Uploaded byBhimNathTiwari1
PPTX, PDF231 views

Cyber security.pptxelectronic systems, networks, and data from malicious

Cybersecurity encompasses technologies, practices, and policies aimed at preventing cyber attacks and protecting systems, data, and individuals from threats like malware and phishing. It focuses on maintaining the confidentiality, integrity, and availability of information, while addressing various cyber threats from malicious actors, including hackers and cybercriminals. Understanding these threats is crucial for developing effective security measures and fostering a secure culture in an increasingly digital world.

Engineering
Related topics:
Mobile Devices
Download to read offline
CYBER SECURITY Topics • Introduction to cyber Security • What is cyber Security ? • The objective of cyber security . • CIA • Cyber Security Threats • Types of Cyber Security Threats • Need of Cyber Security B.N.Tiwari B.Tech,M.Tech ,PHD(pursuing) https://www.youtube.com/@b.n.tiwari2337
• Cyber security refers to any technologies, practices and policies for preventing cyber attacks or mitigating their impact. • Cyber security aims to protect computer systems, applications, devices, data, financial assets and people against ransomware and other malware, phishing scams, data theft and other cyber threats. • Cybersecurity is important because it: • Protects against unauthorized access to data and networks. • Improves recovery time after a breach. • Ensures regulatory compliance, and supports business continuity. “Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.” CYBER SECURITY
CYBER SECURITY refers • Cyber security 1-technologies 2-pratices preventing cyber attack 3-Policies aims to protect Computer system, Application devices Data Financial assets Other malware Phishing attack Data theft Other cyber threats
WHAT IS CYBER SECURITY?
MAIN OBJECTIVE OF CYBER SECURITY The main objective of cyber security is to protect devices and services from theft or damage, and to prevent unauthorized access to personal information. Cyber security objectives include: Protecting confidentiality, integrity, and availability: • Cyber security aims to protect the confidentiality, integrity, and availability of information and systems. • Preventing unauthorized access: Cyber security aims to prevent unauthorized access to devices, networks, and computer hardware. • Mitigating risks: Cyber security aims to mitigate risks and respond to incidents. • Ensuring compliance: Cyber security aims to ensure compliance with relevant standards. • Protecting critical infrastructure: Cyber security aims to protect critical infrastructure. • Fostering a secure culture: Cyber security aims to foster a secure culture. Cyber security is important because it protects all types of data, including sensitive data, protected health information, personally identifiable information, and intellectual property.
CYBER SECURITY-CIA
THE CIA TRIAD IS A MODEL IN CYBERSECURITY THAT STANDS FOR CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY. IT'S A FRAMEWORK THAT HELPS ORGANIZATIONS SECURE THEIR INFORMATION AND SYSTEMS BY FOCUSING ON THESE THREE KEY PRINCIPLES:
WHAT ARE CYBERSECURITY THREATS? CYBER THREATS ARE ACTS PERFORMED BY INDIVIDUALS WITH HARMFUL INTENT, WHOSE GOAL IS TO STEAL DATA, CAUSE DAMAGE TO OR DISRUPT COMPUTING SYSTEMS. COMMON CATEGORIES OF CYBER THREATS INCLUDE MALWARE, SOCIAL ENGINEERING, MAN IN THE MIDDLE (MITM) ATTACKS, DENIAL OF SERVICE (DOS), AND INJECTION ATTACKS • Common Sources of Cyber Threats • Here are several common sources of cyber threats against organizations: • Nation states—hostile countries can launch cyber attacks against local companies and institutions, aiming to interfere with communications, cause disorder, and inflict damage. • Terrorist organizations—terrorists conduct cyber attacks aimed at destroying or abusing critical infrastructure, threaten national security, disrupt economies, and cause bodily harm to citizens. • Criminal groups—organized groups of hackers aim to break into computing systems for economic benefit. These groups use phishing, spam, spyware and malware for extortion, theft of private information, and online scams. • Hackers—individual hackers target organizations using a variety of attack techniques. They are usually motivated by personal gain, revenge, financial gain, or political activity. Hackers often develop new threats, to advance their criminal ability and improve their personal standing in the hacker community. • Malicious insiders—an employee who has legitimate access to company assets, and abuses their privileges to steal information or damage computing systems for economic or personal gain. Insiders may be employees, contractors, suppliers, or partners of the target organization. They can also be outsiders who have compromised a privileged account and are impersonating its owner.
TYPES OF CYBERSECURITY THREATS •Malware Attacks • Malware is an abbreviation of “malicious software”, which includes viruses, worms, trojans, spyware, and ransomware, and is the most common type of cyberattack :- • Malware infiltrates a system, usually via a link on an untrusted website or email or an unwanted software download. It deploys on the target system, collects sensitive data, manipulates and blocks access to network components, and may destroy data or shut down the system altogether. Here are some of the main types of malware attacks: • Viruses—a piece of code injects itself into an application. When the application runs, the malicious code executes. • Worms—malware that exploits software vulnerabilities and backdoors to gain access to an operating system. Once installed in the network, the worm can carry out attacks such as distributed denial of service (DDoS). • Trojans—malicious code or software that poses as an innocent program, hiding in apps, games or email attachments. An unsuspecting user downloads the trojan, allowing it to gain control of their device. • Ransomware—a user or organization is denied access to their own systems or data via encryption. The attacker typically demands a ransom be paid in exchange for a decryption key to restore access, but there is no guarantee that paying the ransom will actually restore full access or functionality. • Crypto jacking—attackers deploy software on a victim’s device, and begin using their computing resources to generate cryptocurrency, without their knowledge. Affected systems can become slow and crypto jacking kits can affect system stability.
TYPES OF CYBERSECURITY THREATS • Spyware—a malicious actor gains access to an unsuspecting user’s data, including sensitive information such as passwords and payment details. Spyware can affect desktop browsers, mobile phones and desktop applications. • Adware—a user’s browsing activity is tracked to determine behaviour patterns and interests, allowing advertisers to send the user targeted advertising. Adware is related to spyware but does not involve installing software on the user’s device and is not necessarily used for malicious purposes, but it can be used without the user’s consent and compromise their privacy. • Fileless malware—no software is installed on the operating system. Native files like WMI and PowerShell are edited to enable malicious functions. This stealthy form of attack is difficult to detect (antivirus can’t identify it), because the compromised files are recognized as legitimate. • Rootkits—software is injected into applications, firmware, operating system kernels or hypervisors, providing remote administrative access to a computer. The attacker can start the operating system within a compromised environment, gain complete control of the computer and deliver additional malware.
