ROTC MS 1: MILITARY KNOWLEDGE MODULE

CYBER SECURITY AWARENESS

OBJECTIVES:

At the end of this module, you will be able to:

1. Understand what Cyber security all about;

2. Understand the Cyber Threats and Types of Cyber Security and the Source of
Threats; and
3. Know the ten steps to Cyber Security; and
4. Learn and understand the offences related to Cyber.

WHAT IS CYBER SECURITY? EVERYTHING YOU NEED TO KNOW 

Cybersecurity is the protection of internet-connected systems such as hardware, software

and data from cyber-threats. The practice is used by individuals and enterprises to protect
against unauthorized access to data centers and other computerized systems.

The goal of implementing cybersecurity is to provide a good security posture for computers,
servers, networks, mobile devices and the data stored on these devices from attackers with
malicious intent. Cyber-attacks can be designed to access, delete, or extort an
organization’s or user’s sensitive data; making cybersecurity vital., Medical, government,
corporate and financial organizations, may all hold vital personal information on an
individual, for example.

Cybersecurity is a continuously changing field, with the development of technologies that

open up new avenues for cyberattacks. Additionally, even though significant security
breaches are the ones that often get publicized, small organizations still have to concern
themselves with security breaches, as they may often be the target of viruses and phishing.

To protect organizations, employees and individuals, organizations and services should

implement cybersecurity tools, training, risk management approaches and continually update
systems as technologies change and evolve.

Cybersecurity refers to the collection of tools, policies, risk management approaches,

actions, training, best practices, assurance and technologies that can be used to protect the
cyber environment and organization and user’s assets.

TYPES OF CYBER SECURITY THREATS 

The process of keeping up with new technologies, security trends and threat intelligence is a
challenging task. However, it's necessary in order to protect information and other assets
from cyber threats, which take many forms. Cyber threats can include:

Malware is a form of malicious software, which any file or program can be used to harm a
computer user, such as worms, computer viruses, Trojan horses and spyware.

Ransomware attacks are a type of malware that involves an attacker locking the victim's
computer system files -- typically through encryption -- and demanding a payment to decrypt
and unlock them.

CYBER SECURITY AWARENESS 1|Page

Social engineering is an attack that relies on human interaction to trick users into breaking
security procedures to gain sensitive information that is typically protected.

Phishing is a form of fraud where fraudulent emails are sent that resemble emails from
reputable sources; however, the intention of these emails is to steal sensitive data, such as
credit card or login information.

WHAT IS CYBER THREAT? 

For a cybersecurity expert, the Oxford Dictionary definition of cyber threat is a little lacking:
"the possibility of a malicious attempt to damage or disrupt a computer network or system."
This definition is incomplete without including the attempt to access files and infiltrate or
steal data.

In this definition, the threat is defined as a possibility. However, in the cybersecurity

community, the threat is more closely identified with the actor or adversary attempting to
gain access to a system. Or a threat might be identified by the damage being done, what is
being stolen or the Tactics, Techniques and Procedures (TTP) being used.

TYPES OF CYBER THREATS 

In 2012, Roger A. Grimes provided this list, published in Infoworld, of the top five
most common cyber threats:

1. Social Engineered Trojans

2. Unpatched Software (such as Java, Adobe Reader, Flash)
3. Phishing
4. Network traveling worms
5. Advanced Persistent Threats

But since the publication of this list, there has been widespread adoption of several different
types of game-changing technology: cloud computing, big data, and adoption of mobile
device usage, to name a few.

In September 2016, Bob Gourley shared a video containing comments from Rand
Corporation testimony to the House Homeland Security Committee, Subcommittee on
Cybersecurity, Infrastructure Protection and Security Technologies regarding emerging
cyber threats and their implications. The video highlights two technology trends that are
driving the cyber threat landscape in 2016:

1. Internet of things – individual devices connecting to internet or other networks

2. Explosion of data – stored in devices, desktops and elsewhere

Today’s cybercrime landscape is diverse. Cyber threats typically consist of one or more of
the following types of attacks:

 Advanced Persistent Threats

 Phishing
 Trojans
 Botnets
 Ransomware
 Distributed Denial of Service (DDoS)
 Wiper Attacks
 Intellectual Property Theft

CYBER SECURITY AWARENESS 2|Page

  Theft of Money
 Data Manipulation
 Data Destruction
 Spyware/Malware
 Man in the Middle (MITM)
 Drive-By Downloads
 Malvertising
 Rogue Software
 Unpatched Software

Unpatched software, seemingly the simplest vulnerability, can still lead to the largest leaks,
such as the case of Panama Papers.

SOURCE OF CYBER THREATS

In identifying a cyber threat, more important than knowing the technology or TTP, is knowing
who is behind the threat. The TTPs of threat actors are constantly evolving. But the sources
of cyber threats remain the same. There is always a human element; someone who falls for
a clever trick. But go one step further and you will find someone with a motive. This is the
real source of the cyber threat.

