Common Security Threats and Risks

Confidentiality, Integrity, and Availability Concerns

The CIA Triad

Regulatory Standards

Importance of Security and Information Privacy

Data and information assets

An information asset is information or data that is of value.

Information assets can exist physically (paper, disks, other media) or they can exist electronically, in databases and files.

Intellectual property (IP)

IP refers to creations of the mind and generally are not tangible. It’s protected by copyright, trademark, and patent law.

• Industrial designs

• Trade secrets

• Research discoveries

  Even some employee knowledge is considered intellectual property.

  Companies use a legally binding document called an NDA to prevent the sharing of sensitive information.

Digital products

Digital products are non-tangible assets a company owns.

It includes:

• Software

• Online music

• E-book or audiobooks

• Web elements like WordPress or Shopify themes

  A company must protect digital products from piracy and reserse-engineering.

• DRM is code added directly to files that helps prevent digital assets from being copied or pirated.

• The DMCA makes it illegal to bypass copy protections or to develop technology that helps bypass copy protections.

Confidential Information

Properly handling confidentiality means:

• Restricting access
• Not allowing unauthorized views or copies
• Storing information securely
• Destroying unneeded files
• Getting consent
• Ensuring employees use strong passwords and change them regularly

Security Threats and Ways of Breaches

• Hardware/physical threats due to weak security or poor practices.
• Data leaks
• Data Breach
• Data Dump
• Dumpster Diving
• Software Threats
  • Software or license theft
  • Exploits
  • Malware
    • Viruses
      • Program viruses
      • Macro Viruses
      • Stealth viruses
      • Polymorphic Viruses
    • Worms
    • Trojans
    • Exploits
    • Spyware
    • Adware
    • Ransomware

Different Types of Security Threats

• Impersonation
  • Public Wi-Fi
  • Websites
  • Social Engineering
• Snooping
  • Eavesdropping
  • Man in the middle
    • Physical
    • Logical
    • Spoofing
    • Hijacking
    • Theft of browser cookies
  • Replay
• Password cracking
  • Brute force attacks
  • Dictionary attacks
  • Rainbow attacks
• Unauthorized information alteration
  • Threats for
    • Financial records
    • Vote totals
    • Health records
    • News stories
  • Tools to avoid this:
    • File integrity monitoring (FIM)
    • Relational database management system (RDBMS)
    • Denial of service
      • Buffer overflow
      • ICMP flood
      • SYN flood
      • DDoS attack

Password Management and Security Best Practices

Password Management Techniques

• Password Policies
• Creating better passwords
• Password Confidentiality
• Password reuse
• Password expiration
• 2FA
• MFA
• Password Managers

Identification factors

Identification factors are pieces of information that only you and an authentication service know.

Single sign-on

SSO verifies users for connected accounts or apps, so they only have to log in once.

• Businesses use SSO to simplify and speed up access to resources.
• IT departments set up SSO, so employees are automatically logged in when they log into their work networks.

Authentication, Authorization, and Accounting

The three A’s

There are three processes involved in logging in to a network or account.

Access control

• Rules of the least privilege (ROLP)
• Role-based access control (RBAC) follows a company’s org chart.

Authorization

Authorization is when you have permissions to access a location or do an action.

Access control must be setup before authorization is granted.

Authorization must be set up for your user account before you’re able to log in.

Authentication

Authentication is the act of confirming the identity of a user.

Accounting

Digital accounting is used in troubleshooting, security analysis, forensics, and hacking.

Non-repudiation

Non-repudiation is when you can’t deny being in a specific location. It guarantees a message sent between two parties is genuine.

Ways to Hardening Devices

• Device hardening
• Patching updates
• Firmware updates
  • Secure boot
  • TPM
  • Drive Encryption
• Encryption
• Device lock
• Disable features and ports
  • Autorun
  • Bluetooth
  • NFC
• Apps that harden
  • Antivirus
  • Anti-malware
  • Ani-spyware
  • Software firewalls and VPNS
• Change default password and disable admin accounts

Device hardening

Hardening is the process of securing a device to minimize vulnerabilities.

