| { Unit- 1 —— eee ciminal at yeercrme criminal activity that either Largets or uses @ computer, computer network ora networked device. Most apres committed by cybercriminals r hackers who want to make money. However, occasionally Hobby hackers A person who enjoys exploring the iis of what is posible, na so May maeity haréware/ software 2 MT protessional (Social Engineering) Ethical hacker portly motvated hacers- Promotes the objectives of indviduals, groups x nations support 3 vanety et Causes such a Antglobalzation, tansnatinalconfts and potest Terrors organizations ~ * Gyberterorism 1 be the interme attacks in teronst aetvty 1 Cage scale disruption of computer network, personal computers tached io nernet wa wuss * Tue Caberrimnal- nt interested in recogni Psychological perverts Expres sexual deses, © Financialy motwated hackers (corporate espionge] = Moke maney rom cyber attacks coooane verre taud twraugh phshing. information thet, spam and extortion State sponsored hacking (national espionage, sabotage) + Hacks + Extremely professional groups working fx governments race nity to worm nto the network of the medi, major corporations detence departments “e {deviates from normal behaviour + Organized criminals Type4.Cybercriminals ~The insider Disgruntled or former employees seeking reverse Competing companies using ermployees 1 gan economic advan\ Gi wnot cybercrime cashcation ol cybercrime? ¥ cybercrime commited by cybercriminals or hackers who want tomake money, HOWE ey “1 Cybercrime can be catried out by individuals or organizations. Some cybercriminals are orgOn\22°~ vue Cybercrime san illegal behaviour, directed by means of electronic operations, that farBet ie a f Computer System and the data processed by them. So, cybercrime can be called as computer related Crime o Cybercrime can be classified into five types which are explained below: 2) Cybercrime against an indivisual 2), Cybercrime against property 3) Cybercrime against organization 4) Cybercrime against Society 5}_ Crimes emanating from UseNet newsgroup. Now we can see all the classification types in details 1). Cybercrime against an indivisual: a} Email spoofing: A spoofed emails one in which the e-mail header is for from one source but actually has been sent from another source. )_ Spamming: Spamming means sending multiple copies of unsolicited mails €)__ Cyber Defamation: This occurs when defamation takes place with the help of computers and/or the Internet. Eg, someone publishes defamatory matter about someone on a website or sends e-mails containing defamatory information. | 8) Harassment & cyber stalking: Cyber staking Means flowing an incviasactvty over internet It can be done | withthe help of many protocols available such ase- mail chat rooms, UseNet groups. ) Computer sabotage: criminals attack computer systems in order to disrupt online services and, for instance, bring? business's operations to a halt | 1) Paxsword Sriting: Password siting is typeof network attack in which an attacker intercepts data packet ht Include passwords. The attacker then uses a password-cracking program to obtain the actual passwords from the intercepted data, 2) Cybercrime against property 2) Credit card fraud: As the name suggest, this is a fraud that happens by the use of a credit card. This generaly thappens if someone gets to know the card number or the card gets stolen 'b)_Intellectuat Property crimes: These include Software piracy: legal copying of programs, distribunon of copies o! software Copyright infringement: Using copyrighted material without proper permission. Trademarks violations. Using ‘trademarks and associated rights without permission of the actual holder ‘Theft of computer source code: Stealing, destroying or misusing the source code of a computer Internet time thet: This happens by the usage of the Internet hours by an unauthorized person which i actualy paid by another person. 3) Cybercrime against Organization: 3. Unauthorized Accessing of Computer: Accessing the computer/network without permission from the owner Iecan be of 2 forms: ‘© Changing/deleting data: Unauthorized changing of data ‘© Computer voyeur: The criminal reads or copies confidential or proprietary information Jatas ester deleted nor changed i iemeemrtgcerancan, oa ina Gad b. Denial OF Service (005): When Internet server Is flooded with continuous bogus requests so as to denying Jeginmate users to use the server or to crash the server. Computer contamination / Virus attack: computer virus isa computer program that can infect other computer programs by modifying them in such 2 way as to include a (possibly evolved} copy of wt. Viruses can be he infecting oF affecting boot sector of the computer. Worms, unlike wruses do not need the host to attach themselves to. 4. Email Bombing: Sending large numbers of malls to the individual or company or mail servers thereby ulti: resulting into crashing eae eee Salami Attack: When neglglble amounts are removed & accumulated in to something larger These used forthe commission of financial crimes int Something larger These attacks ora 1 Logie Bomb It isan event dependent program As soon as the designated event occurs, crashes release a virus oF any other harmful possibilities, " " the computer ged so that the mail appears to originate ‘or mass e-mails such as chain letters,Trojan Horse: This is an unauthorized program which functions from inside what seems to be an authorized program, thereby concealing what its actualy doing h, Data diddling: This kindof an attack involves altering raw data just before itis processed by a computer and them changing it back after the processing is completed. ) Cybercrime against Society (i) Forgery: Currency notes, revenue stamps, mark sheets etc. can be forged using computers and high-quality scanners and printers. (8) Cyber Terrorism: Use of computer resources to intimidate or coerce people and carry out the activities of terrorism. (in) Web Jacking: Hackers gain access and control over the website of another, even they change the content of website fr fuliling political objective or for money. 3) Crimes emanating from UseNet newsgroup: By its very nature, Usenet groups may carry very offensive, harmful, inaccurate or otherwise inappropriate material, oF in some cases, postings that have been mislabeled or are deceptive in another way, Therefore, itis expected that you will use caution and common sense and exerese proper judgment when using Usenet, 25 well a5 use the service at Our own risk ans: A cybercriminals a person who conducts some form of egal activity using computers or ather digital technology juch asthe internet. The criminal may use computer expertise, knowledge of human behaviour, and a variety of tools and services to achieve is or her goal. The kinds of crimes a eyberctiminal maybe invlved in can include hacking, ident theft, anline scams and fraud, creating and disseminating malware, or attacks on computer systems and sites, Cbererime involves such activites lke as child pornography, creditcard frauds, cyberstakking,gnining unauthorized access to compute system, ignoring copyright, Software licensing, identity theft to perform criminal acts, cybercriminals ae those who conducts such acts. bxbercime planned by cybercriminals Criminals use many methods and tools to locate the vulnerabilities oftheir target. The target can be anndividval and/or an figanizaton. criminals plan passive and active attack, Active attacks ace usualy used to alter the system, whereas passive Stacks ottempt to goin information about the target. Active attacks may ae the avalabilty, integrity and authenticity of Gata whereas passive attacks lead to breaches of confidentiality {The following phases ae involved in planning cybercrime. 1 Reconnaissance (information gathering is the frst phase and is treated a pasive attacks. 2. Scanning and scrutinizing the gathered information forthe valcity of the information as well 35 to identy the esting vulnerabilities. 3. Launching an attack (gaining and maintaining the system access) |L Beconnaissance “The literal meaning of "Reconnaissance" is an act of reconnoitering- explore, often with the goal of finding something or ‘somebody (specially to gain information about an enemy or potential enemy). Inthe world of "hacking," reconnaissance phase begins with "Footprinting"-thiss the preparation toward preattack phase, and involves accumulating data about the target's environment and computer architecture to find ways to intrude into that lenvironment. Footprinting gives’ an overview about system vulnerabilities and provides a judgment about possible iloitation of those vulnerabilities, The objective of this preparatory phase Is to understand the system, its networking, rs and services, and any other aspects of its security that are needful fr launching the attack. hus, an attacker attempts to gather information in two phases: passive and active attacks. | Passive Attacks ‘A passive attack involves gathering information about a target without his/her (individual's or company’s) knowledge. it ean be as simple as watching a building to identify what time employees enter the building's premises. However, i is Usually done using Internet searches or by Googling (Le., searching the required information with the help of search ‘engine Google) an individual or company to gain information, 1. Google or Yahoo search: People search to locate information about employees 2. Surfing online community groups like Orkut/Facebook will prove useful to gain the information about an individual 3. Organization's website may provide a personnel directory or information about key employees, for example, contact details, E-Mail address, etc. These can be used in a social engineering attack to reach the target 4. Blogs, newsgroups, press releases, etc. are generally used as the mediums to gain information about the | company or employees. Going through the job postings in particular job profiles for technical persons can provide information about type of technology, that is, servers or infrastructure devices a company maybe using an its networkActive Attacks An active attack involves probing the network to discover individual hosts to confirm the information (IP address, ‘operating system type and version, and services on the network) gathered in the passive attack, phase. It involves t ‘tsk of detection andis also called "Ratting the doorknobs" or "Active reconnaissance.” Active reconnaissance can provide confirm: ation to an attacker about security measures in place, but the process c: also increase the chance of being caught or raise suspicion, 2. Scanning and scrutinizing Gathered information Scanning isa key step to examine inteligenty while gathering information about the target. The objectives of scanning a1 as follows: 1. Port scanning: Identify open/clase ports and services, 2 Network scanning: Understand IP Addresses and related information about the computer network systems. 