UNIT-3

Cyber Security
 Introduction

■ W e c a n d iv id e c y b e rs e c u rity in to tw o p a rts o n e is c y b e r, a n d
th e o th e r is se c u rity .
■ C y b e r  te c h n o lo g y th a t in c lu d e s sy ste m s, n e tw o rk s ,
p ro g ra m s , a n d d a ta .
■ S e c u rity  c o n c e rn e d w ith th e p ro te c tio n o f s y s te m s ,
n e tw o rk s, a p p lic a tio n s , a n d in fo rm a tio n .
■ It is a ls o c a lle d Electronic Information Security o r Information
Technology Security.
Motivation
 Applications of Cyber Security

■ N e tw o rk S e c u rity S u rv e illa n c e
■ Id e n tific a tio n A n d A c c e s s C o n tro l (IA M )
■ S o ftw a re S e c u rity
■ R is k M a n a g e m e n t
■ S e c u rity D u rin g S o ftw a re D e v e lo p m e n t
■ S e c u rity A g a in st D is trib u te d D e n ia l fo r S e rv ic e (D D o S )
Challenges
 Cyber Threat

• A n y m a lic io u s a c t th a t a tte m p ts to g a in acc ess to a

c o m p u te r n e tw o rk w ith o u t a u th o riz a tio n o r p e rm is s io n fro m
th e o w n e rs.

• It re fe rs to th e w id e ra n g e o f m a lic io u s a c tiv itie s th a t c a n

d a m a g e o r d isru p t a c o m p u te r s y s te m , a n e tw o rk o r th e
in fo rm a tio n it c o n ta in .

• Most common cyber threats:

• S o c ial E n g in e e re d T ro ja ns .
• U n p a tc h e d S o ftw are .
• P h is hing .
• N e tw o rk w o rm s.
 Sources of Cyber Threats

C y b e r th re a ts c a n c o m e fro m a w id e v a rie ty o f so u rc e s , s o m e
n o ta b le e x a m p le s in c lu d e :
• N a tio n a l g o v e rn m e n ts.
• T e rro ris ts.
• In d u s tria l s e c re t a g e n ts .
• R o g u e e m p lo y e e s .
• H a c k e rs .
• B u sin e s s c o m p e tito rs.
• O rg a n iz a tio n in s id e rs .
 Cyber Threat Classifications

• T h re a ts c a n b e c la s s ifie d b y m u ltip le c rite ria :

• A tta c k e r's R e s o u rc e s
• A tta c k e r's O rg a n iz a tio n
• A tta c k e r's F u n d in g
• O n b a sis o f th e s e c rite ria , th re a ts a re o f th re e ty p e s :
• U n s tru c tu re d T h re a ts
• S tru c tu re d T h re a ts
• H ig h ly S tru c tu re d th re a ts
 Unstructured Cyber Threats

• Resources: In d iv id u a l o r sm a ll g ro u p .
• Organization: L ittle o r n o o rg a n iz a tio n .
• Funding: N e g lig ib le .
• Attack: E a sy to d e te c t a n d m a k e u se o f fre e ly a v a ila b le
c y b e ra tta c k to o l.
• E x p lo ita tio n b a se d o n d o c u m e n te d v u ln e ra b ilitie s.
 Structured Cyber Threats

• Resources: W e ll tra in e d in d iv id u a l o r g ro u p .
• Organization: W e ll p la n n e d .
• Funding: A v a ila b le .
• Attack: A g a in st p a rtic u la r in d iv id u a l o r o rg a n iza tio n s.
• E x p lo ita tio n b a se d o n in fo rm a tio n G a th e rin g .
 Highly Structured Cyber Threats

• E x te n s iv e o rg a n iz a tio n , re s o u rc e s a n d p la n n in g o v e r tim e .
• A tta c k : L o n g te rm a tta c k o n p a rtic u la r m a c h in e o r d a ta .
• E x p lo ita tio n w ith m u ltip le m e th o d s :-
T e c h n ic a l, s o c ia l a n d in sid e r h e lp .
 Malware

■ S h o rt fo r m a lic io u s s o ftw a re .
■ It is s o ftw a re u se d o r c re a te d to d is ru p t c o m p u te r o p e ra tio n ,
g a th e r se n s itiv e in fo rm a tio n , o r g a in a c c e ss to p riv a te
c o m p u te r s y ste m s .
■ It c a n a p p e a r in th e fo rm o f c o d e , sc rip ts, a c tiv e c o n te n t, a n d
o th e r s o ftw a re .
■ 'M a lw a re ' is a g e n e ra l te rm u s e d to re fe r to a va rie ty o f fo rm s
o f h o stile , in tru siv e , o r a n n o y in g so ftw a re
 How Malware Spreads?

