FY Msc IT Cs Notes for Module 1_76e8ec671605f8123b9fee3f71d22c31.pptx

arjunpanditarjunpand 351 views 62 slides Sep 15, 2025
Slide 1
Slide 1 of 62
Slide 1
1
Slide 2
2
Slide 3
3
Slide 4
4
Slide 5
5
Slide 6
6
Slide 7
7
Slide 8
8
Slide 9
9
Slide 10
10
Slide 11
11
Slide 12
12
Slide 13
13
Slide 14
14
Slide 15
15
Slide 16
16
Slide 17
17
Slide 18
18
Slide 19
19
Slide 20
20
Slide 21
21
Slide 22
22
Slide 23
23
Slide 24
24
Slide 25
25
Slide 26
26
Slide 27
27
Slide 28
28
Slide 29
29
Slide 30
30
Slide 31
31
Slide 32
32
Slide 33
33
Slide 34
34
Slide 35
35
Slide 36
36
Slide 37
37
Slide 38
38
Slide 39
39
Slide 40
40
Slide 41
41
Slide 42
42
Slide 43
43
Slide 44
44
Slide 45
45
Slide 46
46
Slide 47
47
Slide 48
48
Slide 49
49
Slide 50
50
Slide 51
51
Slide 52
52
Slide 53
53
Slide 54
54
Slide 55
55
Slide 56
56
Slide 57
57
Slide 58
58
Slide 59
59
Slide 60
60
Slide 61
61
Slide 62
62

About This Presentation

CS module

Size: 1.94 MB
Language: en
Added: Sep 15, 2025
Slides: 62 pages

Slide Content

Created By: Prof. Jyoti Sarwade Department of Computer Science [email protected] Mob-9503464992

Course Outcome Understand the importance of privacy for the personal, organizational and cyber data Differentiate between threat, risk, attack and vulnerability. Analyze and evaluate the importance of data, its privacy and security Apply the protection measures to digital devices using latest tools and technologies Evaluate Security Model of any organization

Content Overview of cyber security Cyber security increasing threat landscape Cyber security terminologies Non- state actors Cyber terrorism Protection of end user machine Critical IT and National Critical Infrastructure Cyber warfare Case Studies

Overview of cyber security Cybersecurity divide into two parts one is cyber, and the other is security. Cyber refers to the technology that includes systems, networks, programs, and data. security is concerned with the protection of systems, networks, applications, and information. In some cases, it is also called electronic information security or information technology security. Cyber security is vital to protecting our digital world, from personal data to critical infrastructure.

Overview of cyber security Definition: “ The technique of protecting internet- connected systems such as computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks is known as cybersecurity.” "Cyber Security is the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, theft, damage, modification or unauthorized access." "Cyber Security is the set of principles and practices designed to protect our computing resources and online information against threats."

Types of Cyber Security Network Security It involves implementing the hardware and software to secure a computer network from unauthorized access, intruders, attacks, disruption, and misuse. This security helps an organization to protect its assets against external and internal threats. Application Security It involves protecting the software and devices from unwanted threats. This protection can be done by constantly updating the apps to ensure they are secure from attacks. Successful security begins in the design stage, writing source code, validation, threat modeling, etc., before a program or device is deployed. Cloud Security It involves in protecting the information stored in the digital environment or cloud architectures for the organization. It uses various cloud service providers such as AWS, Azure, Google, etc., to ensure security against multiple threats. Mobile Security It involves securing the organizational and personal data stored on mobile devices such as cell phones, computers, tablets, and other similar devices against various malicious threats. These threats are unauthorized access, device loss or theft, malware, etc. Information or Data Security It involves implementing a strong data storage mechanism to maintain the integrity and privacy of data, both in storage and in transit. Identity management It deals with the procedure for determining the level of access that each individual has within an organization. Operational Security It involves processing and making decisions on handling and securing data assets.

Importance of Cyber Security

Importance of Cyber Security 1) Protecting Sensitive Data Personal information (e.g., Social Security numbers, credit card details) Financial data (e.g., bank accounts, investment records) Intellectual property (e.g., trade secrets, research data) Impact of Data Breaches: Financial losses, identity theft, reputational damage

Importance of Cyber Security 2) Ensuring Business Continuity Organizations rely on technology for critical operations. Cyberattacks can disrupt operations, leading to financial losses and customer dissatisfaction.