3. Vulnerability scanning: Understand the existing weaknesses in the system, The scrutinizing phase is always called “enumeration” inthe hacking world. The objective behind this step i to identity 1. The valid user accounts or groups; 2. Network resources and/or shared resources 3 (0S and different applications that are running on the OS, Attack (Gaining and Maintaining the System Access After the scanning and enumeration, the attack is launched using the following steps: Crack the password Exploit he password Execute the malicious command/applications; Hide the files (if required); Cover the tracks - delete the access logs, so that there is no tralilct activity. ees rere fempt to ga ‘unauthorized access to a computer, computing system or computer network wit! the intent to cause damage. Cyber-attacks aim to disable, disrupt, destroy or control computer systems or to alter, block delete, manipulate or steal the data held within these systems A cyber-attack is an assault launched by cybercriminals using one or more computers against a single or multiple computer (oF networks. A cyber-attack can maliciously disable computers, steal data, or use a breached computer as a launch pomnt i other attacks “Tupes of attacks: * Active attack ‘An active attack is an attempt to alter your computer network systems resources or operations by making changes to you existing data, modifying data in transit, or inserting data into the system. The main objective ofan active attack is to interien with the way your network performs its operations by either modifying the target data or introducing new dats inte vou system or device. Think of al the activities a hacker can perform while compromising your network server or compares the can be grouped under active attacks. The hacker wil ty to manipulate data to harm the target's computer netwerk sectors Active attack is 9 type of cyberattack in which a hacker attempts to change or transform the cantent of messayes o Information. It jeopardizes the system's integrity and availabilty, While active attacks are easly detectable and most victims are informed that thei network has been compromised. st: exceedingly dificult to prevent them, ‘You can prevent attacks by having powerful firewalls and intrusion prevention systems (IPS) in place, but you also need ‘make sure you have a strategy to detect such attacks and recover from active attacks, There are a number of ways hacker can carry out an active attack. Here are some common types of active Session Hijacking Attack Message Modification Attack Masquerade attack Denial-of Service attack Distributed Denial-of Service Attack Trojans attacks vvpassive attack isa type of cyber-attack in which an attacker does not interact directly with a system or network Instead, the attacker simply watches and collects data from the system or network, The goal of a passive attack sto gain information that can be used to harm the organization without making any changes to the system or network and without attempting to disrupt ts functioning, Passive attacks involve monitoring and scanning systems for open ports and vulnerabilities, allowing attackers to intercept information without changing it There are a number of ways a hacker can carry out a passive attack. Here are some common types of passive attacks Eavesdropping Attack Release of Messages Traffic Analysis Attack Footprinting Wardeiving VVyy insider Attack gets their name as these are the attacks that people having inside access to information cause. The inside people may be current or former employees, business partners, contractors, or security admins who had access to the ‘confidential information previously. Insider Attacks are carried out by people who are familiar with the computer network system and hold authorised access to all the information. This form of cyber-attackis extremely dangerous as the attack is led by the system employees, which makes the entire process extremely vulnerable. Computer organisations, most likely focus on external cyber-attack protection and rarely have their attention focused on internal cyber-attacks. Here are some common types of inside attacks: > Malicious Insider: Someone who maliciously and intentionally misuses legitimate credentials, usually stealing Information for financial or personal incentives. For example, someone who has a score against a former employer or ‘an opportunistic employee who sells sensitive information to competitors Careless insider: An instrument that unknowingly exposes your system to external threats. This is type of internal threat caused by a bug. If the device remains unprotected or becomes a victim of fraud. For exemple, a harmless employee could click on an insecure link to infect a system with malware. > Mole: A scammer who is technically an outsider but has gained insider access to a privileged network. Thisis an outsider fof the organisation to hide as an employee or partner the most common reals from outside the organization may include hackers, cybercriminals, competitors, or any malicious person who is not atfliated with the company. These external attacks are often financially motivated such as ransomware attacks, in which malware i installed on devices containing company data, This data is then encrypted and cannot be accessed until a substantial amount of money has been paid tothe attacker However, the aim of every cybercriminals not necessarily to make money. Data can also be very valuable for various reasons and itis often the case that an attack occurs in order to access sensitive data, In these situations, the company may not even realize the data breach has occurred until well after the event. Here are some common types of outside attacks > Social engineering and phishing attacks: in which passwords or other sensitive and personal information can be {uessed or obtained vis employees for example, by an outsider posing as someone else inside the company. > Hacking: where malicious individuals gain access to via security loopholes in code and authentication systems. F Ransomware and malware: a computer program hosting malicious code that may allow backdoor access for a hacker, or delete or change existing data. These programs are usualy installed by mistake as they are often posing as genuine files or software. > Denial of Service attacks (DoS): are a type of attack that make websites and other online services inaccessible to users by flooding the server with requests infamaion Seeuthe oration ecu refers to the protection of information from unauthorized access, use iselosere. disruption, modification, or destruction. It's essential fr individuals, businesses, and governments to implement effective information security measures to prevent cybercrime. Some common information security measures include firewalls, antivirus software, encryption. and user authentication These technologies can help protect against hacking, malware. and other cyber threats. Additionally, education and awareness training for employees and individuals can help prevent cybercrime by teaching them how to recognize and avoud ommon cyber threats such as phishing scams and social engineering attacks formation security is essential for individuals, businesses, and governments to ensure the confidently, integrity, and Fvallabilty of their digital assets. Information securily measures can include physical security, network security, data ryption, access controls, and security monitoring and incident response. These measures are used to prevent insuthorized access to information, detect and respond to security incidents, and ensure business continuty nthe event fa cyber attack or other disruption10 have originated from someone oy 5 in headers that will alte; saying whatever the sender age that you didn't write Frmall spoofing is the forgery of an e-mail header so that the message appears t Scmewhere other than the actual source. To send spoofed e-mail, senders insert command ressage information. It's possible to send a message that appears tobe from anyone, anywhere» wants it to say. Thus, someone could send spoofed e-mail that appears to be from you with a mess mai spootig i creating and sending an email with a modified sender's address. The senders adress forged in sucha aioe tr the secewers wil trust the emall, thinking It has been sent by someone they know or from any trusted official were: After gaining their trust through a forged address, the attackers can ask for sensitive information, uch as persoP0) date ke bank details, social security numbers, or organizational data like trade secrets and more, Email spoofingis 2 prety common practice among ojberriminals because of the vulnerable and weak email system. When you receive an eral tne Gutgoing email servers have no way to determine whether the sender's address is spooted or original. Cyberattacks ertorm Emal Spoofing by changing the data of the email header. The email header contains the essenta) information lated to email includes data such 2:70, FROM, DATE, and SUBIECT. It also has the IP address ofthe sender For example, spoofed e-mail may purport tobe from someone in a psitin of authority, asking for serve Gata 06h passwords, creat cad numbers oF other personal information ~anyof which can be used fora varity of eienne pupae ‘The Bank sf America, ey, and Wells Fargo are among the companies recently spoofed in mass spam malin. One Pe ‘emai spoofing, self Sending spam, involves messages that appear to be bath to and from the recipient c mation ‘he uak of "Cyber Defamation” has increased asa result of sharing, posting, and commenting on content on several soca networking sites and it not only affects the reputation of an individual, but sometimes the whole community fs per block’ low dictionary, defamation means, the offense of injuring a person's character, fame, or reputation By fase hd malicious statements” The wrongdoer intends to damage the reputation of another person by making @ Gefamaten Statement. While in the case of cyber defamation not only includes verbal or writen communications But aso include statements made in cyberspace through the internet. in short, defaming a person through a vtual mediumis known as "Cyber Defamation” i Example: someone publishes defamatory matter about someone on a website or sends an E-mail containing defématoy ‘information to all iends ofthat person. ‘Types of Defamation Libel - Any defamatory statement which isin writen printed, or picture form. Slander - Any Defamatory statement which iin a verbal frm suchas spoken words, gestures, or representation mace wit hands Internet Time Theft: Gesurs when an unauthorize person uses the Internet hours paid for by another person and it Comes under hacking, The pomon get access to someone else's ISP user ID and password, either by hacking or by gaining access tot by tego! meas nd uses the internet without the other person's knowledge. This theft can be identified when Internet ime srechargt often, despite infe This comes under “identity thet Seetam attack sa type of cyber-atack that involves stealing small amounts of money from large number of accouss transaction, or data Sets. The term “sala slicing” refers tothe attacker taking small slices ofthe target’ assets, tke sk of salami, in. way that snot easily detectable