The awareness of cybersecurity

Cybersecurity Lecturer:
Jumana Khwaileh
Topics:
Identity, Digital Identity, Credentials

Passwords • Weak Password, Strong Password, how to create Good Password

Threats today

Social Engineering • Urgently, Anchoring, Bandwagon

Phishing &Mail Fraud • Spear Phishing

NFC Payment • NFC Attack

Applications and Software & Antivirus Virus
and Ransomware, Malware
• Denial of service & distributed Denial of service (Dos & DDoS)

Taking control of your computer • RAT, After RAT & Protect Ourselves

Pen drives • Leak of Information, Infected Pen drives, USB Killer Pen drive, BitLocker
Topics:
Revealing Information
•Authorized Entity, Key Management
Encryption •Key Exchange. Public key

Public Wi-Fi & Deep fake

•WIFI Connection * Hotspot
WIFI Connection •Wireless access point (WAP) * Virtual private network (VPN)

ip address

Mobility
•Storage & performance
Cloud •synchronization
•Firewall
Cyber security tools •Network Intrusion Detection system/ Host Intrusion Detection System (NIDS,HIDS)
•Proxy * Modem VS Router

Cyber security myth

 Cybersecurity and
identity management
and credentials
 Cybersecurity and Identity Management and
Credentials
• cybersecurity is more important than ever.
• The evolution of cybersecurity reflects the ever-growing
importance of protecting digital assets and information.
• With the increasing reliance on digital technologies,
protecting sensitive information, and ensuring the integrity of
digital systems has become paramount.
 Cybersecurity and Identity Management and
Credentials
• Let’s explore the fundamental concepts of cybersecurity and
identity management, including:
• The importance of digital identity
• The role of credentials in authentication
• Best practices for securing digital systems and resources.
 Cybersecurity and Identity Management and
Credentials
• Cybersecurity is a critical field that focuses on protecting
computers, networks, and data from unauthorized access,
attacks, damage, or theft.
• It encompasses a wide range of practices, technologies, and
measures designed to ensure the CIA (confidentiality,
integrity, and availability of information).
 Cybersecurity and Identity Management and
Credentials
• Confidentiality, integrity, and availability together are
considered the three most important concepts within
information security.
• Help guide the development of security policies for
organizations.
• Thinking of the CIA triad's three concepts together as an
interconnected system, rather than as independent concepts,
can help organizations understand the relationships between
the three.
 Cybersecurity and Identity Management and
Credentials
• Identity refers to the characteristics that define who or what a
person or entity is.
• In the context of cybersecurity, identity is crucial for
establishing trust and controlling access to resources.
• Identity management involves verifying the identity of users
and devices, assigning access rights based on that identity
(Access control), and monitoring and managing those rights
over time.
 Cybersecurity and Identity Management and
Credentials
What about Digital Identity?
• Digital identity refers to the online representation of an individual,
organization, or device.
• It is used to establish a unique identity in the digital world and is often
linked to a set of credentials (such as usernames, passwords, and
digital certificates) that are used to authenticate the identity and
authorize access to digital resources.
• Digital identity represents the online persona of an entity and is used
to establish trust and facilitate secure interactions in the digital world.
 Cybersecurity and Identity Management and
Credentials
What about Credentials?
• Credentials are pieces of information that are used to
authenticate the identity of a user or device.
• They can include usernames, passwords, security tokens,
biometric data, and digital certificates.
 Cybersecurity and Identity Management and
Credentials
The Importance of Credentials
• Credentials play a critical role in authenticating identities and
authorizing access to resources.

• Credentials are used to verify that a user or device is who or

what they claim to be, and they are essential for ensuring the
security of digital systems and resources.
 Summary
• Identity management is essential for verifying the identity of
users, devices, and services, controlling access to resources,
and ensuring the security and integrity of digital systems.
• Identity management plays a crucial role in cybersecurity by
involving a variety of techniques and technologies, including
authentication, authorization, and auditing, to protect against
unauthorized access and data breaches.
PASSWORDS
 Passwords
• Passwords are a cornerstone of cybersecurity, serving as the
primary means of authentication for accessing digital resources.
They are used to verify the identity of users and protect sensitive
information from unauthorized access. Despite their importance,
passwords are also a common point of vulnerability, as weak or
compromised passwords can lead to security breaches and data
theft.
 Passwords

• We will explore the role of passwords in cybersecurity, the

challenges associated with password security, and best practices for
creating and managing strong passwords.

• Understanding the importance of passwords and implementing

effective password management practices are essential for
enhancing cybersecurity and protecting against threats.
 Passwords

• Passwords are a critical component of cybersecurity, serving

as the first line of defense against unauthorized access to
sensitive information.
• However, not all passwords are created equal.
• Understanding the difference between weak and strong
passwords and knowing how to create a good password is
essential for enhancing security.
 Weak Passwords

• Weak passwords are easy to guess or crack, making them

vulnerable to attacks.
• Common examples of weak passwords include dictionary
words, simple sequences (e.g., "123456"), or easily guessable
information (e.g., "password123").
• Using weak passwords can compromise the security of your
accounts and data.
 Strong Passwords

• Strong passwords are complex, unique, and difficult to guess

or crack.
• They typically include a combination of uppercase and
lowercase letters, numbers, and special characters.
• A strong password is also long enough to resist brute-force
attacks, which try every possible combination of characters.
 How to Create a Good Password:

1. Length: Use passwords that are at least 12-16 characters long. Longer passwords are
generally more secure.
2. Complexity: Include a mix of uppercase and lowercase letters, numbers, and special
characters (e.g., !@#$%^&*).
3. Avoid Common Words: Avoid using dictionary words, common phrases, or easily
guessable information.
4. Avoid Personal Information: Do not use easily obtainable information such as your
name, birthdate, or common passwords like "password" or "123456."
5. Unique Passwords: Use a unique password for each account to prevent a single breach
from compromising multiple accounts.
6. Use Passphrases: Consider using a passphrase, which is a series of random words strung
together, as they can be easier to remember and harder to crack.
 How to Create a Good Password:

• Example of a Strong Password: "R3s!stBrut3F0rc3Att@cks!"

• Remember to regularly update your passwords and use multi-

factor authentication (MFA) whenever possible to add an
extra layer of security.
 Summary

• Passwords are a foundational aspect of cybersecurity, serving as the

primary method for authenticating users and protecting sensitive
information. However, the strength of a password directly impacts its
ability to withstand attacks. Weak passwords are easily compromised,
while strong passwords significantly enhance security.

• Creating a strong password involves using a combination of uppercase and

lowercase letters, numbers, and special characters, while avoiding
common words or easily guessable information. Additionally, using unique
passwords for each account and regularly updating them can further
enhance security.
 Summary

• While passwords are an essential aspect of cybersecurity, they

are not foolproof. Implementing additional security measures
such as multi-factor authentication (MFA) can further protect
against unauthorized access and data breaches. By
understanding the importance of strong passwords and
following best practices, individuals and organizations can
significantly improve their cybersecurity posture.
THREATS TODAY
 Threats today
• Cyber dangers are always changing, growing in frequency and sophistication.
Unsettlingly, Gartner projects that by 2025, there will be three times as many
companies globally that will be the target of assaults on their software
supply chains as there were in 2021.
• A security breach could have disastrous effects on a company's operations,
resulting in significant financial and reputational losses. It is crucial to
understand which hazards to be aware of. Below is a summary of the top five
most frequent cyber threats as of right now.
 Threats today
• We will explore some of the outstanding threats in these days, such as:

1. Malware

2. Ransomware

3. Data Breaches

4. Insider Threats

5. Phishing and Social Engineering: will be discussed later

 Malware

• Malware: Malicious software (malware) includes viruses, worms,

Trojans, ransomware, and spyware, designed to disrupt, damage,
or gain unauthorized access to computer systems or data.
 Ransomware
• Ransomware: Ransomware is a type of malware that encrypts a
victim's files or locks their system, demanding a ransom for
decryption or access restoration.

• It can cause significant financial and operational damage to

individuals and organizations.
 Data Breaches
• Data Breaches: Data breaches involve unauthorized access to
sensitive information, such as personal data, financial records, or
intellectual property.

• Breaches can result from various factors, including weak security

controls, insider threats, or external attacks.
 Insider Threats

• Insider Threats: Insider threats involve malicious or careless

actions by individuals within an organization.

• These threats can result from employees, contractors, or

business partners with access to sensitive information or
systems.
 Awareness
• To mitigate these threats, organizations must implement a
comprehensive cybersecurity strategy that includes robust
security measures, regular security assessments, user
education, and incident response planning.

• To address these threats, organizations need to stay awake,

keep their systems and software up to date, educate users
about cybersecurity best practices, and implement robust
security measures across their networks and systems.
 Summary

• Cybersecurity threats continue to evolve and pose significant challenges to

individuals, organizations, and governments worldwide.
• From malware and phishing attacks to ransomware and supply chain
vulnerabilities, the range and complexity of threats require constant
vigilance and proactive security measures.
 Summary

• Effective cybersecurity requires a multi-faceted approach that includes

robust technical controls, regular security assessments, user education,
and incident response planning.
• Organizations must stay informed about the latest threats and
vulnerabilities, implement best practices for securing their systems and
networks, and collaborate with industry peers and security experts to
enhance their cyber defenses.
 Summary

• While no system can be entirely immune to cyber threats, organizations

that prioritize cybersecurity and adopt a proactive and holistic approach to
security are better equipped to detect, respond to, and mitigate the
impact of cyber attacks.
• By investing in cybersecurity measures and staying ahead of emerging
threats, individuals and organizations can protect themselves against the
growing cyber threat landscape.
SOCIAL ENGINEERING
 Social Engineering
• Social engineering is the term used for a broad range of malicious activities
accomplished through human interactions. It uses psychological manipulation
to trick users into making security mistakes or giving away sensitive
information.

• Social engineering is a tactic used by cyber attackers to manipulate individuals into

divulging confidential information or performing actions that compromise security.
Unlike traditional cyber attacks that target technical vulnerabilities, social engineering
exploits human psychology and behavior to deceive victims
 The technique…
• Social engineering attacks happen in one or more steps.

• An attacker first investigates the intended victim to gather necessary background

information, such as potential points of entry and weak security protocols, needed to
proceed with the attack.

• Then, the attacker moves to gain the victim’s trust and provide stimuli for subsequent
actions that break security practices, such as revealing sensitive information or
granting access to critical resources.
Social Engineering life cycle
 Social engineering attack techniques
• Social engineering attacks come in many different forms and can be
performed anywhere where human interaction is involved.
• The following are the five most common forms of digital social engineering
assaults.
– Baiting
– Scareware
– Pretexting
– Phishing
– And others.
 Social engineering
• Social engineering is dangerous because it relies on human psychology and
deception to bypass traditional security measures. Here are several reasons
why it poses a significant threat:
1. Exploits Human Trust

2. Targets Weakest Link

3. Difficulty in detection information or systems.

4. Exploits Human Emotions

• And others.
 Tips
 Social engineers manipulate human feelings, such as curiosity or fear, to
carry out schemes and draw victims into their traps.

 Therefore, be wary whenever you feel alarmed by an email, attracted to

an offer displayed on a website, or when you come across stray digital
media lying about.

 Being alert can help you protect yourself against most social engineering
attacks taking place in the digital realm.
 Summary

• Social engineering attacks continue to be a significant threat to

cybersecurity, exploiting human psychology to bypass technical defenses.
These attacks are often sophisticated, using deception and manipulation
to trick individuals into divulging sensitive information or performing
actions that compromise security.
 Summary

• To defend against social engineering attacks, organizations and individuals

must remain vigilant and adopt a security-aware mindset.

• This includes recognizing common social engineering tactics, such as

phishing emails and pretexting, and implementing security measures such
as multi-factor authentication, employee training, and regular security
assessments.
Phishing &Mail Fraud
 Phishing &Mail Fraud
• Phishing and mail fraud are deceptive practices used by cybercriminals to trick
individuals into providing sensitive information or sending money under false
pretenses.

• While phishing typically occurs through electronic communication channels

such as email, mail fraud encompasses deceptive schemes conducted through
traditional mail services.
 Phishing
• Phishing is a form of cyber attack where attackers impersonate legitimate
organizations or individuals to trick victims into providing sensitive information
such as passwords, credit card numbers, or personal data.

• Phishing attacks often use email, instant messaging, or social media platforms
to deceive users into clicking on malicious links or downloading attachments
that contain malware.

• One of the Phishing types is Spear Phishing.

 Spear phishing
• Spear phishing is a targeted form of phishing attack that is highly personalized
and tailored to a specific individual or organization. Unlike traditional phishing
attacks that are more generic and sent to a large number of recipients, spear
phishing attacks are more focused and aim to deceive a particular target by
using information specific to that individual or organization.
 Spear phishing
• Spear phishing attacks often involve gathering information about the target,
such as their name, position, interests, and relationships, to create a more
convincing and believable message. Attackers may impersonate a trusted
individual or organization known to the target, such as a colleague, supervisor,
or reputable company, to trick them into disclosing sensitive information or
performing a specific action, such as clicking on a malicious link or
downloading an attachment.
 Common phishing techniques include:
 Spoofed emails that mimic legitimate organizations, such as banks or
government agencies, and request sensitive information.

 Emails that create a sense of urgency, such as threatening to close an account

unless immediate action is taken.

 Emails that offer enticing rewards or prizes in exchange for personal

information.

 Emails that appear to be from a trusted contact but are actually from an
attacker who has compromised the contact's account.
 Mail Fraud
• Mail fraud, on the other hand, is a form of fraud that involves using the postal
service to deceive victims. While less common than phishing in the digital age,
mail fraud schemes can still be sophisticated and damaging. Mail fraud can
take various forms, such as:
– Sweepstakes or lottery scams that require victims to pay fees to claim a prize that doesn't
exist.

– Investment scams that promise high returns but result in financial loss for victims.

– Charity scams that solicit donations for fake organizations or causes.

 Similarities and Differences:

• Both phishing and mail fraud aim to deceive individuals into providing sensitive
information or sending money under false pretenses.

• However, phishing is typically conducted through electronic communication

channels, while mail fraud relies on the postal service.

• Both forms of fraud often use similar tactics, such as impersonating legitimate
entities and creating a sense of urgency or excitement to manipulate victims.
 Impact and Prevention:
• Phishing and mail fraud can have serious consequences, including financial
loss, identity theft, and damage to reputation. To prevent falling victim to
these scams, individuals and organizations should:

– Verify the legitimacy of requests for sensitive information before providing any
personal details.
– Be cautious of emails or mailings that create a sense of urgency or offer unsolicited
rewards.
– Use strong, unique passwords for online accounts and enable two-factor
authentication when available.
– Educate themselves and others about the dangers of phishing and mail fraud and
how to recognize and report suspicious activity.
 Summary

• In conclusion, phishing and mail fraud are persistent threats that target
individuals and organizations worldwide. While phishing primarily occurs
through electronic communication channels, mail fraud exploits the postal
service to deceive victims. Despite their differences, both forms of fraud
rely on deception and manipulation to trick individuals into providing
sensitive information or sending money.
 Summary

• To protect against phishing and mail fraud, individuals and organizations

should remain vigilant and skeptical of unsolicited requests for personal
information or financial transactions. It's essential to verify the legitimacy
of communications before taking any action and to report suspicious
activity to the appropriate authorities.
NFC Payments
 NFC Payments
• Near Field Communication (NFC) technology has revolutionized the way we make
payments, offering a convenient and secure way to complete transactions using
smartphones, smartwatches, or other NFC-enabled devices.

• However, like any digital payment method, NFC payments are not without their
cybersecurity risks. This discussion explores the implications of NFC payments on
cybersecurity, highlighting both the benefits and challenges of this technology.
 NFC Payments

• NFC payments are contactless transactions that make use of near-field

communication technology, which enables safe connection between gadgets
like a payment terminal and a mobile phone. This technology underpins tap-
to-pay payment cards as well as mobile wallet payments like Apple Pay,
Google Pay, and Samsung Pay. An NFC-capable card reader is required in
order to accept NFC payments.
 NFC Technology Overview:
• NFC technology allows devices to communicate with each other when placed in close
proximity, typically within a few centimeters.

• This technology is commonly used for contactless payments, enabling users to simply
tap their devices on a compatible terminal to complete a transaction.
 Benefits of NFC Payments:
• NFC payments offer several benefits, including convenience, speed, and security.
Users can quickly and easily make payments without the need for cash or physical
cards, reducing the risk of theft or loss. NFC transactions are also encrypted, making
them more secure than traditional magnetic stripe cards.
 Cybersecurity Challenges:
• Despite the security features of NFC payments, there are still cybersecurity challenges
to consider. One of the main risks is data interception, where attackers attempt to
intercept and steal sensitive information during the transaction process. This risk can
be mitigated through the use of encryption and secure authentication methods.
 Security Best Practices:
• To enhance the security of NFC payments, users should follow best practices such as:

 Keeping their devices updated with the latest security patches and updates.

 Using strong, unique passwords or biometric authentication for device access.

 Regularly monitoring their accounts for unauthorized transactions.

 Summary

• In conclusion, NFC payments offer a convenient and secure way to make

transactions, but they are not immune to cybersecurity risks.
• By understanding the technology and following best practices, users can
enjoy the benefits of NFC payments while minimizing the risk of fraud or
data theft.
• As NFC technology continues to evolve, it is essential for users to stay
informed and take proactive measures to protect their financial
information.
VIRUS AND RANSOMWARE,
MALWARE
 Viruses, Ransomware, and Malware:
• Viruses are malicious programs that replicate themselves and
spread to other computers. They can infect files, damage
systems, and steal data.
• Ransomware is a type of malware that encrypts files and
demands payment for their release.
• Other forms of malware include spyware, adware, and trojans,
which can monitor user activity, display unwanted ads, and
steal sensitive information
 Impact on Applications and Software:
• Viruses, ransomware, and other malware can have a devastating
impact on applications and software.

• They can corrupt files, disrupt operations, and compromise sensitive

information.

• In some cases, malware can render an entire system or network

unusable, leading to costly downtime and recovery efforts.
 Role of Antivirus Software
• Antivirus software plays a crucial role in protecting against
viruses, ransomware, and other malware.
• It works by scanning files and monitoring system activity for
signs of malicious behavior.
• Antivirus programs use a variety of techniques, such as
signature-based detection and heuristic analysis, to detect
and remove malware.
 Relationship between Applications, Software, and Antivirus

• Applications and software are often the targets of malware

attacks due to their widespread use and potential
vulnerabilities.
• Antivirus software helps protect these applications and
software by detecting and removing malware before it can
cause harm.
• However, antivirus software is not foolproof, and users must
also practice safe computing habits, such as keeping software
up to date and avoiding suspicious links and downloads.
Denial Of Service & Distributed Denial Of Service
(DOS & DDOS)
 DoS and DDoS Attacks
• Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
are malicious attempts to disrupt the normal functioning of a network,
system, or application by overwhelming it with a flood of traffic.
• These attacks can have serious consequences, including downtime, loss of
revenue, and damage to reputation.
• In this discussion, we will explore the nature of DoS and DDoS attacks and
their relationship with applications, software, and antivirus programs.
 DoS and DDoS Attacks
• DoS attacks involve sending a large volume of traffic to a target system,
such as a website or server, to overwhelm it and make it inaccessible to
legitimate users.

• DDoS attacks are similar but involve multiple compromised devices,

known as a botnet, coordinating the attack. These attacks can exploit
vulnerabilities in applications and software to achieve their goal.
 Impact on Applications and Software:

• DoS and DDoS attacks can have a significant impact on applications and
software.

• They can disrupt the normal operation of applications, making them

unavailable to users. This can lead to a loss of revenue for businesses that
rely on these applications for their operations.

• Additionally, DoS and DDoS attacks can damage the reputation of an

organization if customers are unable to access its services.
 Impact on Applications and Software:

• DoS and DDoS attacks can have a significant impact on applications and
software.

• They can disrupt the normal operation of applications, making them

unavailable to users. This can lead to a loss of revenue for businesses that
rely on these applications for their operations.

• Additionally, DoS and DDoS attacks can damage the reputation of an

organization if customers are unable to access its services.
 Role of Antivirus Software:
• Antivirus software plays a crucial role in protecting against cybersecurity threats
posed by applications and software.
• Antivirus programs use a variety of techniques to detect and remove malicious
code, including:
– Signature-based detection, which compares files against a database of known malware
signatures.
– Heuristic analysis, which identifies suspicious behavior patterns that may indicate the
presence of malware.
– Real-time scanning, which continuously monitors system activity for signs of malware
infection.
 Role of Antivirus Software:
• While antivirus software is not specifically designed to protect against dos
and DDoS attacks, it can play a role in mitigating their impact.

• Antivirus programs can detect and remove malware that may be used to
launch dos and DDoS attacks.
• Additionally, antivirus software can help prevent the spread of malware
that could be used to create botnets for DDoS attacks.
RAT, AFTER RAT & PROTECT OURSELVES
 RAT
• RATs are a type of malware that provides attackers with unauthorized
access to a victim's computer.
• They can be used to perform a wide range of malicious activities,
including:
1. Monitoring user activity, such as keystrokes, screen captures, and
webcam feeds.
2. Stealing sensitive information, such as passwords, credit card
numbers, and personal data.
3. Installing additional malware or backdoors to maintain access to the
compromised system.
 After RAT
After a RAT has been installed on a victim's computer, attackers can use the
compromised system to launch further attacks.

This may include:

1. Using the compromised system to launch attacks against other computers or
networks.
2. Stealing additional information or resources from the compromised system.
3. Using the compromised system as a bot in a botnet to perform large-scale
attacks, such as DDoS attacks.
 Protecting Ourselves
• To protect against RAT attacks, individuals and organizations can take the following
steps:
1. Keep software and operating systems up to date to protect against known
vulnerabilities.
2. Use strong, unique passwords for all accounts and enable two-factor authentication
when available.
3. Be cautious of email attachments and links from unknown or suspicious sources.
4. Use reputable antivirus software and keep it up to date to detect and remove RATs and
other malware.
5. Monitor network traffic for signs of unauthorized access or unusual activity.
 Leak of information, infected pen
drives, USB killer pen drive, BitLocker
 Leak of Information
• The leak of information can occur through various means, including the
use of infected pen drives.

• Infected pen drives can contain malware that is designed to steal sensitive
information from a computer when the pen drive is inserted.

• This malware can then transmit the stolen information to an attacker,

compromising the security of the affected system.
 Infected Pen Drives
• Infected pen drives are a common method used by attackers to distribute
malware.

• These pen drives can contain malware that is designed to infect any
computer it is inserted into.

• Once infected, the malware can steal sensitive information, such as

passwords, credit card numbers, or personal data, from the compromised
system.
 USB Killer Pen Drive
• A USB killer pen drive is a malicious device that is designed to physically
damage a computer when inserted into a USB port.

• These devices can deliver a high-voltage electrical charge to the computer,

damaging the USB port and potentially other components of the system.

• USB killer pen drives are typically used as a form of sabotage or vandalism,
rather than for stealing information.
 BitLocker
• BitLocker is a full-disk encryption feature included with Windows that can
help protect against the leak of information and such threats from
infected or USB killer pen drives.

• By encrypting the data stored on the drive, BitLocker ensures that even if
the drive is compromised, the encrypted data remains secure and cannot
be accessed by unauthorized parties.
Revealing Information
 Revealing information

• Revealing information, intentionally or unintentionally, can have serious

consequences for individuals and organizations.

• Whether it's through careless sharing of personal information online or

the exposure of sensitive data due to a security breach, the repercussions
of revealing information can be far-reaching.
 Types of Information Revealed

• Information can be revealed in various ways, including:

1. Sharing personal information on social media platforms.

2. Falling victim to phishing scams or other cyber attacks.

3. Accidentally disclosing sensitive information in emails or documents.

4. Exposing data through insecure storage or transmission methods.

 Impact of Revealing Information

• The impact of revealing information can be significant, including:

1. Identity theft, fraud, or other forms of cybercrime.

2. Damage to reputation, both personally and professionally.

3. Financial loss or legal repercussions.

4. Compromised security of sensitive data, leading to breaches and data leaks.

 Protecting Against Information Revealing

• To protect against information revealing, individuals and organizations can

take several measures, including:
1. Being cautious about sharing personal information online.

2. Use strong, unique passwords and enable two-factor authentication.

3. Keeping software and systems up to date to protect against vulnerabilities.

4. Encrypting sensitive data and using secure transmission methods.

5. Educating employees and users about the importance of cybersecurity and privacy.
Authorized Entity, Key
Management
 Authorized Entity Management
• Managing authorized entities involves defining and enforcing access
controls to ensure that only authorized users and devices have access to
sensitive data and systems.