For example, in June of 2016, SecureWorks revealed tactical details of Russian Threat
Group-4127 attacks on Hillary Clinton's presidential campaign emails. Then, in
September, Bill Gertz of The Washington Times reported on another cyber attack on Hillary
Clinton's emails, presumed to be the work of "hostile foreign actors," likely from either China
or Russia. There currently exists a U.S. policy on foreign cyber threats known as "deterrence
by denial." In this case, denial means preventing foreign adversaries from accessing data in
the U.S.

But not all cyber threats come from foreign countries. Recently, Pierluigi Paganini
@securityaffairs reported that police arrested two North Carolina men who are alleged to be
members of the notorious hacking group called 'Crackas With Attitude' which leaked
personal details of 31,000 U.S. government agents and their families.

Most Common Sources of Cyber Threats

 Nation states or national governments

 Terrorists
 Industrial spies
 Organized crime groups
 Hacktivists and hackers
 Business competitors
 Disgruntled insiders

CYBER THREAT INTELLIGENCE IS NECESSARY FOR ENTERPRISES 

Advanced threat actors such as nation-states, organized cybercriminals and cyber

espionage actors represent the greatest information security threat to enterprises today.
Many organizations struggle to detect these threats due to their clandestine nature, resource
sophistication, and their deliberate "low and slow" approach to efforts. For enterprises, these
more sophisticated, organized and persistent threat actors are seen only by the digital traces
they leave behind. For these reasons, enterprises need visibility beyond their network

CYBER SECURITY AWARENESS 3|Page

borders into advanced threats specifically targeting their organizations and infrastructure.
This is known as threat intelligence.

Cyber threat researchers can begin by knowing a background profile of assets beyond the
network border and being aware of offline threats such as those reported here by Luke
Rodenheffer of Global Risk Insights. They should then monitor mission-critical IP addresses,
domain names and IP address ranges (e.g., CIDR blocks). This can grant advanced warning
while adversaries are in the planning stages. With this enhanced visibility, you can gain
improved insight into ongoing exploits, identification of cyber threats and the actors behind
them. This allows you to take proactive steps to defend against these threats with an
appropriate response.

The internet has become a space riddled with malicious links, trojans and viruses. Data
breaches are becoming more frequent, and unsuspecting users are more vulnerable than
ever before. When one click can cost thousands, and even millions, users need actionable
to-do’s that can help them stay alert and safe online. Here are our top 10 cyber security
tips for your users:

1. Clicking Without Thinking Is Reckless

Just because you can click, doesn’t mean you should. Remember, it can cost you a hefty
sum. Malicious links can do damage in several different ways, so be sure to inspect links
and ensure they’re from trusted senders before clicking.

2. Use Two-Factor Authentication

It’s important to have a strong password, but it’s even more imperative to have two-factor, or
multi-factor, authentication. This method provides two layers of security measures so if a
hacker can accurately guess your password, there is still an additional security measure in
place to ensure that your account is not breached.

3. Look Out for Phishing Scams

With over 3 billion fake emails sent daily, phishing attacks are some of the greatest
cybersecurity threats as they are very easy to fall for. In a phishing attack, a hacker will pose
as someone that the recipient may be familiar with to trick them into opening a malicious link,
divulging important credentials, or opening software that infects the recipient’s system with a
virus. The best way to be on the lookout for phishing scams is by avoiding emails from
unfamiliar senders, look for grammatical errors or any inconsistencies in the email that looks
suspicious, and hover over any link you receive to verify what the destination is.

CYBER SECURITY AWARENESS 4|Page

4. Keep Track of Your Digital Footprint

When you monitor your accounts, you can ensure you catch suspicious activity. Can you
recall everywhere you have online accounts and what information is stored on them, like
credit card numbers for easier payments? It’s important to keep track of your digital footprint,
including social media, and to delete accounts you’re not using, while ensuring you set
strong passwords (that you change regularly).

5. Keep Up With Updates

Software patches can be issued when security flaws are discovered. If you find these
software update notifications to be annoying, you’re not alone. But you can consider them
the lesser of two evils when weighing up rebooting your device versus putting yourself at risk
for malware and other types of computer infection.

6. Connect Securely

Cyber security tips about this have been dished out by nearly every tech expert under the
sun, but many still don’t follow this advice. You might be tempted to connect your device to
an unsecured connection, but when you weigh the consequences, it’s not worth it. Only
connect to private networks when possible, especially when handling sensitive information.

7. Secure Your Mobile Device

Security doesn’t end at your desktop. It’s important to get into the habit of securing your
presence through your mobile device as well. Use strong passwords and biometric features,
ensure you turn off your Bluetooth, don’t automatically connect to any public Wi-Fi, and
download with caution.

