Open in app

Sign in

Write

Sign in

Navigating the Digital Realm: A Scientific Exploration of Networks and Cybersecurity

INSEC ENSIAS Club
9 min readNov 22, 2023

INTRODUCTION:

Hi folks!

Every technology user, including yourself, is connected to the world through a phone or computer, enabling the exchange of information such as documents, messages, and pictures. This information transfer occurs between individuals, companies, schools, or offices, facilitated by networking that globalizes these exchanges and provides access to online contains and databases. However, the passage of resources between devices must be controlled and secured against cyber threats that target the security of the web community. This poses a critical need for cybersecurity in our digital age, serving as the means to ensure the safe and effective utilization of digitalization and technologies. This article aims to provide information on this subject by introducing networking and cybersecurity in relation.

Background:

Cyber threats were developed since 80s taking different forms

Cyber Threats revolution [3]

As cyber threats evolve, so do defense capabilities — from detection and cleaning virus to self-defending AI. Adapting to this changing landscape is essential for ensuring digital system resilience against a diverse range of cyber threats.

Levels of cyber security capability evolution [4]

Networking basics:

Types:

About LAN:

The Local Area Network (LAN) functions as a connectivity hub for various network devices and systems within a confined geographic area. Multiple protocols are employed to facilitate the seamless exchange of data and services among these connected devices, ensuring efficient communication.

About MAN:

The Metropolitan Area Network (MAN) is a network type that covers the network connection of an entire city or connection of a small area. The area covered by the network is connected using a wired network, like data cables.

About WAN:

The Wide Area Network (WAN) is designed to connect devices over large distances like states or between countries. The connection is wireless in most cases and uses radio towers for communication. The WAN network can be made up of multiple LAN and MAN networks.

Topologies:

Description of famous topologies in use:

Communication Protocols:

A communication protocol is a set of rules dictating data exchange, especially across networks. Standardized protocols, like Wi-Fi, Internet Protocol, and Hypertext Transfer Protocol (HTTP), have formalized rules. They enable seamless communication, ensuring effective data transmission between devices and systems.

Cybersecurity:

Security is crucial for any organization as it protects sensitive information, data , and resources from unauthorized access or malicious activities .To ensure the integrity, confidentiality , and avialability of these assets, organizations adhere to the fundamental principles of security often referred to as the CIA triad .

what is the CIA triad ?

The CIA triad consisting of data confidentiaity, integrity, and avialability, is a fundamental concept in the field of security.These principles form the foundation for designing and implementing robust security measures to protect sensitive information and ensure that it remains secure and accessible.

The three CIA triad principles.[5]

Data confidentiality: refers to the protection of data from unauthorized access, ensuring that only authorized individuals or system can access and view the information . Confidentiality is crucial, particularly for sensitive data such as personal identifiable information(PII),financial records,or trade secrets. Encryption, access control mechanisms, and secure communication channels are some of the common methods employed to maintain data confidentiality.

Data integrity: involves preserving the accuracy, consistency, and reliability of data throughout its lifecycle. It ensures that data remains unaltered and reliable, reflecting its intended state and preventing unauthourized modifications. Data integrity can be achieved through various measures, such as cheksums, hashing algorithms, digital signatures, and access controls that restrict unauthorised changes.

Data avialability: ensures that authorized individuals or systems can access data whenever required.It involves establishing mechanisms and safequards to prevent service disruptions,data loss, or system failures that may hinder access to critical information.Redundancy, backups, disaster recovery plans ,and fault-tolerant systems are some of the techniques used to ensure data avialability.

The CIA triad principles are interconnected, working together to establish a comprehensive security framework.A strong security strategy addresses all three principles to mitigate risks and protect data from various threats, including cyberattacks, physical theft, human error, and natural disastrs.

What is a Cyber Attack?

