Thought Leadership Webinar - Internet of things (IoT): The Next Cyber Security Target
AcadGild Webinar - Introduction to Cyber Security
Transcript of AcadGild Webinar - Introduction to Cyber Security
presents
Webinar on Cyber Security
Presented by: E Rahul Naidu
2Cyber Security© copyright ACADGILD
Agenda
Sl No Agenda Title
1 Security and its Need
2 Security Scope
3 Recent Attacks
4 Threats
5 Security Vs Hacking
6 Hacking Vs Cracking
7 Hacking Vs Security - The Perspective
Sl No Agenda Title
8 The Golden Fact
9 Ethical Hacking & its Need
10 The Job Market Scope in Security
11 Major Certifications in Security
12 Cyber Space - Safety Tips
13 Q & A
3© copyright ACADGILD
Security & its Need
Cyber Security
4Cyber Security© copyright ACADGILD
Importance of Security• The internet allows an attacker to attack from anywhere on the planet.• Risks caused by poor security knowledge and practice:• Identity Theft• Monetary Theft• Legal Ramifications (for yourself and company)• Termination if company policies are not followed
• According to www.SANS.org , the top vulnerabilities available for a cyber criminal are:
• Web Browser• IM Clients• Web Applications• Excessive User Rights
5Cyber Security© copyright ACADGILD
Security Scope
6Cyber Security© copyright ACADGILD
Security w.r.t Cyber Ecosystem
System Security Web Security
Network Security Application Security
7Cyber Security© copyright ACADGILD
Recent Attacks and Threats In 20151. Walmart 2. J.P. Morgan
In 20141. Chang Restaurant Chain 2. ebay
3. Evernote & Feedly 4. Domino’s Pizza
Course Title8© copyright ACADGILD
Threats
Cyber Security
9© copyright ACADGILD
Virus• A virus attaches itself to a program, file,
or disk• When the program is executed, the virus
activates and replicates itself• The virus may be benign or malignant but
executes its payload at some point (often upon contact)
–Viruses result in crashing of computers and loss of data.
• In order to recover/prevent virus/attacks:–Avoid potentially unreliable
websites/emails–System Restore–Re-install operating system–Anti-virus (i.e. Avira, AVG, Norton)
Program
A
Extra Code
ProgramB
infects
Cyber Security
10Cyber Security© copyright ACADGILD
Worm• Independent program which replicates itself and sends copies from computer
to computer across network connections. Upon arrival the worm may be activated to replicate.
To JoeTo Ann
To Bob
Email List:[email protected]
[email protected]@uwp.edu
11Cyber Security© copyright ACADGILD
Logic bomb/ Trojan horse• Logic Bomb: Malware logic executes upon certain conditions. • Program is often used for legitimate reasons. Example:• Software which malfunctions if maintenance fee is not paid• Employee triggers a database erase when he is fired.
• Trojan Horse: Masquerades/ pose as beneficial program while quietly destroying data or damaging your system.
Example:• Downloading a game: Might be fun but has hidden parts that emails your password
file without your knowing about it.
12Cyber Security© copyright ACADGILD
Phishing = Fake Email• Phishing: a ‘trustworthy entity’ asks via e-mail for sensitive information such as
SSN, credit card numbers, login IDs or passwords.
13Cyber Security© copyright ACADGILD
Social Engineering • Social engineering manipulates people into performing actions or divulging
confidential information. It is similar to a confidence trick or simple fraud. The term applies to the use of deception to gain information, commit fraud or access computer systems.
Phone Call:This is John, the System
Admin. What is your
password?
Email:ABC Bank has
noticed a problem with
your account…In Person:
What ethnicity are you? Your
mother’s maiden name?
and have some
software patches
I have come to repair your
machine…
14Cyber Security© copyright ACADGILD
Botnet• A Botnet is large number of compromised computers that are used to create
and send spam, viruses or flood a network with messages as a denial of service attack.
• The compromised computers are called zombies.
15Cyber Security© copyright ACADGILD
Rootkit• Upon penetrating a computer, a hacker installs a collection of programs, called
a Rootkit.
• May enable:• Easy access to the hacker (as well as others)• Keystroke logger
• Eliminates evidence of break-in
• Modifies the operating system
Backdoor entry Keystroke LoggerHidden user
16Cyber Security© copyright ACADGILD
Security Vs Hacking • Hacking: Hacking is basically studying and playing around with the
system with the intention of gaining more knowledge and does not include any destructive motives.
