1

Cybersecurity 2
Cyber security is the collection of :
Tools (Access control, antivirus etc)
Policies,
security concepts, security
safeguards and guidelines
Risk management approaches and
actions, training, best practices, assurance
and technologies that can be used to
protect the cyber environment and
organization and user’s assets.
Cybersecurity Concerned 3
Protection of organization and user’s
assets include :
 Connected computing devices
 Personnel
 Infrastructure and Applications
 Services and Telecommunications systems,
 And the totality of transmitted and/or stored
information in the cyber environment.
Another way to think about it 4

cybersecurity = security of information

systems and networks in the face of attacks,
accidents and failures with the goal of
protecting operations and assets

Availability, Integrity
and Confidentiality
One way to think about it 5

cybersecurity = security of information

systems and networks

+ with the goal of

protecting
operations and
assets
Cyber security 6

cybersecurity = security of
information systems and networks
with the goal of protecting
operations and assets

security in the face

of attacks, accidents
and failures
Cyber security threats 7
Cyber security threat: Is a malicious act that seeks:
 To damage data,
 Steal data,
 Disrupt digital life in general.

• Cyber threats include: computer viruses, data breaches,

Denial of Service (DoS) attacks, and other attack vectors
• Cyber threats can come from within an organization by
trusted users or remote locations by unknown parties.
Which of these is a cyber threat?

POTENTIALLY ALL OF THEM!!!

Cyber security Vulnerability
Vulnerability :
 Refers to any weakness in an information system,
system processes, or internal controls of an
organization.
 Vulnerabilities can be leveraged to force software/users
to act in ways it’s not intended to, such as obtaining
information about the current security defenses in
place.
Examples of cyber crime 10
vulnerability?
Common examples
:
 Broken Authentication user sessions and identities are hijacked by
malicious actors to pose as the original user.
 SQL Injection: Attempt to gain access to database content via malicious
code injection
Attack targets website users,
 Cross-Site Scripting:

rather than the actual website itself

 Cross-Site Request Forgery: A Cross-Site Request

 Forgery (CSRF) attack aims to trick an

authenticated user into performing an

action that they do not intend to do.
Social engineering
 Security Misconfiguration
 Cyber security vulnerability

11

Management of vulnerability

https://cybergrape.co.nz/solutions/vulnerability-
management.html
What is cyber security risk? 12

 Cyber security risk

 Is the probability of exposure or loss of critical
assets and sensitive information, or
reputational harm as a result of a cyber attack
or breach within an organization’s network
 Risks come in many forms, vary from one
industry to the next, and are constantly
evolving/change.
 Organization’s cyber security risk
management program should accommodate
the volatility of the risks
Review:…Cyber Crime – 13
Motivation
• Technology
• Money/Greed
• Curiosity
• Revenge
• Fun – show off/talent
• Praise seekers
• ?
• ?
• ?
Cyber Crime – Increased 14
Trends
 Increase in the use of Internet and smart phones
 Individuals share personal and work related information
on Internet
 Critical and sensitive information are shared on Internet
 Financial transactions take place on
Internet/smartphones.
 Security controls are never 100% and adequate
 BAD guys are always ahead of GOOD guys
Cyber Crime – Its No more a 15

fun

Committing any crime using cyber
space (using internet) is no more
fun as there are stringent laws.
 Cyber security trend overview

https://www.varonis.com/blog/data-breach-statistics/

How about Tanzania?

Questions?

17
Types of Cyber Crime 18
Types of Cyber Crime 19

There are several cyber crimes which include:

 Unauthorized Access  Forgery and Counterfeiting
 Denial of Service  Internet Fraud – “Imposter Sites”
 Extortion  SEC Fraud and Stock Manipulation
 Theft  Child Pornography
 Sabotage  Stalking & Harassment
 Espionage  Credit Card Fraud & Skimming
 Computer Fraud  Pharming
 Embezzlement  Malware
 Copyright Violation  Harassment
Our concern on cyber crime attacks 20

1. Man-In-The-Middle Attacks- (MITM)

What is a Man-In-The-Middle (MITM) 21
Attack?
 An MITM attack refers to a broad range of active eavesdropping
techniques in which an attacker attempts to intercept, read, or
alter information moving between two or more computers.
 These attacks allow a 3rd party to interject themselves between
separate systems and act as an electronic go-between,
anonymously observing data while passing information back
and forth between the other systems.

 This form of information gathering/altering is also sometimes

referred to as a Bucket Brigade or Janus attack.
 How MITM Attacks Work 22

 There are several methods for employing an MITM attack.

 However, they all rely on the ability to fool a system into believing
that it is communicating securely.
 During normal operations a Wi-Fi capable computer authenticates
with a wireless router which allows it to connect to a network,
intranet or internet
How MITM Attacks Work 23

 MITM attack the 3rd party steps in between the targeted

computer and a router when the computer first attempts to
initiate a connection.
 In this position the MITM acts as a proxy; reading, altering,
and inserting data in the communications stream. This
allows the MITM to capture transmitted files, public keys,
cookies, and passwords passed between the systems.
Man-in-the-Middle Attack 24
Techniques
Sniffing: Attackers use packet capture tools to inspect packets. Using
specific wireless devices that are allowed to be put into monitoring the
packets.
 Packet Injection: An attacker can use their device’s monitoring mode
to inject malicious packets into data communication streams. The
packets can blend in with valid data communication streams, appearing
to be part of the communication, but malicious in nature.
 Stealing browser cookies : Most web applications use a login
mechanism that generates a temporary session token(cookie) to use for
future requests to avoid requiring the user to type a password at every
page. An attacker can sniff sensitive traffic to identify the session token
for a user and use it to make requests as the user.
 IP Spoofing: By spoofing an IP address, an attacker can trick you into
thinking you’re interacting with a website or someone you’re not,
perhaps giving the attacker access to information you’d otherwise not
share.
Man-in-the-Middle Attack 25
Techniques

Email hijacking: Attacker sometimes target email accounts of
banks and other financial institutions. Once they gain access, they
can monitor transactions between the institution and its customers.
This convinces the customer to follow the attackers’ instructions
rather than the bank’s.
 Best Practices to Prevent 26

Man-in-the-Middle Attacks
 Strong Wireless Access Point (WAP). Encryption on
Access Points.
 Strong Router Login Credentials
 Virtual Private Network
 Secure your network with an intrusion detection system
 Use hardwired, or non Wi-Fi, connections
 Don’t connect to public Wi-Fi systems.
 Turn off “Auto Connect” for your wireless devices.
 Examine the source of the Wi-Fi signals before attempting to
connect
Countermeasures to Prevent MITM 27

Attacks
 Examine the source of the Wi-Fi signals before attempting to
connect. Ad Hoc networks typically show up differently and
could represent a 3rd party attempting to hijack your connection

This symbol
represents an ‘ad
hoc’ connection. Do
not connect to this
wireless source
Remember – You Get What You Pay For 28

Wi Fi Or… Mi Tm
Is now really the time to send that confidential document?
Question? 29