Transcription

https://www.halvorsen.blogIntroduction toCyber SecurityHans-Petter Halvorsen

Cyber Security Cyber Security TextbookVideosCode ExamplesOther gy/cyber security

Contents1.2.3.4.5.6.Internet and the Digital AgeWhat is Cyber Security?Cyber AttacksData Privacy and GDPRData Security and How to be Secure?Internet of Things and Cyber Security

https://www.halvorsen.blogPart 1Internet and theDigital AgeHans-Petter Halvorsen

HackersCyber Crime andCyber AttacksSoftware EngineeringDevicesArtificial Intelligence (AI)Wireless SignalsInternetCloud ServicesIndustrial Internet ofThings and Industry 4.0Internet of Things

The Internet Since Internet connected all devices together anew era of our life was a fact. Internet is great for many things, but it is also agreat place for criminals. We have all become a target for criminal acts inour homes and in our daily life With the good, comes the bad.

The Digital AgeSmartphone, 20071984: Macintosh1976: Apple ITheMicroprocessor,1971The first ComputerThe Turingmachine, 19361930PC, 1981(IBM)Internet,1968-91Internet ofWorldWide Web, Things (IoT),Machine1989-93Learningand Industry4.02016

Your Digital Life Internet, Cyber crime Facebook – Social Network founded by Mark Zuckerberg, 2.2billion monthly active users You probably use hundreds of different Internet services– Facebook, Twitter, E-mail, Online Stores, Online Bank, etc. Are your personal data safe within these companies?––––Is the data well protected (from hackers)?Is the data sold to other companies (advertising purposes)?Can you get an overview of the information stored on you?Is it possible to delete it?

“Facebook/Cambridge Analytica”The “Facebook/Cambridge Analytica” Issue: Facebook shared your personal data withCambridge Analytica Cambridge used the data in the US election About 87 million people affected by thescandal

https://www.halvorsen.blogPart 2What is CyberSecurity?Hans-Petter Halvorsen

Cyber Security Cyber Security is the practice of protectingsystems, networks, and programs from DigitalAttacks Cyber Security is the strategy for protecting datasystems from attacks where the purpose is to– Stealing money, personal information, system resources(e.g., crypto jacking, botnets), and a whole lots of otherbad things

Data Security and Privacy Data Security: Protect digital data (e.g., data in adatabase) from destructive forces and from theunwanted actions of unauthorized users (e.g.,hackers, etc.) Data Privacy: Issues regarding your personaldata stored

https://www.halvorsen.blogPart 3Cyber AttacksHans-Petter Halvorsen

Hacking and Cyber Attacks What are Cyber Attacks?– Accessing, changing, or destroying sensitive information,extorting money from users, or interrupting normal businessprocesses What is Hacker? Who is hacking?– Private persons, professional organizations and evencountries. What is the goal with hacking?– The main goal is to make money or get information fromother countries.

Cyber Security ThreatsDifferent types of Cyber Security Threats: Spam Malware Ransomware Phishing Social Engineering Etc.

Spam Spam is digital junk mail that is sent to your email system/address Spam is endless flood of emails and othermessages that you never asked for. It started with e-mail, but we also have SMS,Social networking spam, etc. Spam is not necessarily dangerous, but veryannoying

Malware Malware is a type of software designed togain unauthorized access or to cause damageto a computer. Malware is short for “malicious software”(Norwegian: “skadelig programvare”). Examples of common malware includesviruses, worms, Trojan viruses, spyware,adware, and ransomware.

Ransomware Ransomware is a type of malicious software It is designed to extort money by blocking access to files or thecomputer system until the ransom is paid Examples: Email phishing and malvertising (maliciousadvertising) After it is distributed, the ransomware encrypts selected filesand notifies the victim of the required payment Paying the ransom does not guarantee that the files will berecovered, or the system restored. The most "famous" Ransomware is the WannaCryRansomware.

RansomwareThe Attacker sends emailwith malicious codeAttackerUserThe user triggers maliciouscode by open attachments orclicking on links in the emailEmail phishingFiles are encryptedThe Attacked User sends Money/Bitcoins to the Attacker (and hope he will get a Keythat can Decrypt the Data and make it readable again)

WannaCry The most “famous” Ransomware is theWannaCry Ransomware. The WannaCry ransomware attack was aworldwide cyberattack using a Cryptoworm Attacking Microsoft Windows PCs It was encrypting data and demandingransom payments in the Bitcoincryptocurrency

Phishing Phishing is the practice of sending fraudulent emails thatresemble emails from reputable sources. The aim is to steal sensitive data like credit card numbers andlogin information, or to install malware on the victim’smachine. Phishing is the most common type of cyber-attack. You can help protect yourself through education (teach themnot to click on links, etc. from untrusted sources) or atechnology solution that filters malicious emails. Spam vs Phishing: Spam is annoying but is normally notintended to hurt you. They want to sell you something

Social Engineering Social engineering is a tactic that adversaries useto trick you into revealing sensitive information. They can solicit a monetary payment or gainaccess to your confidential data. Social engineering can be combined with any ofthe threats listed above to make you more likelyto click on links, download malware, or trust amalicious source.

