SlideShare ist ein Scribd-Unternehmen logo

Cyber security

Als PPTX, PDF herunterladen
B
Bablu Shofi

This document provides an overview of cyber security. It discusses the history and scale of cyber threats, principles of cyber security including confidentiality, integrity and availability. It describes different types of cyber security such as network security, application security and information security. It also outlines common cyber threats like cybercrime, cyberattacks and cyberterrorism. Additionally, it examines malicious actors, types of malware, hackers and cyber security strategies. The document emphasizes the importance of cyber security and provides tips for protecting against cyberattacks.

Ingenieurwesen
1 von 41
Cyber Security Presented By Kazi Shofiuddin Bablu M.Sc in CSE, SUST
CONTENTS  INTRODUCTION ABOUT CYBER SECURITY  History of Cyber Security  The Scale of the Cyber Threat  principles of Cyber Security  Types of Cyber Security  Types of cyber threats  malicious actors  Different Types of Malware  Different Types of Hacker  Cyber Security Strategy  ADVANTAGES OF CYBER SECURITY  DIS ADVANTAGES OF CYBER CRIMES  How to protect  Conclusion
What is Cybersecurity?  defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks  known as information technology security or electronic information security  applies in a variety of contexts, from business to mobile computing  Example- Encryption, Authentication, Authorization, Network Security etc.
History of Cyber Security 1960s: Password protection 1970s: From CREEPER to Reaper 1980s: The internet goes mad 1990s: The rise of firewalls 2000s: Proper punishment 2010s: The era of major breaches
The Scale of the Cyber Threat  Illegal online markets $860 Billion  Trade Secret, IP Theft $500 Billion  Data trading $160 Billion  Crime-ware $1 Billion  Ransomware 1Billion Sales Illegal online market Trade Secret Data Trading Crime-ware Ransomware
What are the principles of Cyber Security? Confidentiality Integrity Availability
What is Confidentiality?  Ensure that the information to be secured is only accessible to authorized users  Prevents the disclosure of information to unauthorized parties  Access can be restricted to users with the right username-password combination  Most systems also implement confidentiality through data encryption  Decryption of the data requires an individual or system to attempt access using the requisite key
What is Integrity? Ensure information remains accurate Consistent and not subject to unauthorized modification Communication should not intercepted and modified by an intruder when it is still in transit.
What is availability  Efforts to secure information in cyberspace should not hinder its access by an authorized party  Has to provide for redundancy access in case of any outage  CRM system can implement proxy servers and firewalls as a security measure against Denial of Service (DoS) attacks  Create system unavailability if successful.
Types of Cybersecurity Network Security Application Security Information security Operational security Disaster recovery and business continuity End-user education
What is Network Security?  Aims to protect the usability, integrity, and safety of a network, associated components, and data shared over the network  When a network is secured, potential threats gets blocked from entering or spreading on that network  Examples of Network Security includes Antivirus and Antispyware programs Firewall that block unauthorized access to a network VPNs (Virtual Private Networks) used for secure remote access
What is Application Security Aims to protect software applications from vulnerabilities . Encompasses the security considerations . Involves systems and approaches to protect apps. increasing vulnerabilities to security threats and breaches . Example of Application Security regular testing.
What is Information security Information needs to be protected Intended to keep data secure A specific discipline Example- Passwords, network and host- based firewalls
What is Operational security?  known as procedural security  risk management process  encourages managers to view operations  protect sensitive information from falling into the wrong hands.  FIVE STEPS OF OPERATIONAL SECURITY  Identify your sensitive data  Identify possible threats  Analyze security holes and other vulnerabilities  Appraise the level of risk associated with each vulnerability  Get countermeasures in place
What is Disaster recovery and business continuity?  Closely related practices that support an organization's ability to remain operational after an adverse event.  Minimizing the effects of outages and disruptions on business operations  Reduce the risk of data loss and reputational harm  Improve operations while decreasing the chance of emergencies
What is End-user education?  cybersecurity initiatives  first line of defense against cybersecurity attacks  Implement a cybersecurity policy and procedure document  Build your cybersecurity strategy  Have cybersecurity tools in place to help prevent the potential for compromise
Types of cyber threats Cybercrime Cyber-attack Cyberterrorism
What is Cybercrime?  a crime that involves a computer and a network  buy and sell malware online (generally on the dark web)  cybercriminals range from individuals to criminal organizations to state- sponsored actors.  Top 5 Popular Cybercrimes • Phishing • Identity Theft • Online Harassment • Cyberstalking • Invasion of privacy
What is cyber Attacks?  type of offensive action that targets computer information systems  using various methods to steal, alter or destroy data or information systems.  Example- DDoS attacks, MitM attacks, Password attack, etc.
How do malicious actors gain control of computer systems? Malware Hacker SQL injection Phishing Man-in-the-middle attack Denial-of-service attack Dridex malware Emotet malware End-user protection
Different Types of Malware Virus Trojans Spyware Ransomware Adware Botnets