Importance of Cyber Security 3) Maintaining National Security Critical infrastructure (power grids, transportation systems) is increasingly reliant on technology. Cyberattacks can cripple national infrastructure, causing widespread disruption.

The Increasing Threat Landscape What is the Threat Landscape? – Means The entire scope of potential and recognized cybersecurity threats affecting user group, specific industries or a particular time. The ever- changing environment of cybersecurity threats and vulnerabilities. It encompasses the types of attacks, their frequency, and their potential impact. Increasing Cyber Threat Landscape Advanced Tactics Increased Targets Attackers use sophisticated techniques like ransomware, phishing, and social engineering to exploit vulnerabilities. Businesses, governments, and individuals are increasingly vulnerable as more devices and data are connected online.

The Increasing Threat Landscape Why is it Increasing? Rapid technological advancements (IoT, Cloud, AI) Increased reliance on technology in all aspects of life Globalization and interconnectedness Rise of cybercrime and its impact Advanced Persistent Threats (APTs) Emergence of new threats (e.g., ransomware, IoT vulnerabilities) The role of technology in driving the threat landscape

Rise of cybercrime and its impact Rise of Cybercrime: Increased Sophistication & Frequency: Cybercrime is becoming more sophisticated and organized. Attacks are more frequent and impactful. Impact: Financial Losses:- Stolen funds, ransomware demands, business disruptions. Data Breaches:- Exposure of sensitive data (customer information, intellectual property). Reputational Damage:- Loss of trust, legal liabilities, negative media coverage.

Advanced Persistent Threats (APTs) Highly sophisticated and persistent attacks carried out by nation-states, organized crime groups, or other well- resourced adversaries. Characteristics: Long- term campaigns: Involve sustained attacks aimed at infiltrating or exploiting a target over an extended period. Stealthy and evasive techniques: Methods used by attackers to avoid detection and bypass security measures. Targeting specific organizations or individuals: Involves focusing on particular entities to exploit vulnerabilities for strategic gains. Objectives: Espionage, sabotage, data theft, disruption of critical infrastructure

Emergence of New Threats Ransomware: Encrypting data and demanding a ransom for its release. Increasingly sophisticated and impactful, targeting critical infrastructure. IoT Vulnerabilities: Exploiting vulnerabilities in internet- connected devices (smart homes, medical devices). Supply Chain Attacks: Compromising software development processes or third- party vendors to infiltrate target organizations. Cloud Security Challenges: Data breaches, misconfigurations, insider threats within cloud environments.

The Role of Technology in Driving the Threat Landscape Increased Connectivity: The rise of the Internet of Things (IoT) creates a vast attack surface. Cloud Computing: While offering benefits, cloud environments introduce new security challenges. Artificial Intelligence (AI) and Machine Learning: AI can be used by both attackers and defenders, making the threat landscape more dynamic.

Cybersecurity Terminologies Cyber Space Attack Attack Vector Attack surface Threat Risk Vulnerability Exploit Exploitation Hacker

Cybersecurity Terminologies Cyberspace: a virtual environment created by the interconnection of computers and networks that allows people to communicate, share information, and participate in various activities. The digital environment where computers and networks communicate.

Cyber Space Aspect Cyberspace Physical World Nature Virtual, digital Tangible, physical Location Exists in computer networks and the internet Exists in the natural, material environment Communication Digital communication (emails, messages, social media) Face- to- face communication, physical mail Commerce E- commerce, digital transactions Traditional retail, physical currency transactions Interactions Online interactions, virtual communities In- person interactions, physical communities Access Requires electronic devices and internet connection Accessible without technology (physical presence) Security Cybersecurity measures (firewalls, encryption) Physical security measures (locks, surveillance) Presence Avatars, usernames, digital identities Physical presence, real identities Regulation Digital laws, online governance, and policies Physical laws, regulations, and societal norms Environment Digital ecosystems (websites, platforms) Natural and built environments (cities, nature)

Cybersecurity Terminologies Attack: An attempt to exploit a vulnerability to compromise a system. Attack Vector: The path or method used by an attacker to gain unauthorized access. Attack vectors are the specific paths or methods that cyber attackers use to gain unauthorized access to a system, network, or application. These vectors serve as entry points for attacks, allowing malicious actors to exploit vulnerabilities.

Cybersecurity Terminologies Attack Surface: The total area of a computer system or network that is exposed to potential attacks. Attack surface is the general term for the areas of a system, device, or network that contain security vulnerabilities that may be exploited. The attack surface of an organization’s computer systems and devices can often vary significantly depending on what they are used for and how they have been configured.

Cybersecurity Terminologies

Cybersecurity Terminologies Threat A potential danger or harm to a system or data. Computer security threats are potential threats to your computer’s efficient operation and performance. These could be harmless adware or dangerous trojan infection. As the world becomes more digital, computer security concerns are always developing. A threat in a computer system is a potential danger that could jeopardize your data security.

Cybersecurity Terminologies Physical Threats Internal: Short circuit, fire, non- stable supply of power, hardware failure due to excess humidity, etc. cause it. External: Disasters such as floods, earthquakes, landscapes, etc. cause it. Human: Destroying of infrastructure and/or hardware, thefts, disruption, and unintentional/intentional errors are among the threats. Non-physical threats Hampering of the business operations that depend on computer systems. Sensitive – data or information loss Keeping track of other’s computer system activities illegally. Hacking id & passwords of the users, etc.

Cybersecurity Terminologies Risk: The likelihood and potential impact of a threat. Vulnerability: A weakness in a system that can be exploited by an attacker. Exploit: A piece of code that takes advantage of a vulnerability. Exploitation: The act of using an exploit to compromise a system.

Cybersecurity Terminologies Hacker An individual with advanced computer skills, often used to describe those who use their skills for malicious purposes. Computer hackers are unauthorized users who gain access to computers in order to steal, alter, or delete data, generally by installing malicious software without your knowledge or agreement. They can get access to the information you don’t want them to have thanks to their cunning techniques and in- depth technological knowledge.

Types of Hackers These types of hackers, often known as crackers and always have a malicious motive and gain illegal access to computer networks and websites. Their goal is to make money by stealing secret organizational data, stealing funds from online bank accounts, violating privacy rights to benefit criminal organizations, and so on. Black Hat Hacker White hat hackers (sometimes referred to as ethical hackers) are the polar opposites of black hat hackers. They employ their technical expertise to defend the planet against malicious hackers. White hats are employed by businesses and government agencies as data security analysts, researchers, security specialists, etc. White hat hackers, with the permission of the system owner and with good motives, use the same hacking tactics that the black hackers use. White Hat hacker They fall somewhere between the above-mentioned types of hackers, in that they gain illegal access to a system but do so without any malicious intent. The goal is to expose the system’s weaknesses. Instead of exploiting vulnerabilities for unlawful gains, grey hat hackers may offer to repair vulnerabilities they’ve identified through their own unauthorized actions. Grey Hat Hacker

Non- State Actors Who are non- state actors? Non- state actors are individuals or groups that engage in cyber activities but are not directly affiliated with a nation-state. Entities that operate independently of any government or state authority. Include various groups and individuals with diverse motivations and capabilities. Examples of non- state actors include: script kiddies, scammers, hacktivists, blackhat hackers, and criminal organizations

Types of Non- State Actors Criminal Groups: Motivation: Financial gain (e.g., ransomware, data theft, fraud) Examples: Ransomware gangs: Groups that encrypt victims' data and demand a ransom for its release. Cybercrime syndicates: Organized groups involved in various cybercriminal activities. Hacktivists: Motivation: Political or social activism Examples: Groups that conduct cyberattacks to protest government policies or support a particular cause. Defacing websites, data leaks, denial-of- service attacks.

Types of Non- State Actors Terrorist Organizations: Motivation: To cause disruption, fear, and political instability. Examples: Using cyberattacks to disrupt critical infrastructure, spread propaganda, or recruit members.