8. Beware of Social Engineering

When hackers can’t find a security vulnerability, they’ll attack in other ways. Enter social
engineering. This type of attack is more of an attack on the mind of the user, rather than on
the device, to gain access to systems and information. Especially with the information
publicly available online and over social media, cyber criminals come up with creative ways
to dupe users.

CYBER SECURITY AWARENESS 5|Page

9. Back-Up Your Data

These days, storage doesn’t cost much. There’s no excuse not to have a backup of
important data. Back it up on a physical location and on the cloud. Remember, malicious
threats and hackers don’t always want to steal your data, but sometimes the end-goal is to
encrypt or erase it. Back it up to have an ultimate recovery tool.

10. You’re Not Immune

The most harmful thought you can have is “it won’t happen to me,” or “I don’t visit unsafe
websites.” Cybercriminals don’t discriminate in targeting all sorts of users. Be proactive. Not
all mistakes can be undone with “ctrl + Z”.

Simple cyber security tips like these can go a long way in preventing a catastrophe, but
they’ve only scratched the surface of how your users can be educated and protected.
Cybint’s comprehensive cyber education platform was made for all types of users, from
beginner to advance. 

WHAT ARE THE TEN (10) STEPS TO CYBER SECURITY?  

1. Risk management regime

Organizations must understand the risks they face before implementing security measures.
This enables them to prioritize the biggest threats and ensure their responses are
appropriate.

A risk management regime also helps keep the board involved in your cyber security efforts,
and enables you to adjust your approach as the threat landscape changes. For example,
you might request changes or additions to your cyber security policies or staff awareness
programmed.

2. Secure configuration
One of the most common causes of data breaches is misconfigured controls, such as a
database that’s not properly secured or a software update that hasn’t been installed.

Highlighting the importance of configuration can ensure that you remove or disable
unnecessary functionality from systems and address known vulnerabilities promptly.

3. Home and mobile working

Many organizations offer employees the chance to work from home or on the go, but this
comes with security risks. Remote workers don’t get the same physical and network security
that’s provided in the office, so organizations must respond accordingly.

That should include limiting access to sensitive systems and creating policies for protecting
laptops, removable devices and physical information outside the office.

CYBER SECURITY AWARENESS 6|Page

4. Incident management
No matter how robust your defense measures are, you will experience a security incident at
some point.

You must prepare for this by establishing policies and procedures to help mitigate the
damage and get you back up and running as quickly as possible.

5. Malware prevention
There are many ways malware can infect an organization’s systems. It could be sent in an
email attachment, worm through a vulnerability or be plugged into an office computer via a
removeable device.

To mitigate these risks, organizations should implement anti-malware software and policies
designed to help prevent employees from falling victim.

6. Managing user privileges

Organizations must create access controls to ensure that employees can only access
information that’s relevant to their job.

This prevents sensitive information being exposed should someone gain unauthorized
access to employees’ accounts, and makes it less likely that an employee will steal sensitive
information.

7. Monitoring
System monitoring enables you to detect successful or attempted attacks. This helps you in
two essential ways. First, you will be able to identify incidents promptly and initiate response
efforts.

Second, you’ll gain first-hand evidence of the ways criminals are targeting you, giving you
the opportunity to shore up your defenses and look for vulnerabilities before crooks identify
them.

8. Network security
The connections from your networks to the Internet contain vulnerabilities that could be
exposed.

You won’t be able to eradicate all of those vulnerabilities, but you should be aware of them
and remove as many risks as you can with architectural changes. Likewise, you should
implement policies and technical measures to reduce the likelihood of them being exploited.

9. Removable media controls

USBs and other removable devices are the source of many security issues. Not only are
they often used to inject malware but they are also involved in many insider incidents.
Employees are prone to losing removable devices or leaving them plugged into computers
where unauthorized parties can access them.

Organizations must therefore create policies emphasizing the need to keep removable
devices on your person or in a secure location.

10. User education and awareness

Employees play an essential role in their organization’s security practices, so they need to
be taught their responsibilities and shown what they can do to prevent data breaches.

CYBER SECURITY AWARENESS 7|Page

CYBER OFFEENSES. 

The following acts constitute the offense of cybercrime punishable under this Act:
1. Illegal Access. Unauthorized access (without right) to a computer system or application.

2. Illegal Interception. Unauthorized interception of any non-public transmission of

computer data to, from, or within a computer system.

3. Data Interference. Unauthorized alteration, damaging, deletion or deterioration of

computer data, electronic document, or electronic data message, and including the
introduction or transmission of viruses. Authorized action can also be covered by this
provision if the action of the person went beyond agreed scope resulting to damages stated
in this provision.

