacity to encrypt user
data and demand a ransom to unlock it, so preventing users from accessing any of their
personal information on the system.

4. Identity Theft - happens when a cybercriminal obtains personal information, such as

credit card numbers or images, from another individual and uses it for fraudulent or illegal
purposes.

5. Scamming - a dishonest or illegal plan or activity, esp. one for making money.
 6. Hacking/Misusing Computer Networks - describes the illegal act of gaining unauthorized
access to private computers or networks and abusing them by deleting data, manipulating
stored data, or using other unlawful methods.

7. Internet Fraud - is a subset of cybercrimes that involves the usage of the internet. It is
possible to think of internet fraud as a catch-all word for all crimes committed over the
internet, including service theft, financial fraud, spam, and other offenses.

Other Types of Cybercrime

Other types of cybercrimes include but are not limited to the following:

1. Cyber Bullying - also known as online or internet bullying. It involves sending or

disseminating damaging and dehumanizing content about other people, which is
embarrassing and may contribute to the development of psychological issues. It has been
increasingly prevalent lately, particularly among youth.

2. Cyber Stalking - might be characterized as persistently unwanted material that someone

intentionally targets other people online in an attempt to control and intimidate them,
much as persistently unwanted calls and messages.

3. Software Piracy - is the unauthorized use or duplication of software purchased that

violates license limitations or copyrights.

4. Social Media Frauds - is using false social media profiles for malicious purposes, such as
sending menacing or threatening messages or posing as another individual. Email spam is
among the simplest and most prevalent forms of social media fraud.

5. Online Drug Trafficking - With the rapid advancement of bitcoin technology, it is now
simple to carry out drug trades without drawing the notice of law authorities and transfer
money in a private, safe manner. Drug marketing on the internet increased as a result of
this. Illegal drugs can be sold and traded in the “dark web”.

6. Electronic Money Laundering – also referred to as money laundering. It is predicated on

unidentified businesses or websites that process credit card transactions and accept
acceptable payment methods yet provide inconsistent or insufficient payment details
when purchasing unidentified goods.
 7. Cyber Extortion - Cybercriminals may demand money in order to return sensitive
information they have stolen or to cease their malicious actions, such as denial-ofservice
assaults. This practice is known as cyberextortion.

8. Intellectual-Property Infringements – is the infringement or breach of any intellectual

property rights that are protected, including industrial design and copyrights.

9. Online Recruitment Fraud - fake organizations releasing job opportunities with the
intention of taking applicants' personal information or using it for financial gain are one of
the less typical cybercrimes that are also becoming more prominent.

Malwares

• Malware is a short term for malicious software. “Malware ” is a generic term that covers
a range of kind of software that is aggressive, invasive, or bothersome.
• It is designed or utilized to interfere with computer operation, obtain private data, or
profit entry to personal computer networks. It may manifest as code, scripts, or active
among other apps and content.

Malware Usage

• Many pioneering viral initiatives, such as the first internet worm were written as
experiments or pranks.
• At present, the main purpose of malwares is to steal confidential data (financial, personal
or commercial) for the good of others.
• Malwares are occasionally widely utilized to websites created or owned by governments
or businesses to compile protected information, or to interfere with their regular
operations.
• Malwares are also frequently employed against people to obtain data, such as social
security numbers, credit card or bank accounts and so forth.
Types of Malware

Many types of different malwares are listed but not limited to the following:

1. Viruses (Vital Information Resource Under Siege) - it is typically a program or a piece of

code that is loaded and runs onto a computer without the user’s knowledge. They are
manmade and can replicate themselves to other disks to spread other computers. They
can be vastly destructive to files.

2. Trojan horses – is a malware that disguises itself as something useful. It is incapable of

selfreplication, however harms or jeopardizes the safety of the computing device. It is
either sent by someone or carried by another software and may show itself as a humorous
software or program that can be used to get log-in credentials and password. (ex. Remote
Access Trojans – RATs, Backdoor Trojans – backdoors, IRC Trojans -IRCbots, Kelogging
Trojans)

3. Worms – It is an autonomous program that distributes copies of itself to other devices via
a network, nodes or networked computers even without the users’ assistance. It is not
required to cling to an existing program.

4. Spyware – a software installed on a computer without the user’s knowledge. This

software is difficult to detect, collects important information and sends them to someone
else.

5. Zombie – programs that take control over a device to make use of its Internet affiliation
with other attackers, networks or computers or to carry out additional illegal actions.

6. Phishing – a program that tricks user into providing important personal information for
financial gain.

7. Spam - an unrequested or unwanted email that is usually comes in the form of a

newsletter or an add and it is a common way to spread viruses, trojans and the likes.

8. Adware (short for advertising-supported software) – a software that automatically

delivers advertisements. Comes as pop-ups or offers of “free” software versions that come
bundled with malware.

9. Ransomware – is a form of malware that essentially holds a computer captive while

demanding an amount for ransom.
How Malware Spreads

Malwares can be distributed by different means but not limited to the following:

1. Social network
2. Pirated Software
3. Removable Media
4. Emails
5. Websites

Malware Damages

There are many damages that can be brought about by malwares and the extent of damage can
be minimal to grave. Both individuals or companies/organizations may or can be a target of
malware and can suffer from such damages.

1. Data Loss – ex. file deletion .

2. Account Theft - ex. Password stealing
3. Botnets – ex. Turning a computer into a “zombie” or a “bot”
4. Financial Losses – ex. Gaining access to credit card or bank accounts can lead to financial
loss

Basic Malware Protection

These are some of the basic malware protections that anyone can do.

1. Install software for protection like firewall, anti-virus, etc.

2. Do not trust files from unknown or questionable sources.
3. Do not open email from unknown or unrecognized senders.
4. Download files from reputable sites only.
5. Scan computers once a month or as often as possible.
Basic Malware Infection Symptoms

Some symptoms of malware infections are:

1. Increased CPU usage.

2. Computer speed or browsing speed may have slowed down.
3. Network connection problems.
4. Computer crashing or freezing.
5. Modified or deleted files.
6. Presence of odd files, programs, or desktop icons.
7. Programs working on their own (running, turning off, reconfiguring).
8. Strange computer behavior.
9. Automatic sending of emails/messages without user’s knowledge.
10. A lot of network activity even without using the internet.
11. Lower memory than usual.
12. Programs/files appearing/disappear without knowledge.
13. Changed filenames.