Information Security

HOW SOCIAL ENGINEERING IS USED IN PERSONAL INFORMATION STEALING?

In this digital era where almost everyone is using mobile and computes for ease of access, information stealing has also become a very serious issue. Information can be stolen by using different methodologies, social engineering is one of them. Every other day we read about victims of Social Engineering who either has lost confidential data or money over call or mail.

What is Social Engineering?

Social Engineering is a kind of art where the Hacker tries to steal critical information of victim by socialising with him or her. Have you ever received any unknown call asking your personal details like date of birth, marriage date or sometimes the confidential information like your bank PIN or OTP, then one or other way you would have been faced the wrath of Social Engineering technique of information stealing.

 

Let’s discuss how Hackers steal data from publically available information of yours or make you fool to share your critical information.

CASE ONE: The best way to perform is to use the publically available information from different social networking sites where users put their confidential information like Date of Birth, Contact Number, areas of interest, the place where they live, where they visit and many more. By using such lucrative information Hackers predict the password easily and can access sensitive data of yours. Most of the users use the password which they could remember easily like their name, spouse name or combination of some names and dates, which is very easy to predict. So one should not to share his or her personal information on social media which can be exploited later on.

CASE TWO: Phishing is the method of stealing information which is very popular. In this case Hackers act as a trustworthy source and try to extract critical information like passwords, credit card information through mails, texts, sms etc. By using this method hacker’s gather information very easily, they will just host a similar looking web page where if the victim put their credentials such as passwords it will be received by hackers and the web page will then redirected to original website. The best way to detect these kind of attack is to check the URL of the website where you are inserting your data and never put your credentials or make payment received on mobile through untrustworthy sources.

CASE THREE: Vishing, which is Voice phishing where hackers will call you and pretend as a genuine source like Bank Executive etc and will try to extract information like password or OTP of the user. This is one of the most common scam prevalent in many developed countries as well. Here, malicious people called hackers takes advantage of unawareness of users and gather the information and use it for making online payments or other kind of malicious activities.

One should never share personal   details over call, remember no financial institute will ask for your password or OTP.

CASE FOUR: Another technique where Hackers use Social networking techniques to befriend the target to collect critical information. This is a very easy and popular way to extract critical information without much efforts, here malicious user tries to exploits emotions or needs of the victim and mostly pose as opposite gender or any job agency etc. One should be very careful while sharing their personal and professional information over social media, rather no one should share any critical data online to non-trustworthy sources.

CASE FIVE: Many people often tend to write down important information like contact details, bank pins, passwords etc. on a piece of paper and later forget to destroy it. This information can be used by hackers to steal information. Information from airline tickets, courier packets from online shopping, electricity or telephone bills  can also be misused because it contains information like Address and Phone number, what else a hacker needs. Dumpster diving is one of the very famous method where hacker extract information from improperly destroyed garbage dumps.

Any paper bounded information should be properly destroyed before dumping it, if possible use shredder to destroy paper bound information so it cannot be reused

The best way to safeguard yourself from social engineering attacks are

Share minimalistic personal information on social media, if possible one should not share any personal information online.

 

Try to avoid weak password, which are easily guessable, always use strong password which is a combination of special characters and numbers. Don’t use a password for so long, change passwords frequently. And one more thing try to avoid same password everywhere.

 

Beware of the link you are clicking, pay attention to the websites you are visiting. Never put your information on the websites which doesn’t look genuine. Always use websites which are using ‘HTTPS’ instead of ‘HTTP’ in the URL

 

Never use public network or public computers for accessing your bank accounts. Public computers are very easy to hack, it can have malware which can capture keystrokes and thus your passwords. Hackers at Public places like airport or railway station might be intercepting the traffic and can capture your credentials.

 

Don’t ever share your important information like passwords over call, you never know who is listening to you and can misuse the credentials.

 

Be cautious while you are typing the passwords, shoulder surfing can reveal your password to malicious users.