17Cyber Security© copyright ACADGILD
Hacking Vs Cracking• Cracking: The act of studying and playing around with the system with
the motive or the intention of destruction or causing harm is termed as cracking.
• Hacker builds things whereas Cracker breaks things.
• Hackers are also know as white hat hackers.
• Crackers are sometimes known as black hat hackers.
18Cyber Security© copyright ACADGILD
Hacking Vs Security – The Perspective
The more Knowledge a system gains, more effectively you can provide Security by making it harder for attackers to get in
VS
The more Knowledge a system gains, more Avenues are discovered to break into it by getting more information about weaknesses
in a System
19Cyber Security© copyright ACADGILD
The Golden Fact
It is impossible to provide 100 percent security to a system. If the attacker has determined to break in he will attack and there is
nothing that can be done to completely stop it.
========================================
The role of security providers is to make it harder for the attacker to get in by blocking the discovered ways of breaking in the
System.
20Cyber Security© copyright ACADGILD
Ethical Hacking & its Need• Ethical Hacking: It involves breaking into the system by security
professionals with the motive of discovering the different weaknesses and loopholes in a system which can make the system vulnerable to attack and provide security to patch these weakness.
Think Like an Attacker to Prevent him from Attacking
21Cyber Security© copyright ACADGILD
The Job Market Scope in Security• In India alone there are 5 lac jobs openings in 2016.
• World wide 2.3 Million new jobs in Security Domain by 2016.
22Cyber Security© copyright ACADGILD
Major Certifications in Security
23Cyber Security© copyright ACADGILD
ACADGILD’s Cyber Security Course Highlights
• ACADGILD offers an extensive Course on Cyber Security & Ethical Hacking.
• The Course is aligned with major Certifications in the industry.• Complete Hands on with Evaluation, Assignments and Projects are
provided.
24Cyber Security© copyright ACADGILD
Cyber Space - Safety Tips
25Cyber Security© copyright ACADGILD
Anti-virus & anti-spyware• Anti-virus software detects malware and can destroy it before any damage
is done.• Install and maintain anti-virus and anti-spyware software.• Be sure to keep anti-virus software updated.• Many free and pay options exist for the above.• Some of the popular antivirus software available are:
• and there are other as well…….
26Cyber Security© copyright ACADGILD
Protect Your Operating System• Microsoft regularly issues patches or updates to solve security problems in
their software. If these are not applied, it leaves your computer vulnerable to hackers.
• The Windows Update feature built into Windows can be set up to automatically download and install updates.
• Avoid logging in as administrator.
27Cyber Security© copyright ACADGILD
Password Creation• Never use ‘admin’ or ‘root’ or ‘administrator’ as a login for the admin.• A good password is: • private: it is used and known by one person only • secret: it does not appear in clear text in any file or program or on a piece of paper
pinned to the terminal • easily remembered: so there is no need to write it down • at least 8 characters, complex: a mixture of at least 3 of the following: upper case
letters, lower case letters, digits and punctuation• not guessable by any program in a reasonable time, for instance less than one
week. • changed regularly: a good change policy is every 3 months
• Beware that someone may see you typing it. • If you accidentally type your password instead of your login name, it may
appear in system log files.
28Cyber Security© copyright ACADGILD
Avoid Social Engineering & Malicious Software
• Do not open email attachments unless you are expecting the email with the attachment and you trust the sender.
• Do not click on links in emails unless you are absolutely sure of their validity.
• Only visit and/or download software from web pages you trust.
29Cyber Security© copyright ACADGILD
Secure Online Banking & Business• Always use secure browser to do online activities.• Frequently delete temp files, cookies, history, saved passwords etc.
https://
Symbol showing enhanced security
30Cyber Security© copyright ACADGILD
Back-up Important Information• No security measure is 100%• What information is important to you?• Is your back-up:
–Recent?–Off-site & Secure?–Process Documented?–Tested?–Encrypted?
31Cyber Security© copyright ACADGILD
Any Questions?
32
Contact Info:
o Website : http://www.acadgild.com
o LinkedIn : https://www.linkedin.com/company/acadgild
o Facebook : https://www.facebook.com/acadgild
o Support: [email protected]
© copyright ACADGILD Cyber Security
33© copyright ACADGILD Cyber Security
Thank You