Motivations of Non- State Actors Financial Gain: Primary motivation for many cybercriminals. Includes activities like stealing financial data, extorting money through ransomware, and selling stolen data on the dark web. Political Activism: Driven by ideological or political beliefs. Aim to disrupt government operations, spread propaganda, or raise awareness for a cause. Espionage: Stealing sensitive information for competitive advantage, intelligence gathering, or blackmail.

Impact of Non- State Actor Attacks Financial Loss: Ransomware payments, data breach costs, lost productivity. Reputational Damage: Loss of customer trust, legal and regulatory consequences. Disruption of Critical Services: Impact on healthcare, transportation, energy, and other essential services. National Security Threats: Espionage, theft of intellectual property, sabotage of critical infrastructure.

Addressing the Threat of Non-State Actors Enhanced Cybersecurity Measures: Implementing strong defenses against cyberattacks. Improving threat intelligence and incident response capabilities. International Cooperation: Sharing information and collaborating to combat cybercrime. Legal and Regulatory Frameworks: Developing and enforcing laws to deter and punish cybercriminals.

Cyberterrorism Terrorism: The unlawful use of violence and intimidation, especially against civilians, in the pursuit of political aims. Cyberterrorism: The use of computers and the internet to intimidate or coerce a government or civilian population. Exploiting vulnerabilities in computer systems and networks to achieve terrorist objectives.

Examples of Cyberterrorism Disrupting Critical Infrastructure: Attacking power grids, transportation systems, and communication networks. Causing widespread disruption and potential physical harm. Spreading Propaganda and Misinformation: Disseminating false information and propaganda online to influence public opinion and incite violence. Utilizing social media platforms to spread extremist ideologies. Recruitment and Funding: Using online platforms to recruit new members and raise funds for terrorist activities.

Impact of Cyberterrorism Social and Political Disruption: Eroding public trust, destabilizing governments, and inciting social unrest. Economic Damage: Disruption of businesses, financial markets, and critical infrastructure.Loss of productivity and economic output. Loss of Life: In some cases, cyberattacks can have direct or indirect impacts on human life.

Protection of End- User Machines Endpoint security is the process of protecting endpoints on end- user devices such as desktops, laptops, and mobile devices against attackers. Endpoint security solutions protect endpoints on a network or in the cloud against cybersecurity threats. Endpoint Security or Endpoint Protection is a technique for the safety of computer networks. Examples of Endpoints Any computing device, usually a user- end device connected to an organization’s network, is an endpoint. Tablets, Mobile devices, Smartwatches, Printers, Servers, ATM machines, Medical Devices

Types of Endpoint Security Internet Of Things: Securing computing devices at the networks they are linked to from threats and breaches via means of protecting, identifying, and tracking risks. Data Loss Prevention: It is the type of endpoint security that detecting and stopping data breaches. Network Access Control: It restricts the availability of network resources to endpoint devices. URL filtering: Technology that offers enables groups to control their users and visitors on the web page. Browser Isolation: Isolation of a web user’s surfing interest far from their nearby networks and infrastructure.

Protection of End- User Machines Endpoint Security Importance Protection Against Increasing Threats Protecting Sensitive Data Mitigating Insider Threats Enhancing User Productivity End- user devices are often the first line of defense against cyberattacks. They can be entry points for malware, data breaches, and other security threats. Protecting endpoints is crucial for individual users and organizations.

Protection of End- User Machines Endpoint Security Benefits Enhanced Protection Against Cyber Threats Improved Compliance Data Loss Prevention Centralized Management and Control Reduced Risk of Insider Threats Cost Saving

Anti-virus/Anti- malware Software Key Role: Detecting and removing malware (viruses, worms, Trojans, ransomware, spyware). Real- time protection against new threats. Features: Signature- based detection: Matches known malware signatures. Heuristic analysis: Identifies suspicious behavior. Behavioral analysis: Monitors program activity for malicious behavior. Importance of Regular Updates: Ensure the software has the latest virus definitions and security updates.

Firewalls A security system that monitors and controls incoming and outgoing network traffic. Types of Firewalls: Software firewalls: Installed on individual devices (e.g., Windows Firewall). Hardware firewalls: Dedicated devices that filter network traffic at the network perimeter. How Firewalls Work: Analyze network traffic and block unauthorized connections. Allow only authorized traffic to pass through.