 

A camera at public place might be capturing your keyboard entries so be cautious while using your credentials at public places

 

Always destroy the piece of paper which contains critical information before dumping it, if possible never write down your passwords on paper and don’t ever share it in messages.

 

Use a good quality of antivirus which can detect the phishing pages and keep your computer firewall on

 

Hackers always try to find our news methods to steal information, the best way to safeguard yourself to be aware all the time while you are dealing with sensitive information like passwords or bank details. One can attend “Cyber Security Awareness Sessions” in order to learn different methods or techniques of social engineering used to fool the victims and thus will be able safeguard yourself.

Remember prevention is better than cure. One should always be vigilant about their surrounding and know about kind of repercussions can happen because of social engineering. Few good habits can help to safeguard you from online frauds.

#tags: cyber security, digital, online media,

#Keywords: Social Engineering, Online frauds, Phishing, Vishing, Dumpster diving, Cyber Security, Information Security.

CYBER SECURITY CERTIFICATIONS FOR BEGINNERS

Information Technology has become an integral part of every business now a days irrespective of its nature and size. Information Technology brings a lot of ease of doing business at the same time it increases risk as well. Businesses are taking cyber security risks seriously which has made Cyber Security is a good career option now a days. There are multiple certification available in the market which can help anyone to get into cyber security. These certifications are blend of existing technologies and security. To become a successful Cyber Security professional one has to be good inboth networks and application. Below are few training and certification courses which any beginner can pursue to start his or her career in cyber security.

CCNA(R & S) (ROUTING AND SWITCHING)

CCNA(R&S) or Cisco Certified Network Associate is the most popular certification to start a career in IT and cyber security. This certification has global value.

Perquisites: There is no perquisite for CCNA certification. Candidates should have interest in networks and IT infrastructure

What the participants will learn?

CCNA certification training gives a deep insight of networking .It helps students to develop a complete understanding of IT networking and different kind of network topologies in order to form efficient and secure networks. It also provides deep level understanding of different routing protocols as well.

 

What are the Career option after this certification?

After successful completion of CCNA training and certification program one can start his or her career as

  • Network Associate,
  • Network Administrator
  • System administrator
  • Network Engineer
  • Technical Support Engineer

CCNA (SECURITY):

Cisco Certified Network Associate(Security)is an entry level globally recognized certification for the aspirants who are planning to build their career in Network Security and cyber security

Perquisites: CCNA(Routing and Switching)

What the participants will learn?

CCNA Security certification training helps candidates to learn secure network architecture. After training participants will be able to install, monitor and configure various network security devices like Firewall, VPN, Routers and switches, IDS, IPS

What are the Career option after this certification?

After successful completion of CCNA Security certification and training candidates can pursue their career as:

  • Network Security Engineer
  • Network Support Engineer
  • Network Security Specialist
  • Network Security Administrator
  • Network Security Analyst
  • MCSA

Microsoft Certified Solutions Associateis a globally recognised certification from Microsoft which provides great career opportunities in the field of network system and technical support. This is one of the most sought after certification in Information Technology infrastructure.

Perquisites:  There are no perquisites, however a good knowledge of network fundamental and databases will be helpful

What the participants will learn?

MCSA training and certification will help the candidates to learn installation and configuration of Windows Server 2016. Candidates will also learn Windows administration .MCSA training and certification will generate the skillsetthat focus on designing and producing technological solutions

 

What are the Career option after this certification?

  • Network Administrator
  • Database Administrator
  • Technical Support Specialist
  • Systems Administrator
  • Computer Network Specialist

 

RHCSA

Red Hat Certified System Administrator is a certification for developing skillsets in working Red Hat Enterprise Linux environment. This is also a very popular and globally recognised certification.

PerquisitesThere is no prerequisites for the certification.

What the participants will learn?

This training and certification will help the candidates to understand Linux command line environment, file and directory structures. Creation and Configuration of files and file systems using command line. Manage user and groups. Management of basic security configurations like firewalls etc.

