Cybersecurity involves protecting individuals, businesses, and critical infrastructure from threats arising from computer and internet use. It addresses both external attacks by remote agents exploiting vulnerabilities, as well as insider threats from valid users. Cybersecurity deals with a range of technical and human factors, as vulnerabilities usually stem from a mix of these. Key concerns include malware, cyber attacks aiming to cause damage or steal data, and accidental incidents that can also lead to losses.
2. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 2
What is cybersecurity?
• A very wide-ranging term with no
standard definition.
• It covers all aspects of ensuring the
protection of citizens, businesses and
critical infrastructures from threats that
arise from their use of computers and
the internet.
3. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 3
Internet-enabled crime
• Criminals see lower risks and high
rewards from cyber crime than through
‘physical’ crime
• Stealing confidential and national
secrets by intelligence agencies and
others now involves illegally accessing
digitised information.
4. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 4
Internet-enabled crime
• Nation states have the potential to
disrupt an enemy’s economy and
perhaps reach their strategic objectives
without risk to their armed forces
• There are fewer online barriers to anti-
social behaviour on the net than in face
to face interaction.
5. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 5
Scope of cybersecurity
• Techniques of threat and attack
analysis and mitigation
• Protection and recovery
technologies, processes and
procedures for individuals, business
and government
• Policies, laws and regulation relevant to
the use of computers and the Internet
7. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 7
Cybersecurity is…
• A socio-technical systems problem
• Security problems almost always stem
from a mix of technical, human and
organisational causes
8. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 8
Cyber attack
• A malicious attempt, using digital
technologies, to cause personal or
property loss or damage, and/or steal or
alter confidential personal or
organisational data
9. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 9
Insider attacks
• Attacks to an organisation carried out by
someone who is inside that organisation
• Difficult to counter using technical
methods as the insider may have valid
credentials to access the system
10. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 10
External attacks
• Attacks to an organisation carried out by
an external agent
• Requires either valid credentials or the
exploitation of some vulnerability to gain
access to the systems
12. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 12
Malware
• Software that has some malicious intent
and which is installed on a user’s
computer without that user’s consent
13. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 13
Malware
• Key loggers
– Software installed on a computer that
captures key strokes and sends these
to a remote system
– Used to try and get personal
information to gain access to sites
such as banks
14. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 14
Malware
• Ransomware
– Software that runs on a user’s computer
and demands that the user pays some
other organisation. If they don’t, the
information on their computer will be
destroyed.
15. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 15
Malware transmission
• Malware can usually spread itself from
one computer to another either as a
virus or as a worm
16. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 16
Viruses and worms
• Virus – malware attached to a carrier
such as an email message or a word
processing document
• Worm – malware can autonomously
spread itself without a carrier, using
information about connected computers
17. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 17
Malicious and accidental
damage
• Cybersecurity is most concerned with
– Cyber attacks
• Cyber-accidents
– Accidental events that can cause
loss or damage to to an individual,
business or public body
18. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 18
• Many of the same technologies used to
protect against external attack also
protect against cyber-accidents.
• However, sometimes protecting against
cyber attacks increases the probability
of cyber-accidents.
19. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 19
• Adding protection increases system
complexity which increases the likelihood of
introducing bugs into the system and for
humans to make mistakes.
• For example
– An attack detection system might mistakenly
detects an external attack and shut down part of
the system in response to this.
20. Cybersecurity 1: Introduction to cybersecurity 2013 Slide 20
Summary
• Cybersecurity all about protecting, repelling
and recovering from cyberattacks
• Need to be aware of the potential for both
insider and external cyber attacks
• Malware is malicious code that is installed on
a computer without the owner’s consent.