What You Should Know About Cybersecurity

Introduction

This book is an introduction to cybersecurity, intended to help the general public understand the importance of this ever-expanding field. The topic has become increasingly relevant as cyberattacks intensify around the globe.

The subject will be discussed in general terms, since the technologies, tools, policies and processes associated with cybersecurity have become increasingly complex. The average computer user is still baffled by the ability of hackers to take control of digital devices, such as laptops, iPads, mobile phones and the IoT (‘Internet of Things’). In general, people do not understand what they have done wrong. It is even harder to explain to them how it happened. The majority shake their heads and consider cyberattacks to be irrelevant to their daily lives. They feel that they do not have any sensitive information stored in their devices relevant to hackers. The majority even believe that hackers and cyberattackers only target people in a sensitive position or those in government. For the average person, an attempt on their digital device to obtain information is not important, so ignorance plays a significant role in making the job of hackers easy.

The general public does not realize that all digital media, especially laptops and mobiles, contain personal information (documents, pictures, videos, email, text messages, etc.) which can be copied, transferred or stolen. Such private information can be used as a bargaining chip for ransom, threats, intimidation, fraud and other types of cybercrime. There are many cases of people falling prey to phishing emails and identification fraud which have caused them emotional and financial stress. Such valuable personal and financial information should be protected at all costs and by any means. Once they are out in cyberspace, no one can predict how those involved in organized crime and groups of hackers will utilize them criminally and illegally.

This book will shed light on various key subjects linked to cybersecurity and cybercrime, such as the multiple definitions and terminologies commonly used by the public, as well as standard technical terms, different cyber threats, password security, viruses and malware, email security, Internet security, computer security, physical security, wireless security, identity theft, social engineering, and backup and recovery.

As the topic of cybersecurity and cybercrime is vast and limitless, it will not be covered in depth. This book acts as an introduction to this broad topic and readers are encouraged to engage in further research, using the various references available in cyberspace.

Cybercrime is a daily threat to our way of life, both on a personal and a global scale. Current cyberattacks on various countries’ infrastructures remind us all that without such foundations, our comfortable daily lifestyle cannot continue. Current technologies and the evolution of social media have enabled hackers of various types to threaten not only our freedom but also our everyday life as we know it.

Cybersecurity has become national security for all nations. It poses a threat to infrastructures, especially security and the military establishment. How nations are attacking other countries by utilizing their advanced cybersecurity tools is explored in this book, including the Stuxnet virus attack on Iranian nuclear facilities; attacks on water and electrical grids and networks; social media affecting elections and the media, such as the attack on the Qatar National Broadcasting Agency; attacks on financial systems and the disabling of various infrastructures in countries such as Estonia and the Ukraine. These examples will be highlighted to show readers the seriousness of cyberattacks, especially in smaller nations. Countries with advanced cybersecurity are fighting each other, utilizing the latest technological tools in their arsenals. Cyber espionage on security and military establishments is not only a daily occurrence, but it also happens at commercial and industrial sites across the world. Countries which do not have research and development (R&D) capabilities have resorted to cyber espionage to steal industrial blueprints and intellectual property, saving themselves from having to invest and spend millions of dollars on R&D.

Thus, cybersecurity has become an important topic amongst decision makers in government and the private sector. Cybercrime is ranked as the number one threat to businesses and protection must be provided at all costs. The subjects of cybersecurity and cybercrime have become more important, given the proliferation of identity fraud and email phishing, utilizing social engineering and social media applications. Hackers working either individually or with gangs have infiltrated users’ accounts. They can access reports in multiple ways and post them for sale on the Dark Web. Many businesses realize their systems have been hacked after users’ credentials are posted in cyberspace. Such accounts are then used to blackmail or ransom individuals and business entities across the globe. With various devices nowadays connected to the Internet, it has become easy for hackers to obtain passwords and security pins to launch attacks not only locally but internationally.

This book will touch on the above issues and attempt to educate readers about the danger of cybercrime and the security levels required to enhance the safety and integrity of their digital devices and systems.

Chapter 1

Cybersecurity and Cybercrime Terminology - Most Common Technical Terms

Five years ago, cybersecurity and cybercrime terminology were not familiar to the general public. However, since then, many users of digital devices have been harmed by hackers illegally accessing their private information and as a result, more people have become acquainted with them.

But still, when asked what cybersecurity is, many people understand it as a mixture of terms linked to security, the Internet, hacking, loss of data and others. There is no unified understanding of the definition of these essential terms and there is still confusion between information security and cybersecurity. Although the two terms are closely connected in their operations and with regards to safety, the public understands them to mean the security of physical computers and digital devices. It is essential for a novice to understand certain cybersecurity terms, which have become common in cyberattack incidents.

