What Is Cyber Security
What Is Cyber Security
What Is Cyber Security
to Cyber Security
SPRING-2021
What is Cybersecurity?
How it is done?
– Create a replica website for a target bank
– Spam out an email initiating a sort of genuine correspondence from the
institution involved
• Customers are informed that bank has changed their IT infrastructure and want all
clients to reconfirm their user info
– A link is embedded in the email taking the victim to the replica site
• Rest is formality – credentials land into the hacker’s database
Rootkit
• SQL injection
• An SQL (structured language query) injection is a type of cyber-attack used to take control
of and steal data from a database. Cybercriminals exploit vulnerabilities in data-driven
applications to insert malicious code into a databased via a malicious SQL statement. This
gives them access to the sensitive information contained in the database.
• Social engineering
• is an attack that relies on human interaction to trick users into breaking security
procedures to gain sensitive information that is typically protected.
• Phishing
• Phishing is a form of social engineering where fraudulent email or text messages that
resemble those from reputable or known sources are sent. Often random attacks, the
intent of these messages is to steal sensitive data, such as credit card or login information.
Cyber Threats Cont.…
• Man-in-the-middle attack
• are eavesdropping attacks that involve an attacker intercepting and relaying
messages between two parties who believe they are communicating with each other.
• Denial-of-service attack
• A denial-of-service attack is where cybercriminals prevent a computer system from
fulfilling legitimate requests by overwhelming the networks and servers with traffic.
This renders the system unusable, preventing an organization from carrying out vital
functions.
• Distributed denial-of-service (DDoS) attacks
• are those in which multiple systems disrupt the traffic of a targeted system, such as
a server, website or other network resource. By flooding the target with messages,
connection requests or packets, the attackers can slow the system or crash it,
preventing legitimate traffic from using it.
Advanced Persistent Threats
• The advanced persistent threats are those threats that go the stealthy
way around to penetrate systems and servers and stays there for a
longer time without getting noticed/detected by anybody.
• They are designed specially to mine highly sensitive information and
these days many organizations fail to protect themselves from
advanced persistent threat attacks.
• The APTs are not like typical malware, they are designed specially to
serve a purpose, and in other words, they are being made for targeted
attacks. Below is one depicted lifecycle of advanced persistent threat.
• Ransomware can also be classified as one type of APT attacks where a malware
penetrates inside your system, and as the days pass, it starts to encrypt all of your files
slowly.
Types of Hackers