M a lw a re is a p ro g ra m th a t m u s t b e trig g e re d o r s o m e h o w
e x e c u te d b e fo re it c a n in fe c t y o u r c o m p u te r sy ste m a n d s p re a d
to o th e rs .
H e re a re s o m e e x a m p le s o n h o w m a lw a re is d is trib u te d :
a) S o c ia l n e tw o rk
b) P ira te d s o ftw a re
c) R e m o v a b le m e d ia
d) E m a ils
e) W e b s ite s
 Types of Malware

■ V irus e s
■ Tro ja n ho rse s
■ W o rm s
■ S p y w a re
■ Zo m b ie
■ P h is hin g
■ S pam
■ A d w a re
■ R a n so m w a re
 Viruses

A program or piece of code that is loaded onto your computer without your knowledge
and runs against your wishes.
■ Viruses can also replicate themselves.
■ All computer viruses are manmade.
■ Viruses copy themselves to other disks to spread to other computers.
■ They can be merely annoying or they can be vastly destructive to your files
 Examples Of Computer Viruses

■ Macro virus
■ Boot virus
■ Logic Bomb virus
■ Directory virus
■ Resident virus
 Trojan Horses

■ A T ro ja n H o rs e p ro g ra m h a s th e a p p e a ra n c e o f h a v in g a
u s e fu l a n d d e sire d fu n c tio n .
■ A T ro ja n H o rs e n e ith e r re p lic a te s n o r c o p ie s itse lf, b u t c a u se s
d a m a g e o r c o m p ro m is e s th e s e c u rity o f th e c o m p u te r.
■ A T ro ja n H o rse m u s t b e s e n t b y s o m e o n e o r c a rrie d b y
a n o th e r p ro g ra m a n d m a y a rriv e in th e fo rm o f a jo k e p ro g ra m
o r s o ftw a re o f s o m e s o rt.
■ T h e s e a re o fte n u s e d to c a p tu re y o u r lo g in s a n d p a ss w o rd s
Trojan Horses
 Example of Trojan Horses

■ R e m o te a c c e ss T ro ja n s (R A T s )
■ B a c k d o o r T ro ja n s (b a c k d o o rs )
■ IR C T ro ja n s (IR C b o ts )
■ K e y lo g g in g T ro ja n s
 Worms

■ A c o m p u te r w o rm is a s e lf-re p lic a tin g c o m p u te r p ro g ra m .

■ It u se s a n e tw o rk to s e n d c o p ie s o f itse lf to o th e r n o d e s
(c o m p u te rs o n th e n e tw o rk ) a n d it m a y d o s o w ith o u t a n y u s e r
in te rv e n tio n .
■ It d o e s n o t n e e d to a tta c h itse lf to a n e x istin g p ro g ra m .
 Spyware

■ S p y w a re is a ty p e o f m a lw a re in s ta lle d o n c o m p u te rs th a t
c o lle c ts in fo rm a tio n a b o u t u s e rs w ith o u t th e ir k n o w le d g e .
■ T h e p re se n c e o f s p y w a re is ty p ic a lly h id d e n fro m th e u se r
a n d c a n b e d iffic u lt to d e te c t.
■ S p y w a re p ro g ra m s lu rk o n y o u r c o m p u te r to ste a l im p o rta n t
in fo rm a tio n , lik e y o u r p a s sw o rd s a n d lo g in s a n d o th e r
p e rs o n a l id e n tific a tio n in fo rm a tio n a n d th e n s e n d it o ff to
s o m e o n e e ls e
 Zombie

■ Z o m b ie p ro g ra m s ta k e c o n tro l o f y o u r c o m p u te r a n d u se it
a n d its In te rn e t c o n n e c tio n to a tta c k o th e r c o m p u te rs o r
n e tw o rk s o r to p e rfo rm o th e r c rim in a l a c tiv itie s.
 Phishing

■ P h is h in g (p ro n o u n c e d lik e th e w o rd 'fis h in g ') is a m e s sa g e

th a t trie s to tric k y o u in to p ro v id in g in fo rm a tio n lik e y o u r so c ia l
s e c u rity n u m b e r o r b a n k a c c o u n t in fo rm a tio n o r lo g o n a n d
p a s s w o rd fo r a w e b s ite .
■ T h e m e s sa g e m a y c la im th a t if y o u d o n o t c lic k o n th e lin k in
th e m e s s a g e a n d lo g o n to a fin a n c ia l w e b s ite th a t y o u r
a c c o u n t w ill b e b lo c k e d , o r so m e o th e r d is a ste r
 Spam

■ S p a m is e m a il th a t y o u d id n o t re q u e s t a n d d o n o t w a n t.
■ O n e p e rs o n 's sp a m is a n o th e r's u s e fu l n e w s le tte r o r s a le a d .
■ S p a m is a c o m m o n w a y to sp re a d v iru se s, tro ja n s, a n d th e
lik e
 Adware

■ A d w a re (sh o rt fo r a d v e rtis in g -s u p p o rte d s o ftw a re ) is a ty p e

o f m a lw a re th a t a u to m a tic a lly d e liv e rs a d v e rtise m e n ts .
■ C o m m o n e x a m p le s o f a d w a re in c lu d e p o p -u p a d s o n
w e b s ite s a n d a d v e rtis e m e n ts th a t a re d is p la y e d b y s o ftw a re .
■ O fte n tim e s so ftw a re a n d a p p lic a tio n s o ffe r “ fre e ”
v e rs io n s th a t c o m e b u n d le d w ith a d w a re .
 Ransomware

