Introduction to Cyber Security

Unit -1

Introduction to Cyber Security-Cyber security objectives, roles, differences between information

security and cyber security, Cyber security principles-confidentiality, integrity, availability,
authentication and non repudiation

Cyber Security Objectives

Cyber Security Objectives are the main goals or purposes of cyber security. They define what needs to
be protected and why, in order to keep data and systems safe, accurate, and available.

Some cyber security objectives are :

1. Confidentiality
2. Integrity
3. Availability
4. Authentication
5. Non-Repudiation
6. Access Control
7. Incident Response
8. Risk Management
9. Security Awareness

Confidentiality

Definition : confidentiality in cybersecurity ensures that information is not disclosed to

unauthorized individuals, entities, or processes. It protects sensitive data from being accessed,
shared, or stolen.

Confidentiality means keeping data secret and private — only those who are allowed to see it should
be able to see it.

2. Importance of Confidentiality

 Protecting personal information (e.g., passwords, medical records)

 Ensuring business secrets and intellectual property are not leaked
 Maintaining data privacy in communications (e.g., emails, messages)
 Securing government and military data
 Supporting secure financial transactions and banking operations

3. Types of Confidentiality

1. Data Confidentiality – Ensuring data is accessed only by authorized people.

2. Communication Confidentiality – Protecting the content of messages in transit.
3. Storage Confidentiality – Securing stored data from unauthorized access.
4. Device Confidentiality – Securing end-user devices from leaks or breaches.
5. Network Confidentiality – Protecting data as it moves across networks.

4. Applications of Confidentiality

Real-Life Usecases How Confidentiality Is Protected

Hospitals keep patient reports safe Only doctors and nurses with permission can see the reports
Logging in to your bank account Uses password and OTP to keep your account safe
online
Sending a private email The email is locked so only the receiver can read it
HR handling employee salary The file is kept in a folder only HR can open
information
Chatting on WhatsApp Messages are encrypted so only you and the other person can
 read them

5.What If Confidentiality Fails?

1. Sensitive data is exposed – Personal, financial, or business information becomes public or

stolen.
2. Identity theft and fraud – Attackers can misuse personal info for fake accounts, loans, or
scams.
3. Financial and business loss – Leaked data can lead to loss of money, customers, or business
secrets.
4. Legal actions and penalties – Companies may face lawsuits and fines for not protecting user
data.
5. Loss of trust and reputation – Users, clients, or the public may stop trusting the organization.

5. Real-Life Incidents Where Confidentiality Breaks

1. Facebook–Cambridge Analytica Scandal (2018)

o Millions of users' private data was accessed and used for political profiling.
2. Yahoo Data Breach (2013–14)
o Hackers stole data from over 3 billion accounts, compromising usernames, emails,
and passwords.
3. Sony Pictures Hack (2014)
o Confidential employee data, emails, and unreleased films were leaked.
4. Medical Records Exposure
o Many hospitals face attacks that leak patient health information due to poor
confidentiality measures.

Integrity

Definition : Integrity means protecting information from being modified, altered, or tampered with —
either accidentally or maliciously — by unauthorized individuals.

Importance of Integrity

 Ensures data accuracy and reliability

 Maintains trust in systems, records, and databases
 Supports decision-making with correct data
 Essential in financial systems, healthcare, government data
  Protects the outcome of transactions, logs, or messages

Types of Integrity

Type Description
Data Integrity Ensures the correctness of stored or transmitted data
System Integrity Ensures software and hardware perform as expected
Message Integrity Ensures messages are not changed in transit
Database Integrity Ensures database entries are consistent and error-free

Applications of Integrity in Action

Scenario How Integrity Is Applied

Banking Your account balance must be accurate and reflect real transactions
Medical Records A patient’s medical report must not be altered by unauthorized users
Stock Market Share prices and transactions must be free from manipulation
E-voting Votes must not be changed or deleted
Emails Messages should be received exactly as they were sent

What If Integrity Fails?

