Professional Documents
Culture Documents
Unit3 CyberSecurity
Unit3 CyberSecurity
Cyber Security
Introduction
■ W e c a n d iv id e c y b e rs e c u rity in to tw o p a rts o n e is c y b e r, a n d
th e o th e r is se c u rity .
■ C y b e r te c h n o lo g y th a t in c lu d e s sy ste m s, n e tw o rk s ,
p ro g ra m s , a n d d a ta .
■ S e c u rity c o n c e rn e d w ith th e p ro te c tio n o f s y s te m s ,
n e tw o rk s, a p p lic a tio n s , a n d in fo rm a tio n .
■ It is a ls o c a lle d Electronic Information Security o r Information
Technology Security.
Motivation
Applications of Cyber Security
■ N e tw o rk S e c u rity S u rv e illa n c e
■ Id e n tific a tio n A n d A c c e s s C o n tro l (IA M )
■ S o ftw a re S e c u rity
■ R is k M a n a g e m e n t
■ S e c u rity D u rin g S o ftw a re D e v e lo p m e n t
■ S e c u rity A g a in st D is trib u te d D e n ia l fo r S e rv ic e (D D o S )
Challenges
Cyber Threat
C y b e r th re a ts c a n c o m e fro m a w id e v a rie ty o f so u rc e s , s o m e
n o ta b le e x a m p le s in c lu d e :
• N a tio n a l g o v e rn m e n ts.
• T e rro ris ts.
• In d u s tria l s e c re t a g e n ts .
• R o g u e e m p lo y e e s .
• H a c k e rs .
• B u sin e s s c o m p e tito rs.
• O rg a n iz a tio n in s id e rs .
Cyber Threat Classifications
• Resources: In d iv id u a l o r sm a ll g ro u p .
• Organization: L ittle o r n o o rg a n iz a tio n .
• Funding: N e g lig ib le .
• Attack: E a sy to d e te c t a n d m a k e u se o f fre e ly a v a ila b le
c y b e ra tta c k to o l.
• E x p lo ita tio n b a se d o n d o c u m e n te d v u ln e ra b ilitie s.
Structured Cyber Threats
• Resources: W e ll tra in e d in d iv id u a l o r g ro u p .
• Organization: W e ll p la n n e d .
• Funding: A v a ila b le .
• Attack: A g a in st p a rtic u la r in d iv id u a l o r o rg a n iza tio n s.
• E x p lo ita tio n b a se d o n in fo rm a tio n G a th e rin g .
Highly Structured Cyber Threats
• E x te n s iv e o rg a n iz a tio n , re s o u rc e s a n d p la n n in g o v e r tim e .
• A tta c k : L o n g te rm a tta c k o n p a rtic u la r m a c h in e o r d a ta .
• E x p lo ita tio n w ith m u ltip le m e th o d s :-
T e c h n ic a l, s o c ia l a n d in sid e r h e lp .
Malware
■ S h o rt fo r m a lic io u s s o ftw a re .
■ It is s o ftw a re u se d o r c re a te d to d is ru p t c o m p u te r o p e ra tio n ,
g a th e r se n s itiv e in fo rm a tio n , o r g a in a c c e ss to p riv a te
c o m p u te r s y ste m s .
■ It c a n a p p e a r in th e fo rm o f c o d e , sc rip ts, a c tiv e c o n te n t, a n d
o th e r s o ftw a re .
■ 'M a lw a re ' is a g e n e ra l te rm u s e d to re fe r to a va rie ty o f fo rm s
o f h o stile , in tru siv e , o r a n n o y in g so ftw a re
How Malware Spreads?
M a lw a re is a p ro g ra m th a t m u s t b e trig g e re d o r s o m e h o w
e x e c u te d b e fo re it c a n in fe c t y o u r c o m p u te r sy ste m a n d s p re a d
to o th e rs .
H e re a re s o m e e x a m p le s o n h o w m a lw a re is d is trib u te d :
a) S o c ia l n e tw o rk
b) P ira te d s o ftw a re
c) R e m o v a b le m e d ia
d) E m a ils
e) W e b s ite s
Types of Malware
■ V irus e s
■ Tro ja n ho rse s
■ W o rm s
■ S p y w a re
■ Zo m b ie
■ P h is hin g
■ S pam
■ A d w a re
■ R a n so m w a re
Viruses
A program or piece of code that is loaded onto your computer without your knowledge
and runs against your wishes.
■ Viruses can also replicate themselves.
■ All computer viruses are manmade.
■ Viruses copy themselves to other disks to spread to other computers.
■ They can be merely annoying or they can be vastly destructive to your files
Examples Of Computer Viruses
■ Macro virus
■ Boot virus
■ Logic Bomb virus
■ Directory virus
■ Resident virus
Trojan Horses
■ A T ro ja n H o rs e p ro g ra m h a s th e a p p e a ra n c e o f h a v in g a
u s e fu l a n d d e sire d fu n c tio n .
■ A T ro ja n H o rs e n e ith e r re p lic a te s n o r c o p ie s itse lf, b u t c a u se s
d a m a g e o r c o m p ro m is e s th e s e c u rity o f th e c o m p u te r.
■ A T ro ja n H o rse m u s t b e s e n t b y s o m e o n e o r c a rrie d b y
a n o th e r p ro g ra m a n d m a y a rriv e in th e fo rm o f a jo k e p ro g ra m
o r s o ftw a re o f s o m e s o rt.
