Question

What specific concepts from below do you find the most interesting and/or impactful to Cybersecurity? Explain the concept thoroughly, explain your position (e.g. why is it impactful to the field of Cybersecurity and/or so interesting to you) and provide several examples that support your argument.

Threats and Adversaries (threat actors, malware, natural phenomena)

Common Attacks

Malicious activity detection / forms of attack

Appropriate Countermeasures

Legal issues

Attack Timing (within x minutes of being attached to the net)

Covert Channels

Social Engineering

State, US and international standards / jurisdictions

Understand the interaction between security and system usability and the importance for minimizing the effects of security mechanisms.

Answer 1

I find the below concepts interesting to cybersecurity :

1.Social Engineering :-Social engineering happens because of the human instinct of trust. Cybercriminals have learned that a carefully worded email, voicemail, or text message can convince people to transfer money, provide confidential information, or download a file that installs malware on the company network.

The most common examples of social engineering are: phishing , tailgating,vishing etc.

2.Common attacks : The most common attacks are :

(a) Virus : A virus is not self-executable; it requires the user’s interaction to infects a computer and spread on the network. An example is an email with a malicious link or malicious attachment. When a recipient opens the attachment or clicks the link, the malicious code gets activated and circumvents the systems security controls and makes they inoperable. In this case, the user inadvertently corrupts the device.

(b)Malware:Malware attack is one of the most severe cyberattacks that is specifically designed to destroy or gain unauthorized access over a targeted computer system. Most malware is self-replicating, i.e., when it infects a particular system, it gains entry over the internet and from thereon, infects all the systems connected to the internet in the network. An external endpoint device if connected, will also get infected. It works exceptionally faster than other types of malicious content.

(c)Worm : A worm can enter a device without the help of the user. When a user runs a vulnerable network application, an attacker on the same internet connection can send malware to that application. The application may accept the malware from the internet and execute it, thereby creating a worm.

(d)Botnet : It is a network of private computers which are a victim of malicious software. The attacker controls all the computers on the network without the owner’s knowledge. Each computer on the network is considered as zombies as they serve the purpose of spreading and infecting a large number of devices or as guided by the attacker.