Intrusion Detection and Prevention Systems (IDPS) Intrusion Detection Systems (IDS): Monitor network traffic for malicious activity and generate alerts. It is a security tool that monitors a computer network or systems for malicious activities or policy violations. It helps detect unauthorized access, potential threats, and abnormal activities by analyzing traffic and alerting administrators to take action. An IDS is crucial for maintaining network security and protecting sensitive data from cyber-attacks. An IDS maintains network traffic looks for unusual activity and sends alerts when it occurs.

Intrusion Detection and Prevention Systems (IDPS) Intrusion Detection Systems (IDS): The main duties of an IDS are anomaly detection and reporting; however, certain Intrusion Detection Systems can take action when malicious activity or unusual traffic is discovered.

Intrusion Detection and Prevention Systems (IDPS) Intrusion Prevention Systems (IPS): Go beyond detection and actively block or prevent malicious traffic. intrusion Prevention System is also known as Intrusion Detection and Prevention System. It is a network security application that monitors network or system activities for malicious activity. Major functions of intrusion prevention systems are to identify malicious activity, collect information about this activity, report it and attempt to block or stop it. Intrusion prevention systems are contemplated as augmentation of Intrusion Detection Systems (IDS) because both IPS and IDS operate network traffic and system activities for malicious activity.

Intrusion Detection and Prevention Systems (IDPS) Intrusion Prevention Systems (IPS): An IPS works by analyzing network traffic in real- time and comparing it against known attack patterns and signatures. When the system detects suspicious traffic, it blocks it from entering the network. Benefits: Early detection of attacks and threats. Proactive prevention of security breaches.

User Education and Awareness Importance of User Training: Educating users about cybersecurity threats and best practices. Recognizing and avoiding phishing attacks. Identifying suspicious emails and websites. Practicing safe browsing habits. Following strong password hygiene. Training Methods: Security awareness workshops, online training modules, phishing simulations.

Protection of End- User Machines Endpoint Software Antivirus Software Endpoint security is the process of securing endpoints such as workstations, and servers against threats and cyberattacks. Antivirus Software created specifically to detect, prevent, and remove malware (viruses). Endpoint Software provides Data Loss Prevention. Antivirus Software does not provides Data Loss Prevention. Endpoint Software are more costlier. Antivuris Software generally have lower cost Endpoint Software support Encryption Antivirus Software does not support encryption Advance Firewall and network security. Basic firewall and network security

Critical IT and National Critical Infrastructure Critical Infrastructure: Systems and assets essential for the security, economy, public health, and safety of a nation. Examples: Power grids, transportation systems, communication networks, healthcare systems, financial systems, water and wastewater systems. Critical IT: Information and communication technology (ICT) systems that are vital to the functioning of critical infrastructure.

Critical IT and National Critical Infrastructure Interdependence: Critical infrastructure heavily relies on IT systems for operation, control, and management. Examples: Power Grids: SCADA systems for monitoring and control. Transportation Systems: Traffic management systems, airline reservation systems. Healthcare Systems: Electronic health records, telemedicine. Financial Systems: Electronic trading platforms, banking networks.

Cybersecurity Threats to Critical Infrastructure Cyberattacks: Disruption of operations: Causing power outages, transportation delays, or disruptions to healthcare services. Data breaches: Exposing sensitive data and compromising privacy. Sabotage: Malicious attacks aimed at damaging or destroying critical infrastructure. Examples: Ransomware attacks: Disrupting hospital operations by encrypting critical systems. Denial-of- service (DoS) attacks: Overwhelming critical systems with traffic, causing outages. Data breaches: Exposing sensitive patient information in healthcare systems.

The Impact of Attacks on Critical Infrastructure Economic Impacts: Financial losses due to disruptions and data breaches. Loss of productivity and economic output. Social Impacts: Disruptions to essential services affecting public health and safety. Loss of public trust and confidence. National Security Impacts: Weakening national security and resilience. Potential for cascading failures across interconnected systems.

Protecting Critical Infrastructure Enhanced Cybersecurity Measures: Implementing robust cybersecurity defenses, including intrusion detection and prevention systems, firewalls, and encryption. Regular security audits and vulnerability assessments. Resilience Planning: Developing and implementing disaster recovery and business continuity plans. International Cooperation: Sharing threat intelligence and collaborating on cybersecurity best practices.