tna salem attack, the ottacker typically modifies the data in small increments, such as altering transacnon amount & diverting small amounts of funds to their own account. The changes are usually small enough eres small enough to goUunnaticed, but over ‘the attacker can accumulate a significant amount of money or assets. ee ene Solem attacks are commonly used in financial fraud, where attackers target a ’ target a large number of accounts or transactions. steal small amounts from each one. Tis type of attackcan be difficult to det s Seasmalam cut to detect, a the changes are typically smal ans soe {Example a bank employee inserts a program. into the bank's servers, that ded that deducts a small amount from the account! * customer every month, The unauthorized debit goes unnoticed by the ees amount every month. by the customers, but the employee will make 2 5228 ata diddling is a type of cyber-attack that involves changi data at the time it 1s being entered or edited, in a way aoe mean at hiration the attacker’ ‘advantage, such as stealing money anes the amount of a payment to be more favourable ta them nBe # Payment recipyent’s name t ow oFData didding attacks can be dificult to detect, as the changes ar often made atthe time of entry or editing, ané can gO unnaniced unless the data is carefully reviewed. These attacks can have serious consequences, such as financial loss, reputational damage, of legal issues, To protect against data diddling atacks, organizations should implement security measures such as access controls, data encryption, and manitoring for suspicious activity. They should algo provide taining and awareness programs to employees an how to recognize and report suspicious activity For Example, suppose an employee is scheduled to work from 9:00 AM to 5:00 PM, but they alter their timecard to show that they started work at 8:00 AM and ended at 6:00 PM. By doing this, the employee is claiming an additonal two hours of work that they did not actually perform. Forgery:= Forgery in cybersecurity refers to the act of creating or modiving a digital document, signature, oF other electronic information with the intention of deceiving someone into believing itis legtimate. Forgery is often used in cybercrime to commit fraud, identity theft, or gain unauthorized acces to information or systems. An example of forgery in cybersecurity is the creation ofa fake digital certificate. Digital certificates are used to verify the sdentty of @ website or system, ensuring that users can trust thatthe information being exchanged i secure and authentic. A cybereriminal may create a fake digital certificate, which appear to be legitimate, to trick users into believing that they are accessing a Secure website or system when infact, they are not, The attacker can then steal sensitive information or inject malware onto the user's device. Forgery atacks canbe dificult to detect, asthe documents or cigital signatures may appear legitimate. However, there are several ways to protect against forgery attacks, such as using authentication and authorization control, implementing encryption and other security technologies, and educating users about how to recognize and avoid forgery attacks. Example: cybercriminal may crete a fake email that appears to be from a bank, with the bank's logo and email format. The email may ask the recipient to click ona link o verify their account information, which then takes them toa fake website that looks ike the bank's official ste. The users then prompted to enter thei login credential or other sensitive information, which s then captured by the cybercrimina Identity theft is a type of cybercrime that involves stealing personal information for the purpose of assuming someone's identity or committing fraud. Cybercriminals can use a variety of methods to obtain personal information, such as phishing emails, malware, social engineering, or exploiting vulnerabilities in online systems, (Once a cybereriminal has access to personal information, they can use it for a variety of purposes, such as opening new credit accounts, making unauthorized purchases, or accessing sensitive data. The consequences of identity theft can be severe and long lasting, including financial losses, damage to credit scores, and difficulties in obtaining loans or credit in the future, To protect against identity theft, itis important to take steps to safeguard personal information. This includes being cautious about sharing personal information online, using strong passwords and two-factor authentication for online accounts, ‘monitoring credit reports and bank statements regularly, and using anti-malware software to protect against phishing ang other attacks. identity theft is a serious threat in cybersecurity, and itis important for individuals and organizations to take necessary precautions to protect themselves and their customers against this type of cybercrime. ‘Ans: - Web- jacking, aso known as website hijacking, isa type of cyber-attack in which an attacker gains unauthorized access to a website and modifies its content or redirects its trafic to 3 different site. This is typically achieved by exploiting vulnerabilities in the website's software, such as outdated plugins or weak passwords Web jacking attack method is another type of social engineering phishing attack where an attacker create a fake web page of victim website and send it to the victim and when a victim click on that link, a message display on the browser “the site ‘abc.com has move on another address, click here to goto the new location” and ifa victim does click on the link, he/she will edirect on the fake website page where an attacker can ask for any sensitive data such as credit card number, username, password etc. Web jacking attack method is one kind of trap which is spread by the attacker to steal the sensitive data of any people, and those people got trapped who are not aware about cyber security Web Jacking Attack Method: - = The fist step of web jacking attack method isto create a fake page of victim website for example www fb.com 1+ The second step is to host it either on your local computer or shared hosting + The third step is to send the link ofa fake page to the victim + The fourth step vietim will open the link and enter their details and submit + Last step, you will get all the details submitted by victim How to be safe from web jacking attack method: ‘+ Firs ofall do nat enter sensitive data in any link sent to you } + check the ur | + ust because the address looks Ok, don't assume this legitimate site | } |+ Read company name carefully isi right or wrong Pee check that theres tp protocol or tos, ft then doesnot ener Your dak * Ifyou are not sure, site is real or fake, enter a wrong username and pi + Use a browser with antiphishing detection bercrime class of Web Jackin gta assets and can result Web-jackir canine oo of cybercrime, as it involves unauthorized access to ao cheshire ae inane losses, data breaches, and other negative consequences. In many jurisdictions, web-Jacking * “mp! fraud and is subject to criminal prosecution r website security, su Topeke ans we achingatacks, webte owrerssheld implement best practices or web mt haa software up-to-date, using strong passwords, and implementing security monitoring an ren 1 ity assessments to identify and re also important to regularly scan websites for vulnerabilities and perform security assessment: {vend remedies, weaknesses, Software pracy rele eon inom ‘copying, dist 00 SE permision ofthe software's oun, or developer. This can include making unauthorized copies of software, sharing software licenses with unauthorized wrt oF selling counterfeit copies of software 7% financial losses: Pirated sofware is often soldat significantly lower prices than legitimate sohware, which can srrasive © buvers looking to save money. However, buyers may end up paying more inthe long run due tissues 2s software malfunctions or security breaches, which can lead to additional expenses. ‘ 7 [eeal isk: Using pirated software can expose individuals and organizations to legal risks, including fines, penis {awsults In some cases, individuals may face criminal charges for software piracy Sry sk: Pirated software may contain malware, uss, or other security threats that can compromise these 013 user's device and data. This can lead to data breaches, identity theft, and other security incidents rent oftware quality: Pirated software may be of poor quality or outdated, which can lea to software malfunctog crashes, and other issues. This can result in lost productivity and additional expenses for users, Wack OL sURPOTE and updates: Users of pirated software typically do nat receive technical support or software updaty which can lead to compatiblity issues, security vulnerabilties, and other problems Seiynate lacy can result in significant asses for both individuals and organizations. To avd these isk, itis important saris (alimate software obtained from authorized sources and to achere to software lensing agreements By don! woth orate carats that they are receiving high-quality software and avoiding legal, financial, and security risks ssrece | with pirated software. : Social Engineering ! In cybersecurity, socal engineering is often used by attackers to gain unauthorized ace Facey eae stacks can take many forms, uch as phishing eas, pretetng, bang, and tages: Prise eee ically involve sending a fraudulent email that appears tobe from aleptimate source, sich as « booker a eee Farce raee” a” atemet to trick the recipient into revealing personal information such a: login ceedete os hance information Social engineering attacks can be extremely effective in com; ruc tobe aware of the diferent types of soca engineering altacks and ake steps ioraecon rere Far example a person ung sol engineering to break nto computer network mit yt gate cadence ofan authorized user and get them to reveal information that cmmpromiss the metworl eccort, Classification of Social Engineering 1. Human-Based Socal Engineer It needs interaction with humans; it means person-to-person contact use human based social engineering techniques in diferent ways th Impersonating an employee or valid user Posing as an important user Using a third person Calling technical support 1 Shoulder surting Dumpster diving #55 to computer systems or networks! ‘promising the security of organizations and individuals, andi and then retrieving the desired information. People 1 top popular methods are: Computer-based social engineering uses computer software that attem, © Fake mails + Email attachments Pop up windows PIS 10 retrieve the desired informationyberstalking refers to the use of the Internet or other digital means to harass or threaten an individual, often with the intent to cause fear, alarm, or distress, CCyberstalkers may use a variety of tactics to target thelr victims, such as sending threatening messages, tracking their online activity, oF using malware to gain access to their devices or personal information. Victims of cyberstalking may experience 3 range of emotional and psychological impacts, including anxiety, depression, and post-traumatic tress disorder (PTS) To protect against cyberstalking, individuals can take several steps, such as using strong and unique passwords, enabling two-factor authentication on all online accounts, avoiding sharing personal information online, and being cautious about clicking on links oF downloading attachments from unknown sources. Additionally, itis essential to report any instances of cyberstalking to the appropriate authorities, such as the police or Internet service providers, as soon as possible, ‘Types of Stalkers online Stalkers = Interaction directly with the help of internet = Email and chat rooms = _Vietim recognizes the attack attempted on him/her > offline stalkers = Traditional methods such as telephone/cell phone = _ Watching the daily routine, searching on message boards / newsgroups, personal websites Victim is not aware that the internet has been used to perpetuate an attack against them + Both are criminal offenses. + Both are motivated by a desire to control, intimidate or influence a victim + Astalker may be an online stranger or a person whom the target knows. He may be anonymous and solicit involvement of ‘other people online who de not even know the target cyberstalking works: 1. Personal information gathering about the victim. 