1.6 Cybersecurity

Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks, unauthorized access, and damage. The three core goals of cybersecurity are known as the CIA Triad:

• Confidentiality — ensuring data is accessible only to authorized users
• Integrity — ensuring data is accurate and has not been tampered with
• Availability — ensuring systems and data are accessible when needed

---

Why is Cybersecurity Needed?

As individuals, organizations, and governments rely increasingly on digital systems, the risks of cyber threats have grown significantly. Cybersecurity protects:

• Personal and financial data
• National infrastructure (power grids, hospitals)
• Business operations and intellectual property
• Privacy and civil liberties

Human error remains the weakest link in cybersecurity — most successful attacks exploit people rather than technology directly.

---

Common Cyber Threats

Malware (Malicious Software)

Malware is any software intentionally designed to disrupt, damage, or gain unauthorized access to a computer system.

Phishing

Phishing is a social engineering attack that uses disguised emails or fraudulent websites to trick users into revealing sensitive information such as passwords or credit card numbers.

• Spear Phishing — targeted phishing aimed at a specific individual or organization
• Smishing — phishing via SMS text messages

---

Cybersecurity Measures

Firewall

A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predefined security rules. It acts as a barrier between a trusted internal network and untrusted external networks (like the internet).

• Can be hardware-based, software-based, or both
• Blocks unauthorized access while permitting legitimate communication

Antivirus Software

Detects, quarantines, and removes malware from a system by scanning files against a database of known threat signatures.

Strong Passwords and Multi-Factor Authentication (MFA)

• Strong passwords use a mix of letters, numbers, and symbols
• MFA requires two or more verification factors (e.g., password + OTP)

---

Encryption

Encryption is the process of converting plaintext (readable data) into ciphertext (unreadable data) using an algorithm and a key. Only authorized parties with the correct key can decrypt and read the data.

$\text{Plaintext}\stackrel{\text{Encryption Key + Algorithm}}{\to }\text{Ciphertext}$

Symmetric Encryption

• Uses the same key for both encryption and decryption
• Faster and efficient for large amounts of data
• Challenge: the key must be securely shared between sender and receiver
• Example: AES (Advanced Encryption Standard)

Asymmetric Encryption

• Uses a key pair: a public key (shared openly) to encrypt, and a private key (kept secret) to decrypt
• Slower than symmetric encryption but solves the key distribution problem
• Example: RSA (Rivest–Shamir–Adleman)
• Used in HTTPS, digital signatures, and email encryption

HTTPS and SSL/TLS

HTTPS (Hypertext Transfer Protocol Secure) secures web communication by using SSL/TLS encryption. It combines asymmetric encryption (for key exchange) and symmetric encryption (for data transfer), ensuring confidentiality and integrity between a browser and a web server.