• This includes implementing strong authentication mechanisms, such as

passwords, biometrics, or multi-factor authentication, to verify the
identity of users and devices.
 Key Management
• Key management is crucial for securing data and communications in a digital
environment.

• It involves generating, storing, distributing, and revoking cryptographic keys used

for encryption and decryption.

• Effective key management ensures that keys are protected from unauthorized
access and that they are rotated regularly to minimize the risk of compromise.
 Challenges in Key Management
• Key management presents several challenges, including:
– Ensuring that keys are generated securely and are sufficiently random.

– Protecting keys from loss, theft, or unauthorized access.

– Distributing keys securely to authorized entities.

– Revoking keys when they are no longer needed or compromised.

 Best Practices for Key Management
• To address these challenges, organizations should implement best practices for key
management, including:
– Using strong, randomly generated keys.

– Storing keys securely in a dedicated key management system.

– Rotating keys regularly and revoking compromised keys promptly.

– Implementing strong access controls to protect keys from unauthorized access.

Key Exchange. Public key
 Key Exchange. Public key
• Key exchange is a fundamental aspect of modern cryptography, enabling secure
communication and data transfer over untrusted networks.
• In public key cryptography, also known as asymmetric cryptography, a pair of keys is
used:
o a public key, which can be freely distributed, and a private key, which is kept secret.

• This discussion will explore the concept of key exchange in public key cryptography,
its importance in ensuring secure communication, and the challenges involved in
implementing secure key exchange protocols.
 Public Key Cryptography
• In public key cryptography, each user has a pair of keys: a public key and a
private key.
• The public key is used for encryption, while the private key is used for
decryption.
• The public key can be freely distributed, allowing anyone to encrypt
messages that can only be decrypted by the corresponding private key
holder.
 Key Exchange Protocols

• Key exchange protocols are used to securely exchange cryptographic keys

over untrusted networks.

• One of the most widely used key exchange protocols is the Diffie-Hellman
key exchange, which allows two parties to establish a shared secret key
over an insecure channel without any prior communication.
 Challenges in Key Exchange

• Key exchange poses several challenges, including:

– Man-in-the-middle attacks, where an attacker intercepts and alters the
exchanged keys.

– Key distribution, ensuring that public keys are authentic and not tampered
with.

– Key management, including key generation, storage, and revocation.

 Public Key Infrastructure (PKI)

• Public key infrastructure (PKI) is a framework that facilitates the use of

public key cryptography in secure communication.

• PKI includes mechanisms for key generation, distribution, storage, and

revocation, as well as protocols for secure key exchange.
Public Wi-Fi & Deep fake
 Public Wi-Fi and deep fake
• Public Wi-Fi and deep fake technology are two aspects of the modern digital
landscape that present both opportunities and challenges.

• Public Wi-Fi provides convenient access to the internet in public spaces but can
also pose security risks.

• Deep fake technology, on the other hand, allows for the creation of highly realistic
but fake videos and images, raising concerns about misinformation and privacy.
 Public Wi-Fi networks
• Public Wi-Fi networks, such as those found in cafes, airports, and hotels, offer
convenient internet access for users on the go.
• However, these networks are often unsecured, making them vulnerable to various
cyber threats, including:
– Man-in-the-middle attacks, where an attacker intercepts communication between a user and the
internet.
– Eavesdropping, where an attacker monitors a user's internet activity.
– Malware distribution, where an attacker uses the public Wi-Fi network to distribute malicious
software.
 Deep Fake Technology
• Deep fake technology uses artificial intelligence to create highly realistic
but fake videos and images.

• While this technology has legitimate uses, such as in the film industry, it
also raises concerns about misinformation and privacy.

• Deep fake videos can be used to spread false information or to manipulate

public opinion.
 Mitigating Risks
To mitigate the risks associated with public Wi-Fi and deep fake technology, individuals
and organizations can take the following steps:

• Use a virtual private network (VPN) when connecting to public Wi-Fi networks to
encrypt internet traffic.

• Enable two-factor authentication on online accounts to add an extra layer of security.

• Be cautious of information shared online and verify the authenticity of sources,

especially when consuming media.
WIFI Connection
 Evolution of Wi-Fi Technology

• Wi-Fi technology has evolved significantly since its inception in the late
1990s. Initially, Wi-Fi networks were slow and had limited range.

• However, advancements in technology, such as the development of the

802.11 standards and the introduction of MIMO (Multiple Input Multiple
Output) technology, have greatly improved Wi-Fi performance, speed, and
reliability.
 Benefits of Wi-Fi
Wi-Fi offers several benefits, including:

– Convenience: Wi-Fi allows for wireless connectivity, eliminating the need for
cumbersome cables.

– Mobility: Wi-Fi enables users to stay connected while on the move, whether
in a coffee shop, airport, or hotel.

– Connectivity: Wi-Fi provides high-speed internet access, allowing for seamless

streaming, downloading, and browsing.
 Challenges of Wi-Fi
• Despite its benefits, Wi-Fi also poses several challenges,
including:
– Security: Wi-Fi networks can be vulnerable to security threats, such as
unauthorized access and data breaches.
– Interference: Wi-Fi signals can be affected by interference from other
electronic devices, neighboring networks, and physical obstacles.
– Performance: Wi-Fi performance can vary depending on factors such as
network congestion, signal strength, and device capabilities.
 Securing and Optimizing Wi-Fi Connections
• To secure and optimize Wi-Fi connections, individuals and organizations can take
the following steps:
– Use strong, unique passwords for Wi-Fi networks and routers.
– Enable encryption, such as WPA2 (Wi-Fi Protected Access 2), to protect data
transmitted over the network.
– Keep Wi-Fi routers and devices up to date with the latest firmware and security
patches.
– Position Wi-Fi routers in central locations away from physical obstacles and
interference sources.
Hotspot
 Hotspot
• Hotspots have become an essential part of modern connectivity, offering
users a convenient way to access the internet while on the go.
• Whether in cafes, airports, or public spaces, hotspots provide wireless
internet access that allows users to stay connected and productive.
• We will explore the benefits of hotspots, the technology behind them, and
best practices for using them securely.
 Benefits of Hotspots
• Hotspots offer several benefits, including:

– Convenience: Hotspots provide wireless internet access, eliminating the need for cables
or wired connections.
– Mobility: Hotspots allow users to stay connected while traveling or away from home,
providing access to important information and services.
– Cost-effective: Hotspots can be a cost-effective alternative to cellular data plans,
especially for users who only need occasional internet access.
 Using Hotspots Securely
• To use hotspots securely, users can take the following steps:

– Use a virtual private network (VPN) to encrypt internet traffic and protect against
eavesdropping.
– Avoid accessing sensitive information, such as banking or personal data, over public
hotspots.
– Enable firewall and antivirus software on devices to protect against malware and other
threats.
– Keep devices and software up to date with the latest security patches and updates.
Wireless access point (WAP)
 Wireless access point (WAP)
• Wireless Access Points (WAPs) are devices that enable wireless devices to
connect to a wired network using Wi-Fi technology.

