Understanding Cyber Threats: Impacts and Examples

week 1 week 1 day 5 n.w
1 / 37
Embed
Share

Explore the impacts of cyber threats on financial, legal, and regulatory aspects of organizations, along with examples of financial and legal consequences. Learn about the importance of managing personal data securely to avoid regulatory sanctions.

  • Cyber Threats
  • Financial Impact
  • Legal Impact
  • Data Protection
  • Information Security
rayaanacharya
ifuna Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Week 1 Week 1 Day 5 Day 5 Cyber Threats UFCFFU-30-1

  2. Cyber Threats Week 1 Intro Monday 01 02 Tuesday 03 04 Wednesday 05 06 Thursday Friday

  3. Recap Session

  4. Syllabus Week 1 Foundations of cyber security, its significance, concepts, threats, vulnerabilities and assurance Application of cyber security concepts to IT infrastructure Fundamental building blocks and typical architectures of IT infrastructure Common vulnerabilities in networks and systems Vulnerabilities in computer networks, applications and systems (e.g., Insecure coding and unprotected networks) and how they can be exploited Network-based attacks e.g.: Eavesdropping/sniffing, man-in-the-middle, spoofing, session hijacking, denial of service, traffic redirection, routing attacks, traffic analysis Impact of vulnerabilities in an organisational context Human dimension of cyber security and adversarial thinking applied to system development How an employee may enable a successful attack chain without realising it

  5. Impact of vulnerabilities in an organisational context Financial Legal Regulatory Reputation

  6. Financial Impact Name some examples of Financial Impact

  7. Financial Cyber attacks often result in substantial financial loss arising from: theft of corporate information theft of financial information (eg bank details or payment card details) theft of money disruption to trading (eg inability to carry out transactions online) loss of business or contract Businesses that suffered a cyber breach will also generally incur costs associated with repairing affected systems, networks and devices

  8. Legal Impact Name some examples of Legal Impact

  9. Legal Data protection and privacy laws require you manage the security of all personal data you hold - whether on your staff or your customers If this data is accidentally or deliberately compromised, and you have failed to deploy appropriate security measures, you may face fines and regulatory sanctions.

  10. Regulatory Impact Name some examples of Regulatory Impact

  11. Regulatory Loss of memberships Fines Investigations

  12. Reputational Impact Name some examples of Reputational Impact

  13. Reputation Cyber attacks can damage a business' reputation and erode the trust of customers This, in turn, could potentially lead to: loss of customers loss of sales reduction in profits The effect of reputational damage can even impact on your suppliers, or affect relationships you may have with partners, investors and other third parties vested in your business

  14. Human dimension of cyber security and adversarial thinking applied to system development Should we think like a hacker? What is the system / approach?

  15. Human dimension of cyber security and adversarial thinking applied to system development Humans are the weakest link in cyber security (True or False?)

  16. Activity Activity 15Mins 15Mins As a group,discuss how employee s can weaken or completely override even the best security controls We ll discuss your findings

  17. Expert Expertise Novice Dangerous Tinkering Intentional Destruction Aware Assurance Unintentional (In)security Detrimental Misuse Basic Hygiene Na ve Mistakes Malicious ..Intentions .. Benevolent

  18. How an employee may enable a successful attack chain without realising it The cyber kill chain is a series of steps that trace stages of a cyberattack from the early reconnaissance stages to the exfiltration of data The kill chain helps us understand and combat ransomware, security breaches, and advanced persistent attacks (APTs) The kill chain has evolved to better anticipate and recognize insider threats, social engineering, advanced ransomware and innovative attacks

  19. The Kill Chain Reconnaissance Weaponization Payload / Delivery Exploitation Installation Command and Control Action

  20. Reconnaissance This can involve a variety of different things, the most common of which is scanning Lots and lots of scanning The majority of this is automated and you ll find there are a vast number of scanning bots crawling the digital realms in search of fresh prey to ogle Anything exposed to the internet will be subject to merciless scanning, the purpose of which is to uncover any known vulnerabilities, misconfigurations or outdated bits of software

  21. Reconnaissance If you can detect or prepare for this type of activity, your cyber defences will be stronger for it A good place to start would be to get regular penetration tests

  22. Weaponisation Ominous Once hackers have gathered as much information as they can and worked out your vulnerabilities, they re going to go away and delve into their digital armoury and ready themselves for an assault This is where they ll craft a phishing email, select or create the right malware before thinking of the best approach of getting it into your network Unless the attacker is running some tests, there s unlikely to be any logs or signs of weaponisation

  23. Payload / Delivery Things really start to get serious The payload (sometimes referred to as delivery) is, as the name suggests, where the hacker drops the payload This is the first stage that you could consider your network breached

  24. Payload This could be in the form of a phishing email with a malicious attachment, a contaminated USB device, or maybe a compromised user account It could even be hackers exploiting a particularly severe vulnerability or misconfiguration that allows them to drop malware packages without having to do any of these

  25. Payload Once the payload has breached your perimeter, the hard work is done All the hacker has to do is wait Unless of course you have the right monitoring in place If you do, then at this stage you can spot malicious emails coming in and have the sender blocked, and you can check the file extension of any attachment

  26. Exploitation This is where weaknesses within your system are exploited Hackers can now start attempting to escalate privileges, make modifications or start dropping extra components If your monitoring services are tuned correctly, they should likely be going nuts at this point

