<< Previous Next >>

Cybersecurity A Practical Introduction (Nihad A. Hassan, Rami Hijazi)(Z-Library)

Author: Nihad A. Hassan, Rami Hijazi

教育

In today’s hyperconnected world, digital threats lurk in every corner of cyberspace. This comprehensive guide equips you with essential knowledge to identify, mitigate, and counter cyber threats, navigating the increasingly dangerous digital landscape. From cryptographic foundations to advanced persistent threats, you’ll master the core concepts that transform novices into digital defenders. Each chapter tackles critical security domains, including online tracking defenses, ransomware identification, social engineering countermeasures, and OSINT techniques used by both defenders and attackers. Discover how to: • Implement multi-layered protection against sophisticated malware • Recognize and respond to psychological manipulation tactics • Navigate the concealed territories of the Deep and Dark Web safely • Deploy enterprise-grade network security architectures • Leverage AI-driven threat detection to stay ahead of attackers. Whether you’re securing personal devices against tracking, protecting enterprise networks from nation-state actors, or building comprehensive defense strategies, this book is for working professionals, computing specialists, and IT enthusiasts, providing you with practical, actionable knowledge for today’s security challenges. Key Features: • Bridges theoretical cybersecurity concepts with practical defense strategies • Provides actionable knowledge on emerging threats • Uses accessible language for both beginners and experienced practitioners • Equips readers with a comprehensive understanding of the entire threat landscape • Addresses both human and system vulnerabilities • Delivers an insider perspective on threats and countermeasures • Incorporates cutting-edge security approaches that prepare readers for the next generation of cybersecurity challenges

📄 File Format: PDF
💾 File Size: 17.2 MB
13
Views
0
Downloads
0.00
Total Donations

📄 Text Preview (First 20 pages)

ℹ️

Registered users can read the full content for free

Register as a Gaohf Library member to read the complete e-book online for free and enjoy a better reading experience.

📄 Page 1
(This page has no text content)
📄 Page 2
Cybersecurity In today’s hyperconnected world, digital threats lurk in every corner of cyberspace. This comprehensive guide equips you with essential knowledge to identify, mitigate, and counter cyber threats, navigating the increasingly dangerous digital landscape. From cryptographic foundations to advanced persistent threats, you’ll mas- ter the core concepts that transform novices into digital defenders. Each chapter tackles critical security domains, including online tracking defenses, ransomware identification, social engineering countermeasures, and OSINT techniques used by both defenders and attackers. Discover how to: • Implement multi-layered protection against sophisticated malware • Recognize and respond to psychological manipulation tactics • Navigate the concealed territories of the Deep and Dark Web safely • Deploy enterprise-grade network security architectures • Leverage AI-driven threat detection to stay ahead of attackers. Whether you’re securing personal devices against tracking, protecting enter- prise networks from nation-state actors, or building comprehensive defense strategies, this book is for working professionals, computing specialists, and IT enthusiasts, providing you with practical, actionable knowledge for today’s security challenges. Key Features: • Bridges theoretical cybersecurity concepts with practical defense strategies • Provides actionable knowledge on emerging threats • Uses accessible language for both beginners and experienced practitioners • Equips readers with a comprehensive understanding of the entire threat landscape • Addresses both human and system vulnerabilities • Delivers an insider perspective on threats and countermeasures • Incorporates cutting-edge security approaches that prepare readers for the next generation of cybersecurity challenges
📄 Page 3
(This page has no text content)
📄 Page 4
Cybersecurity A Practical Introduction Nihad A. Hassan and Rami Hijazi
📄 Page 5
Designed cover image: Shutterstock First edition published 2026 by CRC Press 2385 NW Executive Center Drive, Suite 320, Boca Raton, FL 33431 and by CRC Press 4 Park Square, Milton Park, Abingdon, Oxon, OX14 4RN CRC Press is an imprint of Taylor & Francis Group, LLC © 2026 Taylor & Francis Group, LLC Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all mate- rial reproduced in this publication and apologize to copyright holders if permission to pub- lish in this form has not been obtained. If any copyright material has not been acknowledged, please write and let us know so we may rectify in any future reprint. Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, repro- duced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microflming, and recording, or in any information storage or retrieval system, without written permission from the publishers. For permission to photocopy or use material electronically from this work, access www.copy- right.com or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. For works that are not available on CCC, please contact mpkbooksper- missions@tandf.co.uk Trademark notice: Product or corporate names may be trademarks or registered trademarks and are used only for identifcation and explanation without intent to infringe. ISBN: 978-0-367-44214-9 (hbk) ISBN: 978-0-367-44110-4 (pbk) ISBN: 978-1-003-00827-9 (ebk) DOI: 10.1201/9781003008279 Typeset in Palatino by KnowledgeWorks Global Ltd.
📄 Page 6
To my mom Samiha, thank you for everything… without you I’m nothing Nihad A. Hassan
📄 Page 7
(This page has no text content)
📄 Page 8
Contents About the Authors .................................................................................................ix 1. Understanding Cybersecurity .....................................................................1 2. Cyber Anonymity and Web Layers........................................................... 24 3. Introduction to Cryptography....................................................................58 4. Cyber Threats ................................................................................................ 87 5. Advanced Persistent Threat (APT) ......................................................... 108 6. Ransomware ................................................................................................ 119 7. Social Engineering Attacks and Mitigation Strategies ...................... 146 8. Open Source Intelligence Techniques (OSINT) .................................. 165 9. Endpoint Defense Strategies.................................................................... 190 10. Enterprise Network Defense Strategies ................................................ 219 Index ..................................................................................................................... 265 vii
📄 Page 9
(This page has no text content)
📄 Page 10
About the Authors ix Nihad A. Hassan is an independent cyberse- curity consultant, digital forensics and cyber OSINT expert, online blogger, and author with over 15 years of experience in information security research. He has completed multiple technical security consulting engagements and authored six books and numerous articles on information security. Nihad is highly involved in security training, education, and motivation. For more information, go to www.osint.link. Rami Hijazi is the general manager of MERICLER Inc., an education and corporate training firm in Toronto, Canada. Rami is an experienced IT professional who lectures on a wide array of topics, including object-oriented programming, Java, eCommerce, Agile devel- opment, database design, and data handling analysis. Rami also works as a consultant to Cyber Boundaries Inc., where he is involved in the design of encryption systems and wire- less networks, intrusion detection, and data breach tracking, as well as providing planning and development advice for IT departments concerning contingency planning.
📄 Page 11
(This page has no text content)
📄 Page 12
1 Understanding Cybersecurity Introduction With the growth of digital technologies worldwide, the use of computerized systems to store and manipulate data has become prevalent in all work sectors. For instance, government, corporate, military, and health care organizations keep and process a large volume of digital data on computers and other digital devices. A substantial percentage of that information is sensitive (e.g., personal information, patient health information, intellectual property, military secrets, fnancial or other types) and must be protected from unauthorized access. Organizations do not do business in isolation; they must transmit conf- dential information between separate networks and devices. This fow of digital information across computer networks – via intranet or the internet – will make it vulnerable to different threats. The risks to data are not merely limited when it is moving. For instance, information stored on computer systems is also susceptible to malicious attacks that aim to access, delete, or alter sensitive information; extort money by using ransomware or simply using Denial of Service (DoS) attacks to disturb normal network operations. Cybersecurity aims to mitigate and prevent all these types of cyberattacks. Cybersecurity is the practice of protecting internet-connected devices (such as computers, servers, mobile & IoT devices, electronic systems, networks), computer applications, and the data stored within them from cyberattacks. Under this defnition, cybersecurity contains all technologies, processes, and best practices to protect an organization from cyberattacks. This includes physical security, which involves protecting data centers and storage servers against unauthorized access, and logical security, which aim to protect data stored within computers storage and other digital media devices from all sorts of cyberattacks. There are different defnitions of the cybersecurity term proposed by off- cial organizations; the following lists the main three: • The Committee on National Security Systems (CNSSI – 4009) defnes cybersecurity as “The ability to protect or defend the use of cyber- space from cyberattacks”. DOI: 10.1201/9781003008279-1 1
📄 Page 13
2 Cybersecurity • The National Institute of Standards and Technology (NIST) defnes cyber- security as “The process of protecting information by preventing, detecting, and responding to attacks”. • The International Organization for Standards (ISO/IEC 27032) defnes cybersecurity as the “Preservation of confdentiality, integrity, and availability of information in the Cyberspace”.1 Cybersecurity threats and incidents are growing daily in cost, volume, and sophistication. They are projected to continue their massive growth over the coming years to private and public sectors. Cybersecurity Ventures predicted that cybercrime is expected to cost the world more than $10.05 trillion annu- ally by 2025.2 Cybercrime damage is not limited to the cost of destroying data (e.g., deleting it due to destructive malware or denying access to data through encrypting ransomware). For example, other losses count for the high cost, such as loss of productivity and disclosing sensitive information such as personal info and customers’ medical and fnancial records. The cost also includes hiring digital forensics examiners and incidence response special- ists to investigate data breaches, hiring specialized people in data recovery (to restore operations) without forgetting the reputation loss, which is consid- ered the highest and needs years to fx. In our frst introductory chapter, we will thoroughly cover the term cyber- security, defne its types, and distinguish it from other IT security felds; we will discuss the different cyber threat types, threat actors, and common cybersecurity models. Cybersecurity frameworks that help organizations comply with various cybersecurity regulations will also get covered. We will also talk about cybercrime, its types, and motivation. However, before we begin our discussion, let us frst defne the virtual atmosphere where all these things happen, known as cyberspace. Concept of Cyberspace In a nutshell, cyberspace is the non-physical environment where all commu- nication over computing networks occurs. The term cyberspace was frst coined in 1984 by a science fction writer named William Gibson in his novel Neuromancer to describe his explication of a global network of interlinked computers. Under this defnition, cyberspace includes all computing devices connected to the internet where users can send/receive emails, download/upload fles, conduct online shopping and online banking, social media interactions (e.g., Facebook and Twitter), video conferencing, and chat. In addition, all collaboration tasks conducted by peo- ple residing in different geographical locations and connected through the
📄 Page 14
3 Understanding Cybersecurity internet are considered happening in this virtual – boundless – environment known as cyberspace. Note! The cyberspace term has become a synonym for the Internet or the World Wide Web. Now that we know what cyberspace is, we can clearly understand the term cybersecurity; it is the process of securing the information foating and all asset types (including the IT infrastructures and communications networks) contained in cyberspace. Note! There are various accepted defnitions of the term cyberspace cre- ated by multiple governments: • The United States, National Security Presidential Directive 54/ Homeland Security Presidential Directive 23 (2008): “The interde- pendent network of information technology infrastructures, and includes the Internet, telecommunications networks, com- puter systems, and embedded processors and controllers in critical industries”.3 • Canada’s Cyber Security Strategy (2010): “Cyberspace is the elec- tronic world created by interconnected networks of informa- tion technology and the information on those networks. It is a global common where more than 1.7 billion people are linked together to exchange ideas, services, and friendship”.4 • Germany, Cyber Security Strategy for Germany (2011): “The vir- tual space of all IT systems linked at data level on a global scale. The basis for cyberspace is the internet as a universal and pub- licly accessible connection and transport network which can be complemented and further expanded by any number of addi- tional data networks. IT systems in an isolated virtual space are not part of cyberspace”.5 • The United Kingdom, The UK Cyber Security Strategy (2011): “Cyberspace is an interactive domain made up of digital networks that is used to store, modify and communicate information. It includes the internet, but also the other infor- mation systems that support our businesses, infrastructure and services”.6
📄 Page 15
4 Cybersecurity Cybersecurity Term Variations Many people – including some IT professionals – use the terms “cyberse- curity” and “Information Security” interchangeably when discussing the security measures and steps needed to protect computer systems and infor- mation assets from cyberattacks. Although both terms are somehow related in that context, they are not synonymous as many people think. For instance, the main difference between cybersecurity and InfoSec is the type of threat each one is concerned about. Cybersecurity focuses on outside threats – those originating from the internet. In contrast, InfoSec focuses on internal threats originating from within the subject organization (e.g., using a USB device by a disgruntled employee to leak confdential information out of the organization computers). Note! What is the difference between Data and Information? Data is raw facts (e.g., simple text and numbers) that must be pro- cessed frst to become helpful in some context; data can only be con- sidered information when it has a meaning. For example, “19800611” is data; however, when it is interpreted as someone’s data of birth “1980/06/11”, it becomes information. InfoSec focuses on protecting data and information from unauthorized access, accidental/intentional deletion, destruction, disclosure, or disrup- tion to assure the confdentiality, integrity, and availability of these assets to legitimate users. Under this defnition, InfoSec is responsible for the security of information in different environments, including the transfer of confdential data outside cyberspace (e.g., encrypting backup hard drive/s and moving them offsite fall under the responsibility of InfoSec) and even protecting sensitive data when it is stored as physical fles in the corporate cabinet. Cybersecurity deals with advanced cyberattacks coming from cyberspace, such as ransomware, Advanced Persistent Threats (APT), cyber terrorists, and black hat hackers trying to invade private networks and disrupt regu- lar digital services. Cybersecurity is also concerned with the physical secu- rity of IT infrastructure and the security of online user accounts (e.g., social media accounts like Facebook and Twitter, and email accounts) from data breaches. Cybersecurity spans its operations to protect computer communications channels (both internet and intranet) and the data fow within them from all types of malicious actors and threats, so these resources remain accessible only to authorized users.
📄 Page 16
5 Understanding Cybersecurity Note! We can consider InfoSec as a sub-branch of cybersecurity, although, as we already said, many people referred to cybersecurity as “Information Technology Security”. Cybersecurity Elements As we saw, cybersecurity is a broad term used to describe all processes and procedures to secure computing systems (both hardware and software) and the data stored within them – or pass through – from cyberattacks. Based on this, cybersecurity can be found in all environments where IT systems need to be protected; the following are the most common cybersecurity subcategories. Infrastructure Security (Physical Security) Infrastructure security includes all infrastructures with access to the internet. For example, when an electricity grid has access to the internet, it will become vulnerable to cyberattacks. Securing physical IT infrastructure, especially public utilities systems (e.g., electricity, water, traffc lights, natural gas, and health centers), becomes necessary in today’s digital age as modern socialites depend heavily on the internet to deliver public services. A good example of a cyberattack against a public utility is the attack against Colonial Pipeline, which took place in April 2021 and resulted in taking down the largest fuel pipeline in the US. This attack was found to be caused by a compromised password. Network Security Network security is an essential division within cybersecurity. It protects computer networks infrastructure and the data fowing across them from adversaries and malware threats. It is concerned with preventing malicious actors from sniffng traffc, delivering malicious software, or fooding serv- ers with false traffc to disrupt normal business operations like DDoS attacks. The network security comprises two defense layers: one on the network gateways and the second within the networks. Network security controls include installing security appliances such as IPS/IDS and Firewalls, and governing users, applications, and systems access to protected resources. Application Security Application security prevents vulnerable applications from being installed in an organization’s IT environment to avoid exploiting them by mali- cious actors. Application security should be well documented during the
📄 Page 17
6 Cybersecurity development and design phases, and after deployment to reveal any weak- ness or security vulnerability from being later exploited to facilitate intrud- ers’ exploits. Endpoint Security Endpoint security is concerned with protecting all endpoint computing devices (or end-user devices) on a network. Endpoint devices include desk- tops, servers, laptops, tablets, smartphones, and even Internet of Things (IoT) devices. Securing endpoint devices is a key to defending against cyberat- tacks. Such devices offer an entry point to hackers to penetrate an organiza- tion’s network despite all security controls settled at network gates (frewall, IPS/IDS, and SIEM). Since the start of the COVID-19 pandemic, more companies worldwide have allowed their employees to work remotely from home; securing employees’ devices when used for work purposes also falls under this category. Securing endpoints needs a combination of security policies and technolo- gies (programs). Each one will be covered in a dedicated chapter later. Note! Some organizations include mobile security as a sub-branch of endpoint security. For instance, mobile security protects mobile com- puting devices (smartphones, tablets, PDA, IoT devices) and the wire- less network they connect to from cyber threats. Some resources name mobile security as wireless security. Data Security Data security contains all processes, controls, and technologies used to secure data and protect it from unauthorized access; this also includes physi- cal security controls to limit access to sensitive data storage locations. Data can be secured using different ways, such as: • Encryption, • Backup, • Securely deleting data before dismissing old hardware storage units, • Using a robust authentication mechanism, such as Two-Factor Authentication, • Installing security solutions to stop malware on endpoint devices, • Installing Network Detection and Response (NDR) solutions to pro- tect data in hybrid environments (on-premises and cloud), • Keeping everything up to date – such as OS and installed applications.
📄 Page 18
7 Understanding Cybersecurity Cloud Security Securing your data in the cloud should have equal importance to your on- premise data centers. However, when securing cloud data, you only deal with software solutions to monitor and protect the fow of information (up and down) from your local data centers to the cloud provider’s servers. Cloud security includes security policies and technological solutions to protect data stored within a cloud environment from theft, deletion, and data leakage. Such attacks can be originated from external sources or insider threats. Encryption is the primary technique used to protect cloud data from unauthorized access. Cloud computing is evolving continually; there are different service mod- els an organization – or a user – can choose from; the following lists the most popular three cloud service models. 1. Software as a Service (SaaS): In this model, the cloud providers host applications or services on their servers and make them accessible to users on a subscription basis via the internet. An example of this model is Microsoft Offce 365, Salesforce, and Google Workspace. 2. Platform as a Service (PaaS): In this model, the cloud provider pro- vides the platform, or operating system along with the required software development kits (such as Java SDK), in addition to pro- viding storage and networking for the users. Users can deploy their applications and customize them if needed. Examples of this type are Amazon Web Services (AWS), Windows Azure, Apache Stratos, and Magento Commerce Cloud. PaaS model is commonly used for software creation projects. 3. Infrastructure as a Service (IaaS): In this service model, cloud users control cloud servers in terms of the operating system, applications, and networking; however, they can not control the underlying hard- ware running the cloud service. These are the main cloud models; however, there are many more – or subsets – based on the previous models, such as data as a service (DaaS), Function as a service (FaaS), iPaaS (integration platform as a service), and security as a service (SECaaS). Internet of Things (IoT)Security IoT refers to all internet-capable devices that can exchange data and receive instructions via the internet. IoT devices contain many physical internet systems such as home appliances (washing machines, coffee makers, smart refrigerators, smart TV sets), healthcare devices (wearable sensors), security systems including alarms, Wi-Fi cameras, and even industrial equipment controlled remotely via the internet.
📄 Page 19
8 Cybersecurity IoT security is concerned with safeguarding and securing IoT devices and associated networks from being abused for malicious purposes. The fast pace at which people use IoT devices in their daily lives and their adoption in different work environments will make this sector very attrac- tive to cybercriminals. The market size of IoT is enormous. According to Statista,7 the global number of connected IoT devices is expected to reach 30.9 billion units by 2025. End-user Cybersecurity Education Cybersecurity awareness training is the most critical element in cybersecu- rity! Humans remain the frst line of defense in any cybersecurity defense plan. For example, an unaware user can jeopardize the security of an organi- zation’s network by just clicking on a phishing link within a malicious email; this will effectively compromise the entire network despite all security solu- tions and controls already in place. A user can introduce threats to its work network using a variety of ways: 1. Install insecure programs from the internet, 2. Violating security guidelines when creating and storing passwords, 3. Using work email to register for free public online services, 4. Revealing important information (personal and work-related) on social media that can be used later by possible adversaries to formu- late different social engineering attacks, 5. Inability to distinguish social engineering attacks, especially phish- ing attacks coming via email and social media messages. Cybersecurity Models An IT security model is a framework used by an organization to identify and develop security policies for a given context or setting (e.g., authentication policy). The security model’s purpose is to outline the requirements needed to fulfll a specifc security policy. The most common security models in use today are CIA Triad and the Parkerian Hexad model. CIA Triad This is the most widely accepted security model; the CIA comprises three fundamental principles (see Figure 1.1): Confdentiality, Integrity, and Availability. When planning any organization’s security program, the secu- rity team needs to evaluate security threats and their potential impact on an organization’s digital assets, such as data, systems, and applications,
📄 Page 20
9 Understanding Cybersecurity FIGURE 1.1 CIA triad. regarding confdentiality, integrity, and availability. After the evaluation, the security team will draw the appropriate security policies and controls to miti- gate these risks. 1. Confdentiality: When we say confdential data, we mean it must be secured against unauthorized access. Confdentiality can technically be achieved using access control lists and encryption to protect data transmitted through insecure mediums such as the internet. Data is commonly categorized according to its sensitivity level (For exam- ple, the level of damage it can bring if it falls into the wrong hands); after that, the corresponding security controls are implemented. 2. Integrity: Assure data is not deleted or modifed by an unauthorized party. Keep in mind that this defnition applies to legitimate users making unintentional mistakes when accessing this data, such as altering or deleting data accidentally, editing wrong fles, and even corrupting fles by introducing malware to the sensitive data storage media. A technical solution to ensure data integrity is using hashing; we should also consider keeping a current backup of all sensitive data.
The above is a preview of the first 20 pages. Register to read the complete e-book.

💝 Support Author

0.00
Total Amount (¥)
0
Donation Count

Login to support the author

Login Now

Recommended for You

Loading recommended books...
Failed to load, please try again later
Back to List