What are the Career option after this certification?

Few of the career options are:

  • Linux System Administrator
  • System Analyst
  • System Engineer
  • Server Administrator
  • CEH

Certified Ethical Hacker is a certification from E C Council which provides an offensive approach of Cyber security i.e. how the networks and application can be hacked. This is a very popular and globally recognized certification.

Perquisites: Candidates appearing for this certification should have basic understanding of networks, servers and databases.

What the participants will learn?

Participants attending CEH training will learn about different phases of hacking like information gathering, network scanning, enumeration, attacking and how to delete footprints after successful attack. This training and certification gives you a hacker’s perspective while attack.

This program also gives a deep understanding how networks, application Wi Fi, IoT devices can be attacked by using loopholes and vulnerabilities in the existing systems.

This certification develop a basic and initial skillset of hacking(security testing) among the participants.

What are the Career option after this certification?

There are multiple career options after successful completion of CEH training and certification course. One can pursue career as:

  • Network Security Engineer
  • Security Engineer
  • Vulnerability Assessor
  • Information Security Analyst
  • Information Security Consultants
  • Cyber Security Consultant
  • Web Application Penetration Tester
  • Network Penetration Tester
  • ISO/IEC 27001 LEAD AUDITOR

ISO/IEC 27001 Lead Auditor is a globally recognised certification in the field of cyber security and information security. A certified Lead Auditor understands the mandatory requirements of information security and is well versed with the process of auditing.

Perquisites: To become ISO/IEC 27001 Lead Auditor candidates should have 2 years of Information Security Auditing experience.

What the participants will learn?

After successful completion of ISO/IEC 27001 LA program candidates will able to perform information security audits in any organisation. Candidates will learn the Information Security Management System as per ISO 27001 & all its controls and how to plan, conduct and close an audit according to ISO 19011.

What are the Career option after this certification?

Career options after this certification are:

  • Information Security Internal Auditor
  • Risk Assessor
  • Lead Auditor
  • Risk Manager
  • Information Security Consultant

 

Cyber Security scenario is rapidly changing, new technologies are coming in the market and old technologies are getting obsolete. One needs to know the basics irrespective of the technology domain in which he or she is working. One can choose the complete suite of certifications or a few certifications as per their interest. Cyber security is also about innovation where one can make their own customised solutions according to the organisations need against the current and upcoming risks.

# Keywords:  Cyber security, Information security, CEH,CCNA, ISO 27001 LA, risk, threat,MCSA, RHCSA, certification

 

# Tags:  career, jobs, cyber security, Information technology, beginner, certification.

CYBER SECURITY MUST KNOWS FOR CLOUD SERVICE PROVIDERS

WHAT IS CLOUD COMPUTING?

The Information Technology world is emerging and with fast pace, new innovative ideas are changing the scenarios constantly and cloud computing was one of those ideas which has changed the perspective of IT services.

Cloud Computing is a network of remote servers which are used to store, manage and process data via internet, instead of local servers or hard drives.

With ease of use and flexibility, it has become most usable IT services nowadays.

SECURITY RISKS ASSOCIATED WITH CLOUD COMPUTING?

Cloud computing transformed the way organizations store, use, and share data, applications, infrastructure and workloads. Cloud computing also provides a flexible model for simplified IT management, remote access, mobility, and cost-efficiency. With so much ease of access and flexibility most of the organisations are availing cloud services, however as more mission-critical applications migrate to the cloud, data privacy and software security are growing concerns. With so much data going into the cloud including critical data like PII and PHI —these resources become natural targets for hackers.

Availing IaaS or Moving web applications to the cloud does not make organisations inherently more secure.  Organization nowadays might be ready to adopt the benefits of the cloud infrastructure. But you must also ensure you address all the potential security risks in cloud computing, especially public clouds.

WHAT IS CLOUD COMPUTING SECURITY?

