Professional Documents
Culture Documents
CSF Unit 1
CSF Unit 1
CSF Unit 1
Cyber crime is taken very seriously by law enforcement. In the early long periods of
the cyber security world, the standard cyber criminals were teenagers or hobbyists in
operation from a home laptop, with attacks principally restricted to pranks and malicious
mischief. Today, the planet of the cyber criminals has become a lot of dangerous. Attackers
are individuals or teams who attempt to exploit vulnerabilities for personal or financial gain.
1. Hackers: The term hacker may refer to anyone with technical skills, however, it typically
refers to an individual who uses his or her skills to achieve unauthorized access to systems or
networks so as to commit crimes. The intent of the burglary determines the classification of
those attackers as white, grey, or black hats. White hat attackers burgled networks or PC
systems to get weaknesses so as to boost the protection of those systems. The owners of the
system offer permission to perform the burglary, and they receive the results of the take a
look at. On the opposite hand, black hat attackers make the most of any vulnerability for
embezzled personal, monetary or political gain. Grey hat attackers are somewhere between
white and black hat attackers. Grey hat attackers could notice a vulnerability and report it to
the owners of the system if that action coincides with their agenda.
(a). White Hat Hackers – These hackers utilize their programming aptitudes for a
good and lawful reason. These hackers may perform network penetration tests in an
attempt to compromise networks to discover network vulnerabilities. Security
vulnerabilities are then reported to developers to fix them.
(b). Gray Hat Hackers – These hackers carry out violations and do seemingly
deceptive things however not for individual addition or to cause harm. These hackers
may disclose a vulnerability to the affected organization after having compromised
their network.
(c). Black Hat Hackers – These hackers are unethical criminals who violate network
security for personal gain. They misuse vulnerabilities to bargain PC frameworks.
2. Organized Hackers: These criminals embody organizations of cyber criminals,
hacktivists, terrorists, and state-sponsored hackers. Cyber criminals are typically teams of
skilled criminals targeted on control, power, and wealth. These criminals are extremely subtle
and organized, and should even give crime as a service. These attackers are usually
profoundly prepared and well-funded.
Cyber Stalking:
Cyber stalking refers to the use of the internet and other technologies to harass or stalk
another person online, and is potentially a crime in the United States. This online harassment,
which is an extension of cyberbullying and in-person stalking, can take the form of e-mails,
text messages, social media posts, and more and is often methodical, deliberate, and
persistent.
Most of the time, the interactions do not end even if the recipient expresses their displeasure
or asks the person to stop. The content directed at the target is often inappropriate and
sometimes even disturbing, which can leave the person feeling fearful, distressed, anxious,
and worried.
Examples of Cyber Stalking:
Follow the target online by joining the same groups and forums
Tag the target in posts excessively, even if they have nothing to do with them
Hack into the target's camera on their laptop or smart phone as a way to secretly
record them.
When it comes to preventing cyber stalking, it's important that you take the necessary
precautions to protect yourself online. Although it's not possible to completely prevent cyber
stalking from occurring, there are steps you can take to increase your security and reduce the
likelihood of it happening.
A botnet attack is a large-scale cyber attack carried out by malware-infected devices which
are controlled remotely. It turns compromised devices into ‘zombie bots’ for a botnet
controller. Unlike other malware that replicates itself within a single machine or system,
botnets pose a greater threat because they let a threat actor perform a large number of actions
at the same time. Botnet attacks are akin to having a threat actor working within the network,
as opposed to a piece of self-replicating malware.
They are becoming more sophisticated than other malware attack types since they can be
scaled up or changed on the fly to inflict even more damage. Malware delivered via botnet
often includes network communication features that allow attackers to use the botnet to route
communications with other threat actors through the vast network of compromised machines.
A botnet is a number of internet connected devices, each of which runs one or more
bots.
Botnets can be used to perform DDos attacks.
A botnet is a network of computers infected by malware that under the control of a
single attacking party is known as the bot header.
Each individual machine under the control of the bot header is known as bot.
From one central point the attacking party can command every computer on its botnet
to simultaneously carryout a coordinated criminal action.
Botnet actions:
1.E-mail spam
2.DDos attacks
3.Financial breach
Attack Vector:
Compromised Credentials
Weak and compromised credentials are the most-used attack vector as people continue to use
weak passwords to protect their online accounts and profiles. Compromised credentials occur
when information like usernames or passwords are exposed to a third party such as mobile
apps and websites. This is frequently caused by victims of a phishing attempt revealing their
login details to an attacker by entering them on a spoofed website. Lost and stolen credentials
enable an intruder to access user accounts and corporate systems without detection, then
escalate their access level within a network.
Malware
Malware is a term that describes various strands of malicious software, which include
ransomware, spyware, Trojans, and viruses. Cyber criminals use malware as a threat vector to
help them gain access to corporate networks and devices, then steal data or damage systems.
Phishing
Phishing is an email, Short Message Service (SMS), or telephone-based attack vector that
sees the attacker pose as a trusted sender to dupe the target into giving up sensitive data, such
as login credentials or banking details.
Social Engineering
Social engineering attacks are when bad actors send fake emails (phishing attacks) or text
messages (smishing attacks) to your employees in an effort to trick them into handing over
private information like their passwords or downloading malware onto their devices.
Data Leakage via Malicious Apps
As Dave Jevans, CEO and CTO of Marble Security, explains, “Enterprises face a far greater
threat from the millions of generally available apps on their employees’ devices than from
mobile malware.”
Public WiFi networks are generally less secure than private networks because there’s no way
to know who set the network up, how (or if) it’s secured with encryption, or who is currently
accessing it or monitoring it. And as more companies offer remote work options, the public
WiFi networks your employees use to access your servers (e.g., from coffee shops or cafes)
could present a risk to your organization.
End-to-End Encryption Gaps
An encryption gap is like a water pipe with a hole in it. While the point where the water
enters (your users’ mobile devices) and the point where the water exits the pipe (your
systems) might be secure, the hole in the middle lets bad actors access the water flow in
between.
Internet of Things (IoT) Devices
The types of mobile devices that access your organization’s systems are branching out from
mobile phones and tablets to include wearable tech (like the Apple Watch) and physical
devices (like Google Home or Alexa). And since many of the latest IoT mobile devices have
IP addresses, it means bad actors can use them to gain access to your organizations’ network
over the internet if those devices are connected to your systems.
Spyware
Spyware is used to survey or collect data and is most commonly installed on a mobile device
when users click on a malicious advertisement (“malvertisement”) or through scams that trick
users into downloading it unintentionally.
A 2020 study by Balbix found that 99% of the people surveyed reused their passwords
between work accounts or between work and personal accounts. Unfortunately, the
passwords that employees are reusing are often weak as well.
Lost or Stolen Mobile Devices
Lost and stolen devices aren’t a new threat for organizations. But with more people working
remotely in public places like cafes or coffee shops and accessing your systems with a wider
range of devices, lost and stolen devices pose a growing risk to your organization.