The Internet &

The World Wide

Web
Cybersecurity is the practice of safeguarding computer systems,
networks, and data from cyber threats like hacking, malware, and
unauthorized access. It involves implementing technologies,
strategies, and best practices to maintain the confidentiality,
integrity, and availability of digital information.
CIA Triad
 The CIA Triad is a fundamental model in cybersecurity that ensures the protection
of digital information.
 It consists of three key principles:

1 2 3
CONFIDENTIALITY 🔒 INTEGRITY ✅ AVAILABILITY 🌍

o Protecting information o Ensuring data remains o Ensuring authorized

from unauthorized accurate and unaltered. users can access data
access. o Example: Using when needed.
o Example: Encrypting checksums or digital o Example: Implementing
sensitive data to prevent signatures to detect backup systems and
hacking. unauthorized changes. DDoS protection.
Cyber Security
Threa
t
A threat is any potential danger
or risk that can cause harm,
damage, or loss to a system,
person, or organization.
 Data breaches

1. Bank Islami Cyberattack (October 2018)

They experienced a cyberattack where
hackers stole 6 million from customers’
accounts.
The attackers used fraudulent international
transactions.
2. National Bank of Pakistan (NBP)
Cyberattack (October 2021)
One of the major cyberattacks in
Pakistan targeted their ATM server
and online banking system.
3. PIA Data Breach (2022)
There were reports of data breach, where
passenger and employee data might have
been exposed.
Details were not officially confirmed, but
cybersecurity experts warned about weak
security practices.
 Cyber Security
Threats Solutions/Prevention
 Cyber Security
Threats Solutions/Prevention
Brute-Force Attack

Activity: Can you guess my

password?
Brute-Force Attack
• A ‘trial and error’ method used by cybercriminals

• One way to reduce the number of attempts:

o try with the more commonly password first.

• The longer a password is and the greater the variation

of characters used, the harder it will be to crack.
 Distributed Denial of Service (DDOS)
Distributed = Many computers
Denial of Service = Deny user from using
a service
• A denial of service (DoS) attack is an attempt at
preventing users from accessing part of a network, notably
an internet server.
• The attacker may be able to prevent a user from:
• accessing their emails
• accessing websites/web pages
• accessing online services (such as banking).
If too many people accessing a website at the same
time, the server will go down ...
 Distributed Denial of Service (DDOS)
How does it attack?

When a user enters URL in

their browser, a request is
sent to the web server that
contains the website
 Distributed Denial of Service (DDOS)
How does it attack?

When a user enters URL in

their browser, a request is The server can only handle
sent to the web server that a finite number of requests.
contains the website (say: 1 million) at a time
Distributed Denial of Service (DDOS)
How does it attack?

A criminal can use a software

that force thousands of
innocent computers around
the world to send a viewing
request to a web server.

x100000
Distributed Denial of Service (DDOS)
How does it attack?

A criminal can use a software The server becomes overloaded and

that force thousands of won't be able to service a user's
innocent computers around legitimate request. It will slow the
the world to send a viewing website down or cause it to go offline
altogether.
request to a web server.

Sorry
can't do
x100000 it!
Distributed Denial of Service (DDOS)
Signs to detect a DDOS attack

Slow network performance (opening

files or accessing certain websites)

Inability to access certain websites

Large amounts of spam email

reaching the user’s email account.
Data Interception
• Data interception is a form of stealing data by
tapping into a wired or wireless communication link.
• The intent is to compromise privacy or to obtain
confidential information.
• Interception can be carried out using a packet
sniffer, which examines data packets being sent
over a network. The intercepted data is sent back to
the hacker.
 Wireshark-a packet sniffer

Display filter

Captured
Packets

Detail of
packet header

Packet content in
hexadecimal and
ASCII
Data Interception
To tackle data interception

Encryption of data.
Eg. Wired Equivalent privacy (WEP)

It is important not to use Wi-Fi

(wireless) connectivity in public
places (such as an airport) since no
data encryption will exist and your
data is then open to interception by
anyone within the place.
Hacking

• Hacking is the act of gaining illegal access to a

computer system without the user's permission.
• Data can be deleted, passed on, changed or
corrupted.
 Can encryption stop hacking?

