Download to read offline
![18
Today’s Security Attacks
Vietnam
13%
Brazil
12%
United
States
11%
China
9%
Mexico
8%
South
Korea
6%
Taiwan
5%
Russia
4%
Romania
2%
Colombia
2%
Other
countries
28%
Mirai IoT Camera Botnet’s IPs/country (source: incapsula.com [1])](https://image.slidesharecdn.com/module1-250903173920-e6519373/85/Module-1-Introduction-of-Network-security-18-320.jpg)
![18
Today’s Security Attacks
Vietnam
13%
Brazil
12%
United
States
11%
China
9%
Mexico
8%
South
Korea
6%
Taiwan
5%
Russia
4%
Romania
2%
Colombia
2%
Other
countries
28%
Mirai IoT Camera Botnet’s IPs/country (source: incapsula.com [1])](https://image.slidesharecdn.com/module1-250903173920-e6519373/75/Module-1-Introduction-of-Network-security-18-2048.jpg)
More Related Content
Similar to Module 1 Introduction of Network security
Module 1 Introduction of Network security
- 1. Module 1: Introduction Course:Network Security
- 2. Administration • This lectureuses materials from multiple reference sources as follows: - Lecture of Cisco CyberOps Associate - Mark Ciampa. CompTIA Security+ Guide to Network Security Fundamentals. - Matt Bishop, Computer Security: Art and Science (ISBN: 0-201-44099- 7), Addison-Wesley 2003 2
- 3. 3 Module Objectives Module Title:Introduction Module Objective: Introduce Network security and Explain why networks and data are attacked. Topic Title Topic Objective Introduction Introduce Network security and Terminologies War Stories Explain why networks and data are attacked. Threat Actors Explain the motivations of the threat actors behind specific security incidents. Threat Impact Explain the potential impact of network security attacks.
- 4. 4 Difficulties in DefendingAgainst Attacks • Universally connected devices • Increased speed of attacks • Greater sophistication of attacks • Availability and simplicity of attack tools • Faster detection of vulnerabilities
- 5. 5 Difficulties in DefendingAgainst Attacks
- 6. 6 Difficulties in DefendingAgainst Attacks • Delays in security updating • Weak security update distribution • Distributed attacks • Introduction of BYOD • User confusion
- 7. 7 What Is NetworkSecurity? • Before defense is possible, one must understand: • Exactly what security is • How security relates to network security • The terminology that relates to network security
- 8. 8 Understanding Security • Securityis: • The goal to be free from danger • The process that achieves that freedom • Harm/danger may come from one of two sources: • From a direct action that is intended to inflict damage • From an indirect and unintentional action • As security is increased, convenience is often decreased • The more secure something is, the less convenient it may become to use
- 9. 9 Understanding Security Source: CompTIASecurity+ Guide to network security fundamental Relationship of security to convenience
- 10. 10 Network Security andInformation Security • Network security - is the protection of the underlying networking infrastructure from unauthorized access, misuse, or theft. It involves creating a secure infrastructure for devices, applications, users, and applications to work in a secure manner. <According to Cisco> • Information security – is the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. This includes protecting data and information in physical, technical and administrative ways to ensure its confidentiality, integrity and availability. • Network security goal - to ensure that • Network systems prevent unauthorized access to network resources; • System detects and stop cyberattacks and security breaches in progress; • authorized users have secure access to the network resources they need, when they need them.
- 11. 11 Defining Information Security Threetypes of information protection: often called CIA • Confidentiality • Only approved individuals may access information • Integrity • Information is correct and unaltered • Availability • Information is accessible to authorized users
- 12. 12 Defining Information Security Protectionsimplemented to secure information • Authentication • Ensures the individual is who they claim to be • Authorization • Provides permission or approval to specific technology resources • Accounting • Provides tracking of events
- 13. 13 Information Security: IsIt anArt or a Science? • Implementation of information security is often described as a combination of art and science. • “Security artisan” idea: based on the way individuals perceive system technologists and their abilities.
- 14. 14 Security asArt • Nohard and fast rules nor many universally accepted complete solutions • No manual for implementing security through entire system
- 15. 15 Security as Science •Dealing with technology designed for rigorous performance levels. • Specific conditions cause virtually all actions in computer systems. • Almost every fault, security hole, and systems malfunction is a result of interaction of specific hardware and software. • If developers had sufficient time, they could resolve and eliminate faults.
- 16. 16 Security as aSocial Science • Social science examines the behavior of individuals interacting with systems. • Security begins and ends with the people that interact with the system, intentionally or otherwise. • Security administrators can greatly reduce the levels of risk caused by end users and create more acceptable and supportable security profiles.
- 17.