■ T h e s e a re o fte n u s e d to c a p tu re y o u r lo g in s a n d p a ss w o rd s
Trojan Horses
Example of Trojan Horses
■ R e m o te a c c e ss T ro ja n s (R A T s )
■ B a c k d o o r T ro ja n s (b a c k d o o rs )
■ IR C T ro ja n s (IR C b o ts )
■ K e y lo g g in g T ro ja n s
Worms
■ S p y w a re is a ty p e o f m a lw a re in s ta lle d o n c o m p u te rs th a t
c o lle c ts in fo rm a tio n a b o u t u s e rs w ith o u t th e ir k n o w le d g e .
■ T h e p re se n c e o f s p y w a re is ty p ic a lly h id d e n fro m th e u se r
a n d c a n b e d iffic u lt to d e te c t.
■ S p y w a re p ro g ra m s lu rk o n y o u r c o m p u te r to ste a l im p o rta n t
in fo rm a tio n , lik e y o u r p a s sw o rd s a n d lo g in s a n d o th e r
p e rs o n a l id e n tific a tio n in fo rm a tio n a n d th e n s e n d it o ff to
s o m e o n e e ls e
Zombie
■ Z o m b ie p ro g ra m s ta k e c o n tro l o f y o u r c o m p u te r a n d u se it
a n d its In te rn e t c o n n e c tio n to a tta c k o th e r c o m p u te rs o r
n e tw o rk s o r to p e rfo rm o th e r c rim in a l a c tiv itie s.
Phishing
■ S p a m is e m a il th a t y o u d id n o t re q u e s t a n d d o n o t w a n t.
■ O n e p e rs o n 's sp a m is a n o th e r's u s e fu l n e w s le tte r o r s a le a d .
■ S p a m is a c o m m o n w a y to sp re a d v iru se s, tro ja n s, a n d th e
lik e
Adware
■ R a n so m w a re is a fo rm o f m a lw a re th a t e s s e n tia lly h o ld s a
c o m p u te r s y ste m c a p tiv e w h ile d e m a n d in g a ra n so m .
■ T h e m a lw a re re stric ts u s e r a c c e s s to th e c o m p u te r e ith e r b y
e n c ry p tin g file s o n th e h a rd d riv e o r lo c k in g d o w n th e s y ste m
a n d d isp la y in g m e s s a g e s th a t a re in te n d e d to fo rc e th e u se r to
p a y th e m a lw a re c re a to r to re m o v e th e re s tric tio n s a n d re g a in
a c c e ss to th e ir c o m p u te r.
Cyber Attacks
Types of Cyber Attacks
• A d v a n c e d P e rs is te n t T h re a t (A P T ):
• A n e tw o rk a tta c k in w h ic h a n u n a u th o riz e d p e rs o n
g a in s a c c e s s to n e tw o rk a n d sta y s th e re u n d e te c te d
fo r a lo n g p e rio d o f tim e .
• B a c k d o o r:
• M e th o d o f b y p a ss in g n o rm a l a u th e n tic a tio n a n d
g a in in g a c c e s s in O S o r a p p lic a tio n .
Types of Cyber Attacks Contin… .
• B u ffe r O v e rflo w :
• A n e x p lo it th a t ta k e s a d v a n ta g e o f th e p ro g ra m th a t
is w a itin g fo r a u s e r’ s in p u t.
• D e n ia l o f S e rv ic e A tta c k :
• A n y a tta c k w h e re th e a tta c k e rs a tte m p t to p re v e n t
th e a u th o riz e d u s e rs fro m a c c e s sin g th e s e rv ic e .
Types of Cyber Attacks Contin… .
• S Q L in je c tio n :
• A v e ry c o m m o n e x p lo ite d w e b a p p lic a tio n
v u ln e ra b ility th a t a llo w s m a lic io u s h a c k e r to s te a l
a n d a lte r d a ta in w e b s ite ’ s d a ta b a s e .
• Z e ro -d a y e x p lo it:
• A v u ln e ra b ility in a s y ste m o r d e v ic e th a t h a s b e e n
d is c lo s e d b u t is n o t y e t p a tc h e d .
Impacts of Cyber Attacks
• A s u c c e s sfu l c y b e r a tta c k c a n c a u se m a jo r d a m a g e to
o rg a n iz a tio n s o r sy s te m s, a s w e ll a s to b u s in e s s re p u ta tio n
a n d c o n su m e r tru s t.
• S o m e p o te n tia l re su lts in c lu d e :
• F in a n c ia l lo s s .
• R e p u ta tio n a l d a m a g e .
• L e g a l c o n se q u e n c e s .
Tools for Cyber Security
Assessment
■ NM AP
■ W ire s h a rk
■ M e ta sp lo it
■ A irc ra c k
■ H ashca t
■ B u rp s u ite … … e tc .
■ NMAP
▶NMAP (Network Mapper) is an open-source tool used for scanning the networks.
▶It is mainly useful to discover hosts, information gathering about the network devices
on which service or port is open publicly .
▶ NMAP supports major OS platforms like Windows, Linux and even MAC OS.
▶The main advantage of NMAP is flexible, easily portable, free, and well documented.
■ Wireshark
▶Wireshark is used globally by many for analyzing network protocol.
▶This tool help to capture using pcap, store and analyze each packet in a detailed
fashion.
▶Wireshark supports OS platforms like Windows, Linux, Solaris, macOS etc.
▶Wireshark is also an open-source tool similar to the tcpdump with a user interface
option.
AI Based Cyber Threat
Cyber Security Opportunities in Market and Skillset