• Encryption does not stop hacking; it just make the data

meaningless.
• Solution: Firewall, strong passwords.
Hacking

Black-hat White-hat
hacker hacker

Hacker that try to find security

Hacker who seeks to gain
loopholes in a system and give
unauthorized access to a
advice to the network owners
computer system.
about how to close them.
 Malware = Malicious Code Software

Malware are pieces of software that have been written and

coded with the intention of causing damage to or stealing
data from a computer or system.

There are several types of malware:

Trojan Ransomware
Virus Worm Spyware Adware
Horse
 Virus

• Viruses are programs or program codes that self-replicate with the

intention of deleting or corrupting files, or causing a computer to
malfunction.
• Viruses need an active host program on the target computer or an
operating system.
• Viruses are often sent as email attachments, reside on infected
websites or on infected software downloaded to the user’s computer.

Trojan Ransomware
Virus Worm Spyware Adware
Horse
 Trojan Horse
• A trojan horse is malware that is hidden away in the code of
software that appears to be harmless. A Trojan horse replaces all or
part of the legitimate software with the intent of carrying out some
harm to the user’s computer system.

• They need to be executed by the end-user. They usually arrive as

an email attachment or are downloaded from an infected website
• Once installed on the user’s computer, the Trojan horse will give
cyber criminals access to personal information on your computers,
such as IP addresses, passwords and other personal data.

Trojan Ransomware
Virus Worm Spyware Adware
Horse
 Worm

• A type of stand-alone malware that can self-replicate. Unlike

viruses, they don't need an active host program to be opened in
order to do any damage.

• Worms tend to be problematic because of their ability to spread

throughout a network without any action from an end-user;
whereas viruses require each end-user to somehow initiate the
virus.

Trojan Ransomware
Virus Worm Spyware Adware
Horse
 Spyware

• Spyware is software that gathers information by monitoring a

user’s activities carried out on their computer.

• The gathered information (bank account numbers, passwords

and credit/debit card details) is sent back to the cybercriminal
who originally sent the spyware (just like cookies).

• Spyware can be detected and removed by anti-spyware software.

Trojan Ransomware
Virus Worm Spyware Adware
Horse
 Adware

• Adware is a software that will attempt to flood an end-user with

unwanted advertising.

• For example, it could

• redirect a user’s browser to a website that contains
promotional advertising
• appear in the form of pop-ups
• appear in the browser’s toolbar and redirect search requests

Trojan Ransomware
Virus Worm Spyware Adware
Horse
R Ransomware

• Ransomware are programs that encrypt data on a user’s

computer and ‘hold the data’.
• The cybercriminal waits until the ransom money is paid and,
sometimes, the decryption key is then sent to the user.

Trojan Ransomware
Virus Worm Spyware Adware
Horse
P Phishing
• Sending out legitimate-
• Banks never email
multiple receivers
looking emails • No personal info
designed to trick the
required
recipients into giving • Wont use free email
their personal details to
gmail etc
the sender of the email. • No spelling mistakes
• These emails may
• Check at forums like
contain links or
virustotal
attachments, when
initiated, take the user
to a fake website to
enter personal details.
 Phishing
• Sending out legitimate-
looking emails
designed to trick the
receiver.

• These emails may

contain links or
attachments.

• take the user to a fake

website to enter
personal details.
P Phishing
Ways to prevent phishing

Be aware of fake emails (eg. Dear (Your

name) and not Dear Customer)

Look out for http(s) in the address bar

Be very alert of pop-ups and use the

browser to block them
Pharming

• Redirect user from a genuine website to a fake one, with

the hope that this goes unnoticed. They manipulate the
DNS server.

• A user may then be prompted to enter login details, and

this can then be collected by a criminal for use on the
genuine site.

• Pharming attacks occur when web servers are attacked,

and code is inserted into a website that redirects
visitors (changing the IP address).
Examples:
 Social Engineering
• This form of cyber-crime is where users are manipulated into
behaving in a way that they would not normally do.

