CCC : Cyberspace Under Siege – Understanding Crime, Espionage, And Conflict

This is a short graduate course providing an introduction to the areas of crime, espionage and conflicts in cyberspace. The material is used for the “Cybercrime, Cyberespionage, and Cyberwar” course currently taught in the Master in Cybersecurity at UC3M.

The course provides a gentle, not very technical introduction to several contemporary security and privacy topics, including

some bits of history,
opponents and the current cyberthreat landscape,
the underground economy of cybercrime,
vulnerabilities, exploits and their markets, and
privacy and surveillance –including commercial surveillance–, and
state-sponsored cyberoperations.

The main goal of the course is to provide students who approach cybersecurity with little-to-none previous backgound with a socio-techno-economic perspective of current security and privacy phenomena in the Internet, how we got here, and what might be done about it.

The treatment of some topis might be too superficial for some audiences and a few key topics are certainly missing, but this is a short (6 weeks) course and there is no room for more.

The material can be extended with some extra effort to make up for these limitations.

Contents Of This Repository

For each topic (see the syllabus below), this repository contains a contents file providing:

a description of the contents covered in the topic,
a list of core readings,
a list of questions, problems, and learning activities, and
a list of supplementary readings for those who want to go a bit deeper into the subject.

There is also a set of slides used in class during the lectures.

Class recordings are not available yet.

Syllabus

Module 1. Hostilities in Cyberspace
- A Brief History of the Internet
- Threats
- Opponents
- Why Security is Hard
Module 2. Cybercrime and its Underground Economy
- What is Cybercrime
- The Underground Economy of Cybercrime
- Marketplaces
- Intervention
Module 3. Vulnerabilities, Exploits, and their Market
- Vulnerabilities
- Zero-day Vulnerabilities
- The Rise of an Industry
- The Ethics of Vulnerability Research
Module 4. Privacy and Surveillance
- Privacy
- The Crypto Wars
- Mass Surveillance
- Commercial Surveillance

Schedule And Assessment

The course is designed to be taught over a 6-week term, with two 1.5-hour sessions per week.

Each module is covered in one week, plus time off class for self-study and work on assignments.

The last week is used to review contents and explore other topics and directions from here.

The assessment activitites include:

Two quizzes spaced throughout the term (weeks 3 and 6). All quizzes are closed book and closed notes. Access to the Internet via any device is not allowed. Grading: 20% each.
A workbook handed in the last day with solutions to 4 activities chosen from those available across all modules. Grading: 40%

Week	Module	Assessment activitities
1	Hostilities in Cyberspace
2	Cybercrime and its Underground Economy (I)
3	Cybercrime and its Underground Economy (II)	Quizz 1 (Modules 1 and 2)
4	Vulnerabilities, Exploits, and their Market
5	Privacy and Surveillance
6	Course Wrap Up	Quizz 2 (Modules 3 and 4) Workbook

Varshini

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.