cyber security briefing

CYBER SECURITY BRIEF

Marshall C. Frett Jr.Owner & Network Engineer

www.transcendent-it.net

Objectives Cyber Security & Information

Assurance Triad Cyber threats/risks Vulnerabilities Countermeasures Safeguarding Promoting a culture of security

.

Fundamental Concepts of Information Assurance• Information Assurance CIA Triad• Confidentiality (privacy)• Integrity (quality, accuracy,

relevance)• Availability (accessibility)

4

What you don’t know can hurt!!

Who & What is At Risk?• U.S. Economy• U.S. Defense• Transportation Departments• Medical Industry• U.S. Government• Telecommunications Industry• Energy Sector• U.S. Critical Infrastructure• Personal devices - Computers/Cable

TV/Phones/Games/tablets

.

6

Cyber Security Terms

Asset – A computer, a server, an application, a database, etc. Vulnerability - A weakness that threatens the confidentiality, integrity,

or availability (CIA) of an asset. Risk – The probability of a threat exploiting a vulnerability. Threat – Something or someone that may result in harm to an asset.

Unintentional – Human errors like unsecure coding.Intentional – Spyware, Adware, Spam, Phishing

Exploit – A tool or technique that takes advantage of a vulnerability..

Security Threat Categories Insider threats (intentional) - most common, difficult to recognize

• Includes sabotage and unauthorized disclosure of information

Social Engineering (mostly unintentional) - multiple techniques are used to gain information from authorized employees in hopes of using that info to carry out an attack

Dumpster Diving & Phishing - Personnel are often not aware of the value of information they have access to

Network & Computer System Exploitation & Attacks - Hacking

Social Engineering

• Being fooled into giving someone access when the person has no business having the information.

Dumpster Diving and Phishing

Dumpster Diving - rummaging through company’s garbage for discarded documents

Phishing - usually takes place through fraudulent emails requesting users to disclose personal or financial information. The e-mail appears to come from a legitimate organization ( like Bank of America or PayPal)

05/01/2023 10

Phishing E-mail Example

Personal PC Attacks

11

12

Botnets

A network of hijacked computers that are controlled remotely—typically to launch spam or spyware. Also called software robots. Botnets are linked to a range of malicious activity, including identity theft and spam.

13

Adware

• Adware, or advertising-supported software, is any software package which automatically renders advertisements in order to generate revenue for its author. The advertisements may be in the user interface of the software or on a screen presented to the user during the installation process.

14

Spyware

Spyware is software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge. Spyware" is mostly classified into four types: system monitors, trojans, adware, and tracking cookies.

15

Spam

Electronic spamming is the use of electronic messaging systems to send unsolicited messages (spam), especially advertising, as well as sending messages repeatedly on the same site.

Cyber Attacks

• How to Recognize a Cyber Attack Signs indicating a computer system is under attack may include:

Unusually sluggish or non-responsive applications. Unexpected changes in system behavior. Persistent pop-up messages. Missing or corrupt data.

• How to Prevent a Cyber Attack Use plug-ins to block ads (Ad-Block Plus). Use PGP for sender verification and encryption with e-mail. Ensure anti-virus is turned on.

Company Network Attacks

17

Types of Network Attacks DOD (Denial of Service): an attack on system availability, total

consumption of system resources Hack: to exploit a vulnerability to gain unauthorized access to the system Backdoor: An access method that bypasses the normal security of the

system Memory issues: Memory is not erased before given to another program Escalation of privileges: user exploits vulnerability to gain unauthorized

access Default settings: most OS ship with simplest configuration, security

disabled

How to defend a NetworkPolicies & Procedures (P & P)

Acceptable use policy – specifies what actions users may perform while using company computers and\or assets

Employees sign an array of other policies upon being hired Personnel controls - need to know, separation of duties (Accounting vs.

Human Resources vs. Creatives Dept. etc.) Hiring and termination practices - background checks, orientation, exit

interviews, escorting procedures, etc. Technical Network Safeguards – anti-virus, Intrusion Detection Systems

(IDS), Encrypted e-mail system, etc. Security minded Practices – HIPAA and other compliance standards

Information handling practices