Hands-On Cybersecurity for Finance电子书

Title Page

Copyright and Credits

Hands-On Cybersecurity for Finance

Dedication

About Packt

Why subscribe?

Packt.com

Foreword

Contributors

About the authors

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Reviews

Disclaimer

Introduction to Cybersecurity and the Economy

What is cybersecurity – a brief technical description?

People

Processes

Technology

The scope of cybersecurity

Critical infrastructure security

Network security

Cloud security

Application/system security

User security

Internet of Things security

Terminologies

General description of hacking groups and cyber espionage

Hacking groups

Cyber espionage

Cybersecurity objectives

Importance of cybersecurity and its impacts on the global economy

The number of cyber attacks is growing

Cyber attacks are getting worse

Impacts on the global economy

Estimation of financial losses related to cybercrime

Finance and cybersecurity

Critical dependency of business, processes, and IT infrastructure

Economic loss

Banking and financial systems – changes from a risk and security perspective

Data breach means money

Financial repercussion of reputational damage caused by cyber attacks

Digital economy and related threats

Smart threats

Ransomware

Critical infrastructure attacks

Summary

Further reading

Cyber Crime - Who the Attackers Are

Introduction to cyber crime

Threat actors

Hacktivism

Case study – Dakota Access Pipeline

Case study – Panama Papers

Cyber terrorists

Case study – Operation Ababil

Cyber criminals

Case study – FIN7

Case study – Carbanak APT Attack

Case study – OurMine operation

Summary

Counting the Costs

The cost of a cybersecurity attack

The cost of different cyber attacks

Breakdown of the costs of a cyber attack

Production loss

Economic losses

Damaged brand and reputation

Loss of data

Fines, penalties, and litigations

Losses due to recovery techniques

Breakdown of the cost of securing an organization

Every financial institute should know Carbanak

Antivirus systems

Endpoint Detection and Response solutions

Firewall systems

Intrusion-prevention systems

Encryption

Bonus

What is Microsoft offering?

Windows 10 Defender Security Center

Windows Defender

Windows Defender Exploit Guard

Controlled folder access

Network protection

Attack surface reduction

Windows Defender Credential Guard

Windows Defender Application Guard

Windows Event Forwarding

Windows Defender Advanced Threat Protection

Protecting privileged identities

How do privileged identities get compromised?

How to prevent attackers from gaining access to privileged identities

Summary

Further reading

The Threat Landscape

Threats against end customers

Credit card fraud

Application fraud

Card-not-present fraud

Compromised account fraud

Credit card testing

Financial Trojans

Case study – BackSwap Trojan

Case study – Ramnit

Case study – Bebloh

Phishing

Case study – immediate action required

Pretexting

Dumpster diving

Mobile fraud

Threats against financial institutes

ATM attacks

POS attacks

Denial of service

Ransomware

Blackmailing

Summary

Phishing, Spamming, and Scamming to Steal Data and Money

Phishing scams

Evolution of phishing

Social engineering emails

Spear phishing

Business email compromise or whaling

Credential theft using malicious software

Ardamax

LokiBot

Characteristics of phishing emails

Spamming

How spammers get email addresses

How spammers make money

Advertising

Malware

Storm

Triout

Botnets

Characteristics of spam emails

Summary

Further reading

The Malware Plague

Malware categories

Computer virus

Computer worm

SQL Slammer worm

Crypto worm

WannaCry

Trojan

Bebloh

Zeus

Rootkit

Torpig

Spyware

Adware

Malware trends

Malware infection vectors

Injected by remote attacker

Email

Auto-executed web infection

User-executed web infection

Installed by other malware

Network propagation

Portable media

Coded into existing software

Summary

Vulnerabilities and Exploits

Detecting vulnerabilities

Exploitation techniques

Buffer overflow

Integer overflow

Memory corruption

Format string attacks

Race condition

Cross-site scripting

One-click attack

SQL injections

Exploitation delivery

Summary

Further reading

Attacking Online Banking Systems

Online banking benefits for financial services

The online banking process

Attack techniques

Summary

Further reading

Vulnerable Networks and Services - a Gateway for Intrusion

Vulnerable network protocols and network intrusions

Simple Mail Transfer Protocol

Secure Sockets Layer

Domain Name System

Packet sniffing

Distributed denial of service

Attacking web servers and web-based systems

SQL injection

Buffer overflow

Advanced Google search operators

Brute-force attacks

Medusa

Brutus

Bypassing web protection

Bypassing captcha

Bypassing two-factor authentication

Bypassing firewalls

Hacking wireless networks

Hacking wireless networks

Aircrack-ng

Kismet

Wireshark

Hacking Bluetooth

Vulnerable network devices

Summary

Further reading

Responding to Service Disruption

Cybersecurity incidents

Fundamentals

Data knowledge

Monitoring

Attack surface analysis

Vendor management

Incident response and management

Phase 1 – preparation

Phase 2 – detection and analysis

Phase 3 – containment

Phase 4 – eradication and recovery

Phase 5 – post-incident activity

Summary

Further reading

The Human Problem - Governance Fail

Business versus security

Failing security management

Lack of adoption of cybersecurity initiatives

Lack of organization and planning

Poor leadership

Careless online behavior

Insider threats

Technological transformation of financial services

Failure in implementing security policies

Summary

Further reading

Securing the Perimeter and Protecting the Assets

Network models

Single trust network model

Dual trust network model

Zero trust network model

Microsoft 365 zero trust network models

Endpoint security

Endpoint security threats

Physical access

Malicious code execution

Device-based attack

Communication interception

Insider threats

Decreased productivity

Modern endpoint security

Device protection

Threat resistance

Identity protection

Information protection

Breach detection investigation and response

Summary

Further reading

Threat and Vulnerability Management

Vulnerability management strategy

Asset inventory

Information management

Risk assessment

Vulnerability analysis

Threat analysis

Risk acceptance

Vulnerability assessment

Reporting and remediation

Defining vulnerabilities in a few steps

From vulnerability to threat

Multiplying threats

Multiplying risk

The root cause of security issues

Vulnerability management tools

Implementation of vulnerability management

Best practices for vulnerability management

Assess yourself

Tying vulnerability assessments into business impact

Take an active role

Identify and understand the business processes

Pinpoint the applications and data

Try to find hidden data sources

Determine the hardware structure

Map the network infrastructure to hardware

Identify the controls

Run the vulnerability scans

Read the results of the scans

Conduct penetration testing by third parties as well

Understanding risk management

Defense in depth approach

Best practices for protecting your environment​

Summary

Further reading

Audit, Risk Management, and Incident Handling

IT auditing

Evaluating the systems, policies, and processes that secure the organization

Determining the risks to the company's assets

Ensuring that the organization is compliant with the relevant regulations

Determining inefficiencies in the IT infrastructure and management

Risk management

Identification

Risk analysis

Risk assessment

Risk mitigation

Risk monitoring

Incident handling

Preparation

Identification

Containment

Recovery and analysis

Summary

Further reading

Encryption and Cryptography for Protecting Data and Services

Encryption

Early encryption methods

Encryption today

Symmetric encryption

Asymmetric encryption

Protecting data and services with cryptography

Data at rest

Full disk encryption

File encryption

Data in transit

End-to-end encryption

Encrypted web connection (SSL and TLS)

Encrypted email servers

Examples of encryption algorithms

Advanced Encryption Standard (AES)

Triple DES

RSA

Blowfish

Encryption challenges

Summary

Further reading

The Rise of the Blockchain

Introduction to Blockchain technology

Consensus mechanisms in a Blockchain

Proof of work

Proof of stake

Applications of Blockchain technology

Recording purposes

Digital identity

Government purposes

Financial applications

Cryptocurrencies

Cryptocurrency wallets

Desktop wallets

Web wallets

Mobile wallets

Hardware wallets

Paper wallets

Challenges to cryptocurrencies

Unstable value

Theft

Exchange risks

Blockchain challenges and future

Summary

Further reading

Artificial Intelligence and Cybersecurity

Threat landscape evolution

Artificial Intelligence

Narrow Artificial Intelligence

True Artificial Intelligence

Technologies powering Artificial Intelligence

Artificial Intelligence-powered cybersecurity

Use cases

Summary

Further reading

The Quantum Future

Evolution of the quantum technology

1965

1980

1985

1994

1995

1996–present

The quantum technology race

Quantum communication

Quantum computation

Quantum simulation

Quantum sensing

Quantum software

Quantum technology breakthroughs

Impacts of the quantum technology

Communication

Mining

Finance

Defense

Health

Energy

Big data

Artificial Intelligence

Summary

Further reading

Other Books You May Enjoy

Leave a review - let other readers know what you think