Introduction to Cyber

Security
Cybersecurity aims to protect computer systems and networks from unauthorized
access, theft, and damage to hardware, software, or electronic data. It's a critical issue
that affects individuals, businesses, and governments.

by Ahmad Arslan ([email protected])

Why Is Cyber Security Important?

Data protection Privacy Business continuity

Cybersecurity is essential to Cybersecurity helps keep Cybersecurity is essential for

safeguard sensitive information confidential online activities and business continuity by ensuring
from theft, loss, or damage. personal information safe from continuous operations, maintaining
hackers. customer trust, and avoiding
financial losses.
Common Cyber Threats
1 Phishing Attacks 🔍 2 Malware 🦠

An attempt to trick users into giving sensitive Malicious software designed to harm or disrupt
information via email or messages. computer systems or steal data.

3 SQL Injection 🐉 4 Ransomware 🚪

Exploits vulnerabilities in web applications to A type of malware that encrypts data, rendering it
gain unauthorized access to sensitive data. inaccessible, and demands payment in exchange
for decryption.
Impact of Cyber Attacks
1 2 3

Financial Loss 💰 Operational Disruptions System and Network

🚦 Outages 📉
Cyber attacks can cause
economic damage such as Cyber attacks can cause Cyber attacks may cause
financial theft, compromised downtime, loss of data, and system and network outages,
financial data, stock price reduced productivity. resulting in delayed service
drops, and loss of business due delivery, reduced consumer
to reputational damage. confidence, and lost
productivity.
Best Practices for Cyber Security

Strong Passwords Antivirus Protection Software Updates

Use complex and unique passwords Install reputable antivirus software Keep software and operating
for each account and utilize multi- on all devices and keep security systems up to date, including
factor authentication. software up to date. security patches and updates.
Recent High-Profile Cyber Attacks

Colonial Pipeline Hack

• In May 2021, a ransomware attack on the Colonial Pipeline resulted in the shutdown of the
largest oil pipeline in the US, causing widespread fuel shortages and panic buying.
• 75 bitcoin or $4.4 million USD paid within 7 hours.
• An IT tool was provided to the Colonial Pipeline Company by DarkSide to restore the
system
• The first high-profile corporate cyber attack which started from a breached employee
personal password likely found on the dark web rather than a direct attack on the
company's systems
• The primary target of the attack was the billing infrastructure of the company.
• DarkSide is a cybercriminal hacking group, believed to be based in Russia, that targets
victims using ransomware and extortion.
• It is thought that they have been able to hack and extort money from around 90 companies
in the USA alone. The group provides ransomware as a service
Recent High-Profile Cyber Attacks
SolarWinds Hack

• The SolarWinds hack, discovered in December 2020, affected several US government

agencies and private companies after hackers implanted malicious code into
software updates.
• Eighteen thousand [customers] was our best estimate of who may have downloaded
the code between March and June of 2020.
• Hackers believed to be directed by the Russian intelligence service, the SVR, used
that routine software update to slip malicious code into Orion's software and then
used it as a vehicle for a massive cyberattack against America.
• Within days of its discovery, at least 200 organizations around the world had been
reported to be affected by the attack, and some of these may also have suffered data
breaches.
• Affected organizations worldwide included NATO, the U.K. government, the
European Parliament, Microsoft, and others.
Recent High-Profile Cyber Attacks
Capital One Data Breach

• Capital One suffered a data breach in July 2019, exposing the personal information of more
than 100 million customers and applicants.

• Capital One Financial (NYSE: COF) falls 5.5% after disclosing after Monday's close a data breach
perpetrated by a former employee of Amazon Web Services, where the bank had stored its
customer data.

• The alleged perpetrator, Paige Thompson, was arrested in Seattle, US.