4. System Interference. Unauthorized hindering or interference with the functioning of a

computer or computer network by inputting, transmitting, damaging, deleting, deteriorating,
altering or suppressing computer data or program, electronic document, or electronic data
messages, and including the introduction or transmission of viruses. Authorized action can
also be covered by this provision if the action of the person went beyond agreed scope
resulting to damages stated in this provision.

5. Misuse of Devices. The unauthorized use, possession, production, sale, procurement,

importation, distribution, or otherwise making available, of devices, computer program
designed or adapted for the purpose of committing any of the offenses stated in Republic Act
10175.Unauthorized use of computer password, access code, or similar data by which the
whole or any part of a computer system is capable of being accessed with intent that it be
used for the purpose of committing any of the offenses under Republic Act 10175.

6. Cyber-squatting. Acquisition of domain name over the Internet in bad faith to profit,
mislead, destroy reputation, and deprive others from the registering the same. This includes
those existing trademark at the time of registration; names of persons other than the
registrant; and acquired with intellectual property interests in it. Those who get domain
names of prominent brands and individuals which in turn is used to damage their reputation
– can be sued under this provision. Note that freedom of expression and infringement on
trademarks or names of person are usually treated separately. A party can exercise freedom
of expression without necessarily violating the trademarks of a brand or names of persons.

7. Computer-related Forgery. Unauthorized input, alteration, or deletion of computer data

resulting to inauthentic data with the intent that it be considered or acted upon for legal
purposes as if it were authentic, regardless whether or not the data is directly readable and
intelligible; or The act of knowingly using computer data which is the product of computer-
related forgery as defined here, for the purpose of perpetuating a fraudulent or dishonest
design.

8. Computer-related Fraud. Unauthorized input, alteration, or deletion of computer data or

program or interference in the functioning of a computer system, causing damage thereby
with fraudulent intent.

9. Computer-related Identity Theft. Unauthorized acquisition, use, misuse, transfer,

possession, alteration or deletion of identifying information belonging to another, whether
natural or juridical.

10. Cybersex. Willful engagement, maintenance, control, or operation, directly or indirectly,

of any lascivious exhibition of sexual organs or sexual activity, with the aid of a computer
system, for favor or consideration. There is a discussion on this matter if it involves “couples”

CYBER SECURITY AWARENESS 8|Page

or “people in relationship” who engage in cybersex. For as long it is not done for favor or
consideration, I don’t think it will be covered. However, if one party (in a couple or
relationship) sues claiming to be forced to do cybersex, then it can be covered.
11. Child Pornography. Unlawful or prohibited acts defined and punishable by Republic
Act No. 9775 or the Anti-Child Pornography Act of 2009, committed through a computer
system.

12. Libel. Unlawful or prohibited acts of libel as defined in Article 355 of the Revised Penal
Code, as amended committed through a computer system or any other similar means which
may be devised in the future. Revised Penal Code Art. 355 states Libel means by writings
or similar means. A libel committed by means of writing, printing, lithography, engraving,
radio, phonograph, painting, theatrical exhibition, cinematographic exhibition, or any similar
means, shall be punished by prison correctional in its minimum and medium periods or a fine
ranging from 200 to 6,000 pesos, or both, in addition to the civil action which may be brought
by the offended party. The Cybercrime Prevention Act strengthened libel in terms of penalty
provisions. The electronic counterpart of libel has been recognized since the year 2000
when the E-Commerce Law was passed. The E-Commerce Law empowered all existing
laws to recognize its electronic counterpart whether commercial or not in nature.

13. Aiding or Abetting in the Commission of Cybercrime. Any person who willfully abets
or aids in the commission of any of the offenses enumerated in this Act shall be held liable.

14. Attempt in the Commission of Cybercrime. Any person who willfully attempts to
commit any of the offenses enumerated in this Act shall be held liable.

15. All crimes defined and penalized by the Revised Penal Code, as amended, and
special laws, if committed by, through and with the use of information and communications
technologies shall be covered by the relevant provisions of this Act: Provided, That the
penalty to be imposed shall be one (1) degree higher than that provided for by the Revised
Penal Code, as amended, and special laws, as the case may be.

16. Corporate Liability. When any of the punishable acts herein defined are knowingly
committed on behalf of or for the benefit of a juridical person, by a natural person acting
either individually or as part of an organ of the juridical person, who has a leading position
within, based on: (a) a power of representation of the juridical person provided the act
committed falls within the scope of such authority; (b) an authority to take decisions on
behalf of the juridical person: Provided, That the act committed falls within the scope of such
authority; or (c) an authority to exercise control within the juridical person, It also includes
commission of any of the punishable acts made possible due to the lack of supervision or
control.

Prepared By:

CPT MARIO A PRINCER PA (RES)

CYBER SECURITY AWARENESS 9|Page