Read on Twitter
So you want to get into Cyber Security? I’ll tell you how
Cyber security is about protecting data, networks and devices from unauthorised access
Most people are currently working remotely.
This increases the risk of security incidences as companies' data is now accessible over home networks with little or no security add ons
This increases the risk of security incidences as companies' data is now accessible over home networks with little or no security add ons
During the lockdown, security incidences have risen by 65%
The advantage is that there is an opportunity for newbies in this field
First, you need to understand the different types of cyber security threats:
1. Social Engineering - This is when an attacker steals sensitive information by tricking or manipulating users through human interaction to gain access to sensitive information
2. Phishing - This is when the attacker sends fraudulent emails from a source similar to a reputable source with the aim of stealing sensitive data
For example, when you receive an email from info@paypail.com. You assume it's from paypal and you click on the links in the email which take you to an untrusted website where you input your credit card details or login information
This is how scammers like:
- Grant West (Just Eat Phish attack)
- Olajide Onikoyi (Student Loan Phish)
- Onur Kopçak (Banking Phish)
- Hushpuppi (Corp account Phish)
stole users log in details and got access to information to steal money or sell these credentials on the dark web
- Grant West (Just Eat Phish attack)
- Olajide Onikoyi (Student Loan Phish)
- Onur Kopçak (Banking Phish)
- Hushpuppi (Corp account Phish)
stole users log in details and got access to information to steal money or sell these credentials on the dark web
3. Malware - This is when a file or program uses malicious software to harm a computer user.
Think about viruses, worms, spyware and Trojan horses that are used to steal data and damage devices.
Think about viruses, worms, spyware and Trojan horses that are used to steal data and damage devices.
4. Ransomware - This is when an attacker uses a malware to encrypt users' files and demands payment to decrypt and unlock them
Recently, LG electronics has been a victim of the Maze ransomware.
Maze has been releasing sensitive information and will continually do so until LG pays a ransom.
Read more about this attack here - #infosec #threatintelligence via @aucyble https://bit.ly/2YE4ulG
Maze has been releasing sensitive information and will continually do so until LG pays a ransom.
Read more about this attack here - #infosec #threatintelligence via @aucyble https://bit.ly/2YE4ulG
Now that you know the 4 main types of cyber attacks, the next step is to understand the elements of cyber security:
1. Network Security - A network is a group of computers that share computing resources provided by nodes using communication protocols over digital interconnections.
Greek eh?
Greek eh?
Think about when you are in an office or cyber cafe and you want to share printers or data safely.
To do this, computers have to be connected via telephone lines, cables etc.
The common types of networks are LAN and WAN
To understand this better, read https://bit.ly/3dD97jW
To do this, computers have to be connected via telephone lines, cables etc.
The common types of networks are LAN and WAN
To understand this better, read https://bit.ly/3dD97jW
Now that you understand networks, you can see the need for network security.
Intruders target networks with opportunistic malware to steal data
Intruders target networks with opportunistic malware to steal data
To protect the integrity of a network, companies implement layers of defences to implement policies and controls to prevent unauthorised access
The common types of network security are:
a. Firewalls: This is a network security system where security rules are implemented to monitor incoming and outgoing traffic with triggers to alert the security team when something unusual is happening
Think of this like how people are allowed into hotels.
If you have a key card, you don't need to stop at the front desk to gain access to your room
If you have a key card, you don't need to stop at the front desk to gain access to your room
If you manage to slip through the front desk security, when you get to the lift, you are unable to gain access to certain floors because you don't have key card access.
To understand this better, read https://bit.ly/3i9lp7i
To understand this better, read https://bit.ly/3i9lp7i
b. Email security: In every network, email is the number 1 vector for network security breaches
Companies use email security tools to block incoming attacks and scan outgoing emails to prevent data loss.
To understand this better, read https://bit.ly/2NxTJuu
To understand this better, read https://bit.ly/2NxTJuu