Cloud computing security is the combination of guidelines and technologies controls, which are helpful to manage information security compliance and provides instructions for securing data applications and infrastructure identify with cloud computing use.

Cloud computing has many advantages, such as Ease of use for customer, speed and efficiency. But there are also many potential threats in cloud computing. These threats include human errors, misconfigurations, data breaches, insider attacks, account hijacking, and DDoS attacks. According to studies, businesses which are using cloud computing services are more prone to data breach and cyber-attacks in comparison of others.

CLOUD SECURITY: CHALLENGES AND SOLUTIONS

Below is the list of most critical cyber security challenges faced by Cloud Service providers.

1.      Data Breaches:

A data breach is a result of infrastructure or application vulnerabilities, human error, poor security practices such as weak password, inadequate access control etc. Data breach is one of the top most security challenges, mostly public cloud because of different requirements by different customers. Solution to this problem is that organizations should always secure their databases which contains sensitive data like user credentials, by hashing and salting and implement proper logging and behavior anomaly analysis.

2.    Human Error:

Human errors like clicking on malicious links, sharing data with unauthorised person, using weak passwords and not having maker checker procedures etc. are challenges in Cloud security. These errors are often at customer’s end. Training and awareness pertaining to Cyber Security, imposing strong password policy and segregation of duties can really resolve this issue. Proper monitoring is also necessary.

3.    Insufficient Identity, Access and Key Management:

Hackers can act as legitimate users, developers, or operators can read, manipulate, and delete data; snoop on data in transit or release malicious software that appears to originate from a genuine source. Any unwanted service running on the server can allow access without authentication. Solution to this problem is implementation of preventative controls across all perimeters, and that organizations scan managed, shared and public environments for vulnerabilities.

4.    Data Loss:

Data loss can be because of an accidental deletion by the cloud service provider, or a disaster like a fire or earthquake, can lead to the permanent loss of customer data unless the provider or cloud consumer .takes adequate measures to back up data, Solution to this problem is having a full proved Business Continuity and Disaster Recovery plan in place, performing data backups & testing regularly and conducting DR drills at regular intervals.

5.    Insecure application programming interfaces (APIs):

APIs are exposed to public and so too attackers, an API is likely to be the initial entry point for attackers. Hackers exploit vulnerabilities of insecure APIs to get access to servers. Performing security assessment prior to deployment and after any significant change can help to identify the existing weaknesses and patching it.

6.    Advanced persistent threats (APT):

APT uses sophisticated and continuous attack techniques to get access in Cloud infrastructure and monitor the Cloud provider’s activity and steal the data rather damaging the networks. In this the attacker gain access and remain undetected for long. Monitoring network on regular basis for abnormal behaviour, update latest antivirus signatures and scanning networks on regular basis can resolve this issue.

7.    Insider Attacks/ Malicious Insider:

A malicious insider can be performed by any employee or any privileged user who has access to potentially sensitive information, and critical systems which contains critical data. Organisations which are doesn’t have their own IT security mechanism and solely dependent on cloud service providers are at higher risk. A Data Loss Prevention (DLP) solution along with event logging and monitoring is a solution for this challenge. A Confidentiality Agreement signed with employees will act as deterrence.

8.    Distributed Denial of Service (DDOS) Attacks: 

DDOS attack is a crafted malicious attack to disrupt normal traffic and prevent users of a service from being able to access their data or applications. Attacker can cause a system slowdown and leave all legitimate service users without access to services by forcing the targeted cloud service to consume inordinate amounts of finite system resources such as network bandwidth, processor power, memory or disk space. Implementing adequate network security measures like IDS, IPS, and Load Balancers and monitoring networks for anomalies. Having a robust Business Continuity plan will definitely help.

9.    System Vulnerabilities:

System vulnerabilities are the weaknesses or loopholes in any application and network, which can be exploited by any malicious user to intrude into a system to steal or manipulate data, taking control of the system or disrupting service operations. Vulnerabilities within the components of the application and operating system put the security of all services and data at significant risk. In case of public cloud, application or systems from various organizations are sharing memory and resources, creating a new attack surface. Regular patch management, bug fixing and vulnerability management is the best solution for this issue.

10. Spectre and Meltdown:

Last but not the least, Spectre and Meltdown which are considered as the most catastrophic vulnerabilities where hackers can exploit Meltdown to view data on virtual servers hosted on the same hardware, potentially disastrous for cloud service providers. Spectre is worse –it is hard to exploit and even harder to fix.

In a nutshell the security solution is very crucial for any Cloud Service provider for their business .Compliance related to cyber security protect the organisation from unauthorized access, data breaches and other threats and also provide assurance and confidence to clients.

What is HIPAA?

HIPAA (Health Insurance Portability and Accountability Act) signed by US President Bill Clinton in 1996, provides data privacy and security provisions for safeguarding medical information.

HIPAA Act does the following:

  • HIPAA reduces health care fraud and abuse.
  • HIPAA acts mandates the storage, protection and handling of handling of medical data, ensuring healthcare data is kept secure.
  • HIPAA Act provides provisions for storing patient’s healthcare information.
  • HIPAA act is meant for protection and safeguarding unauthorised handling of PHI(Protected Health Information)

HIPAA compliance is a must for healthcare solution providers. HIPAA compliance guidelines are meant to safeguard patient’s health information, ensuring that it is securely stored and correctly used.

All the sensitive data which can reveal patient identity must be kept as confidential in order to adhere HIPAA. There are set of rules of policies and privacy which the organisation need to adhere to achieve compliance.

What information is protected under HIPAA?

HIPPA Privacy Rule protects a patient’s health information and any identifying information, in any medium or format—files, email, audio, video or verbal communication. Any of the following is considered private health information:

  • Name of patient
  • Birth date, death date or treatment dates, and any other dates relating to a patient’s illness or care
  • Finger and voice prints
  • Social Security Number
  • Photographs
  • Medical records numbers
  • Telephone numbers, addresses and other contact information
  • Any other unique identifying number or account number

Why HIPAA compliance is Important?

 HIPPA compliance is a well thought of guidelines meant for safeguarding patient’s .Failure to this can put patient’s critical information at risk. Cyber Security breaches have catastrophic impacts on organisation’s reputation, also can leads to disciplinary actions and sometimes huge penalties and fines.

In past years ransom ware and malware attacks like WannaCry, Non Petya, have impacted millions of computers across the world, including healthcare organisation.

Hackers exploited vulnerabilities existing in the Network devices like weak passwords, outdated versions of Operating Systems which are commonly used in healthcare sector.

Since there is not adequate awareness and information security support in medical service providers, the attack was very easy to carry out.

Now a day’s everything is technology driven, so HIPAA also regulates some aspects of technology systems used to store, manage, and transfer healthcare information.

The organisations that fail to implement adequate system can suffer significant damage. If any data breach incident take place, the affected organisations has to submit disclosure documents for each and every breach individually.

WHO NEEDS TO BE HIPAA COMPLIANT?

Following is the list of the organisation which needs to be HIPAA compliant

  • Healthcare providers, who stores data and process PHI in electronic form.
  • Clinics,
  • Hospitals,
  • Regional health care services,
  • Medical practitioners
  • Healthcare clearinghouses
  • Healthcare billing services
  • Community health management information system).
  • This also includes any organisation which collects PHI from healthcare organisations and process it into an industry standard format.
  • Health plans
  • Medicaid,
  • HMO (Health Maintenance Organisation),
  • Insurers,
  • Public health authority,
  • Medicare prescription drug card sponsors,
  • Universities and schools which collects, store or transmit PHI)
  • Business associates of all the above
  • Any organisation which handles PHI in electronic format such as vendors, contractors and infrastructure service providers.
  • This also includes organisations that store or destroy (shred) documents.
  • Transcription services,
  • Medical equipment companies,
  • Auditors and
  • Accountants