SQL Injection A Structured Query Language (SQL) injectionoccurs when an attacker inserts maliciouscode into a server that uses SQL and forcesthe server to reveal information it normallywould not. An attacker could carry out a SQL injectionsimply by submitting malicious code into avulnerable website search box.

Man-in-the-middle Attack Man-in-the-middle (MitM) attacks, also known aseavesdropping attacks, occur when attackersinsert themselves into a two-party transaction. Once the attackers interrupt the traffic, they canfilter and steal data. Can happen when you connects to an unsecurepublic Wi-Fi network

Denial-of-Service Attack (DoS) A denial-of-service attack floods systems, servers, ornetworks with traffic to exhaust resources andbandwidth. As a result, the system is unable to fulfill legitimaterequests. Attackers can also use multiple compromised devices(Botnet) to launch this attack. This is known as adistributed-denial-of-service (DDoS) attack. A botnet is a network of devices that has been infectedwith malicious software

https://www.halvorsen.blogMalwareHans-Petter Halvorsen

Malware Malware is a type of software designed togain unauthorized access or to cause damageto a computer. Malware is short for “malicious software”(Norwegian: “skadelig programvare”). Examples of common malware includesviruses, worms, Trojan viruses, spyware,adware, and re.html

Types of malware VirusWormsTrojan virusSpywareAdwareRansomwareCryptojacking or Cryptomining tml

https://www.halvorsen.blogPart 4Data PrivacyHans-Petter Halvorsen

Data Privacy You store lots of information about yourselfwhen you use different devices, web sites andservices. Can you trust that the data is safe? Data Privacy deals with issues regarding yourpersonal data stored on internet, etc. GDPR: General Data Protection Regulation. EUdirective. Purpose: Protect the privacy and thedata stored, i.e., protection of your digital life

https://www.halvorsen.blogGDPRHans-Petter Halvorsen

GDPRGDPR: General Data Protection RegulationPurpose: Protect the privacy and the data stored, i.e.,protection of your digital life Better control of your personal data– What kind of data is stored?– Should be able to delete them

GDPR EU regulation All countries and companies within EU need tofollow the regulation Also outside EU if the company save data about EUcitizens Large fines have been given to those who do notcomply with the GDPR regulations

GDPRAbout: Data Protection and PrivacyMain contents:1. You decide what kind of data that should bestored and what the data should be used for2. Privacy statements: It should be clear what yousay yes to3. It should be possible to later delete theinformation stored about you

https://www.halvorsen.blogPart 5Data SecurityHans-Petter Halvorsen

Data Security Data Security: Protect digital data(e.g., data in a database, files on yourcomputer, etc.) from destructiveforces and from the unwanted actionsof unauthorized users (e.g., hackers,etc.)

How to be Secure? How can you avoid cyber attacks in general? What can you do as a company or a private person?Here are some examples: Access control Passwords Firewall Antivirus and antimalware software VPN Wi-Fi Network Security Updates Backup Education Etc.

Access Control You need to login with a Usernameand a Password An additional layer has also beencommon: Two-factor authentication

Passwords Make sure to use secure passwords Don’t use the same password for all yourservices and software systems Make sure to protect your password(don’t give it to others) Use Two-factor authentication

Two-factor authentication You receive a code on SMS or E-mailthat you need to use in addition toUsername/Password Or more common nowadays: You usean Authenticator App on yoursmartphone

Firewall A firewall is a network security device that monitorsincoming and outgoing network traffic and decides whetherto allow or block specific traffic based on a defined set ofsecurity rules. Firewalls are the first line of defense in network security. A firewall can be hardware, software, or both. Windows 10 has a built-in firewall A web application firewall (WAF) is an application firewall forHTTP applications. A WAF creates a shield between the webapplication and the Internet, which can avoid many commonattacks, such as cross-site scripting (XSS) and SQL injection.

Antivirus/antimalware Software The name “Antivirus” software is a little old, becauseviruses are just one kind of malware in today’s world ofcyber threats. Though viruses still exist, there are other forms ofmalware that are more common these days All computers should have Antivirus Software today Windows 10 has a built-in Antivirus/antimalwareSoftware E-mail software also have Antivirus/antimalware/SpamSoftware

VPN A Virtual Private Network encrypts theconnection from an endpoint to anetwork, often over the Internet.