• They play a crucial role in modern networking, providing flexibility and

convenience in accessing network resources.
 Function and Importance of WAPs

• Wireless Access Points serve as the bridge between wired and wireless
networks, allowing devices such as laptops, smartphones, and tablets to
connect to the network without the need for physical cables.

• They are essential for providing wireless connectivity in homes, offices,

and public spaces, enabling users to access the internet and network
resources from anywhere within range of the WAP.
 Key Features of WAPs
• WAPs come with a variety of features to enhance performance, security,
and manageability.
• Some key features include:
– Dual-band support: WAPs that support both 2.4GHz and 5GHz bands for increased
flexibility and performance.
– Multiple SSIDs: WAPs can support multiple SSIDs, allowing for the creation of separate
wireless networks for different purposes or user groups.
– Power over Ethernet (PoE): Some WAPs support PoE, allowing them to be powered over
the Ethernet cable, simplifying installation and reducing the need for additional power
outlets.
 Deploying and Securing WAPs
• To deploy and secure WAPs effectively, consider the following best
practices:
– Position WAPs strategically to provide optimal coverage and minimize interference.
– Use strong encryption, such as WPA3, to protect wireless communications from
eavesdropping and unauthorized access.
– Enable MAC address filtering to restrict access to known devices only.
– Regularly update WAP firmware to patch vulnerabilities and improve performance.
Virtual private network (VPN)
 Virtual Private Networks (VPNs)

• Virtual Private Networks (VPNs) are essential tools for ensuring online
privacy and security.

• By creating a secure, encrypted connection over the internet, VPNs allow

users to protect their data from prying eyes and access online content
securely and anonymously.
 Benefits of VPNs
• VPNs offer several benefits, including:
– Privacy: VPNs encrypt internet traffic, protecting it from surveillance and
monitoring by ISPs, governments, and hackers.
– Security: VPNs protect against cyber threats, such as malware, phishing, and
man-in-the-middle attacks, by encrypting data.
– Access: VPNs allow users to bypass geographical restrictions and access
content that may be blocked in their region, such as streaming services or
websites.
 Virtual Private Networks (VPNs)
How VPNs Work:
• VPNs work by creating a secure tunnel between the user's device and the
VPN server.
• All internet traffic is routed through this tunnel, encrypting data and
masking the user's IP address.
• This makes it difficult for third parties to intercept or monitor the user's
online activities.
 Using VPNs Securely
• To use VPNs securely, users can follow these best practices:
– Choose a reputable VPN service that does not log user activity or share data
with third parties.
– Enable the VPN kill switch feature to ensure that internet traffic is blocked if
the VPN connection drops.
– Use strong, unique passwords for VPN accounts and enable two-factor
authentication if available.
– Regularly update VPN software to protect against vulnerabilities and ensure
compatibility with the latest security standards.
IP address
 IP address

• The Internet Protocol (IP) address is a fundamental component of the

Internet, serving as a unique identifier for devices connected to a network.

• IP addresses play a crucial role in enabling communication between

devices and facilitating the transfer of data across the internet.

 Importance of IP Addresses:
Importance of IP Addresses:
• IP addresses are essential for identifying and locating devices on a
network. They enable devices to communicate with each other by
specifying the source and destination of data packets.
• Without IP addresses, devices would not be able to send or receive data
over the internet.
 Types of IP Addresses

• There are two main types of IP addresses: IPv4 and IPv6.

• IPv4 addresses are 32-bit numerical addresses, expressed in four sets of

numbers separated by dots (e.g., 192.168.1.1).

• IPv4 addresses are the most common type of IP address and are used to
identify devices on the internet.
 Types of IP Addresses

• IPv6 addresses are 128-bit hexadecimal addresses, expressed in eight

groups of four hexadecimal digits separated by colons (e.g.,
2001:0db8:85a3:0000:0000:8a2e:0370:7334).

• IPv6 addresses are designed to accommodate the growing number of

devices connected to the internet and provide additional features such as
improved security and network performance.
 Assigning IP Addresses

• IP addresses are assigned to devices either manually (static IP addressing) or

automatically (dynamic IP addressing).

• Static IP addressing involves manually configuring the IP address for each

device, which can be time-consuming and prone to errors.

• Dynamic IP addressing, on the other hand, uses a protocol called Dynamic

Host Configuration Protocol (DHCP) to automatically assign IP addresses to
devices on a network, simplifying the management of IP addresses.
Mobility
 Mobility
• Mobility has become a defining characteristic of the modern world,
enabled by advancements in technology that allow us to stay connected
and productive while on the move.
• From smartphones and tablets to laptops and wearables, mobile devices
have transformed how we work, communicate, and access information.
 Impact of Mobility on Society
• Mobility has had a profound impact on society, influencing how we
interact with each other and the world around us.
• It has changed the way we work, with remote work becoming increasingly
common, and the way we socialize, with social media and messaging apps
connecting us across distances.
• Mobility has also transformed industries such as healthcare, education,
and transportation, enabling new ways of delivering services and
experiences.
 Challenges of Mobility

• While mobility offers many benefits, it also presents challenges, including:

– Security: Mobile devices are vulnerable to security threats, such as malware,
phishing, and data breaches.

– Privacy: The constant connectivity of mobile devices raises concerns about

data privacy and the collection of personal information.