HIPAA PRIVACY, SECURITY AND BREACH NOTIFICATION RULES

Privacy Rule

HIPAA Privacy rules are Standards for privacy of PHI of individuals. The main goal of HIPAA rules is to protect medical reports and other PHI(Personally identifiable health information)

HIPAA privacy rules are applies to these types of organisations;

  • Providers, supply chain (vendors, contractors) and service providers (data centre and cloud service providers). All healthcare Clearinghouses and health care providers shall be compliant.
  • This rule also applies to healthcare service providers who conducts health related electronic transactions.

Accordingly to HIPAA privacy rule patients have legal rights over their health information.

Below are the fundamental rights of patients:

  • To authorise disclosure of their health information and records.
  • To request and examine a copy of their health records anytime
  • To request correction to for the health records as needed

Security Rule

HIPAA Security Rule are the Security Standards for the protection of ePHI and is a subset of privacy rule only. This rule is applicable to electronic personally identifiable health information (ePHI), which shall be protected if it is created, maintained, and received by any organisation. Covered entities shall maintain confidentiality, integrity and availability of ePHI.

 Covered entities shall adhere all safeguards to be compliant:

  • Technical Safeguards:

Access Control, Audit control, integrity control, transmission security

  • Physical Safeguards

Physical Access control, work station and device security, security of electronic media

  • Administrative Safeguards:

Security Management process, Security Manager, Information Access Management System, training and awareness, evaluation system.

HIPAA breach notification rules 

Even after having adequate security measures in place, there is a possibility of breach. For such cases Breach notification rules specifies how the organisations should deal with it.

First of all organisations should know how to define a breach. A breach is unauthorised use or disclosure of PHI forbidden by Privacy rule. The unauthorised use or disclosure of PHI is presumed to be a breach unless your organisation demonstrate there is a low probability the PHI has been compromised based on a risk and impact assessment of at least the following criteria:

  • The extent and nature of the PHI involved, including the types of identifiers and the probability(likelihood )of re-identification
  • The unauthorized individuals to whom the disclosure was made or who used the PHI
  • Whether the PHI was actually acquired viewed or acquired
  • The extent to which the risk associated with PHI has been mitigated

PHI breach notifications must be provided without unreasonable delay and no later than 60 days following the breach discovery. Notifications of smaller breaches which is affecting fewer than 500 individuals may be submitted to HHS (The United States Department of Health & Human Services) annually. The HIPPA Breach Notification Rule also requires business associates like vendors, suppliers, service providers of covered entities to notify the covered entity of breaches at or by the business associate.

HIPAA penalties

As per HIPAA Privacy Rule, a healthcare data breach as well as failing to give patient’s access to their PHI, could result in a fine from OCR(Office for Civil Rights)

The minimum penalty for:

  • Unknowingly violating HIPAA is $100 per violation, with an annual maximum of $25,000 for repeat violations.
  • Reasonable cause for violating HIPAA is $1,000 each violation, with an annual maximum of $100,000 for repeat violations.
  • Wilful neglect of HIPAA, but when the violation is corrected within a given time period, is $10,000 per violation, with an annual maximum of $250,000 for repeat violations.
  • Wilful neglect of HIPAA, and the violation remains uncorrected, is $50,000 per violation, with an annual maximum of $1.5 million for repeat violations.

The maximum penalty for all of these is $50,000 per violation, with an annual maximum of $1.5 million for repeat violations.

Covered entities, organisations and individuals who intentionally  disclose or obtain PHI in violation of the HIPAA Privacy Rule can be fined up to $50,000 and receive up to one year in prison. If the HIPAA Privacy Rule is violated under false act, the penalties can be increased to a $100,000 fine and up to 10 years in prison.

