AcadGild Webinar - Introduction to Cyber Security

presents

Webinar on Cyber Security

Presented by: E Rahul Naidu

2Cyber Security© copyright ACADGILD

Agenda

Sl No Agenda Title

1 Security and its Need

2 Security Scope

3 Recent Attacks

4 Threats

5 Security Vs Hacking

6 Hacking Vs Cracking

7 Hacking Vs Security - The Perspective

Sl No Agenda Title

8 The Golden Fact

9 Ethical Hacking & its Need

10 The Job Market Scope in Security

11 Major Certifications in Security

12 Cyber Space - Safety Tips

13 Q & A

3© copyright ACADGILD

Security & its Need

Cyber Security


Importance of Security• The internet allows an attacker to attack from anywhere on the planet.• Risks caused by poor security knowledge and practice:• Identity Theft• Monetary Theft• Legal Ramifications (for yourself and company)• Termination if company policies are not followed

• According to www.SANS.org , the top vulnerabilities available for a cyber criminal are:

• Web Browser• IM Clients• Web Applications• Excessive User Rights


Security Scope


Security w.r.t Cyber Ecosystem

System Security Web Security

Network Security Application Security


Recent Attacks and Threats In 20151. Walmart 2. J.P. Morgan

In 20141. Chang Restaurant Chain 2. ebay

3. Evernote & Feedly 4. Domino’s Pizza

Course Title8© copyright ACADGILD

Threats

Cyber Security

9© copyright ACADGILD

Virus• A virus attaches itself to a program, file,

or disk• When the program is executed, the virus

activates and replicates itself• The virus may be benign or malignant but

executes its payload at some point (often upon contact)

–Viruses result in crashing of computers and loss of data.

• In order to recover/prevent virus/attacks:–Avoid potentially unreliable

websites/emails–System Restore–Re-install operating system–Anti-virus (i.e. Avira, AVG, Norton)

Program

A

Extra Code

ProgramB

infects

Cyber Security


Worm• Independent program which replicates itself and sends copies from computer

to computer across network connections. Upon arrival the worm may be activated to replicate.

To JoeTo Ann

To Bob

Email List:[email protected]

[email protected]@uwp.edu


Logic bomb/ Trojan horse• Logic Bomb: Malware logic executes upon certain conditions. • Program is often used for legitimate reasons. Example:• Software which malfunctions if maintenance fee is not paid• Employee triggers a database erase when he is fired.

• Trojan Horse: Masquerades/ pose as beneficial program while quietly destroying data or damaging your system.

Example:• Downloading a game: Might be fun but has hidden parts that emails your password

file without your knowing about it.


Phishing = Fake Email• Phishing: a ‘trustworthy entity’ asks via e-mail for sensitive information such as

SSN, credit card numbers, login IDs or passwords.


Social Engineering • Social engineering manipulates people into performing actions or divulging

confidential information. It is similar to a confidence trick or simple fraud. The term applies to the use of deception to gain information, commit fraud or access computer systems.

Phone Call:This is John, the System

Admin. What is your

password?

Email:ABC Bank has

noticed a problem with

your account…In Person:

What ethnicity are you? Your

mother’s maiden name?

and have some

software patches

I have come to repair your

machine…


Botnet• A Botnet is large number of compromised computers that are used to create

and send spam, viruses or flood a network with messages as a denial of service attack.

• The compromised computers are called zombies.


Rootkit• Upon penetrating a computer, a hacker installs a collection of programs, called

a Rootkit.

• May enable:• Easy access to the hacker (as well as others)• Keystroke logger

• Eliminates evidence of break-in

• Modifies the operating system

Backdoor entry Keystroke LoggerHidden user


Security Vs Hacking • Hacking: Hacking is basically studying and playing around with the

system with the intention of gaining more knowledge and does not include any destructive motives.


Hacking Vs Cracking• Cracking: The act of studying and playing around with the system with

the motive or the intention of destruction or causing harm is termed as cracking.

• Hacker builds things whereas Cracker breaks things.

• Hackers are also know as white hat hackers.

• Crackers are sometimes known as black hat hackers.


Hacking Vs Security – The Perspective

The more Knowledge a system gains, more effectively you can provide Security by making it harder for attackers to get in

VS

The more Knowledge a system gains, more Avenues are discovered to break into it by getting more information about weaknesses

in a System


The Golden Fact

It is impossible to provide 100 percent security to a system. If the attacker has determined to break in he will attack and there is

nothing that can be done to completely stop it.

========================================

The role of security providers is to make it harder for the attacker to get in by blocking the discovered ways of breaking in the

System.


Ethical Hacking & its Need• Ethical Hacking: It involves breaking into the system by security

professionals with the motive of discovering the different weaknesses and loopholes in a system which can make the system vulnerable to attack and provide security to patch these weakness.

Think Like an Attacker to Prevent him from Attacking


The Job Market Scope in Security• In India alone there are 5 lac jobs openings in 2016.

• World wide 2.3 Million new jobs in Security Domain by 2016.


Major Certifications in Security


ACADGILD’s Cyber Security Course Highlights

• ACADGILD offers an extensive Course on Cyber Security & Ethical Hacking.

• The Course is aligned with major Certifications in the industry.• Complete Hands on with Evaluation, Assignments and Projects are

provided.


Cyber Space - Safety Tips


Anti-virus & anti-spyware• Anti-virus software detects malware and can destroy it before any damage

is done.• Install and maintain anti-virus and anti-spyware software.• Be sure to keep anti-virus software updated.• Many free and pay options exist for the above.• Some of the popular antivirus software available are:

• and there are other as well…….


Protect Your Operating System• Microsoft regularly issues patches or updates to solve security problems in

their software. If these are not applied, it leaves your computer vulnerable to hackers.

• The Windows Update feature built into Windows can be set up to automatically download and install updates.

• Avoid logging in as administrator.


Password Creation• Never use ‘admin’ or ‘root’ or ‘administrator’ as a login for the admin.• A good password is: • private: it is used and known by one person only • secret: it does not appear in clear text in any file or program or on a piece of paper

pinned to the terminal • easily remembered: so there is no need to write it down • at least 8 characters, complex: a mixture of at least 3 of the following: upper case

letters, lower case letters, digits and punctuation• not guessable by any program in a reasonable time, for instance less than one

week. • changed regularly: a good change policy is every 3 months

• Beware that someone may see you typing it. • If you accidentally type your password instead of your login name, it may

appear in system log files.


Avoid Social Engineering & Malicious Software

• Do not open email attachments unless you are expecting the email with the attachment and you trust the sender.

• Do not click on links in emails unless you are absolutely sure of their validity.

• Only visit and/or download software from web pages you trust.


Secure Online Banking & Business• Always use secure browser to do online activities.• Frequently delete temp files, cookies, history, saved passwords etc.

https://

Symbol showing enhanced security


Back-up Important Information• No security measure is 100%• What information is important to you?• Is your back-up:

–Recent?–Off-site & Secure?–Process Documented?–Tested?–Encrypted?


Any Questions?

32

Contact Info:

o Website : http://www.acadgild.com

o LinkedIn : https://www.linkedin.com/company/acadgild

o Facebook : https://www.facebook.com/acadgild

o Support: [email protected]

© copyright ACADGILD Cyber Security

http://www.acadgild.com/

https://www.linkedin.com/company/acadgild

https://www.facebook.com/acadgild

mailto:[email protected]

AcadGild Webinar - Introduction to Cyber Security

Education

Transcript of AcadGild Webinar - Introduction to Cyber Security