Cyber security

Cyber Security
By Monika Agrawal
©Techforce Infotech Pvt Ltd 2017-18

What is Cyber Security?
2 ©Techforce Infotech Pvt Ltd 2017-18
• Cyber security refers to the body of technologies, processes, and
practices designed to protect networks, devices, programs, and
data from attack, damage, or unauthorized access.
• It requires an understanding of potential information threats,
such as viruses and other malicious code.
• Effective cyber security reduces the risk of cyber attacks, and
protects organisations and individuals from the unauthorised
exploitation of systems, networks and technologies.

Importance of Cyber Security
• Cyber security is important because government, corporate and
medical organizations collect, process and store unprecedented
amounts of data on computers and other devices.
• The core functionality of cybersecurity involves protecting
information and systems from major cyberthreats.
• Some of the common threats are outlined below in more detail:
 Cyberterrorismis
 Cyberwarfare
 Cyberespionage

• Cyberterrorismis
 The disruptive use of information technology by terrorist groups to
further their ideological or political agenda.This takes the form of
attacks on networks, computer systems and telecommunication
infrastructures.
• Cyberwarfare
 It involves nation-states using information technology to penetrate
another nation’s networks to cause damage or disruption.
• Cyberspionage
 It is the practice of using information technology to obtain secret
information without permission from its owners or holders.

• Critical infrastructure
• Network security
• Cloud security
• Application security
• Internet of things (IoT) security
Types of Cyber Security

• Critical infrastructure
 It includes the cyber-physical systems that society relies on,
including the electricity grid, water purification, traffic lights and
hospitals.
 Plugging a power plant into the internet, for example, makes it
vulnerable to cyber attacks.
• Network security
 Network security guards against unauthorized intrusion as well
as malicious insiders.
 Ensuring network security often requires trade-offs. For
example, access controls such as extra logins might be
necessary, but slow down productivity.

• Cloud security
 Cloud providers are creating new security tools to help
enterprise users better secure their data, but the bottom line
remains: Moving to the cloud is not a panacea for performing
due diligence when it comes to cyber security.
• Application security
 Application security (AppSec), especially web application
security, has become the weakest technical point of attack, but
few organizations adequately mitigate all the OWASPTopTen
web vulnerabilities.
 AppSec begins with secure coding practices, and should be
augmented by fuzzing and penetration testing.

• Internet of things (IoT) security
 IoT refers to a wide variety of critical and non-critical cyber
physical systems, like appliances, sensors, printers and security
cameras.
 IoT devices frequently ship in an insecure state and offer little to
no security patching, posing threats to not only their users, but
also to others on the internet, as these devices often find
themselves part of a botnet.This poses unique security
challenges for both home users and society..

• Attack on confidentiality
 Stealing, or rather copying, a target's personal information is how
many cyber attacks begin, including garden-variety criminal attacks
like credit card fraud, identity theft, or stealing bitcoin wallets.
• Attack on integrity
 Seek to corrupt, damage, or destroy information or systems, and
the people who rely on them.
• Attack on availability
 Preventing a target from accessing their data is most frequently
seen today in the form of ransomware and denial-of-service
attacks.
Types of Cyber Threats

Common Cyber Attacks

Cyber Attack Life Cycle

 The typical steps involved are:
• Phase 1: Reconnaissance
 The first stage is identifying potential targets that satisfy the
mission of the attackers (e.g. financial gain, targeted access to
sensitive information, brand damage).
• Phase 2:Initial compromise
 The initial compromise is usually in the form of hackers bypassing
perimeter defences and gaining access to the internal network
through a compromised system or user account.
• Phase 3:Command and control
 The compromised device is then used as a beachhead into an
organisation.

• Phase 4: Lateral movement
 Once the attacker has an established connection to the internal
network, they seek to compromise additional systems and user
accounts.
• Phase 5:Target attainment
 At this stage, the attacker typically has multiple remote access
entry points and may have compromised hundreds (or even
thousands) of internal systems and user accounts.
• Phase 6:Exfiltration, corruption, and disruption
 The final stage is where cost to businesses rise exponentially if the
attack is not defeated.This is when the attacker executes the final
aspects of their mission, stealing intellectual property or other
sensitive data.