What is Computer Virus? Characteristics  The virus can infect many records of infected computer  Can be Polymorphic  They may be resident in memory or not  Can be furtive  The virus can bring other viruses How To Protect  Run anti-virus software  Replace the files  Restart from a healthy disk  Run a diagnostic utility and disk repair  Reformat your hard disk
What is Trojans? Characteristics  Trojan is similar to remote control  it doesn’t have concealment  Trojan has strong fraudulence  Trojan can open terminal automatically  Trojan has the ability of self-repair How To Protect  use anti-virus software or anti-spyware software  Use a firewall  must observe caution when opening email attachments  Update security patches for operating system
What is Spyware? Characteristics  Usually it aims to track and sell your internet usage data  Tracking cookies  System monitors  monitors internet activity  gathers personal information and relays it to advertisers How To Protect  Make a spyware protection company policy  Use more than one anti-spyware application  Aim for a centrally-managed anti- spyware solution  Use a layered-defense  Lock down your systems
What is Ransomware? Characteristics  effectively holds a user's computer hostage until a "ransom" fee is paid  Most ransomware attacks are the result of clicking on an infected email attachment How To Protect  entering Windows' Safe Mode and running an on- demand virus scanner such as Malwarebytes  lock-screen viruses typically do
What is Adware? Characteristics  unwanted software designed to throw advertisements up on your screen  most often within a web browser.  uses an underhanded method to either disguise itself as legitimate How To Protect  Back up your files  Download or update necessary tools  Uninstall unnecessary programs  Run a scan with an adware and PUPs removal program
What is Botnets? Characteristics  A number of Internet-connected devices, each of which is running one or more bots  Used to perform distributed denial-of-service attack (DDoS attack)  Steal data, send spam, and allows the attacker to access the device and its connection. How To Protect  Install a Windows Firewall  Disable Auto Run  Provide Least Privilege  Install Host-Based Intrusion Prevention  Enhance Monitoring
What is SQL injection? Characteristics  SQL injection is a code injection technique that might destroy your database  SQL injection is one of the most common web hacking techniques  SQL injection is the placement of malicious code in SQL statements, via web page input. How To Protect  Trust no one  Don't use dynamic SQL – don't construct queries with user input  Update and patch  Firewall  Reduce your attack surface  Keep your secrets secret
What is SQL Phishing? Characteristics  uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed  including sensitive company data, user lists or private customer details.  A successful attack may result in the unauthorized viewing of user lists  Example, the above-mentioned input How To Protect  Trust no one  Don't use dynamic SQL – don't construct queries with user input  Update and patch  Firewall  Reduce your attack surface  Keep your secrets secret
What is SQL Man-in-the-middle attack? Characteristics  a hacker inserts itself between the communications of a client and a server  Example- Session hijacking How To Protect  Strong WEP/WAP Encryption on Access Points  Strong Router Login Credentials  Virtual Private Network  Force HTTPS  Public Key Pair Based Authentication
What is Denial-of-service attack? Characteristics  overwhelms a system’s resources so that it cannot respond to service requests  launched from a large number of other host machines  malicious software controlled by the attacker.  Example- session hijacking How To Protect  Buy more bandwidth  Build redundancy into your infrastructure  Configure your network hardware against DDoS attacks  Deploy anti-DDoS hardware and software modules  Deploy a DDoS protection appliance  Protect your DNS servers
Different Types of Hacker White Hat Hacker Gray hat Hacker Black Hat Hacker
What is White Hat Hacker ? Roles and Responsibilities  Scanning ports to identify flaws  Examine patch installations  Social engineering methods  Dodge honeypots, IDS, or other systems  Sniffing
What is Gray hat Hacker? Roles and Responsibilities  Gray hats fall into the middle ground  Gray hats sell or disclose their zero-day vulnerabilities not to criminals  Gray hats can be individual hackers or researchers
What is Black hat Hacker? Roles and Responsibilities  breaking into computer networks and bypassing security protocols  responsible for writing malware  motivation is usually for personal or financial gain  experienced hackers that aim to steal data
Cyber Security Strategy – Bangladesh  Security Policy, Legal Framework – ICT Act, 2006. – Digital Security Act 2016(Amendment) Bill, 2016 – Data Protection & Computer crimes  Capacity building – Skill & Competence development  Research and Development – Cyber Monitoring – Network Security
ADVANTAGES OF CYBER SECURITY  PROTECTS THE COMPUTERS AGAINST VIRUS,WORMS AND MALWARE.  PROTECTS AGAINST THE DATA FROM THEFT  INCREASE IN CYBER DEFENSE  INCREASES THE SECURITY  WE CAN BROWSE THE SAFE WEBSITE  INCREASE IN CYBER SPEED  PROTECTS NETWORKS AND RESOURCES
DIS ADVANTAGES OF CYBER CRIMES  MAKES THE SYSTEM SLOWER THAN BEFORE.  FIREWALLS WOULD BE DIFFICULT TO CONFIGURE CORRECTLY.  HUGE AMOUNT OF LOSS IN MONEY FOR THE BANKS,COMPANIES ETC  HUGE AMOUNT OF DATA LOSS OCCURS IN THE DATABASE
How to protect yourself against cyberattacks Update your software and operating system Use anti-virus software Use strong passwords Do not open email attachments from unknown senders Do not click on links in emails from unknown senders or unfamiliar websites Avoid using unsecure Wi-Fi networks in public places
Conclusion The only system which is truly secure is one which is switched off and unplugged. So , only way to be safe is Pay attention and Act smart.
Thank You!