LIST OF COMMON CYBER SECURITY THREATS WHICH EVERYONE SHOULD BE AWARE OF

In this era where every organisation like healthcare, financial, logistics and transportation, Construction ,government services ,real estate ,retail etc. are moving towards digitization and digitalization, also becoming prone to cyber threats.

While everyone is talking about new regulations and compliances like Data Privacy, Information Security, GDPR etc., organisations are still unable protect their network and data from cyber criminals. Personnel Data theft news is making headlines every other day.

What the Cyber Security threat is?

In a layman term it is a malicious act which can damage data, steal data or disrupt digital life and ultimately impact organisation’s business objectives. These threats Masters of disguise and manipulation, and contently evolve new ways to accomplish their task of stealing, harming and annoying organisations. Organisations shall adequately arm themselves with resources and information to safeguard against complex and growing computer security threats and stay safe online.

 

 

These are common cyber security threats

1. VIRUS

What a virus is? A computer virus is a malicious piece of program that may disturb the normal functioning .Virus are often sent as an attachment with email ,with an intention to infect your computer system as well as all other computers in your network. Sometimes virus are hosted on websites, whosoever visits malicious website gets infected.

Examples of Computer Virus are: Browser Hijacker, File Infector Virus, Boot Sector Virus, Web Scripting Virus, Polymorphic Virus etc

 

What virus can do? A computer virus can attach itself to email attachment, pdfs, doc files, USB, pen drives and hard drives .Any file which contains a virus is called infected file. If the infected file get copied to computer, virus also get copied

  • A virus can damage software and data on a computer
  • A virus can slow down the system processes
  • A virus can destroy all data by formatting the hard drive
  • A virus can steal critical information like password from your system
  • It can display unwanted advertisements
  • It can disable security setting and close your firewall
  • It can hijack your web browser and slow down the speed and can steal critical data

 

2. MALWARE

What a malware is:

A malware is a malicious program or software that infects your computer, such as computer viruses, worms, Trojan horses, spyware, and adware.

What malware can do:

  • A malware can intimidate you by a pop-up message that tells you your computer has a security problem or other false information.
  • A malware can reformat the hard drive of your computer causing you to lose all your information.
  • A malware can alter or delete critical files.
  • A malware can steal sensitive information like username and passwords.
  • A malware can send fake emails on your behalf.
  • A malware can take control of your computer and all the software running on it

 

 3. TROJAN

What a trojan is?

A Trojan is malicious program that is disguised as, or embedded within, legitimate software. It is an executable file wrapped with some genuine program and software  that will install itself and run automatically once it’s downloaded.

Example:Trojan- Banker, Trojan-GameThief , Trojan-Dropper, Trojan Ransom, Trojan-SMS, Trojan- Spy etc

What trojan can do?

  • A Trojan can delete your files.
  • A Trojan is used to create your computer a zombie or a bot.
  • A Trojan can watch you through your web cam.
  • A Trojan log your keystrokes (such as a credit card number you entered in an online purchase).
  • A Trojan record personal information like usernames, passwords

 

4. RANSOMWARE

What is a Ransomware ?

Ransomware is a type of malicious software that block the access to your computer system or your files, usually by encrypting it and displays a message that demands payment in order for the restriction to be removed. In many cases it comes with deadlines, if the victim doesn’t pay the ransom, the data is gone forever.

The two most common mode of spreading ransom ware are phishing emails that contain malicious attachments and website pop-up advertisements

Examples of ransom ware are: WannaCry, Crypto Locker, NonPetya, Bad Rabbitetc.

What Ransom ware can do?

There are two common types of ransomware:

  • Locker Ransom ware: displays an image that prevents you from accessing your computer
  • Encryption/Crypto  Ransom ware: encrypts files on your system’s hard drive and sometimes on shared network drives, USB drives, external hard drives, and even some cloud storage drives, preventing you from opening them

Ransom ware encrypts the computer or data files and display a ransom/payment notification for regaining access. Once the ransom is paid, victim will receive the decryption key and may attempt to decrypt the files. Sometimes the victims never receives the keys.