Harden devices by:

• Disabling unneeded features.

• Updating firmware, OS, and software.

• Using firewalls, VPN, and anti-malware.

  The more layers of security you use, the safer your data and devices will be.

Validation and Device Usage

• Software sources validation
• Use OEM websites
• Avoid third-party websites or use with caution
• Uninstall unwanted software (bloatware)
• Keep your computer safe while browsing
• Firewalls and VPNs
• Disable admin accounts
• Keep software updated

Encryption concepts

Public Key Infrastructure (PKI)

PKI is when a user is validated with a digital certificate by a Certificate Authority (CA).

Cryptographic hashes

A cryptographic hash is a short string of numbers and letters created by running a password or file through an algorithm.

Email and Spam Management

Managing email

Email management is classifying email messages and deciding whether they should be saved or deleted.

• Keep inbox clean
• Organize with folders
• Filter with rules
• Unsubscribe
• Turn off notifications

Identify and manage spam

Spam is unwanted, unsolicited email. Some spam is harmless, but it can be dangerous when scammers use it for phishing or fraud.

To reduce spam:

• Don’t give out your email address.
• Use throwaway accounts.
• Configure settings to block spam.
• Use a full-featured mail app.

Security Concerns and Safe Browsing

Application Ecosystem Security

Mobile applications

• Weak passwords

• Malware

• Poorly designed apps

  

Rooting and Jail breaking

• Add functionality but also adds vulnerability

Desktop Software

• Weak passwords

• Not physically secure

• Non-HTTPS browsing

  

Business software

Business software automates transactions, mines sales data, manages information, and more.

Corporate network

To protect files, systems, and resources, businesses must limit access.

Public Browsing Risks

Free and Open networks

Public browsing risks

• Session hijacking
• Shoulder surfing

Social Networking Sites

Instant messaging

Internet browser and versions

Cookies

Cookies are text files with small pieces of data.

Cookie types:

• Session cookies
• Persistent cookies
• Authentication cookies
• First-party cookies
• Third-party cookies
• Zombie cookies

Security certificates

Secure sockets layer (SSL) certificates authenticate a website’s identity and enable an encrypted connection between a web server and a browser.

Browser updates

Because browsers are a favorite target for hackers, keeping them updated is very important.

Safe Browsing Techniques

Autofill management

Browser cache and history

A browser cache is a storage data that holds downloads of web pages you’ve visited.

Private browsing

• You appear as a new or unknown user on the sites you visit.
• Other people who use the device won’t see your history.
• Cookies and site data are deleted when you exit the browser.
• But private browsing activity isn’t hidden from your employer, school, or ISP.
• Bookmarks you create will be kept.
• Downloaded files are saved and may be visible to other users.

Malicious websites

Safe websites

Identifying safe websites is more significant than ever.

Safety tips include:

• Use the Whois Lookup tool
• Look for reviews
• Only visit HTTPS sites
• Check the trust seal
• Inspect URLs

Adware and popups

Redirection

The aim of redirection is to point you towards certain types of advertising or dangerous code.

Redirection is caused by:

• Unwanted toolbars or browser extensions

• Malware that alerts searches and URLs

• Hacked websites servers that redirect visitors

  To avoid hijacking and redirection:

• Set automatic updates for your browser, OS, and security tools.

• Run regular system scans.

Warning signs

Search engines use algorithms to detect harmful sites. Browsers use those results to warn users.

Security Threats: Virtual Private Networks

VPN types:

• Site-to-site VPN
• Host-to-site VPN
• Host-to-host VPN

VPN hardware

VPN hardware devices are:

• Devices specifically designed to create VPNs

• Network devices with added VPN functionality

  

Internet Protocol Security (IPsec)

IPsec is a suite of network standards and protocols that use cryptography to protect data traveling over the Internet.

IPsec suite core protocols:

1. IPsec Authentication Header (AH) protocol: - Authenticates senders and IP addresses

2. Encapsulating Security Payload (ESP) protocol: - Encrypts data - Authenticates data and senders

The IPsec suite has two modes:

The IPsec suite uses: