Cybersecurity involves protecting individuals, businesses, and critical infrastructure from threats posed by the use of computers and the internet. This includes techniques for analyzing and mitigating various cyber attacks, whether from external actors seeking to steal data or disrupt systems, or from malicious insiders. Malware, such as viruses, worms, ransomware, and keyloggers, poses a serious threat by spreading malicious code and capturing users' sensitive information without consent. While cybersecurity aims to prevent attacks, increased protections also create the potential for accidental cyber incidents due to added complexity and the possibility of errors.
2. What is cybersecurity?
• A very wide-ranging term with no
standard definition.
• It covers all aspects of ensuring the
protection of citizens, businesses and
critical infrastructures from threats that
arise from their use of computers and
the internet.
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 2
3. Internet-enabled crime
• Criminals see lower risks and high
rewards from cyber crime than through
‘physical’ crime
• Stealing confidential and national
secrets by intelligence agencies and
others now involves illegally accessing
digitised information.
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 3
4. Internet-enabled crime
• Nation states have the potential to
disrupt an enemy’s economy and
perhaps reach their strategic objectives
without risk to their armed forces
• There are fewer online barriers to antisocial behaviour on the net than in face
to face interaction.
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 4
5. Scope of cybersecurity
• Techniques of threat and attack
analysis and mitigation
• Protection and recovery technologies,
processes and procedures for
individuals, business and government
• Policies, laws and regulation relevant to
the use of computers and the Internet
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 5
7. Cybersecurity is…
• A socio-technical systems problem
• Security problems almost always stem
from a mix of technical, human and
organisational causes
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 7
8. Cyber attack
• A malicious attempt, using digital
technologies, to cause personal or
property loss or damage, and/or steal or
alter confidential personal or
organisational data
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 8
9. Insider attacks
• Attacks to an organisation carried out by
someone who is inside that organisation
• Difficult to counter using technical
methods as the insider may have valid
credentials to access the system
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 9
10. External attacks
• Attacks to an organisation carried out by
an external agent
• Requires either valid credentials or the
exploitation of some vulnerability to gain
access to the systems
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 10
12. Malware
• Software that has some malicious intent
and which is installed on a user’s
computer without that user’s consent
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 12
13. Malware
• Key loggers
– Software installed on a computer that
captures key strokes and sends these
to a remote system
– Used to try and get personal
information to gain access to sites
such as banks
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 13
14. Malware
• Ransomware
– Software that runs on a user’s computer
and demands that the user pays some
other organisation. If they don’t, the
information on their computer will be
destroyed.
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 14
15. Malware transmission
• Malware can usually spread itself from
one computer to another either as a
virus or as a worm
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 15
16. Viruses and worms
• Virus – malware attached to a carrier
such as an email message or a word
processing document
• Worm – malware can autonomously
spread itself without a carrier, using
information about connected computers
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 16
17. Malicious and accidental
damage
• Cybersecurity is most concerned with
– Cyber attacks
• Cyber-accidents
–
Accidental events that can cause
loss or damage to to an individual,
business or public body
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 17
18. • Many of the same technologies used to
protect against external attack also
protect against cyber-accidents.
• However, sometimes protecting against
cyber attacks increases the probability
of cyber-accidents.
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 18
19. • Adding protection increases system
complexity which increases the likelihood of
introducing bugs into the system and for
humans to make mistakes.
• For example
– An attack detection system might mistakenly
detects an external attack and shut down part of
the system in response to this.
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 19
20. Summary
• Cybersecurity all about protecting, repelling
and recovering from cyberattacks
• Need to be aware of the potential for both
insider and external cyber attacks
• Malware is malicious code that is installed on
a computer without the owner’s consent.
Cybersecurity 1: Introduction to cybersecurity 2013
Slide 20