CYBERSECURITY THREATS Threats
CYBER CRIME • Cybercrime is a broad term that describes criminal activity that involves the use of computers, • networks, or other digital devices. • Cybercrime can be committed in a number of ways, including: • Cyber-dependent crimes • These crimes can only be committed using information and communications technology (ICT) devices. For • example, developing and spreading malware for financial gain, or hacking to steal or damage data. • Cyber-enabled crimes • These are traditional crimes that can be increased in scale or reach by using computers or other ICT. For example, cyber-enabled fraud or data theft. • Identity theft • Fraudulently using another person's electronic signature, password, or other unique identification feature. • Ransomware • Malicious code that locks up computer files, with cybercriminals demanding a ransom to release them. • Distributed Denial of Service (DDoS) attacks • Programmed to overwhelm a network or website with traffic, causing it to slow down or crash. • Cybercrime can have a profound impact on individuals and companies, causing financial damage, loss of trust, and reputational damage
WHAT IS THE DEFINITION AND ORIGIN OF A CYBERCRIME? • Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device. • Most cybercrime is committed by cybercriminals or hackers who want to make money. • cybercrime aims to damage computers or networks for reasons other than profit. • The word cybercrime is a combination of the words "cyber" and "crime". The word "cyber" comes from the Greek word kubernētēs, which means "steersman". The term was first used in the field of cybernetics in 1948 by Wiener, which focused on the communication and control between machines and animals. • The word "cybercrime" was first used in the 1990s, as evidenced by the Oxford English Dictionary (OED). • The earliest known use of the word "cybercriminal" was in 1993 in Re: Hacker v. Cracker • The term "information security" was first recorded between 1945 and 1950. The earliest known use of the term was in 1947 in Vidette-Messenger. • Information security, also known as InfoSec, is the practice of designing and implementing protocols to protect confidential data from unauthorized access, modification, or destruction. The history of information security goes back to ancient times, including the use of methods to hide communications and the Enigma machine • The establishment of computer security inaugurated the history of information security. The need for such appeared during World War II.
WHO ARE CYBER CRIMINALS? CYBER CRIMINALS ARE INDIVIDUALS OR GROUPS WHO USE COMPUTERS AND THE INTERNET TO COMMIT CRIMES. THEY USE DIGITAL TOOLS AND SYSTEMS TO EXPLOIT WEAKNESSES IN THE SYSTEM TO STEAL PERSONAL INFORMATION, MONEY, OR SENSITIVE DATA, OR TO DISRUPT SERVICES.
TYPES OF CYBER CRIMINALS
• Organized Hackers • These criminals embody organizations of cyber criminals, hacktivists, terrorists, and state-sponsored hackers. Cybercriminals are typically teams of skilled criminals targeted on control, power, and wealth. These criminals are extremely subtle and organized, and should even give crime as a service. These attackers are usually profoundly prepared and well-funded. • Internet Stalkers • Internet stalkers are people who maliciously monitor the web activity of their victims to acquire personal data. This type of cybercrime is conducted through the use of social networking platforms and malware, that can track an individual’s PC activity with little or no detection. • The Rogue Employees • Rogue/Disgruntled employees become hackers with a particular motive and also commit cyber crimes. It is hard to believe that dissatisfied employees can become such malicious hackers. In the previous time, they had the only option of going on strike against employers. But with the advancement of technology, there is an increase in work on computers and the automation of processes, it is simple for disgruntled employees to do more damage to their employers and organizations by committing cyber crimes. The attacks by such employees bring the entire system down. Please refer to: Cyber Law (IT Law) in India. • Conclusion • Cyber criminals are diverse in their motives and methods, ranging from hackers and fraudsters to cyber spies and ransomware attackers. Each type of criminals poses unique threats to individuals, businesses, and governments by exploiting vulnerabilities in digital systems for financial gain, information theft, or other personal revenge. Understanding these types helps in developing effective cybersecurity measures to protect against their attacks. As technology continues to advance, the methods and strategies of cyber criminals evolve, making it crucial to stay informed and vigilant in the fight against cybercrime.
SOCIAL ENGINEERING • Social Engineering Attacks • Social engineering involves tricking users into providing an entry point for malware. The victim provides sensitive information or unwittingly installs malware on their device, because the attacker poses as a legitimate actor. • Here are some of the main types of social engineering attacks: • Baiting—the attacker lures a user into a social engineering trap, usually with a promise of something attractive like a free gift card. The victim provides sensitive information such as credentials to the attacker. • Pretexting—similar to baiting, the attacker pressures the target into giving up information under false pretenses. This typically involves impersonating someone with authority, for example an IRS or police officer, whose position will compel the victim to comply. • Phishing—the attacker sends emails pretending to come from a trusted source. Phishing often involves sending fraudulent emails to as many users as possible, but can also be more targeted. For example, “spear phishing” personalizes the email to target a specific user, while “whaling” takes this a step further by targeting high-value individuals such as CEOs. • Vishing (voice phishing)—the imposter uses the phone to trick the target into disclosing sensitive data or grant access to the target system. Vishing typically targets older individuals but can be employed against anyone. • Smishing (SMS phishing)—the attacker uses text messages as the means of deceiving the victim. • Piggybacking—an authorized user provides physical access to another individual who “piggybacks” off the user’s credentials. For example, an employee may grant access to someone posing as a new employee who misplaced their credential card. • Tailgating—an unauthorized individual follows an authorized user into a location, for example by quickly slipping in through a protected door after the authorized user has opened it. This technique is similar to piggybacking except that the person being tailgated is unaware that they are being used by another individual.