• Five common types of threat:

• Instant messaging (malicious link embedded in message)
• Scareware (tell you that your computer is infected with virus)
• Email (genuine looking emails)
• Baiting – provoke (leave a pendrive where it can be found)
• Phone calls (asks you to download special software)
Social Engineering

• All threats above are effective methods for introducing

malware.

• The whole idea of social engineering is the exploitation of

human emotion (fear, curiosity, empathy and trust).
Cyber Security
Solutions
and
Preventio
n
 Cyber Security
Threats Solutions/Prevention
Access Level
• This method of protection is hugely important in
organizations where there are lots of users accessing a
network.

• User will be assigned different levels of access

depending on the role they have.

• When using databases, levels of access are important to

determine who has the right to read, write and delete
data.
Anti-malware
• Danger of malicious software
• Theft of company data
• Corruption of data (data becomes unreadable)

• Hence, a network should have anti-malware and anti-

virus applications installed that protect all devices on
the network (just like a vaccine to covid).
Types of Anti-malware

Anti Virus Anti Spyware

 Anti virus
• Anti-virus software are constantly scanning documents, files and
also incoming data from the internet.

Anti Virus Anti Spyware

 Anti virus
• They are designed to detect suspicious activity and files before
they are opened or stored / warn the user against opening the
files.

• If a file is detected as harmful, the anti-virus will quarantine the

file away from the network, preventing it from installing or
multiplying itself to other areas of the network or the hard disk
drive.

• Upon user instructions, the software will then remove and delete
the offending malware or virus.

Anti Virus Anti Spyware

 Anti spyware
• Spyware: Spyware is software that gathers information by
monitoring a user’s activities carried out on their computer.

• How they work?

• Looks for typical features which are usually associated with
spyware thus identifying any potential security issues

• File structures – in this case, there are certain file structures

associated with potential spyware which allows them to be
identified by the software.

Anti Virus Anti Spyware

 Authentication

• Authentication refers to the ability of a user to prove who

they are.

Password
Biometrics Two-step Credit Card &
and user Authentication verification Hotel Card
names
 Password and user names

• Examples of where password is used:

• websites
• mobile phones, etc

• Password should be strong enough to stop criminals from

guessing them.

Password
and user
names
Tips for a stronger password
• Combine different types of character (lowercase, uppercase,
special character)

• Don't put in pattern in your passwords (eg. cabbag3), use

random patterns eg. (Hp3oe7Ls*)

• Don't use the same passwords for all accounts

• Be aware of spyware that tries to steal your passwords (via
keyboard stroke)

Password
and user
names
 Biometric Authentication
• Biometrics relies on certain unique characteristics of human
beings:
• Fingerprint scans (compare image stored versus image
scanned; fingerprints are unique)
• Face recognition
• Voice recognition

Biometric
Authentication
Analog-Digital Converter Digital-Analog Converter
 Two-step verification

• Requires two methods of authentication to verify who a user

is.
• Example: Online shopping
• Step 1: Enter user name and password
• Step 2: Enter PIN that is sent back to her either in an
email or as a text message to her mobile phone

Two-step
verification
 Credit Card & Hotel Card

• Hotel card has magnetic stripe on the back of the card.

These stripe will store personal information.
• Credit card (or any smart card) has a chip that is read when
inserted into an Electronic Funds Transfer Point of Sale. The
chip can hold a lot of information (eg. Pin).

Credit Card &

Hotel Card
 Automating Software Updates
• Why?
 Automating Software Updates
• This ensures that applications
like operating systems, anti-
virus and other commonly
used pieces of software are
always operating with the
latest version installed.

• Greater threats are constantly

evolving and that anti-virus
companies are always
attempting to stay up to date
with new attacks.
Spelling and Tone in communications

• Threat relating to emails?

Spelling and Tone in communications

• Phishing emails are a threat to security. Sending out

legitimate-looking emails designed to trick the recipients
into giving their personal details to the sender of the email.

• What can we do?

Spelling and Tone in communications
• Check
• If there is spelling errors in the email
• The tone used in the email message

www.gougle.com
www.amozon.com
Firewall

• A firewall can be either software or hardware.