Empfohlen

Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Security
xsy
 
Cyber security
Cyber securityCyber security
Cyber security
Akdu095
 
Securign siem for small business
Securign siem for small businessSecurign siem for small business
Securign siem for small business
Rajul Sthapak
 
Icit analysis-identity-access-management
Icit analysis-identity-access-managementIcit analysis-identity-access-management
Icit analysis-identity-access-management
Mark Gibson
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
A. Shamel
 
Ppt growing need of cyber security
Ppt growing need of cyber securityPpt growing need of cyber security
Ppt growing need of cyber security
yatendrakumar47
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackCybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Shawn Tuma
 
Webinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber AttackWebinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Aujas
 

Empfohlen

Essentials Of Security
Essentials Of SecurityEssentials Of Security
Essentials Of Security
xsy
 
Cyber security
Cyber securityCyber security
Cyber security
Akdu095
 
Securign siem for small business
Securign siem for small businessSecurign siem for small business
Securign siem for small business
Rajul Sthapak
 
Icit analysis-identity-access-management
Icit analysis-identity-access-managementIcit analysis-identity-access-management
Icit analysis-identity-access-management
Mark Gibson
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
A. Shamel
 
Ppt growing need of cyber security
Ppt growing need of cyber securityPpt growing need of cyber security
Ppt growing need of cyber security
yatendrakumar47
 
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber AttackCybersecurity: How to Protect Your Firm from a Cyber Attack
Cybersecurity: How to Protect Your Firm from a Cyber Attack
Shawn Tuma
 
Webinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber AttackWebinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Webinar: Get Ready to Detect, Respond & Recover from a Cyber Attack
Aujas
 
Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutions
Alan Rudd
 
Threat Modelling And Threat Response
Threat Modelling And Threat ResponseThreat Modelling And Threat Response
Threat Modelling And Threat Response
Vivek Jindaniya
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Edureka!
 