 

5. BOTNETS

What are botnets? Botnets -Botnet is a network of infected computers often known as zombies used for malicious purposes .This Botnet is combination of Robot and Network. So here the network of computer robots is used to perform cyber crime controlled by Cyber criminal known as bot masters.

Botnet is controlled by the originator and the infected computer might unaware of its being a zombie.

Example:IRC (Internet Relay Chat) botnet, P2P (Peer-to-Peer) botnet, HTTP (Hyper Text Transfer Protocol) botnet and the hybrid botnet

 

What Botnets can do?

  • Botnet can be used to spread malicious emails.
  • Botnet is used to spread malware.
  • Botnet is used to perform Denial of Services attach

 

6. DDOS

What is DDOS?

This is an attack a network of zombie computers us used to sabotage specific website or server. These zombie computer are being controlled for performing specific task such as making the website and server unavailable .In DDOS the attacker use the vulnerability existing in user computer

 

What DOS/DDOS can do?

The purpose of DOS/ DDOS attack is to make essential services unavailable, which can sometimes leads to server crash.

  • Loss of data
  • Loss of revenue
  • Impact on business reputation
  • Disappointment to users, they may never return.
  • Compensation of damage occurred by DDOS.

7. PHISHING

What is Phishing?

Phishing is a social engineering attack used by cyber criminals used for gathering personal information of including login credentials and credit card details using deceptive emails or website.

Attackers create fake emails, text messages and websites which look like they’re from authentic companies. This is also known as “spoofing”

What Phishing can do?

By phishing hackers/cyber criminals trick you into giving them information by asking you to update, validate or confirm your account. It is often presented in a manner than seems official and intimidating, to encourage you to take action.

Phishing provides hackers/cyber criminals with your username and passwords so that they can access your accounts (your online bank account, shopping accounts, etc.) and steal your credit card numbers

8.HACKING

What is Hacking? Hacking: Hacking is an attempt of unauthorised access to users computer by exploiting the existing vulnerabilities  for performing fraudulent activities like personal data stealing , invasion in privacy, financial fraud etc.

What Hacking can do?

Hackers find out weakness in your system and exploit it for different purpose

  • Denial of service Attack
  • Electronic Fund Transfer
  • ATM Fraud
  • Identity Theft
  • Stealing intellectual information

 

Ways to prevent Cyber Security Threats

  • Educate employees and individuals about cyber security and its countermeasure
  • Use inbound and outbound firewalls on your network. Change the default passwords and customise it according to your business needs.
  • Take backup of important business information and data on regular basis, in order to maintain business continuity after crisis.
  • Install and regularly patch antivirus and antispyware on every server and computers on your network
  • Have a controlled logical and physical access to all your computer and network components.
  • Always use licenced software and update the patches for Operating Systems and Applications
  • Impose a password policy, use a strong password and change them regularly. Remember, weak passwords are prone to hacking
  • If you are using Wi Fi at work, use WPA2 and above security. You can hide the SSID and don’t forget to use strong password.
  • Don’t give Admin privileges to every employees. Network and Computers shall be run on Principle of least Privilege.
  • Segregate your data according to criticality and appropriate security shall be provided by using DLP, Endpoint protection etc.
  • Never click on suspicious mails and, never ever download from P2P and file sharing system
  • Regularly scan your application and network for vulnerabilities, also perform penetration testing at least once in every year.
  • Regularly monitor your network for suspicious activities

 

 

Using common sense is the best protection .One shall never download free videos, files or songs from suspicious websites, never click on suspicious links .Never ever share your personal data online. Be aware of what is happening around.Cyber threats are effective if and only if you have weaknesses in your system. More vulnerabilities will expose the system to threats and hence more risky, however less loopholes means less risk.

Remember Precaution is better than Cure.

Visit Us On FacebookVisit Us On TwitterCheck Our FeedVisit Us On Linkedin