– Digital divide: Not everyone has access to mobile technology, leading to

disparities in access to information and services.
 Opportunities of Mobility

Despite these challenges, mobility also creates opportunities for innovation

and growth, including:
– Economic growth: Mobility has fueled the growth of industries such as e-commerce,
app development, and digital marketing.

– Access to information: Mobile devices provide access to a wealth of information and

resources, regardless of location.

– Connectivity: Mobility has connected people around the world, enabling new forms of
collaboration and communication.
 Cloud
- Storage & performance
 Cloud computing

• Cloud computing has revolutionized the way we store and access data,
offering scalable storage solutions and high-performance computing
resources.

• Cloud storage allows users to store data remotely, freeing them from the
limitations of physical storage devices.
 Benefits of Cloud Storage

• Cloud storage offers several benefits, including:

– Scalability: Cloud storage can scale up or down based on the needs of the user,
allowing for flexible storage options.

– Accessibility: Cloud storage enables users to access their data from anywhere
with an internet connection, making it ideal for remote work and collaboration.

– Cost-effectiveness: Cloud storage eliminates the need for expensive hardware

and maintenance costs associated with traditional storage solutions.
 Impact of Cloud Storage on Performance
• Cloud storage can have a significant impact on performance, both
positively and negatively.
• Some factors that can affect performance include:
– Network latency: The speed at which data is transferred between the user's
device and the cloud storage server can affect performance.
– Bandwidth: The amount of data that can be transferred between the user's
device and the cloud storage server can impact performance.
– Storage type: Different types of cloud storage, such as object storage or block
storage, can have different performance characteristics.
 Optimizing Cloud Storage Performance
• To optimize cloud storage performance, users can take the following steps:

– Choose the right storage type for their needs, considering factors such as
performance, cost, and scalability.

– Use caching and compression techniques to reduce the amount of data

transferred between the user's device and the cloud storage server.

– Monitor and analyze performance metrics to identify and address bottlenecks

and optimize resource utilization.
 Cloud
- Synchronization
 Cloud synchronization
• Cloud synchronization has become an integral part of modern computing,
allowing users to access and synchronize their files and data across
multiple devices.
• Whether it's syncing files between a computer and a smartphone or
ensuring that important documents are backed up to the cloud, cloud
synchronization offers convenience and peace of mind.
 Benefits of Cloud Synchronization

• Cloud synchronization offers several benefits, including:

– Accessibility: Cloud synchronization allows users to access their files and data from
anywhere with an internet connection, making it ideal for remote work and
collaboration.

– Backup: Cloud synchronization provides a secure backup of files and data, protecting
against loss due to hardware failure, theft, or other disasters.

– Synchronization: Cloud synchronization ensures that files and data are kept up to date
across all devices, eliminating the need for manual updates or transfers.
 How Cloud Synchronization Works

 Cloud synchronization works by storing files and data in the cloud and
using synchronization software to keep them updated across multiple
devices.

 When a file is updated on one device, the changes are automatically

synchronized to the cloud and then to other connected devices.

 This process ensures that all devices have the latest version of the file.
 How Cloud Synchronization Works
Best Practices for Cloud Synchronization:
To use cloud synchronization effectively, users can follow these best practices:
 Use encryption: Encrypt files before syncing them to the cloud to protect against
unauthorized access.
 Enable versioning: Use versioning features provided by cloud storage providers to keep track
of changes and recover previous versions if needed.
 Monitor storage usage: Regularly monitor storage usage and delete unnecessary files to free
up space and avoid additional costs.
 Use strong passwords: Use strong, unique passwords for cloud storage accounts to prevent
unauthorized access.
CYBER SECURITY
TOOLS
 Firewall
 Network Intrusion Detection system/ Host
Intrusion Detection System (NIDS, HIDS)
 Proxy
 Modem VS Router
FIREWALLS
 Firewalls
• Firewalls are a critical component of network security, acting as a barrier
between a trusted internal network and untrusted external networks,
such as the Internet.
• They monitor and control incoming and outgoing network traffic based on
predetermined security rules, helping to protect against unauthorized
access, malware, and other cyber threats.
 Role of Firewalls in Network Security
• Firewalls play a crucial role in network security by:
– Filtering network traffic: Firewalls examine incoming and outgoing traffic and
block or allow it based on predefined rules.

– Preventing unauthorized access: Firewalls can prevent unauthorized users or

malicious software from accessing a network.

– Detecting and blocking threats: Firewalls can detect and block malware,
viruses, and other cyber threats before they reach the network.
 Types of Firewalls

• There are several types of firewalls, including:

– Packet filtering firewalls: These firewalls examine packets of data as they pass
through the network and block or allow them based on predefined rules.

– Stateful inspection firewalls: These firewalls monitor the state of active

connections and make decisions based on the context of the traffic.

– Proxy firewalls: These firewalls act as intermediaries between internal and

external networks, inspecting and filtering traffic before forwarding it.
 Best Practices for Implementing and Managing Firewalls

• To effectively implement and manage firewalls, organizations can follow

these best practices:
– Define and enforce firewall policies: Clearly define and enforce rules for what traffic is
allowed or blocked by the firewall.
– Regularly update firewall rules: Regularly review and update firewall rules to adapt to
changing security threats and network requirements.
– Monitor firewall logs: Monitor firewall logs for suspicious activity and investigate any
potential security incidents.
– Use multiple layers of security: Use firewalls in conjunction with other security
measures, such as intrusion detection and prevention systems, to provide
comprehensive network security.
Network intrusion detection system/ host
intrusion detection system (NIDS, HIDS)
 (NIDS) and (HIDS)
• Network Intrusion Detection Systems (NIDS) and Host Intrusion Detection
Systems (HIDS) are critical components of modern cybersecurity, providing
real-time monitoring and detection of suspicious activity on networks and
individual devices.

• NIDS monitors network traffic for signs of unauthorized access or

malicious activity, while HIDS monitors the activity on individual devices
for signs of compromise.
 Role of NIDS and HIDS in Cybersecurity

• NIDS and HIDS play a crucial role in cybersecurity by:

– Detecting threats: NIDS and HIDS analyze network traffic and device activity for signs of
unauthorized access, malware, and other security threats.

– Alerting security teams: NIDS and HIDS generate alerts when suspicious activity is
detected, allowing security teams to investigate and respond to potential threats.