Wi-Fi Use only secure Wi-Fi networks, notopen Wi-Fi network that don’t needpassword, etc. Standards:– Wired Equivalent Privacy (WEP)– Wi-Fi Protected Access (WPA/WPA2)

Security Updates Today, all software needs to becontinuously updated Make sure that your OS (PC,Smartphone, etc.) is always up to date

Development of SoftwareWhat can the Software Developers do to makesecure software? Make sure software has proper Authentication– Keywords: Encryption and Decrypting, Hashing,Salting, 2 Factor Authentication Avoid SQL Injection

Encryption and Decryption Encryption is the practice of scramblinginformation in a way that only someone with acorresponding key can unscramble and read it. Encryption is a two-way function. When you encrypt something, you’re doing sowith the intention of decrypting it later. To encrypt data, you use an algorithm. Manydifferent encryption algorithms do exist

Encryption and DecryptionDecryptionEncryptionPlain TextEncrypted TextPlain Text

Encryption and Hashing Hashing is the practice of using an algorithm to map data of any size toa fixed length. Encryption is a two-way function Hashing is a one-way function. While it’s technically possible to reverse-hash something, thecomputing power required makes it unfeasible. Hashing is one-way. Encryption is meant to protect data in transit, hashing is meant toverify that a file or piece of data hasn’t been altered—that it isauthentic. In other words, it serves as a check-sum. Every hash value is unique

HashingPlain Text(e.g. a Password)HashingHashed TextEqual?(e.g. a Password)Plain TextHashingHashed Text

Encryption and Hashing Encryption is a two-way function. You encrypt information with the intention of decryptingit later. Examples when to use encryption:––––Protecting Files and Information on your ComputerProtecting your Cloud dataTransmitting Data between 2 ComputersEtc. The key is that Encryption is reversible. Hashing is not.

Hacking Hashing?Password Table for System XUserName bcf6Rainbow tableIf a Hacker gets access to this Database, hecan see that Mike and Peter have the samepassword.But he does not know the actual passwordIf the Hacker has access to so-called“Rainbow table” (which is essentiallya pre-computed database of hashes),he may also be able to find thePassword (as seen here)If you have a complicated password, it is less likelythat your password is in such a Rainbow table

Salting Salting is a technique typically used for Password Hashing. It is a unique value that can be added to the end of thepassword to create a different hash value. The additional value is referred to as a “salt”. This is done to make it even more secure. Typically, the Hashing Algorithm uses a Random salt.– This prevents an attacker from seeing whether usershave the same password.

Saltingpassword "Password123"salt "Tesla"passwordHashed HashPassword(password, salt);Typically, Salting is built into the Hashing Algorithm and it is changed every timepassword "Password123"ph1 HashPassword(password);ph2 HashPassword(password);ph1ph2This means if 2 different Users use the same Password, the Hashed Password will be different!

Hacking Hashing with Salt?Assume Mike and Peter use the same 8bbcf7Bob73fb51a0c9be7dPeter4520d1818cbcf7If a Hacker gets access to this Database, hecannot see that Mike and Peter have thesame password.Because a random Salt has made these 2Hashed Passwords different!

https://www.halvorsen.blogPart 6Internet of Thingsand Cyber SecurityHans-Petter Halvorsen

Industry 4.0Internet of ThingsIndustry 3.0Industry 4.0Water, Steam andIndustry 2.0Mechanical productionIndustry 1.0RoboticsElectronics, IT and AutomationElectricity and mass production20 mill Years agoYear Zero 1784 1870 1969Today 2011-

Industry 4.0 Industry 4.0 is the new buzzword for thecombination of industry, automation and thecurrent Internet of Things (IoT) technology. Also referred to as IIoT Industrial Internet of Things (IIoT) A new approach to achieve results that weren'tpossible 10 years ago thanks to advancements intechnology over the past decade.

Internet of Things and Cyber Security Security is crucial in IoT/IIoTApplications An important standard is IEC62443

IEC62443 Cyber Security standard for IACSsystems IACS – Industrial Automation andControl Systems.

References Data Security:https://en.wikipedia.org/wiki/Data security GDPR: https://gdpr-info.eu GDPR - Wikipedia:https://en.wikipedia.org/wiki/General Data ProtectionRegulation What is Cyber curity/whatis-cybersecurity.html

Hans-Petter HalvorsenUniversity of South-Eastern Norwaywww.usn.noE-mail: [email protected]: https://www.halvorsen.blog

Cyber Security is the practice of protecting systems, networks, and programs from Digital Attacks Cyber Security is the strategy for protecting data systems from attacks where the purpose is to -Stealing money, personal information, system resources (e.g., crypto jacking, botnets), and a whole lots of other bad things Cyber Security