2 Establish a contact with the victim through telephone/ cell phone = start threatening or harassing 3. Establish a contact with the victim through E-mail 4. Keep sending repeated E-mails asking for various kinds of favours or threaten the victim. 5. Post victim's personal information on any website related toilict services, ‘6. Whosoever comes across the information, start calling the victim on the given contact details, asking for sexual services or relationships, 7. Some stalkers may subscribe/ subscribe/ register E-Mail account of the victim to innumerable pornographic and sex sites because of which victim start receiving such kind of unsolicited E-Mails an attack vector is a method or means by which a hacker or attacker can gain unauthorized access to a computer system or ‘network. It refers to the path or route that an attacker uses to exploit a vulnerability or weakness ina system Here are the different ways attackers can launch attack vector "> Email attacks: This includes phishing, spear phishing, and whaling to trick the recipient into checking on 2 malicious link or opening a malicious attachment, ‘Malware attacks: The use of malicious software delivered via email, drive-by downloads, malicious links, or infectest software updates to gain unauthorized access to a system, Social engineering attacks: The manipulation of individuals to gain access to sensitive information or systems Website attacks: Exploiting vulnerabilities in websites, such as XSS, SQL injection, oF CSAF. to gain unautno ‘access to data or take control of the website Network attacks: Using techniques lke port scanning, sniffing, and DoS attacks to gain unauthorived access to ‘computer systems or networks. Physical attacks: Gaining unauthorized access by stealing or guessing passwords, stealing hardware. or vulnerabilities in physical security systems. Py identifying and understanding attack vectors, organizations can take steps to mitigate and prevent attacks implementing security measures such as firewalls, intrusion detection and prevention systems, and ant mslwore sorteew. zed exploning loud computing is Internet-based development and use of computer technology Cloud computing i term uses for hosted! ‘services delivered over the internet. Cloud computing services may be either private or pubic Sold on demand ~ typically bythe minute or the hour Fastic in terms of usage ~ as much or as litle service Fully managed by the providerAdvantages: = Application and data can be accessed fram anywhere at any time = Hardware costs down, only need the internet connection = Organizations do not need to buy a set of software es ~ Organizations do not have to rent a physical space to store servers and databas = Organizations save money on IT support Tunes of Services 1 Infrastructure-as-a-service (Iaas) ~ Virtual servers with unique IP addresses and blocks of storage on demang 1 Blattorm-as-a-service (Paas) — Set of sofware and development tools hosted on the provider's servers, Aaettware-as-a-service (Saa5) — Provider allows the customer only to use its applications Asks associated with cloud computing environment T flevated user access: Outsourced services may bypass the physical, logical, and personnel controls ~ fesulatory compliance: Servic providers are nt able and/or not willing to undergo external assessment ~ Location of the data: Not aware about where the data is hosted Tpeksation of data: Encryption mechanism should be strong encugh to segregate the data from other organization, T RSCGNETY ofthe data: Application environment and I infrastructure across multiple sites are vulnerable toa tot! aly semarmation security violation reports: Due t large number of customers, itis difficult to trace inappropriate andjon a activity Tee term viability: n case of any major change in the service provider (eg, acquisition and merger, partnership rea, the service provided is atthe stake: Here are the 4 types of mobility in cybersecurity in more deta, along with their implications. JLiser Mobility: User mobility refers to the ability of users to move from one location to meother while maintaining acces fealty, However, also poses security rts, such as unsecured Wi connectons andlost or salen ac ion na ak Teuunauthorsed aces to sensitive information and dts breathes. Therfoe, te important to mien arene eek controls and authentication mechanisms to mitigate these risks 2, Device Mobility: Device mobilty refers tothe ability of devices suchas laptops, smary diferent locanons and netwerks, Device mobility cn be beneficial at allows employees to wore case wns wath others from anywhere. However, it also poses secunty rss, such as lst of stolen dewces ond anne coy Connections. Ths can lead to unautherited acess to senstve information and data benches Terclos neces implement strong secury ples nd use techno suchas encryption and mabie dewce mamnserbon oorasg these risks 2. Data Mobility: Data mabilty refers to the ait of data to move between afferent devices, networks. and locations The is usualy achieved through technologies such a cloud storage and le sharing Data mebilty canbe benches ares for greater collaboration and innovation, However, it also poses security risks, sue and data loss. Therefore, it is important to implement strong access controls ‘mechanisms to mitigate these risks Application Mobily: Application moby reles to the abity of appications to move between dierent emaronment sch 23 on premse and cloud. based enwronments Appication moby can be benehcl shallows for eae gee and scalability. However, i also poses security sks, such as unauthoried access, nm leakage Therefore, it's important to implement strong security controls, management, to ritigate these risks iphones, and tablets to move betwee h as unauthorized access, data leakage encryption, and data oss preventot tion vulnerabiléves, and dat Such as access controls and vulnevatbittybererime refers to criminal activities that are committed through the use of computers or the internet. It can include a ide range of illegal activities, such as hacking, phishing, identity theft, online harassment, and cyber espionage, among thers, Cybercrime has become a major threat to individuals, organizations, and governments, a it can result in financial joss, reputational damage, and even national security threats I is important for individuals and organizations to take steps jo protect themselves against cybercrime, such as using strong passwords, installing anti-virus software, and avoiding suspicious emails or websites, fraud: yer fraud refers to fraudulent activities that are conducted using electronic or digital means, such as the internet oF omputers. Cyber fraud can include a wide range of activities, such as phishing scams, online identity thett, credit card fraud. nd fake investment schemes, among others. The perpetrators of cyber fraud often use social engineering techniques, such 5 posing 25 2 trustworthy source or creating fake websites, to trick their victims into divulging sensitive information or aking Payments. Cyber fraud can result in financial loss, reputational damage, and even identity theft. I is important for individuals and organizations to be vigilant and take steps to protect themselves against cyber fraud, such as being cautious pout sharing personal information online and using secure payment methods. rd Fraud. redit card fraud in the mobile and wireless era refers to the fraudulent use of credit card information through mobile levices and wireless networks. With the rise of mobile technology, it has become easier for cybercriminals to gain \ccess to Sensitive credit card information and use it for fraudulent purposes. jee are several ways in which credit card fraud can occur in the mobile and wireless era Mobile malware: Malicious software or apps can be installed on a mobile device, which can steal credit card information and transmit it to cybercriminals. Phishing scams: Cybercriminals can create fake websites or send phishing emails that appear to be from legitimate sources, in an attempt to trick users into giving away their credit card information, Unsecured Wi-Fi networks: Public Wi-Fi networks can be vulnerable to hacking, which can allow cybercriminals to intercept credit card information as itis being transmitted Stolen or lost devices: Ifa mobile device containing credit card information is lost or stolen, the information can be accessed by cybercriminals. ‘Application fraud (p pa er-based fraud: uses stolen or fake documents) +10 theft individual pretends to be someone else + Financial Fraud = Individual gives false information about his or her financial status to acquire credit card + Modern techniques ‘Sophistic techniques enable criminals to produce fake and doctored cards Skimming + Information held on either magnetic strip or data stored on smart chip are copied from one card to another — To direct the users to cloned sites and false merchant sites is called Phishing. Triangulation “= Criminal offers heavy discount rates through a website «= Customer registers with personal information and credit card details + Criminal orders the goods from legitimate website with the help of stolen credit card + Goods are shipped to the costumer and transaction gets completed * Criminal keeps on purchasing other goods using fraudulent credit card details + Such websites are available for few weeks/months Credit Card generators + Computer emulation software available for ree download on the internet lobe devices, such as smartphones and tablets, have become an integral part of our dally lives, providing us with access @a vast array of information and services. However, the use of these devices also poses several security challenges that 10d to be addressed to ensure the safety and privacy of users. Some of the significant