• Enable two-factor authentication
 Many services, including Google, offer two-factor authentication
for logging into your account. Instead of simply entering a
username and password to log in, the website will prompt you to
enter a code sent to your smartphone to verify your identity.
• Don't use the same password for multiple services
 Using the same term for all of your passwords leaves your entire
digital life vulnerable to attack.
• Apply software updates when necessary
 Apple, Google, and Microsoft typically include security bug fixes
and patches in their most recent software updates.
Prevent Cyber Attacks

• Don't send personal data via email
 Sending critical information such as credit card numbers or bank
account numbers puts it at risk of being intercepted by hackers or
cyber attacks.
• Avoid logging into your important accounts on public computers
 Sometimes you've got no choice but to use a computer at the
coffee shop, library.
• Update, distribute and get signatures on Acceptable Use
agreements
 Make sure your agreements cover all company-issued devices, not
just desktops and laptops. List all the devices your company
distributes to employees. Update and distribute the document.

• Every year brings new security breaches, but this year has seen some
of the most egregious and disturbing since the dawn of the internet
age.
• Hacks were revealed one after another in 2017, from an Equifax
breach that compromised almost half the country to global ransom
campaigns that cost companies millions of dollars.
• The cyberattacks highlighted the alarming vulnerability of our
personal information.
• In the first half of 2017, 1.9 billion data records were either lost or
stolen through 918 cyber attacks. Most of the attacks used
ransomware, a malware that infects computers and restricts access
to files in exchange for a ransom.
Cyber Attacks in 2017

• WannaCry
 WannaCry was a ransomware attack that spread rapidly in May of
2017. Like all ransomware, it took over infected computers and
encrypted the contents of their hard drives, then demanded a
payment in Bitcoin in order to decrypt them.
 The malware took particular root in computers at facilities run by
the United Kingdom's NHS.
• NotPetya
 In July 2017, a malware that at first seemed very similar to a 2016
ransomware called Petya began spreading across computers
around the world, with infection sites focused in and around
Ukraine.

• Equifax
 US-based Equifax is one of the largest consumer credit reporting
agencies in the world that collects and aggregates information
from over 800 million individuals.
 In September this year, the company made a startling
announcement that a massive breach of its security had
compromised the information of 143 million customers.
• Ethereum
 While this one might not have been as high-profile as some of the
others on this list, it deserves a spot here due to the sheer amount
of money involved.
 Ether is a Bitcoin-style cryptocurrency, and $7.4 million in Ether was
stolen from the Ethereum app platform in a manner of minutes in
July.

• Yahoo (revised)
 This massive hack ofYahoo's email system gets an honorable
mention because it actually happened way back in 2013 — but the
severity of it, with all 3 billionYahoo email addresses affected, only
became clear in October 2017.
 Stolen information included passwords and backup email
addresses, encrypted using outdated, easy-to-crack techniques,
which is the sort of information attackers can use to breach other
accounts.

Cyber Security Predictions for 2018
• Ransomware
 It is no surprise that this features so highly after 2017's headlines. In
terms of evolution, it was predicted that after the mass distribution
we would see more targeted attempts, with Eric Klonowski, senior
advanced threat research analyst atWebroot, predicting the first
health-related ransomware targeting devices like pacemakers.
“Instead of ransom to get your data back, it will be ransom to save
your life.”
 As well as being more targeted, predictions fromTrend Micro were
that attackers “will run digital extortion campaigns and use
ransomware to threaten non-GDPR compliant companies”.

2 ©Techforce Infotech Pvt Ltd 2017-182 ©Techforce Infotech Pvt Ltd 2017-18
• GDPR
 That regulation is of course GDPR, which comes into force on May 25
2018. On the minds of most in cybersecurity, it was not a surprise
that this featured so heavily in the vendor predictions we received.
• Artificial Intelligence and Machine Learning
 Intrinsically different, but often put on the same shelf, are the 'magic
and witchcraft' of AI and machine learning.
 FireEye believed that the security industry will begin to see more
automation, machine learning and artificial intelligence used to
combat cyber-attacks because of a lack of people.

• Biometric Adoption
 The adoption of biometric technology has increased over time and
with the introduction of fingerprint and now facial recognition
authentication on mobile devices, will we see more adoption of this
technology in the enterprise?
• More Bitcoin Heists
 Experts predict that attackers will continue to double down on
ransomware and other attacks that involve shaking down victims to
amass cryptocurrency
 "The combination of the spreading use of computer and information
devices, including through IoT and for all parts of our businesses,
aligned with the now common availability of anonymous payment
mechanisms, has enabled the growth of cyber extortion at scale".

The Bottom line
• Cyber security is not only a business process, it's a strategic business
priority.
• If it isn't, then the chances are that it won't be taken seriously at the C-
level and instead will be seen as something that can and should be
delegated entirely to IT.
Be Cyber Attack Safe!

Thank you !

Cyber security

More Related Content

What's hot (20)

Similar to Cyber security (20)

More from Bhavin Shah (6)

Recently uploaded (20)

Cyber security