SUPPLY CHAIN ATTACKS ARE A NEW TYPE OF THREAT TO SOFTWARE DEVELOPERS AND VENDORS. ITS PURPOSE IS TO INFECT LEGITIMATE APPLICATIONS AND DISTRIBUTE MALWARE VIA SOURCE CODE, BUILD PROCESSES OR SOFTWARE UPDATE MECHANISMS. • Attackers are looking for non-secure network protocols, server infrastructure, and coding techniques, and use them to compromise build and update process, modify source code and hide malicious content. • Supply chain attacks are especially severe because the applications being compromised by attackers are signed and certified by trusted vendors. • In a software supply chain attack, the software vendor is not aware that its applications or updates are infected with malware. Malicious code runs with the same trust and privileges as the compromised application. • Types of supply chain attacks include: • Compromise of build tools or development pipelines • Compromise of code signing procedures or developer accounts • Malicious code sent as automated updates to hardware or firmware components • Malicious code pre-installed on physical devices
MAN-IN-THE-MIDDLE ATTACK • A Man-in-the-Middle (MitM) attack involves intercepting the communication between two endpoints, such as a user and an application. • The attacker can eavesdrop on the communication, steal sensitive data, and impersonate each party participating in the communication. • Examples of MitM attacks include: • Wi-Fi eavesdropping—an attacker sets up a Wi-Fi connection, posing as a legitimate actor, such as a business, that users may connect to. The fraudulent Wi-Fi allows the attacker to monitor the activity of connected users and intercept data such as payment card details and login credentials. • Email hijacking—an attacker spoofs the email address of a legitimate organization, such as a bank, and uses it to trick users into giving up sensitive information or transferring money to the attacker. The user follows instructions they think come from the bank but are actually from the attacker. • DNS spoofing—a Domain Name Server (DNS) is spoofed, directing a user to a malicious website posing as a legitimate site. The attacker may divert traffic from the legitimate site or steal the user’s credentials. • IP spoofing—an internet protocol (IP) address connects users to a specific website. An attacker can spoof an IP address to pose as a website and deceive users into thinking they are interacting with that website. • HTTPS spoofing—HTTPS is generally considered the more secure version of HTTP, but can also be used to trick the browser into thinking that a malicious website is safe. The attacker uses “HTTPS” in the URL to conceal the malicious nature of the website.
MAN-IN-THE-MIDDLE ATTACK • DNS spoofing—a Domain Name Server (DNS) is spoofed, directing a user to a • malicious website posing as a legitimate site. The attacker may divert traffic from the legitimate site or steal the user’s credentials. • IP spoofing—an internet protocol (IP) address connects users to a specific website. An attacker can spoof an IP address to pose as a website and deceive users into thinking they are interacting with that website. • HTTPS spoofing—HTTPS is generally considered the more secure version of HTTP, but can also be used to trick the browser into thinking that a malicious website is safe. The attacker uses “HTTPS” in the URL to conceal the malicious nature of the website.
HOW DO MAN-IN-THE-MIDDLE ATTACKS WORK? • How Do Man-in-the-Middle Attacks Work? • Man-in-the-middle attacks require the existence of a security flaw or vulnerability in an IT environment that can be hijacked and exploited by the attacker. The steps of an MITM attack are as follows: • Gaining access: The attacker gains access to a private communications channel in some form. • The methods of gaining access may include intercepting network traffic, hacking into an unsecured Wi-Fi hotspot, or exploiting vulnerabilities in web applications. • Listening in: Once MITM attackers have access, they begin the attack by exfiltrating the private messages and data that is sent back and forth within the channel. This may be done simply by eavesdropping on communications or establishing a fake website or server that intercepts users’ messages. • Exploiting: Sophisticated MITM attacks may also insert their messages into the conversation, posing as legitimate entities. For example, they might change the contents of an email or trick users into revealing their financial details. • Further attacks: The attacker may use the knowledge gained during an MITM attack to further assault the target. Employees’ login credentials, for example, can be used to enter an IT environment and cause additional damage or disruption.
A MAN-IN-THE-MIDDLE ATTACK IS A CYBERATTACK IN WHICH THE ATTACKER CAN SECRETLY INTERCEPT MESSAGES BETWEEN TWO OR MORE PARTIES WHO BELIEVE THEY ARE COMMUNICATING WITH EACH OTHER.
MAN-IN-THE-MIDDLE ATTACK EXAMPLES • Some real-life MitM attack examples that posed serious repercussions are highlighted below: • The Lenovo Superfish Adware MitM Attack (HTTPS Spoofing): One of the famous man-in-the-middle attack examples is the Lenovo adware attack, where computers from this brand were shipped with pre-installed Superfish Visual Search adware, making users the potential targets for MitM attacks (CISA, 2016). The software installed a self-signed root certificate on the user’s device, allowing the software to intercept a user’s encrypted web traffic and inject its own ads. • The DigiNotar MitM Attack (SSL Hijacking): The disastrous effects of the DigiNotar breach incident in 2011 finally prompted the company to declare bankruptcy after failing to withstand the hit. An issuer of digital certificates, DigiNotar, a Dutch company, faced a breach in July where the intruder tricked the company into issuing 500 fake digital certificates for top companies like Google, Mozilla, and Skype. The hacker claimed to have compromised four additional certificate authorities in addition to DigiNotar. He described himself as a 21-year-old Iranian student (Zetter, 2011).
MAN-IN-THE-MIDDLE ATTACK PREVENTION BEST PRACTICES • While attackers have no shortage of techniques in their MITM toolbox, their would-be targets aren’t totally helpless. Below are some best practices for man-in-the-middle prevention for individuals, organizations, and website operators: • Using VPNs and encryption: Virtual private networks (VPNs) are encrypted channels that allow users to securely connect to the Internet and exchange sensitive data. In general, using encryption to protect information both in transit and at rest is an excellent practice to thwart MITM attacks. • Avoiding public Wi-Fi hotspots: Malicious Wi-Fi hotspots are a favorite tactic of MITM attackers. Users should only connect to trusted Wi-Fi networks with up-to-date encryption protocols such as WPA3. • Using secure connections: Website visitors should verify that they are using an HTTPS secure connection (and not merely HTTP). Most browsers have a visual indication of an HTTPS connection with a padlock icon in the address bar. • Enforcing strong passwords and multi-factor authentication: Many MITM attacks occur when the attacker can breach an IT system’s defences and impersonate a legitimate user. Requiring users to have strong passwords and use multi-factor authentication (MFA) to verify their identities makes it much harder for MITM attackers to take this approach.