security challenges pased by mobile Mobile devices are prone to being lost or stolen, which can result in sensitive data falling into the not secured, a thief could gain access to personal information like emails. contacts, messages, and even 5, leading to identity theft, financial fraud, or other malicious activities2. Malaave and Vieuses: Malware and viruses are a commen threat to mobile devices. Hackers can use malicious softway ‘oinfect mobile devces and gan acess to sensitive data, or even contro the device remotely. Malware canbe downloade, through seemingly harmless apps, links, or messages, and ean often go unnoticed by the user. 3. Unsecured Wi-Fi Networks: Public WI-FI networks are not secure, and using them can expose mobile devices to severe threats Hackers can setup fake Wi-Fi hotspots to trick users into connecting and steal data or inject malware ante th device 4. App Security: App stores are riddled with malicious apps that can access sensitive data, send spam messages, OF eve steal user credentials Users need to be cautious when downloading apps and ensure they are from a reputable source 5. Phishing Atacks: Phishing attacks are increasingly common, and mobile devices are just as vulnerable as computer: Hackers can sené emails or messages that appear legitimate, tricking users into divulging sensitwe information oweioading malware S.tailbresking/Roonng:Jailbreaking or rooting a mobile deviceisa practice that allows users to remove software restriction and gam adminstratve access to the device's operating system. However, this practice can leave the device vulnerable malware and other security threats. Outdated Sofware: Fallure to update mobile device software can leave it winerable to attacks as attackers expla Sofware vulnerabilities that are not patched ec tacks et cell pl Sieulcalaeestenes LARS ompromising the security or privacy of a mabile device or the data stored on it. Eminent kinds of attacks on mobile phone: - © Push tack ‘A push attack, also known as a push notification attack, isa type of cyber-atack that targets mobile devices by sendin fraudulent push notifications to users. These notifications are designed to trick the user into clicking on a link or takin ‘some other action that could compromise the security oftheir device. Push attacks typically involve the use of social engineering tactics, such as posing as legitimate app or service provide to gain the users tust and encourage them to take a particular action. Once the user has clicked on the link or ake the requested action, the attacker may be able to gain access to sensitive data or take control af the device. ‘To protect against push attacks, itis important to be vigilant when receiving push notifications from unknown source [Always verify the authenticity of the sender before taking any action, and avoid clicking on links or providing sensty information unless you are certain thatthe request is legitimate. In addition, iti a good idea to keep your mobile device up-to-date with the latest security patches and to use reputst anti-virus and ant-malware software to help prevent unauthorized access and attacks. Sending foauduled ig z Push Attack “Taen” asker | A Los coud , (messa git ] or Se Cee , ‘ 7 i ene . Twore that ts deguiedl 'at Wrick users into entering sensi ive inf 1on on trout websites, or malware that's digused 25 a legitimate app or software upd fone oN orm Content ar accesses the fraudulent website, the attacker maybe abe ta ede eerie or financial information Bamaccess to sensitive data, suchas og "ee tricking users into downloading malicious come”To protect against p unknown sources. Only download apps from reputable app stores, such as the Apple App Store or Google Play Store, and avoid downloading apps from third-party sources unless you are certain of their authenticity. i also important to be wary of phishing scams and fraudulent websites. Always verify the authenticity of a website before centering sensitive information, and never enter sensitive information on a website unless you are certain of its legitimacy. Finally, Keep your mobile device up-to-date withthe latest security patches and use reputable antivirus and anti-malware software to help prevent unauthorized access and attacks. downlod malicious apps inte, dente -—— Pull Attack (==) [8] See) EES Se) "| attacks, itis important to be cautious when dovinioading apps or software updates, espedally om | a; Atak e? + crash attack ‘crash attack, also known as a denial-of-service (DoS) attack, is a type of eyber-attack that targets mobile devices by cverwhelming them with excessive trafic or data requests. The goal of a crash attack sto render the device or the network fis connected to inaccessible or unusable, effectively denying service to legitimate users, ‘Thete ae several ways that a crash attack can be carried out on a mobile device, including flooding the device with excessive data requests, sending a large number of malformed packets to the device, or exploiting vulnerabilities in the device's operating system or applications to cause them to crash. ‘Th protect against crash attacks, itis important to keep your motile device up-to-date withthe latest security patches and touse reputable antivirus and antt-malware software to help prevent unauthorized acess and attacks. tis also a good idea to avoid downloading and instaling apps or software from untrusted sources and to use caution when opening email attachments or clicking on links from unknown sources. iT you suspect that your mobile device has been targeted by a crash attack, immediately disconnect from any networks and seek assistance from 2 trusted security professional, in some cases, it may be necessary to reset the device to is factory Jettings to remove any malware or other malicious software that may have been installed during the attack. send multiple request at a fime crarter He Crash Attack = °!""* ) ee | |attacks you mentioned: ‘Ansi=-Here are more detailed explanations ofeach of the vrobile phone to gain access tothe daty LMbie Phone Tet Tiss aphysal atack whee someone steals amoble pone Nr A scoot osel the device, Mobiephone thet isa common ype of attack andi can 06 HEE ‘ng guthenncanion to secure the device, as well as keeping the device with NaF aT ase damate toy Mobile Vives These are malicious sftwae programs that can infect a mobile phone 2 cause Aamate to or steal data frm it. Mobile viuses can be spread through apps, webstes, malleus Nn TA prea! aang, ruses, itis important to download apps and software only from trusted sources, Keep ne ‘eputabe ant-vrus and ant:-malware software. a 3 Mlsing This is a form of phishing attack thats cased au though text messages. Te attacker sends 2 mes, peas tobe fom aleptimate source, sucha a bank, and ass the recent to provide enstve information, uy {redentals or personal information. To protect against mishing attacks, it is important to be suspicious of messaas.? tinknown sources and to avoid providing sensitive information unesstis absolutely necessary and the requesislepy, 4.Vishing: This sa form of phishing atack that i carried out over the phone. The attacker calls the victim and pra, legitimate source, such asa bank, and asks for sensitive information. To protect against vishing attack, iis importan Suspicious of calls from unknown sources and to avoid providing sensitive information unless it is absolutely necessn,. the request is legitimate 5. Smishing: This is a form of phishing attack that is carried out through SMS text messages. The attacker sends ames that appears to be from a legitimate source, such asa bank, and asks the recipient to provide sensitive information, x, login credentials or personal information. To protect agsinstsmishing attacks, is important to be Suspicious of mesuy from unknown sources and to avoid providing sensitiv information unless itis absolutely necessary and the requs legitimate, {Hacking Bluetooth: This i type of attack that targets the Bluetooth technology in a mobile device. The attacker cang access to the device through an unsecured Bluetooth connection and potentially steal data or install malware on the de ‘To protect against Bluetooth hacking attacks, itis important to turnoff Bluetooth when it isnot in use, use a strong» Unique passcode to secure the Bluetooth connection, and avoid connecting to untrusted or unknown devices. "tis important to take measures to protect against these types of attacks, such as Using strong passwords, keeping sof up-to-date, avoiding suspicious messages or calls, and using reputable security software Ans: ‘Mobile phone thefts a type ofatack where a thief steals a mobile phone with the intention of accessing the data stored? itor selling the device. This can be a physical attack, where the thief physically takes the phone from the vichm, or emt 2 virtual attack, where the thief uses techniques ke hacking or phishing to gain access tothe phone remotely ‘The consequences of mobile phone theft can be serious. The thief may be able to access sensitive information stored on® Phone, such as personal and financial information, photos, and contacts. This information can be used for identty tM fraud, oF other criminal activities, n addition, the victim may lose access to the phone ice which can be exoerome! replace. 1¥ your mobile phone is stolen, there are several steps you can take to minimize the damage, These include: 1. Contact your mobile carier to report the theft and have the phone deactivated. Th phone to make calls or access the internet 2. Change the passwords for any online accounts that were accessed on the phone. 3. Consider puting aerdit freeze on your ereit report to prevent the thie from opening new accounts in your name 4 Ifyou have installed a tracking app onthe phone, use ito locate the device and report the locaton to te pole Mobile phone thefts a serious threat, but by taking the right precautions and knowing what to do if your phone stole you can minimize the damage and protect your personal information, How tor le Phone from Being Stole There are several measures you can take to protect your mobile phone from being stolen. Here are some tips to he keep your phone safe 1. Keep your phone with you at all times: The best way o prevent your phone from being stolen sto keep it with you at! times. Avoid leaving it unattended in public places or in your car 2 Use a passcode or biometric authentication: Setting up a passcade or biometric authentication, such asa fingerprint face sean, can prevent unautharized access to your phone Ii stolen, i will prevent the thiel From using py 3. Use a lock screen message: Adding a message to your lock screen, such as “il found, please return to jyour name ® phan number|", can help someone wha finds your lost phane to return it to you. 4 install tracking apps: Installing a tracking app on your phone cam help yOU locate iif iis stolen or lost Popular oot! Include Find My iPhone for Apple devices and Find My Device for Android devices 5. Be aware of your surroundings: Be minal af your surroundings when using your phone in public places, especial crowded areas or on public transportation. Avoid using your phone in isolated ar poorly ia6. Use anti-theft accessories: You can use anti-theft accessories like phone cases with wrist straps or lanyards, which can help prevent your phone from being snatched from your hand. 7. Register your phone with the police: Registering your phone's unique identification number with the police can help you recover it fits stolen By taking these measures, you can reduce the risk of your mobile phone being stolen and protect your personal information {rom falling nto the wrong hands [Mobile viruses are a type of malicious soltware (malware) designed to infect mobile devices such as smartphones and tablets Like computer viruses, mobile viruses can spread from one device to another and cause harm to the device or the User's data ‘Mobile viruses can enter a device through various means, including downloading infected apps, clicking on malicious links, ‘or opening infected email attachments. Once inside a device, a mobile vius can replicate itself, steal personal data, corrupt files, and even take control of the device Some common types of mobile viruses include: 1 Trojan horses: These viruses disguise themselves as legitimate apps and trick users into installing them, allowing hackers to.gain access to the user's data, ‘2. Worms: These viruses can spread from one device to another through Bluetooth or Wi-Fi connections, without the user's knowledge. 