module 1

Module 1:Getting Started With Cybersecurity

Welcome to Module 1!

START

Objectives

At the end of the module 1, you will be able to:

• Define the terms: phishing mails, malware, social engineering, other attack vectors
• Differentiate security threat and breach
• Distinguish phishing emails from safe emails

"Treat your password like your toothbrush. Don't let anybody use it, and get a new one every six months."

Clifford stollastronomer and engineer

+ info

+ info

Module 1: Getting Started

Definitions

Phishing is the use of digital communications to trick people into revealing sensitive data or deploying malicious software.

Malware is software designed to harm devices or networks. There are many types of malware. The primary purpose of malware is to obtain money, or in some cases, an intelligence advantage that can be used against a person, an organization, or a territory.

Some of the most common types of phishing attacks today include: Business Email Compromise (BEC): A threat actor sends an email message that seems to be from a known source to make a seemingly legitimate request for information, in order to obtain a financial advantage. Spear phishing: A malicious email attack that targets a specific user or group of users. The email seems to originate from a trusted source. Whaling: A form of spear phishing. Threat actors target company executives to gain access to sensitive data. Vishing: The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source. Smishing: The use of text messages to trick users, in order to obtain sensitive information or to impersonate a known source.

To learn more definitions, click info button. Don't forget that you will also need those definitions as well!

Some of the most common types of malware attacks today include: Viruses: Malicious code written to interfere with computer operations and cause damage to data and software. A virus needs to be initiated by a user (i.e., a threat actor), who transmits the virus via a malicious attachment or file download. When someone opens the malicious attachment or download, the virus hides itself in other files in the now infected system. When the infected files are opened, it allows the virus to insert its own code to damage and/or destroy data in the system. Worms: Malware that can duplicate and spread itself across systems on its own. In contrast to a virus, a worm does not need to be downloaded by a user. Instead, it self-replicates and spreads from an already infected computer to other devices on the same network. Ransomware: A malicious attack where threat actors encrypt an organization's data and demand payment to restore access. Spyware: Malware that’s used to gather and sell information without consent. Spyware can be used to access devices. This allows threat actors to collect personal data, such as private emails, texts, voice and image recordings, and locations.

+ info

Module 1: Getting Started

Social engineering is a manipulation technique that exploits human error to gain private information, access, or valuables. Human error is usually a result of trusting someone without question. It’s the mission of a threat actor, acting as a social engineer, to create an environment of false trust and lies to exploit as many people as possible.

Some of the most common types of social engineering attacks today include:• Social media phishing: A threat actor collects detailed information about their target from social media sites. Then, they initiate an attack.• Watering hole attack: A threat actor attacks a website frequently visited by a specific group of users.• USB baiting: A threat actor strategically leaves a malware USB stick for an employee to find and install, to unknowingly infect a network. • Physical social engineering: A threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location.

Reasons why social engineering attacks are effective include: Authority: Threat actors impersonate individuals with power. This is because people, in general, have been conditioned to respect and follow authority figures. Intimidation: Threat actors use bullying tactics. This includes persuading and intimidating victims into doing what they’re told. Consensus/Social proof: Because people sometimes do things that they believe many others are doing, threat actors use others’ trust to pretend they are legitimate. For example, a threat actor might try to gain access to private data by telling an employee that other people at the company have given them access to that data in the past. Scarcity: A tactic used to imply that goods or services are in limited supply. Familiarity: Threat actors establish a fake emotional connection with users that can be exploited. Trust: Threat actors establish an emotional relationship with users that can be exploited over time. They use this relationship to develop trust and gain personal information. Urgency: A threat actor persuades others to respond quickly and without questioning.

+ info

Module 1: Getting Started

Security Threat vs Security Breach

Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through an information system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service is considered as a security threat.

A security breach is any incident that results in unauthorized access to computer data, applications, networks or devices. It results in information being accessed without authorization. Typically, it occurs when an intruder is able to bypass security mechanisms.