Recent High-Profile Cyber Attacks
Equifax Data Breach

• In 2017, Equifax, one of the largest credit reporting agencies in the US, suffered a major data
breach that compromised the personal information of 147 million consumers.
• Private records of 147.9 million Americans along with 15.2 million British citizens and about
19,000 Canadian citizens were compromised in the breach, making it one of the largest
cybercrimes related to identity theft.
• The United States government indicted members of China's People's Liberation Army for
hacking into Equifax, though the Chinese Communist Party denied these claims.
• Information accessed in the breach included first and last names, Social Security numbers,
birth dates, addresses, and, in some instances, driver's license numbers for an estimated 143
million Americans, based on Equifax’s analysis.
• Security experts expected that the lucrative private data from the breach would be turned
around and sold on black markets and the dark web, though as of May 2021, there has been no
sign of any sale of this data.
Best Practices for Cybersecurity and Risk
Management
Effective cybersecurity and risk management strategies can help organizations prevent and mitigate the
impact of cyber attacks. Best practices include:

1 Regular Updates and Patches 2 Strong Passwords

Keep software and infrastructure up-to- Enforce strong password policies to

date with the latest security updates and prevent credential stuffing and other
patches. password-related attacks.

3 Employee Training 4 Multi-Factor Authentication

Train employees on how to recognize and Implement multi-factor authentication to

respond to cyber threats. add an additional layer of security to user
accounts.
Cyber Security Tools and Technologies
Firewalls 🔥 VPNs

A firewall is a network security system that monitors A Virtual Private Network is a secure and encrypted
and regulates incoming and outgoing network traffic connection that enables users to access the internet
based on defined security rules. securely, despite using public networks.

Encryption 🔒 Intrusion Detection Systems 🎯

Encryption is a mathematical process of encoding ID Systems detect cyber attacks in real-time,

information to secure data integrity, making it providing administrators with alerts and threat-level
unreadable to anyone without access to the data.
decryption key.
The Future of Cyber Security
AI and Machine Cybersecurity Quantum Computing
Learning Regulations
AI and Machine Learning are The cybersecurity landscape will Quantum computing has the
essential tools in cybersecurity to be significantly impacted by potential to revolutionize
predict and prevent cyber attacks. international cybersecurity cybersecurity, offering new
They can also identify patterns in regulations, including laws methods for encryption and
data and anticipate future threats. relating to data sovereignty, data security that will render the
privacy, and cybercrime. majority of current encryption
techniques vulnerable.
Components of a Network
Devices Software Cabling and Wiring

Computers, routers, switches, Network operating systems, Fiber optic, coaxial, twisted
hubs, and servers are all drivers, and applications pair, and wireless connections
essential components of a enable devices to provide the physical
network. communicate with one infrastructure for networks.
another.
The Internet and the World Wide Web
1983: TCP/IP Today

The creation of the Transmission The internet and the World Wide Web
Control Protocol and Internet Protocol are integral to our daily lives,
established the foundation of the connecting us to people and
modern internet. information around the world.

1 2 3 4

1969: ARPANET 1991: World Wide Web

The first precursor to the internet was Tim Berners-Lee invented the World
a network created by the US Wide Web, which revolutionized the
Department of Defense. internet by allowing multimedia
content to be distributed and accessed
through browsers.
Types of Networks

Local Area Network (LAN) Wide Area Network (WAN) Wireless Local Area
Network (WLAN)
A network confined to a small A network that covers a large
geographic area, such as a home geographic area, such as a city or A LAN that uses wireless
or office. even multiple countries. technology to connect devices.
Internet Protocols and
Standards
1 TCP/IP 2 HTTP

Transmission Control Hypertext Transfer Protocol,

Protocol and Internet the protocol that defines how
Protocol, the foundation for data is transferred across the
communication between World Wide Web.
devices on the internet.

3 HTML

Hypertext Markup Language, the language used to create websites that

can be accessed through a browser.
Security Risks and Measures
Risks Measures
• Malware infections • Firewalls
• Phishing scams • Encryption
• Identity theft • Two-factor authentication
Future of Networks and the Internet

1 5G Networks

The next generation of wireless

networking promises faster speeds and
Internet of Things (IoT) 2 increased connectivity for more devices.
The increasing number of devices and
sensors connected to the internet will allow
for more efficient and automated systems. 3 Quantum Computing

The power of quantum computing could

revolutionize the way we process and
analyze data in the future.