3. Ransomware: These viruses encrypt the user's data and demand payment in exchange for unlocking it To protect your mobile device from viruses, it is important to take certain precautions: 1. Install anti-virus software: Anti-virus software can detect and remove viruses from your device. Make sure to keep it updated to ensure maximum protection 2. Download apps from trusted sources: Only download apps from reputable app stores, and check the reviews and ratings before downloading any app. 3. Be cautious of links and attachments: Do not click on links or open attachments from unknown sources, as they may contain viruses 44. Keep your device up-to-date: Regularly update your mobile operating system and apps to ensure they are protected ‘against known vulnerabilities, 5, Use strong passwords: Use strong, unique passwords forall your accounts, and enable two-factor authentication wherever possible to prevent unauthorized access By following these precautions, you can help protect your mabile device from viruses and keep your personal data safe send text meseqes ssage (SMS) or email that appears ‘usually contains 2 link that, when ‘Ans: Mishing i type of socal engineering attackn which an attacker sends at to be from a legitimate source, such as a bank or a social media platform. The. Sched, takes the user to a fake website designed to steal their personal information, such as login credentials or credit card deta . The term “mishing"is derived from a combination of “rm ‘atried out through email ishing attacks can be difficult to detect, as the messages are often de well-known brands. ‘There are some precautions you can take to protect yourself from mishing attacks Be casnour of unsolicited messages: Be wary of unsolicited messages from unknown sources, especially those that ask OU to click ona link or provide personal information + Theck ine sender's detail Check the sender's details carefully, as attackers often use similar sounding names or emal addresses to impersonate legitimate sources. > burt ciek on Ins: Avoid clicking on links in messages Unless you are sure they are legitimate Instead, manually type in the website address or use a search engine to find the correct website + Une eat fector guthentcation: Enable two-factor authentication on your accounts whenever possible, as ths can help prevent unauthorized access even if your login credentials ae stolen coe ea anon eytware: Use anti-malware software on your mobile device to detect and block malicious inks and ‘and “phishing.” which refers to a similar type of attack that is bil ned to look like legitimate communications from websites ishing" and "smishin text messages (smishing) to obtain sensi Wishing: Fae ort for “voice phishing, sa type of phone-based socal engineering attack where the attacker impersonates a trusted autnarty, such ae a bank, government agency, oF IT help desk, to obtain sensitive informanon such as creditcard rumbers Donk accoum details ov passwords. The attacker may use a prevecorded message or alive person to convince the are two types of social engineering attacks that target individuals through phone calls (vishing) or ive information or perform fraudulent actions.victim to provide the information or take a certain action, such as making a payment or installing malicious software on device Vishing attacks can be dificult to detect because the attacker may use spoofing techniques to make it appear asf the ¢ coming from a legitimate source, such as using a phone number that appears to be from a bank or government agency To protect against vishing attacks, individuals should be cautious when providing personal information over the ph especially ifthe caller initiates the call. it's always a good idea to call back the organization using a verified phone nun before providing any sensitive information, ‘Smishing Smishing, short for "SMS phishing," isa type of text-based social engineering attack where the attacker sends a text mess that appears to be from a legitimate source, such as a bank or other financial institution, The message may ask the victi lick on 2 link, provide personal information, or download a malicious app Smishing attacks can be dificult to detect because the message may appear to be from a legitimate source and may persuasive language to convince the victim to take the desired action. ‘To protect against smishing attacks, individuals should be cautious when clicking on links or downloading apps from t ‘messages, especially if they are from unknown sources. It's always a good idea to verify the authenticity of the message Contacting the organization directly using a verified phone number or website. Additionally, using two-factor authenticat can help prevent unauthorized access to sensitive accounts even if an attacker gains access to login credentials throug) smishing attack. | GitiackingBluetoot Ans: Hacking Bluetooth can be a potential security threat as it can allow unauthorized access to sensitive data or syster {Bluetooth hacking involves exploiting vulnerabilities in Bluetooth-enabled devices to gain access to confidential informane intercept communication, or control the device remotely. ‘Some common techniques used in Bluetooth hacking include Bluejacking, luesnarfing, and Bluebugging. Bluelacking isthe act of sending unsolicited messages or files to a Bluetooth-enabled device, often for the purpose) spamming or pranking the recipient. Bluesnarfing is the unauthorized access of data from a Bluetooth-enabled device, such as contacts, emails, and message ~ Bluebugging is the most severe type of Bluetooth hacking, where an attacker gains complete control over the dew allowing them to make calls, send messages, and access sensitive data, To prevent Bluetooth hacking, i is important to keep your Bluetooth devices updated with the latest security patches 2x avoid pairing with unknown or suspicious devices. Additionally disabling Bluetooth when not in use can reduce the rst: being targeted by Bluetooth attacks Bluejacking is a type of Bluetooth hacking where an attacker sends unsolicited messages or files to 2 Sluetooth-enatie device, such as a smartphone or laptop, without the owner's knowledge or consent, The messages or files are often armies and may contain advertising or promotional content. Bluejacking works by exploiting the Bluetooth protocols ability to search for and connect with nearby devices automatcah Attackers can use specialized software to scan for Bluetoath devices and send messages or fils to them. Bluejacking is usually a benign activity and is often used for pranks or social engineering purposes. It does not ‘vocal involve the theft of data or the compromise of a device's security. However, itis still considered a security risk ast ean ® used to spread malware or phishing messages, and it can be used to disrupt the normal operation of a device To protect against Bluejacking, users should keep their Bluetooth devices in non-discoverable mode when not in use. 2" only accept files or messages from trusted sources, ase ee et ead eens Hue Ana F gains unauthorized access to data from a Bluetooth-enabie device, such as a smartphone, laptop, or car system. The attack allows the attacker to steal data from the device. such contacts, emails, messages, photos, and even authentication credentials, Bluesnarting works by exploiting vulnerabilities in the Bluetooth protocol, such as weak or default PIN codes « authentication mechanisms. An attacker can use specialized software to scan for vulnerable devices and then connect # them to access the data stored on the device Bluesnarhing is a serious security ris, as it can lead to the theft of sensitive data and compromise the privacy ofthe dew ‘owner To protect against Bluesnarfing, users should keep their Bluetooth devices up to-date with the latest security patoMe ‘and avoid using weak or default PIN codes for pairing, Additionally users should only pair with trusted dewer, ana pairing with unknown ar suspicious devices. There ate various Bluetooth hacking tools available that can be used {or diferent purposes. Here are some of the mi ‘commonly used Bluetooth hacking tools along with a brief explanation of their functionalities 1 1 BlueScanner: Tis too! is used to scan for discoverable Bluetooth devices in the vicinity It can identity devices and pe! Information such as the device name, address, and services 1 42 BlueSni his tool's used to capture and analyze Bluetooth traffic between devices it can be used to denny devices and analyze their Bluetooth communication for vulnerabilities, 2 BueuRRCe: Ths (00) s used to perform Bluebugging attack, where an attacker gains complete contol over a Bluetooth e in Be used to make phone calls, send messages, and access data on the compromised device. 4 Slucsnarfe This tool is used to perform Bluesnarfing attacks, where an attacker gains unauthorized access to data on 8 Bluetooth enabled device, It can be used to steal contacts, messages, photos, and other sensitive data from the device. 