Difference between revisions of "Cybersecurity Fundamentals"

Fundamentals

What are we trying to protect: It's all about the Data

• Confidentiality: Only those who should have access can get access.
• Integrity: The data is what it should be. The data has truth.
• Availability: Data is available to those with rights, when they need to access it.

Who are we trying to protect the data from? Threat Actors:

• Cybercriminals: motivated by money
• Nationstates: motivated by loyalty to country
• Terrorist Organizations: motivated by destruction
• Hacktivists: motivated by a moral cause
• Insiders: motivated by stupidity (i.e perhaps ignorance would be better),

How Tactics, Techniques and procedures

• Phishing,
• social engineering,
• business email compromise (BEC) scams,
• botnets,
• password attacks,
• exploit kits,
• malware,
• ransomware
• Break-ins

Vulnerabilities and Risk

• Risk Identification
• Risk Analysis
• Risk Response
• Risk Mitigation
• Risk ReAssessment
• Goto #1 Risk ID

Common Attacks

https://www.cisco.com/c/en/us/products/security/common-cyberattacks.html#~types-of-cyber-attacks

• Malware
• Phishing
• MiTM
• DoS
• SQL Inject
• Zero Day
• DNS Tunneling

https://blog.netwrix.com/2018/05/15/top-10-most-common-types-of-cyber-attacks/

• Some of the above and
• Drive by
• Password
• XXS
• Eavesdropping
• Birthday (Hash replacement)
• Malware
  • Macro Virus
  • File Infector
  • boot record infection
  • polymorphic
  • stealth
  • trojan
  • logic bomb
  • dropper
  • ransomware
  • adware
  • spyware

https://cybersecuritykings.com/2020/04/17/the-8-most-common-cyber-attacks/

• Fileless Malware (n RAM)

https://alpinesecurity.com/blog/the-8-most-common-cyber-attacks-and-how-to-stop-them/

• Social Engineering
• Social Media Attach
• Birthday Hash attack
  • Think of it this way. If you wanted a 50% chance of that someone in a group would share a birthday with you , you would need 253 people in your group (not the 183 you would expect https://en.wikipedia.org/wiki/Birthday_problem) while you would only need 23 in the group for there to be a chance > 50% of their being a birthday pair.

https://phoenixnap.com/blog/cyber-security-attack-types

• AI Attack

https://www.rapid7.com/fundamentals/types-of-attacks/

• Credential Reuse

Basic Risk Assessment

https://blog.netwrix.com/2018/01/16/how-to-perform-it-risk-assessment/

https://www.tylercybersecurity.com/blog/6-steps-to-a-cybersecurity-risk-assessment

1. What is a IT Risk Assessment
2. Why is it important
3. What is at Risk?
4. Formulation of Risk
   • Threat
   • Vulnerability
   • Impact
   • Likelihood
   • Risk = Threat * Vulnerability * Assett
5. How to perform an IT Risk Assessment (https://blog.netwrix.com/2018/01/16/how-to-perform-it-risk-assessment/)
   1. ID and prioritize assets (data, servers, contacts...)
   2. ID Threats (Natural, H/W S/W failure, Human error, Bad people doing bad things )
   3. Identify Vulnerabilities
   4. Analyze Controls: encryption, IDS, authentication, policies. ...
   5. Determine Likihood of attack
   6. Assess impact
   7. Prioritize Risk
   8. recommend contros
   9. Document the results

Cryptography and PKI

Data Security

Security Mechanisms

Security Countermeasures

References

https://blog.netwrix.com/2018/01/16/how-to-perform-it-risk-assessment/ https://www.cisecurity.org/spotlight/cybersecurity-spotlight-cyber-threat-actors/

inforsec handbook