More Related Content

PPTX
Cyber Security in detail PPT BY HIMANXU.pptx
byhimanshuratnama
 
PPTX
Cyber Sequrity.pptx is life of cyber security
byperweeng31
 
PPTX
cyber security
byNiharikaVoleti
 
PPTX
introduction of Cyber securit
byMohammed Kassem
 
PPTX
Cyber Security in internet and computer science.pptx
bymoromoro8
 
PPTX
Module 1_ Introduction to Cyber Security.pptx
byFiroza10
 
PPTX
cyber threats introduction and cyber threats types
bynupura1726
 
PPTX
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 
Cyber Security in detail PPT BY HIMANXU.pptx
byhimanshuratnama
 
Cyber Sequrity.pptx is life of cyber security
byperweeng31
 
cyber security
byNiharikaVoleti
 
introduction of Cyber securit
byMohammed Kassem
 
Cyber Security in internet and computer science.pptx
bymoromoro8
 
Module 1_ Introduction to Cyber Security.pptx
byFiroza10
 
cyber threats introduction and cyber threats types
bynupura1726
 
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 

Similar to Cyber security.pptxelectronic systems, networks, and data from malicious

PPTX
cyber crime
bysonalpandey11
 
PPTX
Seminar
byChëëñå Båbü
 
PPTX
Cyber Security and data Security for all.pptx
byRajagopalKeshavan
 
PPTX
Presentation on Cyber Security
byBalwantBesra
 
PDF
Cyber Ethics Notes.pdf
byAnupmaMunshi
 
PPTX
cyber security presentation.pptx
bykishore golla
 
PPTX
Lec 1- Intro to cyber security and recommendations
byBilalMehmood44
 
PPTX
Cyber crimes and cyber security.pptx filetx
byusha raj
 
PPTX
What is Cyber & information security.pptx
byamnamahfooz615
 
PPT
Cyber Security
byArshad Khan
 
PPTX
Cybersecurity2021
byPrabhatChoudhary11
 
PPT
Cyber security & Importance of Cyber Security
byMohammed Adam
 
PPTX
cybercrimeandsecurityppt-140210064917-phpapp02.pptx
byRahulDhanware2
 
PPTX
Cyber security
byTonyYeung23
 
PPTX
Topic – cyber security, Introduction,future scope
bygauravnainwal2291
 
PDF
cybersecurity-180303131014.pdf
byyashgupta810747
 
PPTX
cyber crime types and presentations.pptx
byShwethaRaj13
 
PPTX
Cyber security
byTanu Basoiya
 
PPTX
Cyber Security PPT.pptx
byANIKETKUMARSHARMA3
 
PPTX
Cyber Security awareness of cyber security
byBabaBoss5
 
cyber crime
bysonalpandey11
 
Seminar
byChëëñå Båbü
 
Cyber Security and data Security for all.pptx
byRajagopalKeshavan
 
Presentation on Cyber Security
byBalwantBesra
 
Cyber Ethics Notes.pdf
byAnupmaMunshi
 
cyber security presentation.pptx
bykishore golla
 
Lec 1- Intro to cyber security and recommendations
byBilalMehmood44
 
Cyber crimes and cyber security.pptx filetx
byusha raj
 
What is Cyber & information security.pptx
byamnamahfooz615
 
Cyber Security
byArshad Khan
 
Cybersecurity2021
byPrabhatChoudhary11
 
Cyber security & Importance of Cyber Security
byMohammed Adam
 
cybercrimeandsecurityppt-140210064917-phpapp02.pptx
byRahulDhanware2
 
Cyber security
byTonyYeung23
 
Topic – cyber security, Introduction,future scope
bygauravnainwal2291
 
cybersecurity-180303131014.pdf
byyashgupta810747
 
cyber crime types and presentations.pptx
byShwethaRaj13
 
Cyber security
byTanu Basoiya
 
Cyber Security PPT.pptx
byANIKETKUMARSHARMA3
 
Cyber Security awareness of cyber security
byBabaBoss5
 

Recently uploaded

PDF
Certified Cloud Security Professional (CCSP)
byVICTOR MAESTRE RAMIREZ
 
PDF
DevSecOps - November + MCP Workshop @ Google
byLuiz Carneiro
 
PDF
Praesentation Australian-Network-Mediachannel.pdf
byAustralian-Network-Mediachannel
 
