Information Security Basics.pptx
Download as PPTX, PDF0 likes12 views
This document discusses several common cybersecurity threats and risks: human nature, malware, phishing attacks, formjacking, inadequate patch management, outdated hardware and software, and man-in-the-middle attacks. It provides examples of data breaches and attacks that have occurred due to these threats. The key concepts covered are that threats become risks when they exploit vulnerabilities, and that risks are defined as the probability and impact of a threat occurring.
Information Security Basics.pptx
- 1. INFORMATION SECURITY BASICS IS165 – Networking Fundamentals
- 4. CYBER SECURITY THREAT OR RISK 1. Human Nature 2. Malware 3. Phishing Attacks and Social Engineering 4. Formjacking 5. Inadequate Patch Management 6. Outdated Hardware and Software 7. Man-in-the-Middle Attacks
- 5. HUMAN NATURE • Capital One recently had more than 100 million customer accounts compromised in a data breach. But, not by a random hacker or even an employee. • Capital One uses Amazon Web Services (AWS) for their cloud hosting and a former AWS employee exploited a misconfigured firewall to gain access to 140,000 Social Security numbers, 1 million Canadian Social Insurance numbers and 80,000 bank account numbers, plus an undisclosed number of people’s names, addresses, credit scores, credit limits, balances, and other information. • Capital One expects to face $100-150 million in costs, including customer notifications, credit monitoring, tech costs, and legal support due. • Not to mention any potential company stock value losses.
- 6. MALWARE • Center for Internet Security
- 7. PHISHING ATTACKS AND SOCIAL ENGINEERING • Phishing is a fraudulent attempt to elicit sensitive information from a victim in order to perform some type of action. • Phishing comes in many forms: • General phishing • Spear phishing • CEO fraud • Smishing • Vishing • Clone phishing • Domain spoofing • URL phishing • Watering hole phishing • Evil twin phishing
- 9. FORMJACKING • British Airways formjacking attack resulted in more than 380,000 credit cards being stolen at an estimated loss of $17 million, plus £183 million fine levied by the EU for the lack of GDPR compliance. • Attackers injected malicious JavaScript code onto Ticketmaster’s website after compromising the chatbot used for customer support on Ticketmaster websites. The attackers altered the JS code to capture payment card data from customers and send it to their servers. The malicious code may have been on the Ticketmaster website for almost a year.
- 11. INADEQUATE PATCH MANAGEMENT • EternalBlue is an exploit allegedly developed by NSA. • It exploits Microsoft vulnerabilities and led to worldwide attacks that included the Petya and WannaCry ransomware. • Microsoft released patches for EternalBlue, but many organizations didn’t apply the patch and remained vulnerable or they were using old systems past their end-of-life period. • The National Healthcare System (NHS) in the UK had thousands of appointments and surgeries cancelled, which cost NHS more than £100 million. • Two years after the WannaCry attacks, EternalBlue continues to impact systems around the world.
- 12. OUTDATED SYSTEMS • Data breaches and other security incidents result from outdated or unpatched technologies. • Equifax’s 2017 data breach that exploited a patchable vulnerability that wasn’t patched is an example.
- 13. MAN-IN-THE-MIDDLE ATTACKS • A notable example of a MitM attack occurred when a group of agents from Russia’s GRU tried to hack into the office of the Organization for the Prohibition of Chemical Weapons. • They used a Wi-Fi spoofing device to try to get the results of an investigation. • The attack failed, but evidences that no one — not even governments — are exempt from being MitM attack targets.
- 14. THREATS • A Threat is a negative event that can lead to an undesired outcome, such as damage to, or loss of, an asset. • Threats become dangerous because of a vulnerability in a system. • Threat is used interchangeably with both Attack and Threat Actor, and is often substituted for a Danger.
- 15. THREAT ACTORS • Threat Actors are the person, actor, entity, or organization that is initiating a given scenario, such as a hack attempt. • Threat Actors include: • Hacktivists • Cybercriminals • Disgruntled insiders • Nation States • Careless employees • Nature
- 16. VULNERABILITIES • Vulnerabilities are weaknesses in a system that make threats possible. • A Vulnerability is a weakness exploited by a Threat Actor to do Harm. • Examples of Vulnerabilities include: • Lack of proper building access control • Cross-site Scripting (XSS) • SQL Injection • Cleartext transmission of sensitive data • Failure to check authorization to sensitive resources • Failure to encrypt sensitive data at rest
- 17. RISK • A Risk is the chance that something bad may happen including the Harm if it does happen. • The result of combining Probability and Impact: risk = probability x impact
- 18. SUMMARY • A Threat is a negative scenario you want to avoid • A Threat Actor is the agent that makes a Threat happen • A Vulnerability is a weakness that can be exploited in order to attack you • A Risk is a negative scenario you want to avoid, combined with its probability and its impact • The difference between a Threat and a Risk is a Threat is a negative event by itself, where a Risk is the negative event combined with its probability and its impact.