• It sits between the user’s computer and an external network
(for example, the internet) and filters information in and out
of the computer.
Firewall

• Firewalls are the primary defense to any computer system to help protect
it from hacking, malware (viruses and spyware), phishing and pharming.

• Main tasks
• Examine the ‘traffic’ between user’s computer (or internal network)
and a public network

• checks whether incoming or outgoing data meets a given set of

criteria. If the data fails the criteria, the firewall will block the ‘traffic’

• criteria can be set so that the firewall prevents access to certain

undesirable sites; the firewall can keep a list of all undesirable IP
addresses

• The firewall can be software installed on a computer; in some cases, it is

part of the operating system.
Simple rule - example

Example rule on a typical firewall:

•Rule Name: "Block Malicious IP"

•Source IP: 192.168.1.100 (the IP address you want to block)

•Action: Block
Privacy Setting

• Privacy settings are the controls available on web browsers, social

networks and other websites that are designed to limit who can access
and see a user’s personal profile.
• Examples:
• "Do not track" setting
• Allow payment method to be saved (avoid the need to key in
information every time, which is dangerous)
• Safer browsing
• App (sharing of location)
Privacy Setting - Phone and
Proxy Server

• Proxy servers act as an intermediate between a user and a web server.

• Benefits?
Proxy Server

Here's how it functions in a simple way

1. User Request: When you try to visit a website, your request first goes
to the proxy server instead of directly to the website.
2. Proxy Forwards the Request: The proxy server then sends your
request to the website on your behalf.
3. Website Sends Data to Proxy: The website responds by sending the
requested data (like a webpage or a video) to the proxy server.
4. Proxy Delivers Data to You: The proxy server then sends the data
back to you.
Proxy Server

Why Use a Proxy Server?

•Security: It hides your IP address, keeping your identity private.

•Filtering: Schools and offices use it to block certain websites.
•Faster Browsing: It stores (caches) frequently visited websites to load
them quicker.
Proxy Server

• Benefits:
• Allows internet traffic to be filtered; it is possible to block access to a
website if necessary - Parental Control

• Keeps users’ IP addresses secret which improves security (middleman

concept)

• Can you relate to one threat that we learn?

• If an attack is launched, it hits the proxy server instead – this

helps to prevent hacking, DoS, and so on

• Act as a firewall
Secure socket layer

• SSL is a protocol/rule that is commonly found on

websites where financial transactions take place.

• SSL encrypts the connection between the user's

computer and the website that is being used.

• Sensitive data can be bank card numbers, login

details and passwords.
Secure Socket Layer Handshake

A connection that is created between a web

browser and a web server
Secure Socket Layer - flow

user’s browser sends a The browser then web server responds

message , it can requests that the web by sending a copy of
connect with the server identifies itself its SSL certificate to
website which is the user’s browser
secured by SSL

Certificate
An SSL certificate is a form of digital certificate
which is used to authenticate a website and
enables an encrypted connection
 Secure Socket Layer Handshake

The user’s browser The browser then The web server

sends a message so requests that the web responds by sending a
that it can connect with server identifies itself copy of its SSL
the required website certificate to the
which is secured by SSL user’s browser

If the browser can

authenticate this
certificate, it sends a
message back to the web
server to allow
communication to begin
 Secure Socket Layer Handshake

The user’s browser The browser then The web server

sends a message so requests that the web responds by sending a
that it can connect with server identifies itself copy of its SSL
the required website certificate to the
which is secured by SSL user’s browser

Once this message is If the browser can

received, the web server authenticate this
acknowledges the web certificate, it sends a
browser, and the SSL- message back to the web
encrypted two-way data server to allow
transfer begins communication to begin
Certificate Layout
How do we know if a website is using SSL?

A user will know if SSL is being applied when they see https or the
small padlock in the status bar at the top of the screen.
 How do we know if a website is using SSL?

Examples of where SSL will be used:

• Online banking and all online financial transactions
• Online shopping
• Sending and receiving emails
• Instant messaging
Transport Layer Security (TLS)

- A more modern and more secure version of SSL.

- It is a form of protocol that ensures the security and privacy of

data between devices and users when communicating over a
network.