Cyber security threats and its solutions
Cyber security threats and its solutionsCyber security threats and its solutions
Cyber security threats and its solutions
maryrowling
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Edureka!
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
SHIVAMSHARMA1271
 
Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?
The TNS Group
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT
SaeelRelekar
 
Cyber security
Cyber securityCyber security
Cyber security
abithajayavel
 
SMB Network Security Checklist
SMB Network Security Checklist SMB Network Security Checklist
SMB Network Security Checklist
Mobeen Khan
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
newbie2019
 
Advanced Business Endpoint Protection
Advanced Business Endpoint ProtectionAdvanced Business Endpoint Protection
Advanced Business Endpoint Protection
Dan Buckley
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
Priyanshu Ratnakar
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uae
RishalHalid1
 
Cyber security
Cyber securityCyber security
Cyber security
Eduonix
 
Mobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security TrainingMobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security Training
Tonex
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCCyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
AT-NET Services, Inc. - Charleston Division
 
Cyber Security
Cyber Security Cyber Security
Cyber Security
Emily Clarke
 
Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on review
MiltonBiswas8
 
WK8.pptx
WK8.pptxWK8.pptx
WK8.pptx
AlphaKoiSylvester
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptx
MahalakshmiShetty3
 

Weitere ähnliche Inhalte

Was ist angesagt?

Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutions
Alan Rudd
 
Mobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security TrainingMobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security Training
Tonex
 

Was ist angesagt? (19)

Level 3 Security solutions
Level 3 Security solutionsLevel 3 Security solutions
Level 3 Security solutions
 
Threat Modelling And Threat Response
Threat Modelling And Threat ResponseThreat Modelling And Threat Response
Threat Modelling And Threat Response
 
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
Cybersecurity Interview Questions and Answers | CyberSecurity Interview Tips ...
 
Cyber security threats and its solutions
Cyber security threats and its solutionsCyber security threats and its solutions
Cyber security threats and its solutions
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?Distribution Industry: What is Ransomware and How Does it Work?
Distribution Industry: What is Ransomware and How Does it Work?
 
Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT Cyber Ethics: Cyber Security Services | VAPT and WAPT
Cyber Ethics: Cyber Security Services | VAPT and WAPT
 
Cyber security
Cyber securityCyber security
Cyber security
 
SMB Network Security Checklist
SMB Network Security Checklist SMB Network Security Checklist
SMB Network Security Checklist
 
Chapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamananChapter 2 konsep dasar keamanan
Chapter 2 konsep dasar keamanan
 
Advanced Business Endpoint Protection
Advanced Business Endpoint ProtectionAdvanced Business Endpoint Protection
Advanced Business Endpoint Protection
 
Introduction to Cyber Security
Introduction to Cyber SecurityIntroduction to Cyber Security
Introduction to Cyber Security
 
It risk assessment in uae
It risk assessment in uaeIt risk assessment in uae
It risk assessment in uae
 
Cyber security
Cyber securityCyber security
Cyber security
 
Mobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security TrainingMobile Security Training, Mobile Device Security Training
Mobile Security Training, Mobile Device Security Training
 
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SCCyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
Cyber Security for Non-Technical Executives (SC GMIS) Columbia, SC
 
Cyber Security
Cyber Security Cyber Security
Cyber Security
 

Ähnlich wie Cyber security

Cyber-Securityyyyyyyyyyyyyyyyyyyyyyyy.ppt
Cyber-Securityyyyyyyyyyyyyyyyyyyyyyyy.pptCyber-Securityyyyyyyyyyyyyyyyyyyyyyyy.ppt
Cyber-Securityyyyyyyyyyyyyyyyyyyyyyyy.ppt
hm5314581
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
Careerera
 
Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...
Jennifer Letterman
 

Ähnlich wie Cyber security (20)

Cyber Security: A Hands on review
Cyber Security: A Hands on reviewCyber Security: A Hands on review
Cyber Security: A Hands on review
 
WK8.pptx
WK8.pptxWK8.pptx
WK8.pptx
 
Cyber.pptx
Cyber.pptxCyber.pptx
Cyber.pptx
 
cyber security.pdf
cyber security.pdfcyber security.pdf
cyber security.pdf
 
Cybersecurity 140713064844-phpapp01 (1)-converted
Cybersecurity 140713064844-phpapp01 (1)-convertedCybersecurity 140713064844-phpapp01 (1)-converted
Cybersecurity 140713064844-phpapp01 (1)-converted
 
SAHITHI.PPT.pptx
SAHITHI.PPT.pptxSAHITHI.PPT.pptx
SAHITHI.PPT.pptx
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
cybersecurity.pptx
cybersecurity.pptxcybersecurity.pptx
cybersecurity.pptx
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber-Securityyyyyyyyyyyyyyyyyyyyyyyy.ppt
Cyber-Securityyyyyyyyyyyyyyyyyyyyyyyy.pptCyber-Securityyyyyyyyyyyyyyyyyyyyyyyy.ppt
Cyber-Securityyyyyyyyyyyyyyyyyyyyyyyy.ppt
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
 
Module 1.pdf
Module 1.pdfModule 1.pdf
Module 1.pdf
 
module 1 Cyber Security Concepts
module 1 Cyber Security Conceptsmodule 1 Cyber Security Concepts
module 1 Cyber Security Concepts
 
COMPUTER AND NETWORK SECURITY.pptx
COMPUTER AND NETWORK SECURITY.pptxCOMPUTER AND NETWORK SECURITY.pptx
COMPUTER AND NETWORK SECURITY.pptx
 
cybersecurity-210715084148.pdf
cybersecurity-210715084148.pdfcybersecurity-210715084148.pdf
cybersecurity-210715084148.pdf
 
Cyber security system presentation
Cyber security system presentationCyber security system presentation
Cyber security system presentation
 
cybersec sumit (1).pptx
cybersec sumit (1).pptxcybersec sumit (1).pptx
cybersec sumit (1).pptx
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...Basic Home Computer Network And Computer Network Security...
Basic Home Computer Network And Computer Network Security...
 
cybersecurity-140713064844-phpapp01.pdf
cybersecurity-140713064844-phpapp01.pdfcybersecurity-140713064844-phpapp01.pdf
cybersecurity-140713064844-phpapp01.pdf
 

Mehr von Bablu Shofi

Mehr von Bablu Shofi (7)

Genetic algorithm
Genetic algorithmGenetic algorithm
Genetic algorithm
 
Informed search (heuristics)
Informed search (heuristics)Informed search (heuristics)
Informed search (heuristics)
 
Uninformed search
Uninformed searchUninformed search
Uninformed search
 
computer-memory
computer-memorycomputer-memory
computer-memory
 
Data linkcontrol
Data linkcontrolData linkcontrol
Data linkcontrol
 
ERP
ERPERP
ERP
 
Inventory Management
Inventory ManagementInventory Management
Inventory Management
 

Kürzlich hochgeladen

DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakes
MayuraD1
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
Neometrix_Engineering_Pvt_Ltd
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
Epec Engineered Technologies
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
mphochane1998
 

Kürzlich hochgeladen (20)

Thermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - VThermal Engineering-R & A / C - unit - V
Thermal Engineering-R & A / C - unit - V
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced LoadsFEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
FEA Based Level 3 Assessment of Deformed Tanks with Fluid Induced Loads
 
Moment Distribution Method For Btech Civil
Moment Distribution Method For Btech CivilMoment Distribution Method For Btech Civil
Moment Distribution Method For Btech Civil
 
Unleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leapUnleashing the Power of the SORA AI lastest leap
Unleashing the Power of the SORA AI lastest leap
 
DC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationDC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equation
 
DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakes
 
Computer Lecture 01.pptxIntroduction to Computers
Computer Lecture 01.pptxIntroduction to ComputersComputer Lecture 01.pptxIntroduction to Computers
Computer Lecture 01.pptxIntroduction to Computers
 
Integrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - NeometrixIntegrated Test Rig For HTFE-25 - Neometrix
Integrated Test Rig For HTFE-25 - Neometrix
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 
Double Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torqueDouble Revolving field theory-how the rotor develops torque
Double Revolving field theory-how the rotor develops torque
 
Standard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power PlayStandard vs Custom Battery Packs - Decoding the Power Play
Standard vs Custom Battery Packs - Decoding the Power Play
 
Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planes
 
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments""Lesotho Leaps Forward: A Chronicle of Transformative Developments"
"Lesotho Leaps Forward: A Chronicle of Transformative Developments"
 
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptxOrlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
Orlando’s Arnold Palmer Hospital Layout Strategy-1.pptx
 
data_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdfdata_management_and _data_science_cheat_sheet.pdf
data_management_and _data_science_cheat_sheet.pdf
 
Employee leave management system project.
Employee leave management system project.Employee leave management system project.
Employee leave management system project.
 
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLEGEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
GEAR TRAIN- BASIC CONCEPTS AND WORKING PRINCIPLE
 

Cyber security

  • 1. Cyber Security Presented By Kazi Shofiuddin Bablu M.Sc in CSE, SUST
  • 2. CONTENTS  INTRODUCTION ABOUT CYBER SECURITY  History of Cyber Security  The Scale of the Cyber Threat  principles of Cyber Security  Types of Cyber Security  Types of cyber threats  malicious actors  Different Types of Malware  Different Types of Hacker  Cyber Security Strategy  ADVANTAGES OF CYBER SECURITY  DIS ADVANTAGES OF CYBER CRIMES  How to protect  Conclusion
  • 3. What is Cybersecurity?  defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks  known as information technology security or electronic information security  applies in a variety of contexts, from business to mobile computing  Example- Encryption, Authentication, Authorization, Network Security etc.
  • 4. History of Cyber Security 1960s: Password protection 1970s: From CREEPER to Reaper 1980s: The internet goes mad 1990s: The rise of firewalls 2000s: Proper punishment 2010s: The era of major breaches
  • 5. The Scale of the Cyber Threat  Illegal online markets $860 Billion  Trade Secret, IP Theft $500 Billion  Data trading $160 Billion  Crime-ware $1 Billion  Ransomware 1Billion Sales Illegal online market Trade Secret Data Trading Crime-ware Ransomware
  • 6. What are the principles of Cyber Security? Confidentiality Integrity Availability
  • 7. What is Confidentiality?  Ensure that the information to be secured is only accessible to authorized users  Prevents the disclosure of information to unauthorized parties  Access can be restricted to users with the right username-password combination  Most systems also implement confidentiality through data encryption  Decryption of the data requires an individual or system to attempt access using the requisite key
  • 8. What is Integrity? Ensure information remains accurate Consistent and not subject to unauthorized modification Communication should not intercepted and modified by an intruder when it is still in transit.
  • 9. What is availability  Efforts to secure information in cyberspace should not hinder its access by an authorized party  Has to provide for redundancy access in case of any outage  CRM system can implement proxy servers and firewalls as a security measure against Denial of Service (DoS) attacks  Create system unavailability if successful.
  • 10. Types of Cybersecurity Network Security Application Security Information security Operational security Disaster recovery and business continuity End-user education
  • 11. What is Network Security?  Aims to protect the usability, integrity, and safety of a network, associated components, and data shared over the network  When a network is secured, potential threats gets blocked from entering or spreading on that network  Examples of Network Security includes Antivirus and Antispyware programs Firewall that block unauthorized access to a network VPNs (Virtual Private Networks) used for secure remote access
  • 12. What is Application Security Aims to protect software applications from vulnerabilities . Encompasses the security considerations . Involves systems and approaches to protect apps. increasing vulnerabilities to security threats and breaches . Example of Application Security regular testing.
  • 13. What is Information security Information needs to be protected Intended to keep data secure A specific discipline Example- Passwords, network and host- based firewalls
  • 14. What is Operational security?  known as procedural security  risk management process  encourages managers to view operations  protect sensitive information from falling into the wrong hands.  FIVE STEPS OF OPERATIONAL SECURITY  Identify your sensitive data  Identify possible threats  Analyze security holes and other vulnerabilities  Appraise the level of risk associated with each vulnerability  Get countermeasures in place
  • 15. What is Disaster recovery and business continuity?  Closely related practices that support an organization's ability to remain operational after an adverse event.  Minimizing the effects of outages and disruptions on business operations  Reduce the risk of data loss and reputational harm  Improve operations while decreasing the chance of emergencies
  • 16. What is End-user education?  cybersecurity initiatives  first line of defense against cybersecurity attacks  Implement a cybersecurity policy and procedure document  Build your cybersecurity strategy  Have cybersecurity tools in place to help prevent the potential for compromise
  • 17. Types of cyber threats Cybercrime Cyber-attack Cyberterrorism
  • 18. What is Cybercrime?  a crime that involves a computer and a network  buy and sell malware online (generally on the dark web)  cybercriminals range from individuals to criminal organizations to state- sponsored actors.  Top 5 Popular Cybercrimes • Phishing • Identity Theft • Online Harassment • Cyberstalking • Invasion of privacy
  • 19. What is cyber Attacks?  type of offensive action that targets computer information systems  using various methods to steal, alter or destroy data or information systems.  Example- DDoS attacks, MitM attacks, Password attack, etc.
  • 20. How do malicious actors gain control of computer systems? Malware Hacker SQL injection Phishing Man-in-the-middle attack Denial-of-service attack Dridex malware Emotet malware End-user protection
  • 21. Different Types of Malware Virus Trojans Spyware Ransomware Adware Botnets
  • 22. What is Computer Virus? Characteristics  The virus can infect many records of infected computer  Can be Polymorphic  They may be resident in memory or not  Can be furtive  The virus can bring other viruses How To Protect  Run anti-virus software  Replace the files  Restart from a healthy disk  Run a diagnostic utility and disk repair  Reformat your hard disk
  • 23. What is Trojans? Characteristics  Trojan is similar to remote control  it doesn’t have concealment  Trojan has strong fraudulence  Trojan can open terminal automatically  Trojan has the ability of self-repair How To Protect  use anti-virus software or anti-spyware software  Use a firewall  must observe caution when opening email attachments  Update security patches for operating system
  • 24. What is Spyware? Characteristics  Usually it aims to track and sell your internet usage data  Tracking cookies  System monitors  monitors internet activity  gathers personal information and relays it to advertisers How To Protect  Make a spyware protection company policy  Use more than one anti-spyware application  Aim for a centrally-managed anti- spyware solution  Use a layered-defense  Lock down your systems
  • 25. What is Ransomware? Characteristics  effectively holds a user's computer hostage until a "ransom" fee is paid  Most ransomware attacks are the result of clicking on an infected email attachment How To Protect  entering Windows' Safe Mode and running an on- demand virus scanner such as Malwarebytes  lock-screen viruses typically do
  • 26. What is Adware? Characteristics  unwanted software designed to throw advertisements up on your screen  most often within a web browser.  uses an underhanded method to either disguise itself as legitimate How To Protect  Back up your files  Download or update necessary tools  Uninstall unnecessary programs  Run a scan with an adware and PUPs removal program
  • 27. What is Botnets? Characteristics  A number of Internet-connected devices, each of which is running one or more bots  Used to perform distributed denial-of-service attack (DDoS attack)  Steal data, send spam, and allows the attacker to access the device and its connection. How To Protect  Install a Windows Firewall  Disable Auto Run  Provide Least Privilege  Install Host-Based Intrusion Prevention  Enhance Monitoring
  • 28. What is SQL injection? Characteristics  SQL injection is a code injection technique that might destroy your database  SQL injection is one of the most common web hacking techniques  SQL injection is the placement of malicious code in SQL statements, via web page input. How To Protect  Trust no one  Don't use dynamic SQL – don't construct queries with user input  Update and patch  Firewall  Reduce your attack surface  Keep your secrets secret
  • 29. What is SQL Phishing? Characteristics  uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed  including sensitive company data, user lists or private customer details.  A successful attack may result in the unauthorized viewing of user lists  Example, the above-mentioned input How To Protect  Trust no one  Don't use dynamic SQL – don't construct queries with user input  Update and patch  Firewall  Reduce your attack surface  Keep your secrets secret
  • 30. What is SQL Man-in-the-middle attack? Characteristics  a hacker inserts itself between the communications of a client and a server  Example- Session hijacking How To Protect  Strong WEP/WAP Encryption on Access Points  Strong Router Login Credentials  Virtual Private Network  Force HTTPS  Public Key Pair Based Authentication
  • 31. What is Denial-of-service attack? Characteristics  overwhelms a system’s resources so that it cannot respond to service requests  launched from a large number of other host machines  malicious software controlled by the attacker.  Example- session hijacking How To Protect  Buy more bandwidth  Build redundancy into your infrastructure  Configure your network hardware against DDoS attacks  Deploy anti-DDoS hardware and software modules  Deploy a DDoS protection appliance  Protect your DNS servers
  • 32. Different Types of Hacker White Hat Hacker Gray hat Hacker Black Hat Hacker
  • 33. What is White Hat Hacker ? Roles and Responsibilities  Scanning ports to identify flaws  Examine patch installations  Social engineering methods  Dodge honeypots, IDS, or other systems  Sniffing
  • 34. What is Gray hat Hacker? Roles and Responsibilities  Gray hats fall into the middle ground  Gray hats sell or disclose their zero-day vulnerabilities not to criminals  Gray hats can be individual hackers or researchers
  • 35. What is Black hat Hacker? Roles and Responsibilities  breaking into computer networks and bypassing security protocols  responsible for writing malware  motivation is usually for personal or financial gain  experienced hackers that aim to steal data
  • 36. Cyber Security Strategy – Bangladesh  Security Policy, Legal Framework – ICT Act, 2006. – Digital Security Act 2016(Amendment) Bill, 2016 – Data Protection & Computer crimes  Capacity building – Skill & Competence development  Research and Development – Cyber Monitoring – Network Security
  • 37. ADVANTAGES OF CYBER SECURITY  PROTECTS THE COMPUTERS AGAINST VIRUS,WORMS AND MALWARE.  PROTECTS AGAINST THE DATA FROM THEFT  INCREASE IN CYBER DEFENSE  INCREASES THE SECURITY  WE CAN BROWSE THE SAFE WEBSITE  INCREASE IN CYBER SPEED  PROTECTS NETWORKS AND RESOURCES
  • 38. DIS ADVANTAGES OF CYBER CRIMES  MAKES THE SYSTEM SLOWER THAN BEFORE.  FIREWALLS WOULD BE DIFFICULT TO CONFIGURE CORRECTLY.  HUGE AMOUNT OF LOSS IN MONEY FOR THE BANKS,COMPANIES ETC  HUGE AMOUNT OF DATA LOSS OCCURS IN THE DATABASE
  • 39. How to protect yourself against cyberattacks Update your software and operating system Use anti-virus software Use strong passwords Do not open email attachments from unknown senders Do not click on links in emails from unknown senders or unfamiliar websites Avoid using unsecure Wi-Fi networks in public places
  • 40. Conclusion The only system which is truly secure is one which is switched off and unplugged. So , only way to be safe is Pay attention and Act smart.