1. Wrong or tampered data is used – Information gets changed, leading to false decisions or
actions.
2. Loss of trust in systems – People can’t rely on the accuracy of reports, records, or results.
3. Financial and operational damage – Altered data in banking, healthcare, or business can
cause huge losses.
4. Security and safety risks – Tampered data in control systems (e.g., power plants, medical
devices) can be dangerous.
5. Legal and compliance issues – Companies may face audits, fines, or legal trouble for
inaccurate records.

Real-Life Incidents Where Integrity Breaks

1. Stuxnet Attack (2010)

 Virus changed machine data in Iran’s nuclear plant.

 Made machines fail while showing everything was fine.

2. Volkswagen Scandal (2015)

 Software faked pollution test results in cars.

 Data was altered to show false emissions.
3. Equifax Breach (2017)

 Hackers accessed credit data.

 Risk of data being changed or damaged.

Availability

Definition: Availability means that data, systems, and services are always ready and working when
users need them — without delays or downtime.

Importance of Availability

 Keeps websites, apps, and services running 24/7

 Ensures business continuity and smooth operations
 Prevents downtime, loss of money, and frustrated users
 Essential for critical systems like banking, healthcare, and emergency services

Types of Availability

Type Description
System Availability Servers, networks, and software are up and responsive
Data Availability Files and information are accessible when needed
Network Availability Internet and internal networks work without interruption
Service Availability Applications and online services are available to users

Applications of Availability

 Banking apps working without interruption

 Online shopping sites being open 24/7
 Emergency services systems (e.g., 911 or ambulance dispatch)
 Healthcare systems accessing patient data quickly
 Educational platforms running smoothly during online exams or classes

What If Availability Fails?

1. Users can’t access data or services – causing delays or losses

 2. Business operations stop – leading to financial damage
3. Reputation damage – users lose trust in the system
4. Emergency systems fail – which could even cost lives
5. Legal or contractual penalties – if uptime commitments are not met

Real-Life Incidents Where Availability Broke

Incident What Happened

Amazon Web Services (AWS) Major apps and websites went down for hours due to a server issue
Outage (2020)
Facebook Outage (2021) Facebook, Instagram, and WhatsApp were unavailable for 6+ hours
due to DNS configuration error
Delta Airlines IT Outage (2016) System crash grounded hundreds of flights, causing global travel
disruptions
Bank Network Downtime Various banks have faced ATM and online service outages during
peak hours

Authentication

Definition : Authentication is the process of verifying the identity of a user, device, or system
before allowing access to data or resources.

Importance of Authentication

 Prevents unauthorized access to systems and data

 Protects user accounts, emails, bank apps, etc.
 Supports confidentiality, integrity, and availability
 Helps in tracking user actions (accountability)

Types of Authentication

Type Description
Password-based Username + password (most common)
Two-Factor Authentication (2FA) Password + another method (e.g., OTP or app code)
Biometric Authentication Uses fingerprint, face, or retina scan
Token-based Uses physical or digital tokens to verify identity
Certificate-based Uses digital certificates (common in secure websites and email)
Single Sign-On (SSO) One login gives access to multiple systems

Applications of Authentication

 Email accounts (Gmail, Outlook)

 Banking apps (PIN, biometrics, OTP)
 Social media platforms (Facebook, Instagram)
 Workplace systems (Employee login portals)
 Online exams and education platforms
 Secure websites (HTTPS with certificates)

What If Authentication Fails?

1. Unauthorized access – Hackers can log in to your accounts

2. Data theft or leaks – Sensitive data can be stolen or misused
3. Financial fraud – Bank accounts and payments can be hijacked
4. Loss of trust – Users lose confidence in a system’s security
5. Legal issues – Businesses may face fines for poor security

Real-Life Incidents Where Authentication Broke

Incident What Happened

Twitter Hack (2020) Attackers used social engineering to bypass authentication and take over
celebrity accounts
Yahoo Breach (2013–14) Weak password storage and security led to 3 billion accounts being
compromised
Facebook Credential Leak Hundreds of millions of passwords were stored in plain text and
(2019) exposed internally
SolarWinds Attack (2020) Weak internal authentication allowed attackers to insert malware into
software updates

Non-repudiation
Non-repudiation means ensuring that a person or system cannot deny having performed an
action, such as sending a message, signing a document, or making a transaction.

