Cybersecurity Fundamentals

From Think Outside the Circle
Jump to navigation Jump to search

Fundamentals

What are we trying to protect: It's all about the Data

  • Confidentiality: Only those who should have access can get access.
  • Integrity: The data is what it should be. The data has truth.
  • Availability: Data is available to those with rights, when they need to access it.

Who are we trying to protect the data from? Threat Actors:

  • Cybercriminals: motivated by money
  • Nationstates: motivated by loyalty to country
  • Terrorist Organizations: motivated by destruction
  • Hacktivists: motivated by a moral cause
  • Insiders: motivated by stupidity (i.e perhaps ignorance would be better),

How Tactics, Techniques and procedures

  • Phishing,
  • social engineering,
  • business email compromise (BEC) scams,
  • botnets,
  • password attacks,
  • exploit kits,
  • malware,
  • ransomware
  • Break-ins

Vulnerabilities and Risk

  • Risk Identification
  • Risk Analysis
  • Risk Response
  • Risk Mitigation
  • Risk ReAssessment
  • Goto #1 Risk ID

Common Attacks

https://www.cisco.com/c/en/us/products/security/common-cyberattacks.html#~types-of-cyber-attacks

  • Malware
  • Phishing
  • MiTM
  • DoS
  • SQL Inject
  • Zero Day
  • DNS Tunneling


https://blog.netwrix.com/2018/05/15/top-10-most-common-types-of-cyber-attacks/

  • Some of the above and
  • Drive by
  • Password
  • XXS
  • Eavesdropping
  • Birthday (Hash replacement)
  • Malware
    • Macro Virus
    • File Infector
    • boot record infection
    • polymorphic
    • stealth
    • trojan
    • logic bomb
    • dropper
    • ransomware
    • adware
    • spyware

https://cybersecuritykings.com/2020/04/17/the-8-most-common-cyber-attacks/

  • Fileless Malware (n RAM)


https://alpinesecurity.com/blog/the-8-most-common-cyber-attacks-and-how-to-stop-them/

  • Social Engineering
  • Social Media Attach
  • Birthday Hash attack
    • Think of it this way. If you wanted a 50% chance of that someone in a group would share a birthday with you , you would need 253 people in your group (not the 183 you would expect https://en.wikipedia.org/wiki/Birthday_problem) while you would only need 23 in the group for there to be a chance > 50% of their being a birthday pair.

https://phoenixnap.com/blog/cyber-security-attack-types

  • AI Attack

https://www.rapid7.com/fundamentals/types-of-attacks/

  • Credential Reuse

Basic Risk Assessment

https://blog.netwrix.com/2018/01/16/how-to-perform-it-risk-assessment/

https://www.tylercybersecurity.com/blog/6-steps-to-a-cybersecurity-risk-assessment

  1. What is a IT Risk Assessment
  2. Why is it important
  3. What is at Risk?
  4. Formulation of Risk
    • Threat
    • Vulnerability
    • Impact
    • Likelihood
    • Risk = Threat * Vulnerability * Assett
  5. How to perform an IT Risk Assessment (https://blog.netwrix.com/2018/01/16/how-to-perform-it-risk-assessment/)
    1. ID and prioritize assets (data, servers, contacts...)
    2. ID Threats (Natural, H/W S/W failure, Human error, Bad people doing bad things )
    3. Identify Vulnerabilities
    4. Analyze Controls: encryption, IDS, authentication, policies. ...
    5. Determine Likihood of attack
    6. Assess impact
    7. Prioritize Risk
    8. recommend contros
    9. Document the results

Cryptography and PKI

  • Cryptography is the study of securing information through the use of algorithms and codes.
  • Symmetric Encryption: Uses a “secret” key to both encrypt and decrypt message. The problem is sharing the key on untrusted channel
  • Asymmetric: Uses two keys.  Either can encrypt, but the other must be used to decryp

Data Security

  • Data at Rest
    • Identify at risk data and use appropriate encryption solutions
    • Consider full storage encryption as well as file encryption.
  • Data in Transit
    • Implement secure firewalls and network solutions.
    • Ensure that when data is in transit a secure end-to-end encryption method is being used
    • Implement methods of identifying when at-risk data is being moved and place barriers to ensure the movement is authorized.
  • Don’t Ignore Cloud storage
    • Ensure that cloud data is encrypted both at rest and you use a provider that further encrypts in transit.

Security Mechanisms

https://www.geeksforgeeks.org/types-of-security-mechanism/

https://www.ciscopress.com/articles/article.asp?p=1626588&seqNum=2

https://www.synopsys.com/glossary/what-is-cyber-security.html

•Encryption

•Access Control

•Notarization

•Data Integrity

•Authentication Exchange

•Bit Stuffing

•Digital Signature

•Physical Security

•Authentication

•Authorization

•Accounting/Auditing

•Firewalls/IDS/IPS

•Application Security

•Mobile Security

•Cloud Security

•Disaster Recovery User Education

Security Countermeasures

Controls to protect CIA

References

https://blog.netwrix.com/2018/01/16/how-to-perform-it-risk-assessment/ https://www.cisecurity.org/spotlight/cybersecurity-spotlight-cyber-threat-actors/

inforsec handbook

Retrieved from "https://www.thinkoutsidethecircle.net/mediawiki/index.php?title=Cybersecurity_Fundamentals&oldid=31"