Cyber Warfare The use of computer networks and cyberspace for military, intelligence, or political purposes. Involves actions by a nation-state or state- sponsored actors to disrupt, damage, or destroy enemy computer systems and networks. Key Characteristics: State- sponsored activities Focus on military, political, or economic objectives Potential for significant disruption and damage

State- Sponsored Cyberattacks Motivation: Espionage and intelligence gathering Disrupting enemy military operations Sabotaging critical infrastructure Undermining political stability Examples: Stuxnet: Malware designed to sabotage Iranian nuclear centrifuges. NotPetya: A destructive malware attack that crippled Ukrainian infrastructure and spread globally. Attacks on government agencies, critical infrastructure, and private companies.

Cyber Espionage Stealing sensitive information: Military secrets, government documents, corporate trade secrets, personal data. Using techniques like hacking, malware, and social engineering. Impact: Loss of competitive advantage, national security risks, erosion of trust. Examples: Hacking into government networks to steal classified information. Targeting private companies to steal intellectual property.

Case Studies The Importance of Studying Past Incidents: Understand attack vectors and techniques Identify vulnerabilities and weaknesses Improve security posture and incident response capabilities Learn from others' mistakes to prevent future attacks

The 2023 Costa Rica Government Ransomware Attack What Happened: In May 2023, the Conti ransomware group launched a series of cyberattacks against the Costa Rican government, targeting critical infrastructure like hospitals, schools, and government agencies. Impact: Disrupted essential services, including healthcare, education, and transportation. Caused significant economic and social disruption.Exposed sensitive government data. Lessons Learned: Importance of robust backups and disaster recovery plans: Costa Rica lacked sufficient backups and recovery systems, leading to prolonged disruption. Need for improved cybersecurity infrastructure: Investments in cybersecurity defenses and incident response capabilities are crucial for government agencies. International cooperation: Collaboration between countries is essential to combat ransomware and other cyber threats.

The 2023 Microsoft Cloud Services Outage What Happened: In July 2023, a faulty software update for Microsoft Windows caused a global IT outage that disrupted airline and hospital operations, supermarkets, and other businesses. Impact: Widespread disruption of critical services. Demonstrated the interconnectedness of modern systems and the potential for cascading failures. Lessons Learned: Thorough testing of software updates: Rigorous testing is essential to prevent unintended consequences. Importance of incident response planning: Organizations need to have plans in place to mitigate the impact of service disruptions. Focus on resilience: Building more resilient systems that can withstand disruptions.

The 2023 Uber Data Breach What Happened: In September 2023, a 19-year- old teenager gained access to Uber's systems by exploiting a vulnerability in a third- party engineering tool. Impact: Access to sensitive company data, including employee information and customer data. Lessons Learned: Importance of secure software development practices: Secure coding practices and regular security audits are crucial. Third- party risk management: Organizations must carefully vet and monitor third- party vendors and their security practices. Employee security awareness: Educate employees about social engineering tactics and the importance of strong security practices.

References: Stallings, W., & Brown, L. (2017). Computer Security: Principles and Practice. Pearson Education. Stallings, W., & Brown, L. (2017). Computer Security: Principles and Practice. Pearson Education. https://www.geeksforgeeks.org/cyber- security-tutorial/ https://www.merriam- webster.com/dictionary/source https://www.merriam- webster.com/dictionary/source https://www.merriam- webster.com/dictionary/source
Tags
Categories
General
Download
Download Slideshow Get the original presentation file
Quick Actions
Statistics
  • Views 351
  • Slides 62
  • Age 78 days
Related Slideshows
Pray For The Peace Of Jerusalem and You Will Prosper 22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
32 views
Don_t_Waste_Your_Life_God.....powerpoint 26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
33 views
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf 31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
31 views
Fertility awareness methods for women in the society 14
Fertility awareness methods for women in the society
Isaiah47
30 views
Chapter 5 Arithmetic Functions Computer Organisation and Architecture 35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
27 views
syakira bhasa inggris (1) (1).pptx....... 5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
29 views
View More in This Category