Yahoo - 3 billion user accounts were compromised in 2013 after a phishing attempt gave hackers access to the network. Facebook saw internal software flaws lead to the loss of 29 million users' personal data in 2018. This was a particularly embarrassing security breach since the compromised accounts included that of company CEO Mark Zuckerberg. Marriott Hotels announced a security and data breach affecting up to 500 million customers' records in 2018. However, its guest reservations system had been hacked in 2016 - the breach wasn't discovered until two years later.

+ info

Module 1: Getting Started

Password Attack

A password attack is an attempt to access password-secured devices, systems, networks, or data. Some examples include Brute Force and Rainbow Table.

Social Engineering

Some Common Attack Types

Social engineering is a manipulation technique that exploits human error to gain private information, access, or valuables.

Some forms of social engineering attacks that you will continue to learn about throughout the program are: Phishing Smishing Vishing Spear phishing Whaling Social media phishing Business Email Compromise (BEC) Watering hole attack USB (Universal Serial Bus) baiting Physical social engineering

Module 1: Getting Started

A physical attack is a security incident that affects not only digital but also physical environments where the incident is deployed. Some forms of physical attacks are:• Malicious USB cable• Malicious flash drive• Card cloning and skimming

Physical Attack

+ info

Module 1: Getting Started

Adversarial artificial intelligence is a technique that manipulates artificial intelligence and machine learningtechnology to conduct attacks more efficiently. These attacks exploit vulnerabilities in AI systems, threatening their integrity, reliability and security.

Adversarial Artificial Intelligence

To learn more, check the link provided: https://www.forbes.com/sites/forbestechcouncil/2023/07/27/adversarial-attacks-on-ai-systems/?sh=713a866632be Council Post: Adversarial Attacks On AI SystemsLet's explore the potential adversarial attacks on AI systems, the security challenges they pose and solutions on how to navigate this landscape and...Forbes

Module 1: Getting Started

How to detect phishing email?

1. The message is sent from a public email domain
2. The domain name is misspelt
3. The email is poorly written, there are typos and grammatical mistakes
4. It includes suspicious attachments or links
5. The message creates a sense of urgency

Anyone can buy a domain name from a registrar. And although every domain name must be unique, there are plenty of ways to create addresses that are indistinguishable from the one that’s being spoofed

Typos and mistakes (u and m are upper case)

Request for personal information over email and buttons that hyperlink to unfamiliar webpages

The domain and the email does not make any sense, and it is not coming from Netflix

+ info

Module 1: Getting Started

Most of the time with phishing, scammers don’t need to monitor inboxes and send tailored responses. They simply dump thousands of crafted messages on unsuspecting people.So why are many phishing emails poorly written? In this case, the most obvious answer is the correct one: the scammers aren’t very good at writing.

However, sometimes phishing emails will take a more sophisticated approach by including the organisation’s name in the local part of the domain. In this instance, the address might read ‘paypalsupport@gmail.com’.At first glance, you might see the word ‘PayPal’ in the email address and assume it is legitimate. However, you should remember that the important part of the address is what comes after the @ symbol. This dictates the organisation from which the email has been sent.

Above you can see a phishing mail with ttu domain however since this mail contains phishing mail components as grammatical mistakes and typos, you can discard and report this.

Click info buttons to see the examples of mails, then click the question mark to take the small quiz!

Module 1: Getting Started

QUESTION 1/2

What is the name of any incident that results in unauthorized access to computer data, applications, networks or devices?

Data Breach

ERROR!

Security Threat

ERROR!

Security Breach

NEXT

Module 1: Getting Started

RIGHT!

Module 1: Getting Started

QUESTION 2/2

Awkward spacing, strange email layouts, and suspicious account images are other obvious giveaways are a sign of phishing emails.

True

False

ERROR!

End of module

Module 1: Getting Started

RIGHT!

End of Module 1, move to Module 2

End of module 1 please continue with module 2!