CYBER

SECURITY
Mateen Maqbool (23217)
Noor Fatima (23218)
Laiba (23227)
Aiman Rashid (23228)
Zunaira Munir (23230)
 What is cyber terrorism?
Cyber terrorism is simply the use of computers and the Internet
connectivity between them in order to launch a terrorist attack. In short,
cyber terrorism is just like other forms of terrorism—it is only the milieu of
the attack that has changed.

 The FBI defines cyber terrorism as a premeditated attack targeting

information systems and data, with the goal of creating violence or
significant disruption.

 Although it may not cause direct loss of life, cyber terrorism can lead to
major economic damage, communication breakdowns, and infrastructure
disruption.
 Actual Cases of Cyber Terrorism
Case # 01

 CENTCOM Spyware Attack (2008)

 Topic: USB-based Malware Attack

Spyware called Agent.btz infected U.S. Central Command via a USB

drive. Introduced by a soldier unknowingly plugging it in. Significant
data breach.

Example:-
An example is provided with Russia’s cyber attacks on Ukraine in
2022, which were used to weaken infrastructure before military
invasion. This reflects the growing trend of combining cyber and
physical warfare.
 Case # 02

 Theft of Defense Plans (Dec 2009)

 Topic: Cyber Espionage

Secret U.S.–South Korea defense plans stolen, traced to a Chinese IP,

suspected North Korean involvement.
 Case #03
 India and Pakistan

 Cyber Threat Warning (2015)

In 2015, India’s Intelligence Bureau warned that Pakistan’s Cyber Army,
under the direction of ISI, was planning to launch cyber attacks on Indian
government websites as part of an Internet-based proxy war.

 Ongoing Cyber Conflict (2022)

By 2022, reports showed that both India and Pakistan were actively using
cyber attacks against each other, especially related to the Kashmir
conflict.

 Use of Third Parties

Both nations were also found to be using third-party hackers to carry out
or support cyber operations, making it harder to trace direct involvement.
 Weapons of Cyber Warfare
Introduction to Cyber Warfare:-

Cyber warfare: Digital attacks by nation-states to disrupt or damage

another nation’s infrastructure.
Origin: From simple cyber espionage to complex sabotage (e.g.,
Stuxnet).
Why it matters: Global threat to security, economy, and society.
Categories of Cyber Weapons
Malware-Based Weapons

 Viruses & Worms: Spread automatically (e.g., ILOVEYOU).

 Ransomware: Locks systems, demands payment
(e.g., WannaCry).
 Trojans: Disguise as legit software to gain access.

Exploits & Zero-Day Attacks

 Zero-Day: Exploits unknown software flaws before a fix exists.
 Used for precise, devastating attacks.
 Example: Stuxnet attacked Iranian nuclear centrifuges.
DDoS Attacks
 Distributed Denial-of-Service (DDoS): Overload systems
with traffic.
 Goal: Disrupt websites, banks, government portals.
 Easy to launch, hard to stop quickly.

Phishing & Social Engineering

 Exploits human psychology (fear, trust, urgency).
 Gathers login credentials, secrets, or triggers malware.
 Key tool in espionage and initial system breaches.
Real-World Cyber Warfare Examples
 Stuxnet: U.S.-Israel cyber weapon vs. Iran’s nuclear program.
 NotPetya: Russian attack on Ukraine, global collateral damage.
 SolarWinds: Massive U.S. government data breach.
 Russia-Ukraine war: Cyberattacks on power grids, media, comms.

Cyber Weapons vs Traditional Weapons

Cyber: Silent, invisible, often unattributable.
Low cost, high impact.
Can disrupt without physical destruction.
Escalation without firing a single bullet.

International Law & Ethics in Cyber War

No clear global rules—gray legal area.
Can Geneva Conventions apply digitally?
UN and NATO efforts: Cyber norms, digital Geneva rules.
 What is Information Warfare?
 A type of war using information instead of weapons
 The goal is to confuse the enemy or influence people’s thinking
 It uses the internet, computers, and media

4 Main Parts of Information Warfare:-

1. Technical Information Warfare
2. Propaganda
3. Information Control
4. Disinformation
Technical Information Warfare:-
 Cyber attacks like hacking, viruses, malware
 Stealing secrets from industries or governments
 Damaging systems or networks
 Example: Attacking SCADA systems (used in industries)

Propaganda:-
 Spreading fake or one-sided information
 Trying to change how people think
 Shared through the internet, news, and social media
 Example: Spreading false news to gain support in war
Information Control:-
 Controlling what information people can see
 Hiding important details from the enemy
 Example: Blocking the media or only showing selected news

Disinformation:-
 Sending false information on purpose
 Making messages look real but they are fake
 Example: A secret message that says one thing but means
anotherQuote:“Communication without intelligence is
noise;intelligence without communication is useless.” — Gen.
Gray
Future Trends in Cyber Warfare
Cyber warfare is rapidly evolving, with new technologies and tactics
constantly emerging. This presentation will explore some of the key trends
shaping the future of cyber conflict. We will delve into the roles of machine
learning and artificial intelligence, and review both positive and negative
trends to watch.

By understanding these trends, we can better prepare for the changes and
opportunities that lie ahead in the realm of cyber security.
The Rise of Machine Learning in Cyber Warfare

• Machine learning for defense

Machine learning algorithms are being used to develop more sophisticated
intrusion detection and prevention systems. These systems can automatically
identify and respond to threats in real time, without the need for human
intervention.
• Anomaly detection
• Threat prediction
• Automated response

Example: Machine learning can be used to detect malware • malware detection

by analyzing its code and behavior. This can be more effective than traditional
signature-based detection methods, which can be easily bypassed by new and
unknown malware variants.
1. Feature extraction
2. Model training
3. Real-time scanning
Artificial Intelligence: A Game Changer

• AI-powered attacks: AI can be used to automate and scale cyber attacks,

making them more difficult to defend against. AI-powered attacks can also be
more targeted and adaptive, allowing them to evade traditional security
measures.

• AI for defense :- AI can also be used to improve cyber defenses, by

automating threat detection, incident response, and vulnerability management.
AI can also be used to develop more intelligent security systems that can learn
and adapt to new threats.

• Ethical considerations :- The use of AI in cyber warfare raises a number of

ethical concerns, such as the potential for autonomous weapons systems and the
risk of unintended consequences.
Positive Trends:
Enhanced Cyber Resilience

• Increased Awareness
Organizations are becoming more aware of the importance of cyber security and
are investing more resources in protecting their systems and data.
• Improved Collaboration
There is increasing collaboration between governments, industry, and academia
to share threat intelligence and develop best practices.
• Advanced Technologies
New technologies, such as AI and machine learning, are being developed to
improve cyber defenses and enhance resilience
Negative Trends:
Escalating Cyber Threats

• Ransomware attacks
Increasing in frequency and sophistication
• State-sponsored attacks
Becoming more prevalent and aggressive
• Skills shortage
Difficult to find and retain qualified cyber security professionals
• IoT vulnerabilities
Creating new attack vectors
 Defense against Cyber Terrorism:

1. More Cyber security Education in Universities: Colleges and universities should

offer more courses and degrees focused only on computer and internet security.
This helps create skilled experts who can protect systems from cyber attacks.
Example:
NUST and FAST experts. now also offer courses in information security. This helps
students become future cyber security

2. Treat Cyber Crime More Seriously: Crimes done using computers (like hacking)
should be punished strictly, and such cases should be investigated properly just like
other serious crimes.
Example: Arrest of the 'Twitter Hack' Teen (2020)

3. Train Cyber security Experts for Law Enforcement: Instead of teaching police
officers a little bit of computer skills, it's better to train computer experts and bring
them into law enforcement to handle cybercrime. Experts can understand and stop
attacks better.
Example: In many countries, cybercrime investigation units (like NADRA’s Cyber
Security Department or FIA’s Cyber Crime Wing in Pakistan) include IT experts
who help police track and stop cyber criminals
4. Create a Shared Emergency Reporting System:
Build a system where companies and cyber security teams can share alerts and
updates if they face a cyber attack. This helps others to be prepared and respond
quickly if the same attack happens to them.
Example: HEC Cyber Alert Emails

5. Have a Recovery Plan for Lost Data: If hackers delete or damage your files, you
should have a backup or recovery system ready. This way, you can restore your data
easily and avoid major problems.
Example: Google’s Cloud Backup and Disaster Recovery System

6. Focus on Protecting the Most Important Data: Identify which files or

information are most valuable (like customer data, bank info, etc.) and protect them
the most. Even small, unimportant-looking data can sometimes reveal private or
business secrets, so be careful with all data.
Example: Facebook Data Breach (2019)
THANK
YOU