SlideShare une entreprise Scribd logo

CA_Module_1.pptx

Télécharger en tant que PPTX, PDF
Y
YazanSalileh

This document provides an overview of module 1 of a cybersecurity training course. The module objectives are to explain why networks and data are attacked and to describe the motivations and potential impacts of attacks. It discusses how threat actors like hackers, organized crime groups, and state-sponsored groups attack individuals, companies, and nations to steal information, money, and trade secrets. Specific attack types covered include rogue wireless hotspots, ransomware, and sophisticated malware targeted at infrastructure. The impacts of attacks include theft of personally identifiable information, lost competitive advantage from stolen intellectual property, and disruption of economic and political systems through cyber attacks.

Technologie
1  sur  23
Module 1: The Danger Instructor Materials CyberOps Associate v1.0
Module 1: The Danger CyberOps Associate v1.0
9 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Module Objectives Module Title: The Danger Module Objective: Explain why networks and data are attacked. Topic Title Topic Objective War Stories Explain why networks and data are attacked. Threat Actors Explain the motivations of the threat actors behind specific security incidents. Threat Impact Explain the potential impact of network security attacks.
10 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.1 War Stories
11 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Hijacked People • Hackers can set up open “rogue” wireless hotspots posing as a genuine wireless network. • Rogue wireless hotspots are also known as “evil twin” hotspots.
12 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Ransomed Companies • Employees of an organization are often lured into opening attachments that install ransomware on the employees’ computers. • This ransomware, when installed, begins the process of gathering and encrypting corporate data. • The goal of the attackers is financial gain, because they hold the company’s data for ransom until they are paid.
13 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Targeted Nations • Some of today’s malware is so sophisticated and expensive to create that security experts believe only a nation state or group of nations could possibly have the influence and funding to create it. • Such malware can be targeted to attack a nation’s vulnerable infrastructure, such as the water system or power grid. • One such malware was the Stuxnet worm that infected USB drives and infiltrated Windows operating systems. It then targeted Step 7 software that was developed by Siemens for their Programmable Logic Controllers (PLCs).
14 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Video - Anatomy of an Attack Watch this video to view details of a complex attack.
15 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Lab - Installing the Virtual Machine In this lab, you will complete the following objectives: • Install VirtualBox on your personal computer • Download and install the CyberOps Workstation Virtual Machine (VM).
16 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Lab - Cybersecurity Case Studies In this lab, you will analyze the given cases and answer questions about them.
17 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.2 Threat Actors
18 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Threat Actors • Threat actors are individuals or groups of individuals who perform cyberattacks. They include, but are not limited to: • Amateurs • Hacktivists • Organized crime groups • State-sponsored groups • Terrorist groups • Cyberattacks are intentional malicious acts meant to negatively impact another individual or organization.
19 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Threat Actors (Contd.) Amateurs • They are also known as script kiddies and have little or no skill. • They often use existing tools or instructions found on the internet to launch attacks. • Even though they use basic tools, the results can still be devastating. Hacktivists • These are hackers who publicly protest against a variety of political and social ideas. • They post articles and videos, leaking sensitive information, and disrupting web services with illegitimate traffic in Distributed Denial of Service (DDoS) attacks. Financial Gain • Much of the hacking activity that consistently threatens our security is motivated by financial gain. • Cybercriminals want to gain access to bank accounts, personal data, and anything else they can leverage to generate cash flow. Trade Secrets and Global Politics • At times, nation states hack other countries, or interfere with their internal politics. • Often, they may be interested in using cyberspace for industrial espionage. • The theft of intellectual property can give a country a significant advantage in international trade.
20 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors How Secure is the Internet of Things? • The Internet of Things (IoT) helps individuals connect things to improve their quality of life. • Many devices on the internet are not updated with the latest firmware. Some older devices were not even developed to be updated with patches. These two situations create opportunity for threat actors and security risks for the owners of these devices.
21 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Lab - Learning the Details of Attacks In this lab, you will research and analyze IoT application vulnerabilities.
22 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.3 Threat Impact
23 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact PII, PHI, and PSI • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual, for example, name, social security number, birthdate, credit card numbers etc. • Cybercriminals aim to obtain these lists of PII that can then be sold on the dark web. Stolen PII can be used to create fake financial accounts, such as credit cards and short-term loans. • The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI), another type of PII, includes usernames, passwords, and other security-related information that individuals use to access information or services on the network.
24 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Lost Competitive Advantage • The loss of intellectual property to competitors is a serious concern. • An additional major concern is the loss of trust that comes when a company is unable to protect its customers’ personal data. • The loss of competitive advantage may come from this loss of trust rather than another company or country stealing trade secrets.
25 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Politics and National Security • It is not just businesses that get hacked. • State-supported hacker warriors can cause disruption and destruction of vital services and resources within an enemy nation. • The internet has become essential as a medium for commercial and financial activities. Disruption of these activities can devastate a nation’s economy.
26 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Lab - Visualizing the Black Hats In this lab, you will research and analyze cybersecurity incidents to create scenarios highlighting how organizations can prevent or mitigate an attack.
27 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.4 The Danger Summary
28 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Summary What Did I Learn in this Module? • Threat actors can hijack banking sessions and other personal information by using “evil twin” hotspots. • Threat actors include, but are not limited to, amateurs, hacktivists, organized crime groups, state sponsored, and terrorist groups. • As the Internet of Things (IoT) expands, webcams, routers, and other devices in our homes are also under attack. • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual. • The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI) includes usernames, passwords, and other security- related information that individuals use to access information or services on the network.
CA_Module_1.pptx

Recommandé

CyberOps.pptx
CyberOps.pptxCyberOps.pptx
CyberOps.pptxAhmedRobaid1
 
Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Mukesh Chinta
 
CA_Module_2.pdf
CA_Module_2.pdfCA_Module_2.pdf
CA_Module_2.pdfEhabRushdy1
 
Mikrotik RouterOS Security Audit Checklist by Akbar Azwir
Mikrotik RouterOS Security Audit Checklist by Akbar AzwirMikrotik RouterOS Security Audit Checklist by Akbar Azwir
Mikrotik RouterOS Security Audit Checklist by Akbar AzwirAkbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
 
2 Security Architecture+Design
2 Security Architecture+Design2 Security Architecture+Design
2 Security Architecture+DesignAlfred Ouyang
 
Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Mukesh Chinta
 
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Mukesh Chinta
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacksprimeteacher32
 

Recommandé

CyberOps.pptx
CyberOps.pptxCyberOps.pptx
CyberOps.pptxAhmedRobaid1
 
Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Cisco Cyber Security Essentials Chapter-1
Cisco Cyber Security Essentials Chapter-1Mukesh Chinta
 
CA_Module_2.pdf
CA_Module_2.pdfCA_Module_2.pdf
CA_Module_2.pdfEhabRushdy1
 
Mikrotik RouterOS Security Audit Checklist by Akbar Azwir
Mikrotik RouterOS Security Audit Checklist by Akbar AzwirMikrotik RouterOS Security Audit Checklist by Akbar Azwir
Mikrotik RouterOS Security Audit Checklist by Akbar AzwirAkbar Azwir, MM, PMP, PMI-SP, PSM I, CISSP
 
2 Security Architecture+Design
2 Security Architecture+Design2 Security Architecture+Design
2 Security Architecture+DesignAlfred Ouyang
 
Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Cisco cybersecurity essentials chapter - 2
Cisco cybersecurity essentials chapter - 2Mukesh Chinta
 
Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Cisco Cybersecurity Essentials Chapter- 7
Cisco Cybersecurity Essentials Chapter- 7Mukesh Chinta
 
Wireless Attacks
Wireless AttacksWireless Attacks
Wireless Attacksprimeteacher32
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
Cyber Security Standards Compliance
Cyber Security Standards ComplianceCyber Security Standards Compliance
Cyber Security Standards ComplianceDr. Prashant Vats
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
PPT-Security-for-Management.pptx
PPT-Security-for-Management.pptxPPT-Security-for-Management.pptx
PPT-Security-for-Management.pptxRSAArcher
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Mukesh Chinta
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Mukesh Chinta
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptxSandeepK707540
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat IntelligenceDeepak Kumar (D3)
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOARDNIF
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Threat hunting for Beginners
Threat hunting for BeginnersThreat hunting for Beginners
Threat hunting for BeginnersSKMohamedKasim
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...Adam Pennington
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
Cyber security
Cyber securityCyber security
Cyber securityAman Pradhan
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
CA_Module_1.pdf
CA_Module_1.pdfCA_Module_1.pdf
CA_Module_1.pdfEhabRushdy1
 
ENSA_Module_3.pptx
ENSA_Module_3.pptxENSA_Module_3.pptx
ENSA_Module_3.pptxSkyBlue659156
 

Contenu connexe

Tendances

Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
Cyber Security Standards Compliance
Cyber Security Standards ComplianceCyber Security Standards Compliance
Cyber Security Standards ComplianceDr. Prashant Vats
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
PPT-Security-for-Management.pptx
PPT-Security-for-Management.pptxPPT-Security-for-Management.pptx
PPT-Security-for-Management.pptxRSAArcher
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Mukesh Chinta
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Mukesh Chinta
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security FundamentalsRahmat Suhatman
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptxSandeepK707540
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOARDNIF
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Threat hunting for Beginners
Threat hunting for BeginnersThreat hunting for Beginners
Threat hunting for BeginnersSKMohamedKasim
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...Adam Pennington
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber EssentialsJisc
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 

Tendances (20)

Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 
Cyber Security Standards Compliance
Cyber Security Standards ComplianceCyber Security Standards Compliance
Cyber Security Standards Compliance
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
 
PPT-Security-for-Management.pptx
PPT-Security-for-Management.pptxPPT-Security-for-Management.pptx
PPT-Security-for-Management.pptx
 
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...
 
Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6Cisco cybersecurity essentials chapter - 6
Cisco cybersecurity essentials chapter - 6
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3
 
Network Security Fundamentals
Network Security FundamentalsNetwork Security Fundamentals
Network Security Fundamentals
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptx
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
Insight into SOAR
Insight into SOARInsight into SOAR
Insight into SOAR
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
Threat hunting for Beginners
Threat hunting for BeginnersThreat hunting for Beginners
Threat hunting for Beginners
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee Training
 
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...
Anomali Detect 19 - Nickels & Pennington - Turning Intelligence into Action w...
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your Organization
 

Similaire à CA_Module_1.pptx

Cisco Cyber Essentials - Instructor materials.ppt
Cisco Cyber Essentials - Instructor materials.pptCisco Cyber Essentials - Instructor materials.ppt
Cisco Cyber Essentials - Instructor materials.pptjdenbryston
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxAkshayKhade21
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptxjondon17
 
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdfRakeshPatel583282
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptxPradeeshSAI
 
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisEmerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisIRJET Journal
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptxMBRoman1
 
CA_Module_13.pdf
CA_Module_13.pdfCA_Module_13.pdf
CA_Module_13.pdfEhabRushdy1
 
Network security
Network securityNetwork security
Network securitymena kaheel
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptxRishabhDwivedi70
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxRambilashTudu
 
Assign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxAssign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxpdevang
 
Application security meetup 27012021
Application security meetup 27012021Application security meetup 27012021
Application security meetup 27012021lior mazor
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT Ahmed Banafa
 
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxCyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxprtabal_25
 

Similaire à CA_Module_1.pptx (20)

CA_Module_1.pdf
CA_Module_1.pdfCA_Module_1.pdf
CA_Module_1.pdf
 
ENSA_Module_3.pptx
ENSA_Module_3.pptxENSA_Module_3.pptx
ENSA_Module_3.pptx
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Cisco Cyber Essentials - Instructor materials.ppt
Cisco Cyber Essentials - Instructor materials.pptCisco Cyber Essentials - Instructor materials.ppt
Cisco Cyber Essentials - Instructor materials.ppt
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Cysec.pptx
Cysec.pptxCysec.pptx
Cysec.pptx
 
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
02_Security_Audit_-_Common_Cyber_Attacks_9.pdf
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
 
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive AnalysisEmerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
Emerging Threats and Trends in Cybersecurity: A Comprehensive Analysis
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
CA_Module_13.pdf
CA_Module_13.pdfCA_Module_13.pdf
CA_Module_13.pdf
 
Network security
Network securityNetwork security
Network security
 
Rishabhcyber security.pptx
Rishabhcyber security.pptxRishabhcyber security.pptx
Rishabhcyber security.pptx
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptx
 
Cyber Security PPT.pptx
Cyber Security PPT.pptxCyber Security PPT.pptx
Cyber Security PPT.pptx
 
Assign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptxAssign 1_8812814ctm.pptx
Assign 1_8812814ctm.pptx
 
Application security meetup 27012021
Application security meetup 27012021Application security meetup 27012021
Application security meetup 27012021
 
A Wake-Up Call for IoT
A Wake-Up Call for IoT A Wake-Up Call for IoT
A Wake-Up Call for IoT
 
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxCyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
 

Dernier

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 

Dernier (20)

Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 

CA_Module_1.pptx

  • 1. Module 1: The Danger Instructor Materials CyberOps Associate v1.0
  • 2. Module 1: The Danger CyberOps Associate v1.0
  • 3. 9 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Module Objectives Module Title: The Danger Module Objective: Explain why networks and data are attacked. Topic Title Topic Objective War Stories Explain why networks and data are attacked. Threat Actors Explain the motivations of the threat actors behind specific security incidents. Threat Impact Explain the potential impact of network security attacks.
  • 4. 10 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.1 War Stories
  • 5. 11 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Hijacked People • Hackers can set up open “rogue” wireless hotspots posing as a genuine wireless network. • Rogue wireless hotspots are also known as “evil twin” hotspots.
  • 6. 12 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Ransomed Companies • Employees of an organization are often lured into opening attachments that install ransomware on the employees’ computers. • This ransomware, when installed, begins the process of gathering and encrypting corporate data. • The goal of the attackers is financial gain, because they hold the company’s data for ransom until they are paid.
  • 7. 13 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Targeted Nations • Some of today’s malware is so sophisticated and expensive to create that security experts believe only a nation state or group of nations could possibly have the influence and funding to create it. • Such malware can be targeted to attack a nation’s vulnerable infrastructure, such as the water system or power grid. • One such malware was the Stuxnet worm that infected USB drives and infiltrated Windows operating systems. It then targeted Step 7 software that was developed by Siemens for their Programmable Logic Controllers (PLCs).
  • 8. 14 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Video - Anatomy of an Attack Watch this video to view details of a complex attack.
  • 9. 15 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Lab - Installing the Virtual Machine In this lab, you will complete the following objectives: • Install VirtualBox on your personal computer • Download and install the CyberOps Workstation Virtual Machine (VM).
  • 10. 16 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Lab - Cybersecurity Case Studies In this lab, you will analyze the given cases and answer questions about them.
  • 11. 17 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.2 Threat Actors
  • 12. 18 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Threat Actors • Threat actors are individuals or groups of individuals who perform cyberattacks. They include, but are not limited to: • Amateurs • Hacktivists • Organized crime groups • State-sponsored groups • Terrorist groups • Cyberattacks are intentional malicious acts meant to negatively impact another individual or organization.
  • 13. 19 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Threat Actors (Contd.) Amateurs • They are also known as script kiddies and have little or no skill. • They often use existing tools or instructions found on the internet to launch attacks. • Even though they use basic tools, the results can still be devastating. Hacktivists • These are hackers who publicly protest against a variety of political and social ideas. • They post articles and videos, leaking sensitive information, and disrupting web services with illegitimate traffic in Distributed Denial of Service (DDoS) attacks. Financial Gain • Much of the hacking activity that consistently threatens our security is motivated by financial gain. • Cybercriminals want to gain access to bank accounts, personal data, and anything else they can leverage to generate cash flow. Trade Secrets and Global Politics • At times, nation states hack other countries, or interfere with their internal politics. • Often, they may be interested in using cyberspace for industrial espionage. • The theft of intellectual property can give a country a significant advantage in international trade.
  • 14. 20 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors How Secure is the Internet of Things? • The Internet of Things (IoT) helps individuals connect things to improve their quality of life. • Many devices on the internet are not updated with the latest firmware. Some older devices were not even developed to be updated with patches. These two situations create opportunity for threat actors and security risks for the owners of these devices.
  • 15. 21 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Actors Lab - Learning the Details of Attacks In this lab, you will research and analyze IoT application vulnerabilities.
  • 16. 22 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.3 Threat Impact
  • 17. 23 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact PII, PHI, and PSI • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual, for example, name, social security number, birthdate, credit card numbers etc. • Cybercriminals aim to obtain these lists of PII that can then be sold on the dark web. Stolen PII can be used to create fake financial accounts, such as credit cards and short-term loans. • The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI), another type of PII, includes usernames, passwords, and other security-related information that individuals use to access information or services on the network.
  • 18. 24 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Lost Competitive Advantage • The loss of intellectual property to competitors is a serious concern. • An additional major concern is the loss of trust that comes when a company is unable to protect its customers’ personal data. • The loss of competitive advantage may come from this loss of trust rather than another company or country stealing trade secrets.
  • 19. 25 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Politics and National Security • It is not just businesses that get hacked. • State-supported hacker warriors can cause disruption and destruction of vital services and resources within an enemy nation. • The internet has become essential as a medium for commercial and financial activities. Disruption of these activities can devastate a nation’s economy.
  • 20. 26 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential Threat Impact Lab - Visualizing the Black Hats In this lab, you will research and analyze cybersecurity incidents to create scenarios highlighting how organizations can prevent or mitigate an attack.
  • 21. 27 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1.4 The Danger Summary
  • 22. 28 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential The Danger Summary What Did I Learn in this Module? • Threat actors can hijack banking sessions and other personal information by using “evil twin” hotspots. • Threat actors include, but are not limited to, amateurs, hacktivists, organized crime groups, state sponsored, and terrorist groups. • As the Internet of Things (IoT) expands, webcams, routers, and other devices in our homes are also under attack. • Personally Identifiable Information (PII) is any information that can be used to positively identify an individual. • The medical community creates and maintains Electronic Medical Records (EMRs) that contain Protected Health Information (PHI), a subset of PII. • Personal Security Information (PSI) includes usernames, passwords, and other security- related information that individuals use to access information or services on the network.