PDF
asyad-shipping-esg-report0f7b3d1ec3f44f7c8cbea33ef21f4690.pdf
byJaszsingh
 
PPTX
Mastering Asynchronous Communication with Queues.pptx
byAdalberto Toledo
 
DOCX
General Introduction to resistivety log in well loging
byakbsuhdjuehbd
 
PPTX
network and communication on focus ppt .
bySakshiMarakana
 
PPTX
Class 1 of Module 2 - Strings in Python Syllabus, VIT
byVijayanthVijay
 
PDF
JWT_Authentication_MERN_Stack_Assignment.pdf
byJaydeep Kale
 
PDF
Rapidly Varied Flow and culvert hydraulics
byGetacher Teshome
 
PDF
Certified Cloud Security Professional (CCSP): Unit 5
byVICTOR MAESTRE RAMIREZ
 
PDF
6.IPE431_KINEMATIC STRUCTURE2133e324.pdf
bygixaj71508
 
DOCX
Forensic Engineering Project Tacoma Narrows Bridge
byhaskellljones
 
PDF
Integrating_AI_in_React_Applications_Using_OpenAI_Gemini_and_Hugging_Face_Tec...
byJaydeep Kale
 
DOCX
Summer training report on plc and scada.docx
byharshgahlyan3108
 
PDF
Test Blueprint for National Exit Examination.pdf
byshumibiru238
 
PDF
OpenInfra Europe 2025: OVN traffic flow & Troubleshooting
byVadim Ponomarev
 
PDF
A Pocket Guide to Steering Gear System on Ships
byMahmoud Moghtaderi
 
PDF
UK P&I Club Good Practice Posters Series
byMahmoud Moghtaderi
 
PPTX
Presentation¹11111111111111111111111.pptx
byluvdarven
 
Certified Cloud Security Professional (CCSP)
byVICTOR MAESTRE RAMIREZ
 
DevSecOps - November + MCP Workshop @ Google
byLuiz Carneiro
 
Praesentation Australian-Network-Mediachannel.pdf
byAustralian-Network-Mediachannel
 
asyad-shipping-esg-report0f7b3d1ec3f44f7c8cbea33ef21f4690.pdf
byJaszsingh
 
Mastering Asynchronous Communication with Queues.pptx
byAdalberto Toledo
 
General Introduction to resistivety log in well loging
byakbsuhdjuehbd
 
network and communication on focus ppt .
bySakshiMarakana
 
Class 1 of Module 2 - Strings in Python Syllabus, VIT
byVijayanthVijay
 
JWT_Authentication_MERN_Stack_Assignment.pdf
byJaydeep Kale
 
Rapidly Varied Flow and culvert hydraulics
byGetacher Teshome
 
Certified Cloud Security Professional (CCSP): Unit 5
byVICTOR MAESTRE RAMIREZ
 
6.IPE431_KINEMATIC STRUCTURE2133e324.pdf
bygixaj71508
 
Forensic Engineering Project Tacoma Narrows Bridge
byhaskellljones
 
Integrating_AI_in_React_Applications_Using_OpenAI_Gemini_and_Hugging_Face_Tec...
byJaydeep Kale
 
Summer training report on plc and scada.docx
byharshgahlyan3108
 
Test Blueprint for National Exit Examination.pdf
byshumibiru238
 
OpenInfra Europe 2025: OVN traffic flow & Troubleshooting
byVadim Ponomarev
 
A Pocket Guide to Steering Gear System on Ships
byMahmoud Moghtaderi
 
UK P&I Club Good Practice Posters Series
byMahmoud Moghtaderi
 
Presentation¹11111111111111111111111.pptx
byluvdarven
 

Cyber security.pptxelectronic systems, networks, and data from malicious

  • 1.
    CYBER SECURITY Topics • Introductionto cyber Security • What is cyber Security ? • The objective of cyber security . • CIA • Cyber Security Threats • Types of Cyber Security Threats • Need of Cyber Security B.N.Tiwari B.Tech,M.Tech ,PHD(pursuing) https://www.youtube.com/@b.n.tiwari2337
  • 2.
    • Cyber securityrefers to any technologies, practices and policies for preventing cyber attacks or mitigating their impact. • Cyber security aims to protect computer systems, applications, devices, data, financial assets and people against ransomware and other malware, phishing scams, data theft and other cyber threats. • Cybersecurity is important because it: • Protects against unauthorized access to data and networks. • Improves recovery time after a breach. • Ensures regulatory compliance, and supports business continuity. “Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks.” CYBER SECURITY
  • 3.
    CYBER SECURITY refers • Cybersecurity 1-technologies 2-pratices preventing cyber attack 3-Policies aims to protect Computer system, Application devices Data Financial assets Other malware Phishing attack Data theft Other cyber threats
  • 4.
    WHAT IS CYBERSECURITY?
  • 5.
    MAIN OBJECTIVE OFCYBER SECURITY The main objective of cyber security is to protect devices and services from theft or damage, and to prevent unauthorized access to personal information. Cyber security objectives include: Protecting confidentiality, integrity, and availability: • Cyber security aims to protect the confidentiality, integrity, and availability of information and systems. • Preventing unauthorized access: Cyber security aims to prevent unauthorized access to devices, networks, and computer hardware. • Mitigating risks: Cyber security aims to mitigate risks and respond to incidents. • Ensuring compliance: Cyber security aims to ensure compliance with relevant standards. • Protecting critical infrastructure: Cyber security aims to protect critical infrastructure. • Fostering a secure culture: Cyber security aims to foster a secure culture. Cyber security is important because it protects all types of data, including sensitive data, protected health information, personally identifiable information, and intellectual property.
  • 6.
  • 7.
    THE CIA TRIADIS A MODEL IN CYBERSECURITY THAT STANDS FOR CONFIDENTIALITY, INTEGRITY, AND AVAILABILITY. IT'S A FRAMEWORK THAT HELPS ORGANIZATIONS SECURE THEIR INFORMATION AND SYSTEMS BY FOCUSING ON THESE THREE KEY PRINCIPLES:
  • 8.
    WHAT ARE CYBERSECURITYTHREATS? CYBER THREATS ARE ACTS PERFORMED BY INDIVIDUALS WITH HARMFUL INTENT, WHOSE GOAL IS TO STEAL DATA, CAUSE DAMAGE TO OR DISRUPT COMPUTING SYSTEMS. COMMON CATEGORIES OF CYBER THREATS INCLUDE MALWARE, SOCIAL ENGINEERING, MAN IN THE MIDDLE (MITM) ATTACKS, DENIAL OF SERVICE (DOS), AND INJECTION ATTACKS • Common Sources of Cyber Threats • Here are several common sources of cyber threats against organizations: • Nation states—hostile countries can launch cyber attacks against local companies and institutions, aiming to interfere with communications, cause disorder, and inflict damage. • Terrorist organizations—terrorists conduct cyber attacks aimed at destroying or abusing critical infrastructure, threaten national security, disrupt economies, and cause bodily harm to citizens. • Criminal groups—organized groups of hackers aim to break into computing systems for economic benefit. These groups use phishing, spam, spyware and malware for extortion, theft of private information, and online scams. • Hackers—individual hackers target organizations using a variety of attack techniques. They are usually motivated by personal gain, revenge, financial gain, or political activity. Hackers often develop new threats, to advance their criminal ability and improve their personal standing in the hacker community. • Malicious insiders—an employee who has legitimate access to company assets, and abuses their privileges to steal information or damage computing systems for economic or personal gain. Insiders may be employees, contractors, suppliers, or partners of the target organization. They can also be outsiders who have compromised a privileged account and are impersonating its owner.
  • 9.
    TYPES OF CYBERSECURITYTHREATS •Malware Attacks • Malware is an abbreviation of “malicious software”, which includes viruses, worms, trojans, spyware, and ransomware, and is the most common type of cyberattack :- • Malware infiltrates a system, usually via a link on an untrusted website or email or an unwanted software download. It deploys on the target system, collects sensitive data, manipulates and blocks access to network components, and may destroy data or shut down the system altogether. Here are some of the main types of malware attacks: • Viruses—a piece of code injects itself into an application. When the application runs, the malicious code executes. • Worms—malware that exploits software vulnerabilities and backdoors to gain access to an operating system. Once installed in the network, the worm can carry out attacks such as distributed denial of service (DDoS). • Trojans—malicious code or software that poses as an innocent program, hiding in apps, games or email attachments. An unsuspecting user downloads the trojan, allowing it to gain control of their device. • Ransomware—a user or organization is denied access to their own systems or data via encryption. The attacker typically demands a ransom be paid in exchange for a decryption key to restore access, but there is no guarantee that paying the ransom will actually restore full access or functionality. • Crypto jacking—attackers deploy software on a victim’s device, and begin using their computing resources to generate cryptocurrency, without their knowledge. Affected systems can become slow and crypto jacking kits can affect system stability.
  • 10.
    TYPES OF CYBERSECURITYTHREATS • Spyware—a malicious actor gains access to an unsuspecting user’s data, including sensitive information such as passwords and payment details. Spyware can affect desktop browsers, mobile phones and desktop applications. • Adware—a user’s browsing activity is tracked to determine behaviour patterns and interests, allowing advertisers to send the user targeted advertising. Adware is related to spyware but does not involve installing software on the user’s device and is not necessarily used for malicious purposes, but it can be used without the user’s consent and compromise their privacy. • Fileless malware—no software is installed on the operating system. Native files like WMI and PowerShell are edited to enable malicious functions. This stealthy form of attack is difficult to detect (antivirus can’t identify it), because the compromised files are recognized as legitimate. • Rootkits—software is injected into applications, firmware, operating system kernels or hypervisors, providing remote administrative access to a computer. The attacker can start the operating system within a compromised environment, gain complete control of the computer and deliver additional malware.
