Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
View Regular
Rakesh Jain Profile picture
Rakesh Jain
@devops_tech
Linux 🐧 | Cloud ☁️ | DevOps 💻 | Security 🪖 Exploring and sharing tech insights through my writings ✍️ Come along on this journey! 👋

Oct 25, 2021, 33 tweets

Cyber Security Basics!

#infosec

A Mega Thread 👇

What is Cyber Security?

Cybersecurity is a way of protecting the network, computers, and other electronic gadgets from cybercriminals. The Malicious attackers might delete, modify or leak confidential information posing a huge threat to a business or an individual.

What is Cyber Crime?

Here are some examples of Cyber Crime:

1. Identity Theft

2. Online Predators

3. BEC ("Business Email Compromise")

4. Ransomware

4. Stealing of sensitive intellectual property

Who are Cyber Criminals?

1. State-sponsored groups targeting organizations in other countries

2. Hacking Groups out to target companies to make them pay ransom

3. Kids in their rooms doing illegal hacking

Cyber Security Branches -

1. Network security
Network security refers to a set of rules and configurations to protect network traffic and data. They prevent data theft by monitoring network connections.

2. System security
Safeguard d system & OS from malicious intrusion, modification, & Virus.

3. Application security
Protects apps from being hijacked.

4. Information security
Secures sensitive info from unauthorized access & prevents misuse, disclosure, or destruction of data.

5. Web security
Protects a web application from security breaches from unauthorized personnel.

6. Mobile security
Protection of all gadgets associated with wireless computing like smartphones tablets and laptops.

Cyber Criminals and their types -

1. Script kiddies
These are thrill-seekers and enthusiasts who want to be a hacker but lack technical expertise.

2. Spammers
These criminals spam your inbox with bulk messages. They try to steal your data and perform fraudulent activities.

3. Hacker groups
These are Informal communities that work anonymously with the same motive of breaking the security of a target.

4. Phishers
Phishers try to gain personal details like usernames and passwords. They present themselves as trustworthy entities to obtain this info.

5. Insiders
Disloyal individuals within an org who r willfully stealing, damaging or exposing internal data of an org.

6. Advanced Persistent Threat (APT) Agents
They perfectly execute organized crimes against a target by a longterm presence on a nw to mine highly sensitive data

7. Identity Thieves

They steal the identity of another person without their knowledge to commit fraud like making financial transactions.

Types of Cyber Threats/Attacks -

Based On the attacker’s motivation cyber attacks can be classified into two types.

A. Passive attack

The attacker’s motivation is to gain confidential information without affecting the system resources or threatening the victim.

B. Active attack

The attacker modifies the information and causes a threat to system resources causing damage to the integrity of the system.

Types/methods employed by cybercriminals to breach security -

1. Malware
Malware is malicious software made by the hacker to damage a genuine user’s system. It usually spreads when you install rogue software or click an infected link or email.

The different types of malware are:

A. Virus
A virus is a self-replicating computer program that spreads through the computer system infecting other clean files.

B. Trojan horse

A Trojan horse, or Trojan, is a type of malicious code or software that looks legitimate but can take control of your computer. A Trojan is designed to damage, disrupt, steal, or in general inflict some other harmful action on your data or network.

C. Spyware

A code that secretly captures user activities like internet usage data and makes use of the tracked information for fraud purposes.

D. Ransomware

Ransomware is malware that employs encryption to hold a victim's information at ransom.

A user or organization's critical data is encrypted so that they cannot access files, databases, or applications.

A ransom is then demanded to provide access.

E. Botnets

Botnets are devices connected over the internet. It is used for Launching Distributed Denial of Service (DDoS) on the user’s website or to steal data.

2. SQL injection

SQL injection runs a Structured Query Language code in the database of a website to access sensitive data like private customer details.

3. Phishing

Method where cybercriminals steal user data like login credentials and credit card numbers by duping like a trusted party. It is simply launched via email or a text message.

4. Man-in-the-middle attack

MitM attack is of eavesdropping nature, where the unauthorized third party secretly intercepts the communication between two parties.

5. Denial-of-service attack

The attacker cuts down all messages directed to a specific destination. This is done by disrupting a whole network or overloading it with messages to degrade performance.

6. Scareware

D attacker scares d user & tricks him into purchasing an anti-virus. Once installed by d user, it starts throwing msgs on d screen that ur system is under fire & throws d victim into a panic. Den it redirects a victim to a bogus website to shop for an anti-virus.

7. Keylogger

Keylogger is a code that downloads the log of all the keystrokes of the system. It is sent to the hacker’s computer, to access sensitive information like user ids and passwords.

What is RISK?

Risk refers to the calculated assessment of potential threats to an organization’s security and vulnerabilities within its network and information systems.

What is THREAT ?

Threat is what an organization is defending itself against.

Few examples - malware that plants dangerous executables in your software and ransomware that locks up your systems to specially targeted hacker attacks.

What is Vulnerability?

Vulnerabilities are the gaps or weaknesses that undermine an organization’s IT security efforts, e.g. a firewall flaw that lets hackers into a network.

How to safeguard against all this ?

Cyber Security Methods -

1. Data Loss Prevention (DLP)
DLP software spots data breaches by ensuring end users do not send sensitive information outside the corporate network.

2. Cloud Security
Protection of data stored in cloud platforms.

3. Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS)
Monitors the network to identify potentially malicious activity and reports to the management.

4. Identity and Access Management (IAM)
Set of policies for managing the access privileges for the individual users in the network.

5. Encryption
Process of encoding raw data into unreadable form to prevent theft in transit.

6. Antivirus/anti-malware
Software that finds and removes viruses and malware from the system.

7. Proxies
It is a hub between the user and the internet. It allows the user to conceal the network id by hiding the user’s IP address.

8. Firewall
Uses a set of predefined rules to set barriers against untrusted networks.

9. Cyber Liability Insurance
Covers financial losses and operational liability from data theft or breaching.

Share this Scrolly Tale with your friends.

A Scrolly Tale is a new way to read Twitter threads with a more visually immersive experience.
Discover more beautiful Scrolly Tales like this.

Keep scrolling