- 18. 18 Today’s Security Attacks Vietnam 13% Brazil 12% United States 11% China 9% Mexico 8% South Korea 6% Taiwan 5% Russia 4% Romania 2% Colombia 2% Other countries 28% MiraiIoT Camera Botnet’s IPs/country (source: incapsula.com [1])
- 19. 19 The Danger Hijacked People •Hackers can set up open “rogue” wireless hotspots posing as a genuine wireless network. • Rogue wireless hotspots are also known as “evil twin” hotspots.
- 20. 20 The Danger Ransomed Companies •Employees of an organization are often lured into opening attachments that install ransomware on the employees’ computers. • This ransomware, when installed, begins the process of gathering and encrypting corporate data. • The goal of the attackers is financial gain, because they hold the company’s data for ransom until they are paid.
- 21. 21 The Danger Targeted Nations •Some of today’s malware is so sophisticated and expensive to create that security experts believe only a nation state or group of nations could possibly have the influence and funding to create it. • Such malware can be targeted to attack a nation’s vulnerable infrastructure, such as the water system or power grid. • One such malware was the Stuxnet worm that infected USB drives and infiltrated Windows operating systems. It then targeted Step 7 software that was developed by Siemens for their Programmable Logic Controllers (PLCs).
- 22.
- 23. 23 Threat Actors Threat Actors •Threat actors are individuals or groups of individuals who perform cyberattacks. They include, but are not limited to: • Amateurs • Hacktivists • Organized crime groups • State-sponsored groups • Terrorist groups • Cyberattacks are intentional malicious acts meant to negatively impact another individual or organization.
- 24. 24 Threat Actors Threat Actors(Contd.) Amateurs • They are also known as script kiddies and have little or no skill. • They often use existing tools or instructions found on the internet to launch attacks. • Even though they use basic tools, the results can still be devastating. Hacktivists • These are hackers who publicly protest against a variety of political and social ideas. • They post articles and videos, leaking sensitive information, and disrupting web services with illegitimate traffic in Distributed Denial of Service (DDoS) attacks. Financial Gain • Much of the hacking activity that consistently threatens our security is motivated by financial gain. • Cybercriminals want to gain access to bank accounts, personal data, and anything else they can leverage to generate cash flow. Trade Secrets and Global Politics • At times, nation states hack other countries, or interfere with their internal politics. • Often, they may be interested in using cyberspace for industrial espionage. • The theft of intellectual property can give a country a significant advantage in international trade.
- 25. 25 Threat Actors How Secureis the Internet of Things? • The Internet of Things (IoT) helps individuals connect things to improve their quality of life. • Many devices on the internet are not updated with the latest firmware. Some older devices were not even developed to be updated with patches. These two situations create opportunity for threat actors and security risks for the owners of these devices.
- 26.
- 27. 27 Threat Impact PII, PHI,and PSI • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual, for example, name, social security number, birthdate, credit card numbers etc. • Cybercriminals aim to obtain these lists of PII that can then be sold on the dark web. Stolen PII can be used to create fake financial accounts, such as credit cards and short-term loans. • The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI), another type of PII, includes usernames, passwords, and other security-related information that individuals use to access information or services on the network.
- 28. 28 Threat Impact Lost CompetitiveAdvantage • The loss of intellectual property to competitors is a serious concern. • An additional major concern is the loss of trust that comes when a company is unable to protect its customers’ personal data. • The loss of competitive advantage may come from this loss of trust rather than another company or country stealing trade secrets.
- 29. 29 Threat Impact Politics andNational Security • It is not just businesses that get hacked. • State-supported hacker warriors can cause disruption and destruction of vital services and resources within an enemy nation. • The internet has become essential as a medium for commercial and financial activities. Disruption of these activities can devastate a nation’s economy.
- 30.
- 31. 31 The Danger Summary WhatDid I Learn in this Module? • Threat actors can hijack banking sessions and other personal information by using “evil twin” hotspots. • Threat actors include, but are not limited to, amateurs, hacktivists, organized crime groups, state sponsored, and terrorist groups. • As the Internet of Things (IoT) expands, webcams, routers, and other devices in our homes are also under attack. • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual. • The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI) includes usernames, passwords, and other security-related information that individuals use to access information or services on the network.
- 32. 32 Module 1 New Termsand Commands • Evil twin hotspots • Programmable Logic Controllers (PLCs) • Threat Actors • Hacktivists • Cyberattacks • Distributed Denial of Service (DDoS) • Internet of Things (IoT) • Personally Identifiable Information (PII) • Protected Health Information (PHI) • Electronic Medical Records (EMRs) • Health Insurance Portability and Accountability Act (HIPAA) • General Data Protection Regulation (GDPR • Personal security information (PSI) • Cyberwarfare
- 33. 33 The end ofmodule 1