5 Blucdiing: This tool is used to exploit vulnerabilities in Bluetooth-enabled devices to gain unauthorized access to theit systems It can be used to execute arbitrary commands, access data, and even Install malware on the device. { Sposttoogh: This is a tool used for Bluetooth device spoofing. It allows attackers to manipulate the Bluetooth device's MAC address, which can be used to perform various attacks such as Eluesnarfing and Bluejacking ubertoath: This is an open-source Bluetooth sniffer and protocol analyzer. It can be used to capture and analyze Bluetooth ‘tfc, identify Bluetooth devices, and perform Bluetooth-related atacks Its important to note that the use of Bluetooth hacking tools for malicious purposes i illegal and can result in severe consequences. It's recommended to use these tools only for ethical and educational purposes or with proper authorization, {: Short note on Biuebugging: - Bluebugging sa type of Bluetooth hacking where an attacker gains complete control over a Bluetooth-enabled device, such 35 smartphone, laptop, or car system. The attacker can then use this control to perform various malicious activities, such a5 making phone calls, sending messages, accessing sensitive data, and even instaling malware on the device. Bluebugging works by exploiting vulnerabilities in the Bluetooth protocol, such as weak or default PIN codes or authentication mechanisms. An attacker can use specialized software to scan for vulnerable devices and then connect to them to gain control over the device. Sluebugging is a severe security risk, as it can result in the theft of sensitive data, unauthorized access to resources, and complete compromise of the device. To protect against dluebugging, users should keep their Bluetooth devices up-to-date with the latest security patches, avoid using weak or default PIN codes for pairing, and only pair with trusted devices Additionally, users should avoid leaving their Bluetooth devices in discoverable mode when notin use, as this can make them more vuinerable to Bluebugging attacks car a oo is a Bluetooth hacking tool that is specifically designed to hack into Bluetooth-enabled car systems. It can be used to gain unauthorized access to the car's features and systems, such as the entertainment system, GPS, and even the car's controls, Car Whisperer works by exploiting vulnerabilities in the Bluetooth protocol and the car's systems, It allows attackers to connect to the car's Bluetooth system and gain control over it, allowing them to perform various malicious activities Car Whisperer isa severe security risk, as it can result in the theft of sensitive data, unauthorized access to the car's systems, and even complete control over the car. It can be used to perform dangerous activities, such as controlling the car's brakes, steering, or acceleration, To protect against Car Whisperer attacks, car manufacturers should implement robust security mechanisms in their Bluetooth systems, such as secure authentication, encryption, and access controls. Additionally, users should keep their car's, firmware up-to-date with the latest security patches and avoid pairing with unknown or suspicious Bluetooth devices, Ans= fevices have become an integral part of modern business operations, providing employees with the flexibility to work remotely and access company data from anywhere. However, the use of mobile devices also presents significant security risks, as they can be easily lost, stolen, or hacked, compromising sensitive company data. To mitigate these risk, organizations should implement the following measures for handling mobile device-related security issues: 1 Develop a Mobile Device Policy: Organizations should develop a mobile device policy that outlines the acceptable use of ‘mobile devices, the security measures that must be in place, and the consequences of non-compliance. The policy should also specify the types of devices that are allowed and provide guidelines for device procurement and management 2 Enforce Security Measures: Organizations should enforce security measures such as password policies. encryption, and remote wiping, These measures can help protect sensitive company data in case a device is lost or stolen. 2. Tran Employees: Organizations should provide training to employees on the proper use of mobile devices and the security ‘measures that must be in place. This includes educating employees on the risks of using public Wi-Fi networks, downloading ‘malicious apps, and connecting to unknown devices 4 Implement Mobile Device Management (MDM) Solutions: MDM solutions can help organizations manage and secure their ‘mobile devices. These solutions allow administrators to monitor devices, enforce security policies, and remotely wipe data In case of a security breach |. Regularly Update and Patch Mobile Devices: Organizations should ensure that mobile devices ave regularly updated and patched with the latest security updates. This helps to mitigate the risk of vulnerabilities being exploited by attackers 6 Conduct Regular Security Audits: Organizations should conduct regular security audits of their mobile device infrastructure to identify vulnerabiles and ensure compliance with security policies 8 implementing these measures, organizations can better manage the security risks associated with mobile devicesputing Era? sand Measures in Mobile Cot lain deren rganiaiona Sc eg alts, OFEINEARONS ae cig With the widespread adoption of mobile devices such a smartoanes ond i's essential or organizations ye" chalenges in ther compo enianments, To ares these chalets 5 CAsrTy nn comprehensive secuny pokes andrmeasrsthat cover allaspectsc! mabe ome mobil Here are some of the key organizational security policies and measur "Coy ” ing mobile devices to have Secure passwords o, 1. Device Security: ganizations can enforce poles requiring et nplenent terete ee duthenteton ately ent of dt a fest and nat They co a0 MIME MCL ge ggg remove sensitive data om lst or stolen devices. and only allow 2A Secury: Oganzatons an esti the we of certain pes on modle dewces and any alow 255 ay, Sources. They can also implement measures to monitor and control app usage, and requi *Bularly upd, apps 2. Networ Secure Organizations can reauieemsloyee to connect to secre networks, Suh 5 VPN and ing measures to prevent unauthorized acessto corporate networks. They can also enforce pois that restrict the veg, WiFi networks, 4.Data Security: Organization can implement measures to protect sensitive dat, such s using data encryption, ey acess to Sensitive data, and implementing data backup and recover procedures User Taining and Awareness: Organizations can educate employees onthe rks associated with mobile compey train them on best practices for using mobile devices securely. This includes teaching them how to identity an Common mobile security threats, such as phishing scams and malware attacks. Overall the ke o effective organizational securty inthe mobile computing era isto implement a comprehensive ap that covers all aspects of mobil security. This requires angoing moitring and updating of Security polices and men, 35 wel as ongoing training and education fr emloyes. Physieal security countermeasures are an essential aspect of cybersecurity, as they help protect an organization's dig assets and infrastructure from physical threats. Here are some of the physical security countermeasures that organia ‘an implement to improve their cybersecurity: 1. Access Control: Access control measures, suchas electronic locks and biometric scanners, can be implementedito be Physical access to sensitive areas such as datacentres, server rooms, and other citcal infrastructure. Access control ‘also be used to monitor who enters and ents these areas and record theie activity 2. Surveillance: Video cameras and other surveillance technologies can be used to monitor physical spaces and idexth potential security threats. These systems can also be integrated with access control measures to momter and record enters and exits secure areas, 3. Alarms and Alerts: Alarms and alerts can be used to notify security personnel af potential security breaches, such 28 ‘unauthorized access attempts or the presence of unauthorized individuals in secure areas, ‘4 Physical Barriers: Physical barriers such as fences, walls, and barricades can be used to prevent unauthorized access! Secure areas These barriers can also be used to prevent vehicles from approaching or enteing secure areas $5. Security Personnel: Trained security personnel can be employed to monitor and respon to potential security threat real-time. They can also be tasked with enforcing security policies and procedutes, a well x conducting requir sco audits and assessments Overall, physical security countermeasures are an essential aspect of cybersecurity as they help protect an of dligtal assets and infrastructure from physical threats. Organizations should implement a comprehensive physical secur strategy that covers all critical areas and infrastructure and regularly revew and update their physical security messore address new and emerging threatsUnit - 3 iar are the diferent pha dite nies of a cyber attack on a network gue thse eater ersege ee 1 ing the adress wah store ee such 3! ork (MPI, ching other methods to disguise their entity The iridentity or location. This ean invelve weine ech using a TOR browser to browse the wea attacker may alo atten to gather information about tne target. at gronthe Pas oF em congrats ae ae 00h awork Probe: In this stage, the attacker scans the target network far vulnerabilities and potennal entry p 2h sn 10M 1 o anal ehnges e ee eanee target system, auch 24 oper ated software. The attacker may alto atten a 9 information about the network's users, such 2: Ihe" oa co eral adcreses So creeps Line Toads Electron Crme: Th stage mats step towards llega aetvty, This an involve atempe tne jin ther legal acts, ate turing the Network: In this stage, the attacker ‘gains control over the target network by exploiting vuinerabiline: ig socal engineering, tech rr arcane crtain login credentials. This can involve deploying malware, exploiting sof vlnerabiliies, oF using phishing emails to ick users into revealing the login eredenone + the beginning of the actual attack, where the attacker ta Ne to gain unauthorized access to a system, ste ling data, covering the Attack: In this fal stage, the atacker attempts to caver their tracks and evade detection, This can involve deleting logs, modifying system settings, or using other methads toe, also use tactics such as encrypting stolen da iceal their presence on the network. The attack: remove their presence from the network. 