Robotics and automation Engineering Department

Seminar Topic: RECENT TRENDS AND

DEVELOPMENT
IN CYBER SECURITY
Name of Student: SUJAY SUBHASH ANKALGI
Class: TE
Seat No: T1902107928
College Guide: Mr. Y. R. Chandwade

1
 Presentation Overview

• Introduction
• Literature survey
• Types of cyber threats
• Cybersecurity tools and technologies
• Cyber security framework
• Confidentiality, Integrity, and Availability (CIA triad)
• Cyber Security Reports
• Case study 1 : 2024 lebanon pager explosions
• Case study 2 : Fake product listings on real shopping
sites lead to stolen payment information
• Reference
 Introduction

This project tackles the rising cybersecurity challenges posed by evolving technologies and
sophisticated cyberattacks.
It enhances existing frameworks by identifying vulnerabilities, improving threat detection through
firewalls, encryption, and ai-based anomaly detection, and implementing real-time monitoring and
response strategies.
Simulating cyberattacks helps assess the effectiveness of these measures, providing insights into
current practices and recommendations for stronger defenses.
 L I T E R AT U R E S U RV E Y

Cybersecurity has become vital in the modern digital age, as organizations increasingly rely on technology for
business operations, data storage, and critical processes. The rise in both the frequency and sophistication of
cyberattacks has led to substantial research into effective cybersecurity measures and frameworks.

This literature examines vulnerabilities, advanced threat detection methods, preventive techniques, and
incident response strategies to mitigate risks and strengthen security.

Vulnerabilities in digital infrastructure are a primary concern, as attackers exploit weaknesses such as
software bugs, misconfigurations, and zero-day exploits. Research highlights that many breaches result from
social engineering and poor security practices. As iot and cloud services expand, vulnerabilities in
interconnected systems grow more significant, requiring constant monitoring and updates to ensure network
security.

Advances in threat detection methods, particularly AI and machine learning-based techniques, have
transformed the field. Traditional signature-based detection struggles against modern threats like advanced
persistent threats (apts) and zero-day attacks. Ai-driven anomaly detection, which monitors network
behavior for unusual patterns, offers a more adaptive and effective solution for identifying emerging threats
that older methods may miss.
• Preventive techniques such as encryption, firewalls, and multi-factor authentication (MFA) remain
fundamental in securing systems and data. Encryption protects sensitive information, while firewalls
regulate network traffic. MFA adds an extra layer of security by requiring multiple forms of verification
to access systems.
• The integration of ai and machine learning in cybersecurity enhances the automation of threat detection
and response. These technologies enable the management of vast amounts of data and improve the
detection of complex attacks. Machine learning models evolve to adapt to new threats, making them vital
tools in modern cybersecurity strategies.
• In conclusion, integrating advanced detection, prevention, and response strategies is vital to protecting
organizations from modern cyber threats.
 Types of Cyber Threats

• Malicious Threats : Viruses , Worms , Trojans , Spyware , Adware ,

Ransomware , Phishing.
• Network Threats : Denial of Service (DoS) , Distributed Denial of Service
(DDoS) , Man-in-the-Middle (MitM) , SQL Injection , Cross-Site Scripting
(XSS).
• System Threats : Rootkits , Keyloggers , Backdoors , Logic Bombs .
• Human-Centric Threats : Insider Threats , Social Engineering , Physical
Attacks .
• Emerging Threats : IoT Attacks , Cloud Computing Threats , 5G Network
Threats .
Cybersecurity Tools and Technologies
 Cyber Security Framework

Several established frameworks provide guidelines and best

practices for managing cybersecurity risks. Notable frameworks
include:

NIST Cybersecurity Framework: A voluntary framework that provides

a structured approach to managing cybersecurity risk.
• Protection of digital information and systems from unauthorized
access, use, disclosure, disruption, modification, or destruction.
• Defense against cyber threats, including malware, phishing, and
hacking.
 Confidentiality, Integrity, and Availability
(CIATriad)

 Confidentiality: Ensuring that sensitive information is accessed

only by authorized individuals. Techniques include
encryption, access controls, and authentication mechanisms.

 Integrity: Maintaining the accuracy and trustworthiness of data.

Measures to ensure integrity include hashing, checksums, and
data validation processes.

 Availability: Ensuring that information and resources are

accessible to authorized users when needed. This includes
implementing redundancy, failover systems, and regular
maintenance.
CYBER SECURITY RECENT REPORTS :

Cyberattacks targeted Indian sectors in first half of 2024

Source: ‘India Breach Report’ by FalconFeed

 India experienced a high number of cyberattacks in the first
six months of 2024 with key fields like education, defence and
Month-wise distribution of research among the "victims."
cyberattacks in India Various government branches and the technology sector were
also among the primary targets while healthcare, banking,
manufacturing, and consumer services were also hit.

The six-month period witnessed 388 data breaches, 107 data

leaks, 39 ransomware activities, and 59 cases of access sales
or leaks.

The Telegram app was a hotbed for data breaches and scams.
A hub of hackers, Telegram is used as the platform to
coordinate attacks and share information.

The findings were released by the 'India Breach Report' by

FalconFeeds, a product of cybersecurity firm Technisanct.
Source: ‘India Breach Report’ by FalconFeed
Government and public sector entities were
disproportionately affected, with the Centre bearing the brunt
of the attacks, it claimed.
 State-wise chart of
Data breaches being the most common form of cyber
attack in India means leading organisations lack
cyberattacks in India
robust data protection measures.

Sensitive information belonging to these institutions

remains "highly vulnerable" to exposure, FalconFeeds
warns in the report.

The report identified as many as "71 victims" of cyber

attacks in the public and government sectors between
January and June.

Even military, defence, law enforcement sectors were

hit alongwith several departments headed by state
governments, it said.

The states of Bihar, Kerala, Haryana, New Delhi,

Karnataka and Andhra Pradesh were among the most
hit in the list released by the cybersecurity firm. Source: ‘India Breach Report’ by FalconFeed
Case study 1 :

2024 Lebanon pager The 2024 Lebanon pager explosions were part of a covert
explosions cyber-physical sabotage operation targeting Hezbollah,
reportedly carried out by Israel’s Unit 8200, an elite cyber-
intelligence division.

The operation involved embedding explosives into pagers

used by Hezbollah operatives.

These pagers, an older communication technology, were

selected by Hezbollah to evade modern surveillance and
electronic warfare techniques, as they generate less
metadata compared to smartphones.

The operation was aimed at disrupting Hezbollah's

capabilities by targeting their communication networks and
potentially sabotaging their infrastructure
 Case study 2 :
More than 1,000 legitimate shopping sites have been
compromised to promote fake product listings in a
credit card phishing scheme dubbed “Phish ‘n’ Ships,” Fake product listings on real
HUMAN’s Satori Threat Intelligence and Research team shopping sites lead to stolen
revealed Thursday. payment information
Researchers believe that the scheme, which has been
ongoing since 2019, has affected hundreds of thousands
of online shoppers and raked in tens of millions of
dollars in stolen funds.

The threat actors behind Phish ‘n’ Ships have built 121
fake online stores that receive traffic through both
search engines and listings on compromised sites, and
have abused four different third-party payment
processors in the scam campaign.
 REFERENCE

 https://www.nist.gov/cyberframework
 https://en.wikipedia.org/wiki/2024_Lebanon_pager_explosions
 http://timesofindia.indiatimes.com/articleshow/113529820.cms?utm_source=contentofinterest&utm_medi
um=text&utm_campaign=cppst
 https://www.linkedin.com/pulse/common-cybersecurity-terminologies-habeeb-adebisi/
 https://timesofindia.indiatimes.com/world/middle-east/pager-attack-in-lebanon-why-was-hezbollah-using-
outdated-pagers-in-2024/articleshow/113442551.cms
 https://www.accountingtimes.com.au/technology/ai-aiding-cybercrime-bdo-research-warns
 https://insaaf99.com/blog/cyber-crime-report-and-online-vigilance/
 https://www.theweek.in/news/india/2024/08/28/india-s-defence-other-govt-departments-fell-prey-to-
cyber-attacks-in-2024-telegram-a-hotbed-report.html
THANK
YOU…