Importance of Non-Repudiation

 Ensures accountability in digital actions

 Prevents users from denying their actions later
 Supports legal evidence in online agreements or transactions
 Builds trust in communication and digital systems
 Essential for auditing and dispute resolution

Types of Non-Repudiation

Type Description
Non-repudiation of Origin Proves that a message or data truly came from a specific sender
Non-repudiation of Receipt Confirms that a recipient actually received the message or data
Non-repudiation of Confirms that data was submitted to a system or service (e.g., e-form
Submission submission)
Non-repudiation of Ensures that data was successfully delivered (e.g., email receipts or
Delivery server logs)

Applications of Non-Repudiation

 Digital signatures in contracts and legal documents

 Email receipts for confirming message delivery
 Online transactions and banking (e.g., UPI confirmation)
 E-commerce purchases (proof of order and payment)
 Voting systems in online elections
 Audit trails in system logs

What If Non-Repudiation Fails?

1. Users can deny sending or receiving messages

2. Fraudulent transactions may go untraceable
3. Legal disputes become harder to resolve
4. Lack of trust in digital systems
 5. Difficulty in tracking cybercriminals

Real-Life Incidents Where Non-Repudiation Broke

Incident What Happened

Email Spoofing Attacks Attackers forge sender identities, and the real sender can deny
involvement
Online Fraud Cases Fraudsters claim they didn’t make a transaction due to weak
logging or no digital signature
Sony PlayStation Hack (2011) Weak evidence made it hard to trace attacker actions and prove
user activity
Adobe Document Signature Vulnerability allowed attackers to change signed PDF content
Flaws (2019) without invalidating signature

Access control

Access Control is the process of deciding who can access what — and what they’re allowed to do
with it (view, edit, delete, etc.).

Importance of Access Control

 Prevents unauthorized access to systems and data

 Helps protect sensitive information from misuse
 Supports confidentiality, integrity, and availability
 Ensures accountability by controlling and logging access
 Required for regulatory compliance (e.g., GDPR, HIPAA)

Types of Access Control

Type Description
Discretionary Access Control The data owner decides who gets access
(DAC)
Mandatory Access Control (MAC) Access is set by strict rules and security levels (e.g.,
 government systems)
Role-Based Access Control (RBAC) Access is based on a user’s job role (e.g., manager, HR)
Attribute-Based Access Control Access is based on attributes like time, location, department,
(ABAC) etc.

Applications of Access Control

 Login systems for websites and apps

 Employee access to files and folders in organizations
 Admin vs. user rights in computer systems
 Healthcare systems – only doctors can view patient data
 Cloud services – controlling who can access what files
 Banking apps – restricting who can approve or view transactions

What If Access Control Fails?

1. Unauthorized users can access sensitive data

2. Insider threats – employees may see or change things they shouldn’t
3. Data theft or manipulation
4. Loss of customer trust and legal issues
5. Full system compromise if admin controls are breached

Real-Life Incidents Where Access Control Broke

Incident What Happened

Facebook Internal Data Access Employees had access to millions of users’ passwords stored in
(2018) plain text
Capital One Data Breach Poor access control on AWS led to access of 100M+ customer
(2019) records
Twitter Employee Access Employees misused internal tools to access VIP accounts
Abuse (2020)
Snowden NSA Leak (2013) Edward Snowden accessed and leaked classified data due to weak
access restrictions
Incident Response

Incident Response is the process of detecting, investigating, and responding to cybersecurity

incidents (like hacks, data breaches, malware attacks) to reduce damage and recover quickly.

Importance of Incident Response

 Helps minimize damage during a cyberattack

 Reduces recovery time and cost
 Ensures quick containment and control of threats
 Maintains trust and business continuity
 Required for compliance with security regulations (e.g., ISO, NIST, GDPR)

Types of Incident Response Activities

Type Description
Preparation Creating a plan, tools, and trained team before an incident happens
Detection and Analysis Identifying and understanding the threat or breach
Containment Isolating affected systems to stop the spread
Eradication Removing the root cause (e.g., malware, vulnerabilities)
Recovery Restoring systems and operations to normal
Post-Incident Review Learning from the attack to improve future response

Applications of Incident Response

 Responding to malware or ransomware infections

 Handling phishing attacks on employee emails
  Reacting to unauthorized system access
 Investigating suspicious network behavior
 Recovering from DDoS or server shutdowns
 Creating audit reports after a breach

What If Incident Response Fails?