A Cyber Attack is defined as an attack originated by a digital system against another digital device, website, or any other digital system and compromises its privacy, reliability or the data stored in it.
Not only these attacks are a threat to digital individuals but are a great threat to businesses as well.
“The total volume of cyber-attacks has increased almost fourfold between January 2016 and October 2017.” — Cisco Annual Cyber-security Report

Why are Cyber-Attacks Initiated?

Before moving further to types of cyber-attacks, let us first have a look at the reasons for initiating cyber-attacks:

  • Acquiring unauthorized access to a digital network, system or its data.
  • Denial of service
  • Virus or malware installation
  • Hacking a website for unsolicited purposes
  • To get access to personal and secure information of people and businesses
  • Unauthorized use of a computer.

Network Security

Network security is the process of protecting networks and devices from unauthorized access, use, disclosure, disruption, modification, or destruction. It is a critical component of cybersecurity, as it can prevent a wide range of threats, including:

  • Data breaches: The theft of sensitive data, such as credit card numbers or personal information.
  • Denial-of-service (DoS) attacks: Attacks that flood a network with traffic, making it unavailable to legitimate users.
  • Malware infections: The installation of malicious software on a network that can steal data, damage systems, or hold data hostage.
  • Man-in-the-middle (MitM) attacks: Attacks that intercept communications between two parties and eavesdrop on or modify the data.

Security Protocols

Security protocols are sets of rules that govern how data is encrypted, transmitted, and received. They are essential for protecting sensitive information from unauthorized access, modification, or destruction.

SSL/TLS (Secure Sockets Layer/Transport Layer Security)

SSL/TLS Security Protocol

SSL/TLS is a widely used security protocol that provides secure communication between a web server and a web client. It works by encrypting all data that is transmitted between the two parties, making it impossible for anyone to read or tamper with the data.

IPsec (Internet Protocol Security)

IPsec enables an encrypted tunnel across the public internet for securing LAN packets sent between remote locations.[6]

IPsec is a security protocol that protects IP packets as they are transmitted across a network. It works by encrypting the IP packets and adding authentication headers to them.

Identity and Access Management

Identity and access management (IAM) is a set of processes and technologies that are used to manage who can access what resources. It is a critical component of security, as it can be used to prevent unauthorized access to sensitive data and systems.

Authentication

Authentication is the process of verifying a user’s identity. There are many different authentication methods, such as passwords, tokens, and biometrics.

Authorization

Authorization is the process of determining what a user is allowed to do once they have been authenticated. For example, an authorization system might allow a user to read certain files, but not write to them.

Access Rights Management

Access rights management is the process of granting and revoking access rights. This can be done on a user-by-user basis, or on a group-by-group basis.

Monitoring and Intrusion Detection

Monitoring and intrusion detection are essential for identifying and responding to security threats. Monitoring involves collecting and analyzing data about network activity. Intrusion detection involves looking for patterns of activity that may indicate an attack.

Network Monitoring

Network monitoring can be done using a variety of tools, such as network traffic analyzers (NTAs) and intrusion detection systems (IDSs). NTAs collect data about all network traffic, while IDSs focus on identifying suspicious activity.

Intrusion Detection

Intrusion detection systems (IDSs) use a variety of techniques to detect suspicious activity, such as signature-based detection and anomaly-based detection. Signature-based detection looks for known patterns of attack, while anomaly-based detection looks for patterns of activity that deviate from the norm.

Responding to Security Threats

When a security threat is detected, it is important to take steps to mitigate the threat and prevent further damage. This may involve blocking the attacker’s access to the network, removing malware, and restoring corrupted data.

Additional Security Measures

In addition to security protocols, identity and access management, and monitoring and intrusion detection, there are a number of other security measures that can be implemented to protect networks. These include:

  • Firewalls: Firewalls are devices that block unauthorized access to a network.
  • Anti-virus software: Anti-virus software protects against malware infections.
  • Data backups: Data backups can be used to restore data that has been lost or corrupted.