  • 11.
  • 12.
    CYBER CRIME • Cybercrimeis a broad term that describes criminal activity that involves the use of computers, • networks, or other digital devices. • Cybercrime can be committed in a number of ways, including: • Cyber-dependent crimes • These crimes can only be committed using information and communications technology (ICT) devices. For • example, developing and spreading malware for financial gain, or hacking to steal or damage data. • Cyber-enabled crimes • These are traditional crimes that can be increased in scale or reach by using computers or other ICT. For example, cyber-enabled fraud or data theft. • Identity theft • Fraudulently using another person's electronic signature, password, or other unique identification feature. • Ransomware • Malicious code that locks up computer files, with cybercriminals demanding a ransom to release them. • Distributed Denial of Service (DDoS) attacks • Programmed to overwhelm a network or website with traffic, causing it to slow down or crash. • Cybercrime can have a profound impact on individuals and companies, causing financial damage, loss of trust, and reputational damage
  • 13.
    WHAT IS THEDEFINITION AND ORIGIN OF A CYBERCRIME? • Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device. • Most cybercrime is committed by cybercriminals or hackers who want to make money. • cybercrime aims to damage computers or networks for reasons other than profit. • The word cybercrime is a combination of the words "cyber" and "crime". The word "cyber" comes from the Greek word kubernētēs, which means "steersman". The term was first used in the field of cybernetics in 1948 by Wiener, which focused on the communication and control between machines and animals. • The word "cybercrime" was first used in the 1990s, as evidenced by the Oxford English Dictionary (OED). • The earliest known use of the word "cybercriminal" was in 1993 in Re: Hacker v. Cracker • The term "information security" was first recorded between 1945 and 1950. The earliest known use of the term was in 1947 in Vidette-Messenger. • Information security, also known as InfoSec, is the practice of designing and implementing protocols to protect confidential data from unauthorized access, modification, or destruction. The history of information security goes back to ancient times, including the use of methods to hide communications and the Enigma machine • The establishment of computer security inaugurated the history of information security. The need for such appeared during World War II.
  • 14.
    WHO ARE CYBERCRIMINALS? CYBER CRIMINALS ARE INDIVIDUALS OR GROUPS WHO USE COMPUTERS AND THE INTERNET TO COMMIT CRIMES. THEY USE DIGITAL TOOLS AND SYSTEMS TO EXPLOIT WEAKNESSES IN THE SYSTEM TO STEAL PERSONAL INFORMATION, MONEY, OR SENSITIVE DATA, OR TO DISRUPT SERVICES.
  • 15.
    TYPES OF CYBERCRIMINALS
  • 17.
    • Organized Hackers •These criminals embody organizations of cyber criminals, hacktivists, terrorists, and state-sponsored hackers. Cybercriminals are typically teams of skilled criminals targeted on control, power, and wealth. These criminals are extremely subtle and organized, and should even give crime as a service. These attackers are usually profoundly prepared and well-funded. • Internet Stalkers • Internet stalkers are people who maliciously monitor the web activity of their victims to acquire personal data. This type of cybercrime is conducted through the use of social networking platforms and malware, that can track an individual’s PC activity with little or no detection. • The Rogue Employees • Rogue/Disgruntled employees become hackers with a particular motive and also commit cyber crimes. It is hard to believe that dissatisfied employees can become such malicious hackers. In the previous time, they had the only option of going on strike against employers. But with the advancement of technology, there is an increase in work on computers and the automation of processes, it is simple for disgruntled employees to do more damage to their employers and organizations by committing cyber crimes. The attacks by such employees bring the entire system down. Please refer to: Cyber Law (IT Law) in India. • Conclusion • Cyber criminals are diverse in their motives and methods, ranging from hackers and fraudsters to cyber spies and ransomware attackers. Each type of criminals poses unique threats to individuals, businesses, and governments by exploiting vulnerabilities in digital systems for financial gain, information theft, or other personal revenge. Understanding these types helps in developing effective cybersecurity measures to protect against their attacks. As technology continues to advance, the methods and strategies of cyber criminals evolve, making it crucial to stay informed and vigilant in the fight against cybercrime.
  • 18.
    SOCIAL ENGINEERING • SocialEngineering Attacks • Social engineering involves tricking users into providing an entry point for malware. The victim provides sensitive information or unwittingly installs malware on their device, because the attacker poses as a legitimate actor. • Here are some of the main types of social engineering attacks: • Baiting—the attacker lures a user into a social engineering trap, usually with a promise of something attractive like a free gift card. The victim provides sensitive information such as credentials to the attacker. • Pretexting—similar to baiting, the attacker pressures the target into giving up information under false pretenses. This typically involves impersonating someone with authority, for example an IRS or police officer, whose position will compel the victim to comply. • Phishing—the attacker sends emails pretending to come from a trusted source. Phishing often involves sending fraudulent emails to as many users as possible, but can also be more targeted. For example, “spear phishing” personalizes the email to target a specific user, while “whaling” takes this a step further by targeting high-value individuals such as CEOs. • Vishing (voice phishing)—the imposter uses the phone to trick the target into disclosing sensitive data or grant access to the target system. Vishing typically targets older individuals but can be employed against anyone. • Smishing (SMS phishing)—the attacker uses text messages as the means of deceiving the victim. • Piggybacking—an authorized user provides physical access to another individual who “piggybacks” off the user’s credentials. For example, an employee may grant access to someone posing as a new employee who misplaced their credential card. • Tailgating—an unauthorized individual follows an authorized user into a location, for example by quickly slipping in through a protected door after the authorized user has opened it. This technique is similar to piggybacking except that the person being tailgated is unaware that they are being used by another individual.
  • 19.