■ R a n so m w a re is a fo rm o f m a lw a re th a t e s s e n tia lly h o ld s a
c o m p u te r s y ste m c a p tiv e w h ile d e m a n d in g a ra n so m .
■ T h e m a lw a re re stric ts u s e r a c c e s s to th e c o m p u te r e ith e r b y
e n c ry p tin g file s o n th e h a rd d riv e o r lo c k in g d o w n th e s y ste m
a n d d isp la y in g m e s s a g e s th a t a re in te n d e d to fo rc e th e u se r to
p a y th e m a lw a re c re a to r to re m o v e th e re s tric tio n s a n d re g a in
a c c e ss to th e ir c o m p u te r.
Cyber Attacks
 Types of Cyber Attacks

• A d v a n c e d P e rs is te n t T h re a t (A P T ):
• A n e tw o rk a tta c k in w h ic h a n u n a u th o riz e d p e rs o n
g a in s a c c e s s to n e tw o rk a n d sta y s th e re u n d e te c te d
fo r a lo n g p e rio d o f tim e .

• B a c k d o o r:
• M e th o d o f b y p a ss in g n o rm a l a u th e n tic a tio n a n d
g a in in g a c c e s s in O S o r a p p lic a tio n .
 Types of Cyber Attacks Contin… .

• B u ffe r O v e rflo w :
• A n e x p lo it th a t ta k e s a d v a n ta g e o f th e p ro g ra m th a t
is w a itin g fo r a u s e r’ s in p u t.

• M a n -in -th e -m id d le A tta c k :

• T h is a tta c k in te rc e p ts a n d re la y s m e ss a g e s b e tw e e n
tw o p a rtie s w h o a re c o m m u n ic a tin g d ire c tly w ith
e a c h o th e r.
 Types of Cyber Attacks Contin… .

• C ro ss -S ite S c rip tin g (X S S ):

• A c o d e in je c tio n a tta c k th a t a llo w s a n a tta c k e r to
e x e c u te m a lic io u s J a v a S c rip t in a n o th e r u se r’ s
b ro w se r.

• D e n ia l o f S e rv ic e A tta c k :
• A n y a tta c k w h e re th e a tta c k e rs a tte m p t to p re v e n t
th e a u th o riz e d u s e rs fro m a c c e s sin g th e s e rv ic e .
 Types of Cyber Attacks Contin… .

• S Q L in je c tio n :
• A v e ry c o m m o n e x p lo ite d w e b a p p lic a tio n
v u ln e ra b ility th a t a llo w s m a lic io u s h a c k e r to s te a l
a n d a lte r d a ta in w e b s ite ’ s d a ta b a s e .

• Z e ro -d a y e x p lo it:
• A v u ln e ra b ility in a s y ste m o r d e v ic e th a t h a s b e e n
d is c lo s e d b u t is n o t y e t p a tc h e d .
 Impacts of Cyber Attacks

• A s u c c e s sfu l c y b e r a tta c k c a n c a u se m a jo r d a m a g e to
o rg a n iz a tio n s o r sy s te m s, a s w e ll a s to b u s in e s s re p u ta tio n
a n d c o n su m e r tru s t.

• S o m e p o te n tia l re su lts in c lu d e :
• F in a n c ia l lo s s .
• R e p u ta tio n a l d a m a g e .
• L e g a l c o n se q u e n c e s .
 Tools for Cyber Security
Assessment
■ NM AP
■ W ire s h a rk
■ M e ta sp lo it
■ A irc ra c k
■ H ashca t
■ B u rp s u ite … … e tc .
■ NMAP
▶NMAP (Network Mapper) is an open-source tool used for scanning the networks.
▶It is mainly useful to discover hosts, information gathering about the network devices
on which service or port is open publicly .
▶ NMAP supports major OS platforms like Windows, Linux and even MAC OS.
▶The main advantage of NMAP is flexible, easily portable, free, and well documented.
■ Wireshark
▶Wireshark is used globally by many for analyzing network protocol.
▶This tool help to capture using pcap, store and analyze each packet in a detailed
fashion.
▶Wireshark supports OS platforms like Windows, Linux, Solaris, macOS etc.
▶Wireshark is also an open-source tool similar to the tcpdump with a user interface
option.
AI Based Cyber Threat
 Cyber Security Opportunities in Market and Skillset

■ N e tw o rk in g a n d S y ste m A d m in istra tio n

■ K n o w le d g e o f O p e ra tin g S y ste m s a n d V irtu a l M a c h in e s
■ C o d in g
■ C lo u d S e c u rity
■ A rtific ia l In te llig e n c e (A I)
■ A n U n d e rs ta n d in g o f H a c k in g