1. Wider spread of attacks – more systems and data get compromised

2. Increased financial loss and downtime
3. Delayed detection of breaches
4. Poor recovery and loss of critical data
5. Reputation and legal damage

Real-Life Incidents Where Incident Response Was Weak or Delayed

Incident What Happened

Equifax Breach (2017) Took months to detect and respond — 147 million records
exposed
Target Breach (2013) Slow response to alerts led to theft of 40 million credit card
numbers
Sony Pictures Hack (2014) Response was not fast enough to prevent major data leak and
system destruction
Colonial Pipeline Ransomware Attack caused shutdown of oil supply; late response worsened the
(2021) crisis

Risk Management

Definition: Risk Management is the process of identifying, assessing, and reducing cybersecurity
risks to protect systems, data, and operations.

“Find the risks, understand them, and stop them before they cause damage.”

Importance of Risk Management

 Helps prevent cyberattacks and data loss

 Protects business operations and customer trust
  Saves time, money, and resources
 Helps in meeting legal and security compliance
 Allows better decision-making and planning

Types of Cybersecurity Risks

Risk Type Example

Operational Risk System failure, outdated software
Technical Risk Weak passwords, software bugs
Human Risk Phishing, employee mistakes
Physical Risk Theft or damage of hardware
Legal/Compliance Risk Not following data protection laws

Applications of Risk Management

 Identifying vulnerabilities in networks and systems

 Performing security audits and assessments
 Setting up controls and firewalls to reduce risk
 Creating incident response plans
 Deciding what risks to accept, reduce, or avoid
 Buying cyber insurance as risk transfer

What If Risk Management Fails?

1. Cyberattacks go undetected
2. Loss of sensitive data or money
3. Business shutdown or disruption
4. Legal penalties and investigations
5. Damage to brand and customer trust

Real-Life Incidents Where Risk Management Failed

Incident What Happened
Equifax Breach (2017) Failed to patch known software vulnerability; 147M records stolen
Target Breach (2013) Ignored early alerts; hackers accessed customer payment data
Maersk Ransomware Attack No strong backup or protection; global shipping was disrupted
(2017)
Capital One Breach (2019) Misconfigured firewall in cloud environment exposed 100M+
customer records

Security awareness

Definition: Security Awareness means educating and training people (especially employees) to
recognize, avoid, and respond to cyber threats like phishing, malware, or social engineering.

“Knowing what to do — and what not to do — to stay safe online.”

Importance of Security Awareness

 Prevents human errors, which are the biggest cause of cyberattacks

 Helps identify phishing emails, suspicious links, or scams
 Builds a security-first culture in organizations
 Reduces risk of data breaches and insider threats
 Ensures compliance with security policies and laws

Types of Security Awareness

Type Focus Area

Phishing Awareness Spotting fake emails or websites
Password Security Using strong, unique passwords and 2FA
Social Engineering Awareness Avoiding manipulation or trickery from attackers
Device & Data Protection Safe handling of files, USBs, and mobile devices
Physical Security Preventing unauthorized physical access to systems
Applications of Security Awareness

 Training programs for employees

 Security posters and emails in offices
 Simulated phishing attacks to test awareness
 Workshops and online courses
 Onboarding sessions for new staff
 Cybersecurity awareness month campaigns

What If Security Awareness Fails?

1. Employees fall for phishing scams

2. Weak passwords and poor data handling
3. Increased risk of insider threats
4. Financial loss and system compromise
5. Legal trouble for non-compliance

Real-Life Incidents Where Security Awareness Failed

Incident What Happened

Twitter Hack (2020) Attackers tricked employees into giving internal access
Google and Facebook Scam Employees were tricked via phishing emails; $100M+ lost
(2013–15)
Sony Pictures Hack (2014) Employees clicked on malicious links; major data leaked
Ubiquiti Networks (2021) Phishing email led to $46M wire fraud due to poor employee
awareness