    SUPPLY CHAIN ATTACKSARE A NEW TYPE OF THREAT TO SOFTWARE DEVELOPERS AND VENDORS. ITS PURPOSE IS TO INFECT LEGITIMATE APPLICATIONS AND DISTRIBUTE MALWARE VIA SOURCE CODE, BUILD PROCESSES OR SOFTWARE UPDATE MECHANISMS. • Attackers are looking for non-secure network protocols, server infrastructure, and coding techniques, and use them to compromise build and update process, modify source code and hide malicious content. • Supply chain attacks are especially severe because the applications being compromised by attackers are signed and certified by trusted vendors. • In a software supply chain attack, the software vendor is not aware that its applications or updates are infected with malware. Malicious code runs with the same trust and privileges as the compromised application. • Types of supply chain attacks include: • Compromise of build tools or development pipelines • Compromise of code signing procedures or developer accounts • Malicious code sent as automated updates to hardware or firmware components • Malicious code pre-installed on physical devices
  • 20.
    MAN-IN-THE-MIDDLE ATTACK • AMan-in-the-Middle (MitM) attack involves intercepting the communication between two endpoints, such as a user and an application. • The attacker can eavesdrop on the communication, steal sensitive data, and impersonate each party participating in the communication. • Examples of MitM attacks include: • Wi-Fi eavesdropping—an attacker sets up a Wi-Fi connection, posing as a legitimate actor, such as a business, that users may connect to. The fraudulent Wi-Fi allows the attacker to monitor the activity of connected users and intercept data such as payment card details and login credentials. • Email hijacking—an attacker spoofs the email address of a legitimate organization, such as a bank, and uses it to trick users into giving up sensitive information or transferring money to the attacker. The user follows instructions they think come from the bank but are actually from the attacker. • DNS spoofing—a Domain Name Server (DNS) is spoofed, directing a user to a malicious website posing as a legitimate site. The attacker may divert traffic from the legitimate site or steal the user’s credentials. • IP spoofing—an internet protocol (IP) address connects users to a specific website. An attacker can spoof an IP address to pose as a website and deceive users into thinking they are interacting with that website. • HTTPS spoofing—HTTPS is generally considered the more secure version of HTTP, but can also be used to trick the browser into thinking that a malicious website is safe. The attacker uses “HTTPS” in the URL to conceal the malicious nature of the website.
  • 21.
    MAN-IN-THE-MIDDLE ATTACK • DNSspoofing—a Domain Name Server (DNS) is spoofed, directing a user to a • malicious website posing as a legitimate site. The attacker may divert traffic from the legitimate site or steal the user’s credentials. • IP spoofing—an internet protocol (IP) address connects users to a specific website. An attacker can spoof an IP address to pose as a website and deceive users into thinking they are interacting with that website. • HTTPS spoofing—HTTPS is generally considered the more secure version of HTTP, but can also be used to trick the browser into thinking that a malicious website is safe. The attacker uses “HTTPS” in the URL to conceal the malicious nature of the website.
  • 22.
    HOW DO MAN-IN-THE-MIDDLEATTACKS WORK? • How Do Man-in-the-Middle Attacks Work? • Man-in-the-middle attacks require the existence of a security flaw or vulnerability in an IT environment that can be hijacked and exploited by the attacker. The steps of an MITM attack are as follows: • Gaining access: The attacker gains access to a private communications channel in some form. • The methods of gaining access may include intercepting network traffic, hacking into an unsecured Wi-Fi hotspot, or exploiting vulnerabilities in web applications. • Listening in: Once MITM attackers have access, they begin the attack by exfiltrating the private messages and data that is sent back and forth within the channel. This may be done simply by eavesdropping on communications or establishing a fake website or server that intercepts users’ messages. • Exploiting: Sophisticated MITM attacks may also insert their messages into the conversation, posing as legitimate entities. For example, they might change the contents of an email or trick users into revealing their financial details. • Further attacks: The attacker may use the knowledge gained during an MITM attack to further assault the target. Employees’ login credentials, for example, can be used to enter an IT environment and cause additional damage or disruption.
  • 23.
    A MAN-IN-THE-MIDDLE ATTACKIS A CYBERATTACK IN WHICH THE ATTACKER CAN SECRETLY INTERCEPT MESSAGES BETWEEN TWO OR MORE PARTIES WHO BELIEVE THEY ARE COMMUNICATING WITH EACH OTHER.
  • 24.
    MAN-IN-THE-MIDDLE ATTACK EXAMPLES •Some real-life MitM attack examples that posed serious repercussions are highlighted below: • The Lenovo Superfish Adware MitM Attack (HTTPS Spoofing): One of the famous man-in-the-middle attack examples is the Lenovo adware attack, where computers from this brand were shipped with pre-installed Superfish Visual Search adware, making users the potential targets for MitM attacks (CISA, 2016). The software installed a self-signed root certificate on the user’s device, allowing the software to intercept a user’s encrypted web traffic and inject its own ads. • The DigiNotar MitM Attack (SSL Hijacking): The disastrous effects of the DigiNotar breach incident in 2011 finally prompted the company to declare bankruptcy after failing to withstand the hit. An issuer of digital certificates, DigiNotar, a Dutch company, faced a breach in July where the intruder tricked the company into issuing 500 fake digital certificates for top companies like Google, Mozilla, and Skype. The hacker claimed to have compromised four additional certificate authorities in addition to DigiNotar. He described himself as a 21-year-old Iranian student (Zetter, 2011).
  • 25.
    MAN-IN-THE-MIDDLE ATTACK PREVENTIONBEST PRACTICES • While attackers have no shortage of techniques in their MITM toolbox, their would-be targets aren’t totally helpless. Below are some best practices for man-in-the-middle prevention for individuals, organizations, and website operators: • Using VPNs and encryption: Virtual private networks (VPNs) are encrypted channels that allow users to securely connect to the Internet and exchange sensitive data. In general, using encryption to protect information both in transit and at rest is an excellent practice to thwart MITM attacks. • Avoiding public Wi-Fi hotspots: Malicious Wi-Fi hotspots are a favorite tactic of MITM attackers. Users should only connect to trusted Wi-Fi networks with up-to-date encryption protocols such as WPA3. • Using secure connections: Website visitors should verify that they are using an HTTPS secure connection (and not merely HTTP). Most browsers have a visual indication of an HTTPS connection with a padlock icon in the address bar. • Enforcing strong passwords and multi-factor authentication: Many MITM attacks occur when the attacker can breach an IT system’s defences and impersonate a legitimate user. Requiring users to have strong passwords and use multi-factor authentication (MFA) to verify their identities makes it much harder for MITM attackers to take this approach.