  27. Exploitation With all sorts of happenings occurring within your environment, there should be enough log activity to let you know something s not quite right If you ve got the right service from the right vendor configured in the right way, then you should also be able to stop the malicious activity in its tracks

  28. Installation If the hacker has managed to get to this stage unimpeded, then you re probably in trouble As the name suggests, installation is the phase in which the malicious packages are actually installed

  29. Installation Mapping your defences against the cyber kill chain will hopefully mean attacks won t get to this stage If the worst should happen, installations should definitely raise alerts, particularly if you weren t expecting them Spotting any activity such as this should allow you to act quickly to limit the damage It s also worth noting that offline backups are almost essential in these modern times

  30. Command and control This is where the robots come in and assimilate you and all is lost. And that s not as far-fetched as it sounds Command and control or C2 is where the hacker has worked their way into your network and is establishing outbound communication to their own servers It s at this stage where an attacker has inserted their management and communication code into your environment From here they can move deeper into your network, exfiltrate more information or even start destroying data and, if they haven t got anything else going on, maybe commit a Denial of Service

  31. Command and control Threat hunting has been something of a buzzword in the industry these days Threat hunting is where a trained analyst looks into logs and uses their expertise and knowledge to spot any suspicious activity that machines and correlations alone might fail to pick up on When it comes to command and control activity, threat hunting is key Spotting outbound communications beyond the norm often requires human input and knowledge of your environment

  32. Action The final stage of the cyber kill chain is action, wherein hackers achieve their objective This could be the planting and execution of malware, data exfiltration, inserting a backdoor, DDoS or whatever else they set out to do. It depends what the motivation of the hack is State-sponsored attacks may include military or informational gain Other attacks may intend to monetise stolen data or leak sensitive data Some may be hacking for the sheer hell of it and simply be looking to deface an application or just see what they can find The cyber landscape is a varied one, populated by all sorts

  33. Action Even at this stage, a trained security team can limit the damage and resolve things as swiftly as possible, responding to events in the most appropriate way

  34. Activity Activity 30Mins 30Mins Individually, looking at each step of the Kill Chain, consider what defences / controls you could put in place in order to Identify, Protect, Detect, Respond and Recover We ll discuss your findings as a group

  35. Activity Activity 60Mins 60Mins As a group, research and document a list of good (trustworthy / respected / industry or professionally recognised) sources of security threats, vulnerabilities, breaches and defence advice And for each source, collect a useful piece of information Each of you will select a source and present a brief overview, including something interesting you ve found. We ll discuss your findings as a group

  36. Activity Activity Continued / Ongoing Continued / Ongoing As a group, research and document a list of good (trustworthy / respected / industry or professionally recognised) sources of security threats, vulnerabilities, breaches and defence advice During this course we will build on this list to create a library of useful resources

  37. Cyber Threats Week 1 Intro Monday 01 02 Tuesday 03 04 Wednesday 05 06 Thursday Friday

Related


Collaborative Operational Security

Collaborative Operational Security

millicent
Mass Media and Communication for the Academic Year 2020/2021

Mass Media and Communication for the Academic Year 2020/2021

claire
10 Essential Skills to Consider When You Hire a PHP Developer

10 Essential Skills to Consider When You Hire a PHP Developer

henery
Media Ecology: Impact of Communication Technology

Media Ecology: Impact of Communication Technology

ellery
Introduction to PHP Development for Web Services

Introduction to PHP Development for Web Services

meghn
Development of Multiclock Cycle in Processor

Development of Multiclock Cycle in Processor

dbote
Database Connectivity Methods in PHP Explained

Database Connectivity Methods in PHP Explained

meey256
Overview of PHP-Fusion: A Lightweight CMS with Comprehensive Features

Overview of PHP-Fusion: A Lightweight CMS with Comprehensive Features

guadalupe_p
PHP Scripting Essentials: From Basics to Advanced Concepts

PHP Scripting Essentials: From Basics to Advanced Concepts

joll277
PHP File I/O Functions and Query Strings Explained

PHP File I/O Functions and Query Strings Explained

dan_men
Introduction to PHP Scripting Language and Operators

Introduction to PHP Scripting Language and Operators

keleigh
PHP File Handling Functions Overview

PHP File Handling Functions Overview

hirs_sif
Accessing MySQL Database Using PHP and PDO

Accessing MySQL Database Using PHP and PDO

popp_rah
The Fetch-Decode-Execute Cycle in Computer Processing

The Fetch-Decode-Execute Cycle in Computer Processing

riverl
Comparison Study Between ExoMars and Sample Fetch Rover Visual Localization Algorithms

Comparison Study Between ExoMars and Sample Fetch Rover Visual Localization Algorithms

fitz_21
Modern Web Development Techniques

Modern Web Development Techniques

mrece
Human Interaction with Media - The Media Equation by Reeves and Nass

Human Interaction with Media - The Media Equation by Reeves and Nass

kean239
Drive Business Growth The Power of Hiring Expert PHP Developers for Your Team

Drive Business Growth The Power of Hiring Expert PHP Developers for Your Team

Kelvin1
How to Hire PHP Developers_ A Complete Step-by-Step Guide (1)

How to Hire PHP Developers_ A Complete Step-by-Step Guide (1)

ridh
PHP Developer Hire_ Build Better Websites with Ease

PHP Developer Hire_ Build Better Websites with Ease

ridh
CSE 502: Computer Architecture

CSE 502: Computer Architecture

shny780
PHP Comments, Variables, Echo & Operations Basics

PHP Comments, Variables, Echo & Operations Basics

mang277

More Related Content