– Providing visibility: NIDS and HIDS provide visibility into network and device activity,
helping organizations identify and mitigate security vulnerabilities.
 Key Features of NIDS and HIDS
• NIDS and HIDS offer several key features, including:
– Signature-based detection: NIDS and HIDS use predefined signatures to identify known
threats and patterns of malicious activity.
– Anomaly-based detection: NIDS and HIDS analyze network and device activity for
deviations from normal behavior, which may indicate a security breach.
– Real-time monitoring: NIDS and HIDS provide real-time monitoring and alerting,
allowing for immediate response to potential threats.
– Centralized management: NIDS and HIDS can be centrally managed, allowing for easier
deployment and management across large networks.
 Best Practices for Implementing and Managing NIDS and HIDS

• To effectively implement and manage NIDS and HIDS, organizations can

follow these best practices:
– Define clear security policies: Clearly define security policies and rules for NIDS and HIDS to
follow.
– Regularly update signatures: Regularly update NIDS and HIDS signatures to detect new and
emerging threats.
– Monitor and analyze alerts: Monitor and analyze NIDS and HIDS alerts to identify and
respond to potential security incidents.
– Integrate with other security tools: Integrate NIDS and HIDS with other security tools, such
as firewalls and SIEMs, for a comprehensive security strategy.
PROXY
 Proxy
• A proxy server acts as an intermediary between a client device, such as a
computer or smartphone, and the internet.

• It serves as a gateway, receiving requests from clients and forwarding

them to the internet, then returning the responses to the clients.

• Proxies can be used for various purposes, including improving security,

enhancing privacy, and accessing restricted content.
 Role of Proxies

• Proxies serve several purposes, including:

– Security: Proxies can filter incoming and outgoing traffic, blocking malicious content and
preventing attacks such as DDoS (Distributed Denial of Service).

– Privacy: Proxies can mask the IP address of client devices, providing anonymity and
protecting personal information.

– Access control: Proxies can enforce access policies, allowing or blocking access to
specific websites or content based on predefined rules.
 How Proxies Work
 When a client device sends a request to access a website, it first connects to the
proxy server.
 The proxy then forwards the request to the internet on behalf of the client, using
its own IP address.
 The website responds to the proxy server, which then forwards the response to
the client.
 This process allows the client to access the website without revealing its own IP
address.
 Benefits of Proxies
• Proxies offer several benefits, including:
– Improved security: Proxies can filter traffic, blocking malicious content and protecting
against attacks.

– Enhanced privacy: Proxies can mask the IP address of client devices, providing
anonymity and protecting personal information.

– Access to restricted content: Proxies can bypass geo-restrictions and access content that
may be blocked in certain regions.
 Drawbacks of Proxies
However, proxies also have drawbacks, including:
– Slow performance: Proxies can introduce latency, slowing down internet connection
speeds.

– Potential for abuse: Proxies can be used to bypass security measures and engage in
malicious activities, such as hacking or spamming.

– Configuration complexity: Proxies can be complex to configure and manage, requiring

technical expertise.
MODEM VS ROUTER
 Modems and routers
• Modems and routers are two essential components of a home or office
network, each serving a distinct purpose in connecting devices to the
internet.
• While modems establish the connection with the internet service provider
(ISP), routers manage the traffic between devices within the network.
• Understanding the differences between modems and routers is crucial for
setting up and maintaining a reliable internet connection.
 Modem
• A modem, short for modulator-demodulator, is a device that modulates
and demodulates analog signals to convert them into digital signals and
vice versa.
• It connects to the ISP's network and establishes a connection to the
internet.
• Modems come in various types, including DSL, cable, fiber optic, and
satellite modems, each suited for different types of internet connections.
 Router
• A router is a device that directs traffic between different networks, such as
between a home network and the internet.

• It uses routing tables to determine the best path for data packets to reach
their destination.

• Routers also provide network address translation (NAT), which allows

multiple devices in a network to share a single public IP address.
 Modem vs. Router
The main difference between a modem and a router is their function:

 Modem: A modem establishes the connection to the internet and is responsible

for converting analog signals to digital signals and vice versa.

 Router: A router manages the traffic between devices within a network and
directs data packets to their destination.
 Roles in a Network Setup
 Roles in a Network Setup:
• In a typical home or office network setup, the modem connects to the ISP's
network, while the router connects to the modem and manages the local
network.
• Devices within the network, such as computers, smartphones, and smart
home devices, connect to the router either wired or wirelessly to access
the internet.
Cyber security myth
 Cybersecurity

• Cybersecurity is a critical concern in today's digital world, with individuals

and organizations facing a constant barrage of threats from
cybercriminals.

• However, amid the ever-evolving landscape of cyber threats, some several

myths and misconceptions can lead to ineffective security practices.
 Common Cybersecurity Myths
1. "I'm not a target, so I don't need to worry about cybersecurity." - Everyone is a potential target for cyber
attacks, regardless of their status or role. Cybercriminals often target individuals and organizations indiscriminately,
looking for vulnerabilities to exploit.
2. "Antivirus software is enough to protect me from cyber threats." - While antivirus software is an essential
component of cybersecurity, it is not sufficient on its own. A comprehensive cybersecurity strategy should include
regular software updates, strong passwords, and user awareness training.
3. "I don't need to worry about cybersecurity because I have nothing worth stealing." - Cybercriminals target
individuals and organizations for various reasons, not just financial gain. Personal information, such as social
security numbers and medical records, can be valuable to cybercriminals for identity theft and fraud.
4. "Cyber attacks only happen to big companies." - While high-profile cyber attacks on large companies often
make headlines, individuals and small businesses are also at risk. Cybercriminals often target smaller entities, as
they may have weaker security measures in place.
5. "I can spot phishing emails easily." - Phishing attacks are becoming increasingly sophisticated, making it
challenging to distinguish between legitimate and malicious emails. It is essential to be cautious and verify the
authenticity of emails before clicking on links or providing personal information.
 Debunking Cybersecurity Myths
• It is crucial to understand that cybersecurity is a shared responsibility and
requires a proactive approach to protect against cyber threats.
• Regularly updating software and systems, using strong passwords, and
implementing multi-factor authentication are essential cybersecurity
practices.
• Educating yourself and others about cybersecurity best practices can help
dispel myths and reduce the risk of falling victim to cyber-attacks.
 Thank you
Cybersecurity Lecturer:
Jumana Khwaileh