8 obfsctng ther malware to ate node aetenaen ca er atostol and metals ie Tae SERCO | oe savers and Anonmmizere Pony seners and oon ng making it more difficult for defenders to track them doy non seve of ne stones een Plsung pst a ype of eae Soe beneee eg mimic legltimate ones 2, Password cracking: Password crackin 8 involves using various techni luauthorized access to a system or network. This can be done throu password cracking software, Keone and spyware: Keyloggers and spyware ate types of malware that are designed to monitor a user's acnvities Secenace fnsve Inormation such as passwords, They can be insuled on een computer through malicious Sownloads or email attachments 5 ituses and worms: Viruses and worms are types of maha often causing damage tothe infecte network vulnerabilities, [closes and bacoors:Tojn horses and backdoor ar types ef malware that ae disguised as legitimate software, but are actually designed to give an attacker un: authorized access to a system or network. They can be spread through email 7{aehments, software downloads, or through exploiting ulnerabiir network protocols 2. Stepanogra E Beegenography involves hiding secret messages within other messages or data, cfendersto detect. Attackers can use this technigue to conan sensitive information such as login ex data, 5. SQl injection: SaL injection isa techni ique used to exploit vulnerabilities in web applications th snacks can use thistehnique to gain unauthorized acento serene information, onthe server 2.265 and OD0S attack tools: Denial of Service {Dos} and Distributed Denial of Service (DDoS) attacks inv Server or lve Mooding a cor tk with raf makingitunavalabletolegtimate users. Attackers an se variourtocs cag techniques, such do. ©F ampication stacks, to carry out these types of stocks auctlow: A butter overliow i type of vanerabiity that canbe exploited by attackers to eecute arbitrary code aug tem of network. t occurs when a program or proces attempts to store more data in a butfer than it can hondle “Using it to crash and potentially allowing the attacker to gain control. Attackers can exploit this vulnerabil "lous input data or by sending rated packets ove te inty through vetwork, may ect and ‘tools and methods used for cyber-attacks: ters are used by attackers to mask their IP address and location ‘This can be achieved by routing their internet trattic through + era n6 attack that involves tricking users into divuiging sensitive informanon imbers. This can be done through emails, instant messages, or fake websites trer iques to guess or crack passwords in orde! to gain sgh brute force at tacks, dictionary attacks, or using making it difficult for redenbials o° financial at use SQL databases, modify data, or execute arbitrary coderoxy servers and anonymizers are tools th Access ier they by eybererminals to conceal their identity and evade detection, maja: ME hy 8 then rabsite the request sent tothe proxy server instead of directly to the website The proxy server then forwards the jgctta Gn behalf of the user, retneves the website's content, and sends it back to the user. By acting as an intermediary, yh, 4 seover can mask the user's P address and location, making it more difficult for websites to track the user's activity, P'ry Trees cenies of sewers in afferent locations. When a user accesses an anonymizer, thei internet traffic is encrypreg lt sent through a series of servers, each of which strips off a layer of encryption and forwards the traffic to the noxt sexy the chain, The final server in the chain then decrypts the traffic and sends it to the desired website. By routing traffic throy.” a a nee tage aarss and ication making mre die Tor weg Ten et. and anonymzrs can pronde leptmate boris tows, sch as reased pracy and Seu, th Ne ee aaa cut males eces, For example sates ca se Prony severe ‘mack their iP address and locaton when launching attacks such as phishing or distributed denial of service (DD0S) attacy, Sint anonpises an be eset ecas eg conten ot evade deecton by la eneremet - at can be used to help protect user privacy and anonymity when | Phishing is a type of cyber-attack that involves the use of fraudulent emails, messages, or websites to trick individuals ing providing sensitive information, such as login credentials, credit card details, and other personal information. Phishi attacks are often carried out by cybercriminals who create convincing-looking emails or websites that appear to be from 5 legitimate organization, such as a bank, social media platform, or online store. ‘The goal of phishing attacks is to trick the victim into clicking on a link or providing their personal information, which the attacker can then use for identity theft, nancial fraud, or other malicious purposes. Phishing attacks are often successfu| because they exploit human vulnerabilities, such as curiosity, trust, oF urgency. Phishing attacks can take many forms, including: - Email phishing: where attackers send fraudulent emails to victims, often with a link to a fake website that looks like 3 legitimate one. ‘Smishing: where attackers use text messages to trick victims into providing sensitive information. = ishing: where attackers use voice calls to impersonate a trusted entity end trick vietims into providing sensitive Information. To protect yourself from phishing attacks, it's important to be cautious when receiving unsolicited emails or messages, especially if they contain links or ask for personal information. Always verify the sender's email address, and avotd clicking on links from unknown or suspicious sources, It's also important to keep your software up to date and use security software to protect your devices from phishing and other cyber threats, Hows phishing Works:- The process typically involves the following stages: 1. Planning: The attacker first identifies the target audience and determines the type of information they want to steal. They ‘may use various tools and techniques, such as social media or online forums, to gather information about their targets, 2. Setup: The attacker creates a fake website, email, or message that looks like it comes from a legitimate source, such as 8 bank or social media website. The website or message will contain a link or attachment that the victim is encouraged to click 3. Attack: The attacker sends the fake message or email to the target audience, usually with a sense of urgency oF fear, encouraging them to click on the link or attachment. Once the victim clicks on the link, they are redirected to the fake ‘website, where they are prompted to enter their personal or financial information. 4. Collection: When the victim enters their information on the fake website, the attacker collects the information, either ‘manually or through automated tools. The colacted information is then used for various purposes, such as identity theft or | fraud, S. Identity theft and fraud: With the collected information, the attacker can use the victim's identity to conduct fraudulent activities, such as accessing their bank accounts, applying for credit, or making purchases. | 5 p86 | BSF ooes5 ‘Ans: Password cracking isthe process of gaining unauthorized access to a computer system, application, or network by obtaining or guessing the password. This is typically done by using automated software tools that try different combinations of characters, words, or phrases until the correct password is found, The purpose of password cracking is to gainaccess to restricted or sensitive information, such as financial data, intellectual Property, personal information, or other valuable assets. Ths is typically done by cybercriminals who want to steal data or«na ca a be de se ang i att eegotten the pasword and neu rege eet Ws ve wang the security a «system or by mdr oon acne, co" DE Used Yo attack various type ence eM aCe wate ent SYSEMS. ICON aso be Lied te ores cl EE including ndindual user accounts, corporate network Mee apatite sate tocompromur ers MMB anna pom sah pa soma ces cant fegame of the tYPES OF Passed cracking tag, MER mare serative wfermat on sible combunat ee ord relataey 2 tne 1k: A dictionary attack invoh cory attack: wolves Uuing a pre gerne actor that includes the correct pasar gaia: Avid attack combines the by . midom characters t0 create a lst of p eee ea oe This type of attack 1 often uted tains some predictable elements that can he guessed wah yy ye ot aeace 1 atten conten to make it more dificult to auess renee ae painst password cracking, oe sword smbination of letters, number ef bol. Pas Me si tie Changed regularly and not be reused across multiple accounts Mult-factor Foes oe ent strong secon an aééitional ayer of secunty to protect aganst unauthorized access Organizations sates olen’ OND ect oles rea oe jar security audits ang employee traning to prevent password cracking os Senne and Somwares.: WES foners and spyware are both Sorel Yes of malicious sofvae that can be used o abtein pluses: also ktown 35 keystroke logger isa vies ; Axetse device This cludes al passwords, software-based KeVloBgers are installed on 3 computer or mobile device through malicious software or by exploiting wulnerabilities in the operating system, They run silently in the background and can be dithcult to deeect. Hardware -based keyloggers are physical devices that are inserted between the keyboard and the computer, and they record every keystroke sete onthe keyboard fevloggers can be used for various purposes, suchas monitoring employae achitles, stealing {enstve information for financial gain. To protect agninst kelooeens Srevirus software up to date, use strong passwords, and be ‘ere are different types of keyloggers: - + Software kevioggers: Software keyloggers ae programs that run on user's computer or mobile device and keystroke made on the keyboard, They can be installed through malicious sohwon and they run in the background without the user's knowledge + Hardware Kevlogners: Hardware keyloggers are physical devices that are inserted between the keyboard and the computer or mobile device. They record every keystroke made on the keyboard and store the data on the device Hordware keyloggers can be dificult to detect as they do not require any software installation + Acoustic tevlogters; Acoustic keyloggers use sound sensors to record the sound of a user typing on a keyboard. They analyse the sound waves to determine which keys ae being pressed and record the corresponding keystrokes, Acoust keyloggers can be installed on a nearby computer or mobile device, or they can be embedded in a physical object, such asa desk or chai ‘LSoware: Spyware isa type of malicious software that secretly gathers information about a user's computer or mobile device activities ‘and sends it toa third party It can be used for various purposes, such as tracking a user's online activities, stealing persone! Iniormation, and displaying unwanted pop-up ads, Sayware can be installed on a computer or mobile device through malicious software, such a5 9 Trojan horse or a phishing email. Once installed, It runs in the background and can be difficult to detect. Spyware can monitor a user's keystrokes, ‘ature screenshots, track internet browsing history, and steal login credentials and personal information Toprotect against spyware, it's important to use antivirus software and keep your operating system and other sofware up to date with the latest security patches. Additionally, avoid clicking on suspicious links or down'aading software from Lnicusted sources, and be cautious when entering personal information online. re ree ace A rate force ata ne round Ite of atach nn very ee a suming and resource-intensive when the nas le or arnt ang it can be very of communly ut nords oF words from a er than « orute-forre atlaek, bul i requires & uteforce and devon, ostible passwords of common words when the password \des some random sitive informanan from a 'ype of malicious sohware that racords every keystroke mace on a computer {Credit card numbers, emails. and other sensitive informann that 3 user types gin credentials, and obtaining W's important to keep your operating system and Cautious of suspicious emails and downloads record every phishing emails, or other means,