Case Studies

Case Study 1: Stuxnet

Stuxnet Cyberweapon

Stuxnet was a sophisticated malware attack that targeted Iran’s nuclear program. The worm was designed to spread through USB drives and infect programmable logic controllers (PLCs) used in uranium enrichment centrifuges. By manipulating the PLCs, Stuxnet caused the centrifuges to spin too fast, leading to their destruction.

How Stuxnet Was Handled

The Stuxnet attack was a highly complex and coordinated operation. It took years for security researchers to fully understand the worm and its capabilities. In the end, the Stuxnet attack was a major setback for Iran’s nuclear program.

Case Study 2: SolarWinds

SolarWinds [7]

The SolarWinds hack was a supply chain attack that affected a wide range of businesses and government agencies. The attack involved compromising the Orion software platform, which is used by many organizations to monitor their networks. By inserting malicious code into the Orion software, the attackers were able to gain access to the networks of SolarWinds customers.

How the SolarWinds Hack Was Handled

The SolarWinds hack was a major security incident that had a significant impact on affected organizations. The attack was investigated by a number of security firms and government agencies. In the end, the attack was attributed to a group of Russian hackers.

Case Study 3: Yahoo!

Yahoo! Hacking Incident [8]

In 2013, Yahoo! was the victim of a massive data breach that affected over 500 million accounts. The attackers were able to steal a variety of personal information, including names, email addresses, and passwords.

How the Yahoo! Hack Was Handled

Yahoo! was criticized for its slow response to the data breach. The company did not notify affected users until several months after the breach had occurred. In addition, Yahoo! initially downplayed the severity of the breach.

References:

[1] A. Kapoor, “Importance of Types of Networks: LAN, MAN, and WAN | Simplilearn,” Simplilearn.com, Aug. 05, 2022. https://www.simplilearn.com/tutorials/networking-tutorial/importance-of-types-of-networks-lan-man-wan

[2]L. Williams, “Type of Network Topology: Bus, Ring, Star, Mesh, Tree, P2P, Hybrid,” www.guru99.com, Aug. 31, 2021. https://www.guru99.com/type-of-network-topology.html

[3]“(PDF) Overview of Cyber Security in the Industry 4.0 Era,” ResearchGate. https://www.researchgate.net/publication/319861803_Overview_of_Cyber_Security_in_the_Industry_40_Era

[4]“Cybersecurity Consulting Services | Trianz,” www.trianz.com. https://www.trianz.com/cybersecurity

[5]“CIA TRIAD,” Cyber, 2016. https://student-activity.binus.ac.id/csc/2022/08/cia-triad/

[6]P. Loshin, “What is IPsec (Internet Protocol Security)?,” SearchSecurity, Apr. 2021. https://www.techtarget.com/searchsecurity/definition/IPsec-Internet-Protocol-Security

[7]“SolarWinds breach — Krebs on Security.” https://krebsonsecurity.com/tag/solarwinds-breach/ (accessed Nov. 22, 2023).

[8]E. McAndrew, “The Hacked & the Hacker-for-Hire: Lessons from the Yahoo Data Breaches (So Far),” The National Law Review, May 11, 2018. https://www.natlawreview.com/article/hacked-hacker-hire-lessons-yahoo-data-breaches-so-far

Links

Facebook: INSEC Ensias

Instagram: INSEC Ensias

Linkedin: INSEC Ensias

Youtube: INSEC Club

Don’t forget to drop us a follow on social media to stay up to date with everything the club is doing. Looking forward to sharing more knowledge with all the readers and we welcome your feedback at insecblog@gmail.com

Writers:

ATABET NOUHAILA (Project Manager INSEC ENSIAS Club)

DAAL Reda ( Member INSEC ENSIAS Club)

Asma H’mida ( Member INSEC ENSIAS Club)

‌‌

--

--

INSEC ENSIAS Club

Written by INSEC ENSIAS Club

81 Followers

INSEC is the resident computer security club at ENSIAS.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams