Cyber security
Download as PPTX, PDF2 likes1,638 views
Cyber security protects computer systems from theft, damage, and disruptions, especially as reliance on technology increases. Vulnerabilities arise from software flaws, leading to various cybercrime tactics like hacking, phishing, and social engineering, which exploit user trust and system weaknesses. Effective measures, including antivirus software, strong passwords, and awareness of insider threats, are essential for safeguarding against these evolving threats.
Cyber security
- 1. Sabir Raja
- 2. Cyber Security • Cyber Security, also known as Computer Security or IT Security, is the protection of computer systems from the theft or damage to the hardware, software or the information on them, as well as from disruption or misdirection of the services they provide
- 3. • It includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or being tricked into deviating from secure procedures
- 4. • The field is of growing importance due to the increasing reliance on computer systems and the Internet in most societies, wireless networks such as Bluetooth and Wi-Fi and the growth of Smart devices, including smartphones, televisions and tiny devices as part of the Internet
- 5. What is a Cyber Crime • Cyber crime encompasses any criminal act dealing with computers and networks (called hacking) • Additionally, cyber crime also includes traditional crimes conducted through the Internet • A major attack vector of Cyber Crime is to exploit broken software
- 6. • Software security vulnerabilities are caused by defective specification, design, and implementation • Unfortunately, common development practices leave software with many vulnerabilities • To have a secure Cyber Infrastructure, the supporting software must contain few, if any, vulnerabilities
- 7. What is Vulnerability • In Cyber or Computer Security, a vulnerability is a weakness which allows an attacker to reduce a system's information assurance or • A weakness of an asset or group of assets that can be exploited by one or more threats or • A flaw / weakness in a system's design, implementation, or operation and management that could be exploited to violate the system's security policy
- 8. • To secure a computer system, it is important to understand the attacks that can be made against it, and these threats can typically be classified into one of the following categories – Backdoors – Denial-of-service attack – Direct-access attacks – Eavesdropping – Spoofing – Tampering – Phishing – Clickjacking – Social engineering
- 9. Backdoors • A backdoor is a method, often secret, of bypassing normal authentication in a product, computer system, crypto system or algorithm etc. Backdoors are often used for securing unauthorized remote access to a computer, or obtaining access to plaintext in cryptographic systems • A backdoor may take the form of a hidden part of a program, a separate program (e.g. Back Orifice may subvert the system through a rootkit), or may be a hardware feature • Default passwords can function as backdoors if they are not changed by the user. Some debugging features can also act as backdoors if they are not removed in the release version
- 10. • Computer worms, such as Sobig and Mydoom, install a backdoor on the affected computer (generally a PC on broadband running Microsoft Windows and Microsoft Outlook) • Such backdoors appear to be installed so that spammers can send junk email from the infected machines • Others, such as the Sony/BMG rootkit, placed secretly on millions of music CDs through late 2005, are intended as DRM (Digital rights management) measures and, in that case, as data gathering agents
- 11. Denial of Service Attack • Denial of Service Attack (DoS attack) is a cyber-attack where the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to the Internet • Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests in an attempt to overload systems and prevent some or all legitimate requests from being fulfilled
- 12. Direct Access Attacks • An unauthorized user gaining physical access to a computer is most likely able to directly copy data from it • They may also compromise security by making operating system modifications, installing software worms, keyloggers, covert listening devices or using wireless mice • Even when the system is protected by standard security measures, these may be able to be by-passed by booting another operating system or tool from a CD ROM or other bootable media
- 13. Eavesdropping • Eavesdropping is the act of surreptitiously listening to a private conversation, typically between hosts on a network • For instance, programs such as Carnivore and NarusInsight have been used by the FBI and NSA to eavesdrop on the systems of internet service providers • Even machines that operate as a closed system (i.e., with no contact to the outside world) can be eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware; TEMPEST is a specification by the NSA referring to these attacks • TEMPEST is a National Security Agency specification and a NATO certificationreferring to spying on information systems through leaking emanations, including unintentional radio or electrical signals, sounds, and vibrations
- 14. Spoofing • Spoofing, is a fraudulent or malicious practice in which communication is sent from an unknown source disguised as a source known to the receiver • Spoofing is most prevalent in communication mechanisms that lack a high level of security
- 15. Tampering • Tampering describes a malicious modification of products. So called "Evil Maid" attacks (A kernel mode rootkit variant called a bootkit, it can infect startup code like the Master Boot Record (MBR), Volume Boot Record (VBR) or boot sector ) and security services planting of surveillance capability into routersare the examples
- 16. Phishing • Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details directly from users • Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one • Preying on a victim's trust, phishing can be classified as a form of social engineering
- 17. Clickjacking • Clickjacking is a malicious technique in which an attacker tricks a user into clicking on a button or link on another webpage while the user intended to click on the top level page • This is done using multiple transparent or opaque layers. The attacker is basically "hijacking" the clicks meant for the top level page and routing them to some other irrelevant page, most likely owned by someone else • A similar technique can be used to hijack keystrokes • Carefully drafting a combination of stylesheets, iframes, buttons and text boxes, a user can be led into believing that they are typing the password or other information on some authentic webpage while it is being channeled into an invisible frame controlled by the attacker
- 18. Social Engineering • Social engineering aims to convince a user to disclose secrets such as passwords, card numbers • A popular and profitable cyber scam involves fake CEO emails sent to accounting and finance departments • In early 2016, the FBI reported that the scam has cost US businesses more than $2bn in about two years • In May 2016, the Milwaukee Bucks NBA team was the victim of this type of cyber scam with a perpetrator impersonating the team's president Peter Feigin, resulting in the handover of all the team's employees' 2015 W-2 (Wage and Tax Statement ) tax forms
- 19. Key Trends from 2015 1 9
- 21. Attacks are focusing on higher value data targets 2013 800,000,000+ records breached, with no signs of decreasing in the future 2014 1,000,000,000 records breached, while CISOs cite increasing risks from external threats 2015 Healthcare mega-breaches set the trend for high value targets of sensitive information
- 22. Why do Breaches Happen? Configuration Errors “Weak” defaults Easy passwords “Bugs” Input validation Installing suspect applications Clicking malicious links Phishing Emails Watering Hole attacks MalwareVulnerabilities
- 23. Need of cyber security Cyber security is necessary since it helps in securing data from threats such as data theft or misuse, also safeguards your system from viruses.
- 24. Major security problems Virus Hacker Malware Trojan horses Password cracking
- 25. Viruses and Worms A Virus is a “program that is loaded onto your computer without your knowledge and runs against your wishes
- 26. Solution Install a security suite that protects the computer against threats such as viruses and worms.
- 27. Hackers In common a hacker is a person who breaks into computers, usually by gaining access to administrative controls.
- 28. How To prevent hacking It may be impossible to prevent computer hacking, however effective security controls including strong passwords, and the use of firewalls can helps.
- 29. Malware The word "malware" comes from the term "Malicious Software." Malware is any software that infects and damages a computer system without the owner's knowledge or permission.
- 30. To Stop Malware Download an anti-malware program that also helps prevent infections Activate Network Threat Protection, Firewall, Antivirus
- 31. Trojan Horses Trojan horses are email viruses that can duplicate themselves, steal information, or harm the computer system. These viruses are the most serious threats to computers
- 32. How to Avoid Trojans Security suites, such as Avast Internet Security, will prevent you from downloading Trojan Horses
- 33. Password Cracking Password attacks are attacks by hackers that are able to determine passwords or find passwords to different protected electronic areas and social network sites.
- 34. Securing Password Use always Strong password Never use same password for two different sites
- 35. Cyber Security is Everyone’s Responsibility
- 37. SAFETY TIPS TO CYBER CRIME Use antivirus Software and update regularly Insert Firewalls Uninstall unnecessary software Maintain backup Check security settings BIOS , Administrator and User Pass Word Block all USBs ports Remove CD Drive etc etc Physically locking of computers Be aware of insider threats No use of Internet
- 38. Conclusion Cybercrime is indeed getting the recognition it deserves However, it is not going to be restricted that easily In fact , it is highly likely that cyber crime and its hackers will continue developing and upgrading to stay ahead of the law So, to make us a safer we must Implement our organizational Cyber Security Plan in true letter and spirit
Editor's Notes
- #20: Focus on High Value Targets: Health-related PII and other highly sensitive data can be used for social engineering to access even more valuable financial targets Sophistication of Attack Techniques: Quantum leaps in mobile malware juxtapose a continued use of classics like DDoS and POS malware Breaches without Borders: Breaches are now being reported more widely around the world due to expanded targeting and stricter disclosure guidelines A Need for Security Basics: Many of the incidents we’ve seen could be avoided with a focus on security basics
- #21: Column for each use case…
- #22: By January 2016, IBM® X-Force® had tracked 272 security incidents for 2015, on par with the 279 incidents tracked in 2014. In terms of total disclosed records, 2014 was notable for more than one billion records being leaked, while 2015 was down to a still staggering 600 million leaked records in incidents tracked by X-Force using public breach disclosures. Notes on 2015: Cybercriminals’ targets are now bigger and their rewards greater as they fine-tune efforts to obtain and leverage higher value data than years past. The demand for leaked data is trending toward higher-value records such as health-related personally identifiable information (PII) and other highly sensitive data, with less emphasis on the emails, passwords and even credit card data that were the targets of years past. This PII can be used for social engineering to gain access to valuable financial targets. February saw the first of five 2015 healthcare mega-breach disclosures, which together exposed nearly 100 million records of patient data. While stolen credit card data and user account information can be valuable, these records have a short lifespan and are replaceable. In contrast, Social Security numbers and health history data stolen in these incidents are both much more sensitive and personal to the victims, as well as much harder to replace. As reported by the recent IBM/ Ponemon data breach study, dark web resale of healthcare data can be worth as much as USD363 per record compared to the average for all types of data of USD154 In addition to the theft of healthcare data, 2015 saw an increase in the trading of another type of highly sensitive information. Breaches at adult websites including Adult Friend Finder and Ashley Madison exposed people’s sexual preferences and infidelities to the general public. The intimate nature of this data opened opportunities for extortion and increased social engineering intelligence. It also was linked to a number of suicides of affected victims. More than ever, these incidents bring attention to the complex intersection between our digital and physical identities.