Here is a list of the most pertinent terminology relating to the field for the non-specialist reader.

Adware. The term is used generally to mean that certain viruses and worms are launched when an individual clicks on an advertisement appearing on a digital device. Most of these types of attacks use fake ads intended to launch malware into target systems. With the popularity of social media applications and the increasing flood of advertisements on Facebook, Instagram, Telegram, Twitter and the like, the number of people affected by adware is growing considerably.

Anti-Virus. This software system sold by cybersecurity companies and software developers is installed on digital devices to identify, prevent and clean devices of all viruses and worms. There are various levels of development with regards to capabilities, and the more advanced an anti-virus system is, the higher the cost, but it is essential as the first front line of defense.

APT (Advanced Persistent Threats). This is now a popular term that describes those hackers with advanced persistent capabilities. Nation states and criminal groups who possess advanced tools and hacking technologies are characterized as APT. When such a hacking has occurred, it is challenging to discover the source. Viruses and worms launched by APT can stay hidden for longer periods. APT hackers can cause severe damage to targeted assets.

Assets. Refers to targeted digital devices’ assets in cyberattacks. They also represent victims’ assets, whatever they may be. 

Authentication. The process of ensuring that the owner of an account has the legal authority to access it and the account is not being accessed by an unknown individual. Authentication can be two-factor based on user identification and a password, or three-factor. In three-factor authentication, there is an additional level of security identification of the user. This might be a digital PIN or a series of private questions to individuals. There are also other advanced forms of authentication, such as biometric identification.

Authorization. Refers to the legal right of access into a system and specific applications. A user can be authorized to access the human resource module of the software system but not financial records — such authorization may be given by the network administrator or database manager. 

Availability. Information transmitted, received, stored and retrieved should be available to the custodian/owner at all times. Compromising available data is a significant concern to decision makers dealing with cyberspace.

Backdoor. A term used in the cybersecurity world to mean the ability of hackers to install a worm capable of re-entering a network system and accounts.

Backup and Recovery. This is an essential activity for any organization, small or large, in addition to individuals. The process of backing up data in storage devices and also on the cloud is a necessary activity. Recovery must be possible in case of loss or deletion of data. There are several recovery tools available on the market.

Black Hat Hackers. This term defines hackers as black hat due to the illegal hacking in which they engage. They are extremely dangerous and work on penetrating computer systems and launching viruses and worms, inflicting severe damage.

Blockchain. A new technology of journaling/recording all transactions in blocks that are chained together. It provides efficiency, authenticity and security, utilizing various geographically distributed nodes/servers to enable the sustainability of its services. The term is a new one and not many people understand what it means. Due to its very technical nature, there is uncertainty as to its merit in helping general security to minimize cyberattacks. The benefits of implementing Blockchain technology across organizations’ transactions have shown its great potential. However, when it comes to cybersecurity, the jury is still out, and we will have to see how this technology can protect transactions from cyberattacks.

Bot/Botnet. A compromised digital device used as a slave to send a flood of transactions and other types of malicious codes to an intended target. Owners of devices infected by malicious viruses and worms do not know that their digital tools have been taken over and utilized for launching attacks on websites and servers.

Breaches. Access and publication of material obtained from illegal exploiting of digital devices such as computers and mobile phones, utilizing malicious viruses and worms. Data breaches are increasing exponentially and many cases have been reported in recent years.

Brute Force Attack. This term applies to the technique used to crack a password key which cannot be broken by other means. Various tools, techniques, dictionaries and hashing passwords are used to match the wanted password of target victims. Brute Force is applied when passwords and security pins are encrypted and impossible to crack by any other methods. It may take longer to crack an encrypted password using Brute Force than to uncover standard unencrypted passwords.

Bug. Refers to an error discovered in a software code of a program or application. These bugs are similar to vulnerabilities and must be patched and upgraded urgently to avoid exploitation by hackers.

Cloud. Information services and technology provided by a third party utilizing telecommunications and the Internet. Software, hardware, storage, retrieval, security, and backup and recovery are all provided by a third party over the Internet at demand. The utilization of cloud technology is widespread, since it reduces cost and is efficient and effective in the storage and retrieval of information. Cyberattacks against stored data have occurred and there are cases reported of data breaches of cloud-stored data.

Command and Control Server. The server used to command and control other digital devices. Also, the term is applied to central command in military and intelligence operations whereby an operations room with a centralized computer system is set up to monitor, manipulate and control all traffic and transactions. Furthermore, hackers utilize this option to launch multiple attacks on several targets.

Confidentiality. An essential aspect of cybersecurity is to maintain confidentiality. It means that end-to-end communication and transmission of information should be confidential and not compromised