Cyber Security

Awareness
Name :- Anshika Kaushal
Roll No. :- 1122168
 Cyber
•The internet allows an attackerSecurity
to work from anywhere on the
planet.
•Cyber Security is the safeguarding of computer systems and networks against data
leakage, theft, or damage to their hardware, software, or electronic data, as well as
disruption or misdirection of services.
Why is Cyber Awareness
Important?
• Cyber crime is a growing trend with advancement of
technology
• Raise awareness of threats
• As with most crimes the police can’t tackle this problem
alone
• To encourage reporting of Cyber Crime to enforcement
agencies
• Cyber crime is massively under reported.

Risks caused by poor security knowledge

and practice
• Identity Theft
• Monetary Theft
 Causes for
Concern
On average, hackers attack every 39
seconds, 2,244 times a day.

Since 2014, security breaches have

increased by 67%.

68% of business leaders believe

their
cyber security risks are increasing.

25% of breaches in 2019 were

motivated
by espionage.

71% of breaches in 2019 were financially

motivated.

4.1 billion records were exposed by data

breaches in the first half of 2019.

University of North Dakota:

https://onlinedegrees.und.edu/blog/types-
of-cyber-attacks/
Common Causes of Cyber
attacks •
Weak or stolen usernames and passwords
• Application vulnerabilities
• Absence of Antivirus and latest patches
• Use of Pirated Operating Systems
• System and Network Firewalls disabled
• Social engineering (tricking people into breaking security
protocols)
• Poor access control (Unauthorized users have access)
• Insider threats (System Password has not set)
• Improper configuration of WIFI devices and Hotspots
• Unnecessary Ports opened on Network for Backdoor Entry
Types of Cyber
Attacks
 Malwa
Malware is intrusive software that isre
designed to damage and destroy application and
computer systems. Malware is a contraction for “malicious software.” Examples of
common malware includes viruses, worms, Trojan viruses, spyware, adware, and
ransomware.

Salient Differences
1) Computer Virus:
• Needs a host
Internet file
• Copies itself
• Executable
2) Network Worm:
• No host (self-
contained)
• Copies itself
• Executable

3) Trojan Horse:
• No host (self-
Internet Service Hackers & Governments contained)
• Does not copy itself
Providers
Snoopers • Imposter Program
•Phishing: a ‘trustworthy entity’ asks via e-mail for sensitive information such as UID, credit card
numbers, login IDs or
passwords. It is a kind of social engineering attack where a person steals the sensitive information of
user in a fraud
manner by disguising as a legitimate person.
•Spoofing is a kind of computer virus attack where a person steals the details of important a legitimate
user and acts as
another user. It is a kind of identity theft. Cyber criminals use spoofing to fool victims into giving up
sensitive
information or money or downloading malware
• Ransomware is a new type of malware that encrypts documents, pictures and other files, making them
unreadable.
The
attacker then holds the decryption key for ransom until you agree to pay money, usually through an
untraceable method
such as BitCoin or other digital currency.
Do:
• Always verify the sender of a message.
• Always hover over web page links (URLs) in email messages to see where they link to – beware URL
shortening services (like bit.ly) that may obscure the final web site destination.
• Be skeptical of messages with odd spelling/grammar, improper logos or that ask you to
upgrade or verify your account.
• Report suspicious emails to [email protected] or NIC
• Take backups of important files to avoid ransomware
Don’t:
Social engineering manipulates people into performing actions or divulging confidential
information. Similar to a confidence trick or simple fraud, the term applies to the use of
deception to gain information, commit fraud, or access computer systems.
Email:
Phone Call: ABC Bank
This is John, has noticed
the System a problem I have
Admin. In Person:
What
with your come to
What is repair
your areethnicity
you? Your account…
and your
password? mother’s
have machine…
maiden
name? some
softwar
e
patches
 Violation of Information
Security
The classified official communication(i.e. in four categories TOP SECRET, SECRET, CONFIDENTIAL and
RESTRICTED. ) on public domain messaging platform like WhatsApp, Telegram, messenger etc. is a
clear violation of information security instructions as provided in Manual of Departmental Security
Instructions (MoDSl) and National information Security Policy Guidelines (NISPG).

According to NISPG, the Top Secret and Secret information shall be shared only in a closed network with
leased line connectivity where Scientific Analysis Group - DRDO(SAG) grade encryption mechanism is
deployed. However, Confidential and Restricted information can be shared on internet through networks
that have deployed commercial AES 256-bit encryption.

International Threat
Information shall be harvested by private companies
owning the platform as they control storage servers
that are often located outside the country.

Information Tampering
Disrupt digital operations or damage information of
the
plans and projects yet to be formalized

Individual Information leakage

Personal information of an individual is used for
adversaries or can be monetised for gains.
 Mobile Device
Security
• Keep your device software up to date – unpatched software leaves your device vulnerable to
attack. Install operating system updates as well as updates to applications.
• Have anti-virus and/or anti-malware software installed, enabled and set to automatically update.
• Never leave your laptop or mobile device unattended. Thefts do happen.
• Encrypt laptops and external media that contains restricted or sensitive data.
• Make sure you backup your data frequently in case your device is ever lost or stolen.
• Ensure access to your mobile device is protected with a passcode and use built-in encryption
settings to ensure
that your data is safe if your device is ever lost or stolen.
• Consider using a remote tracking/wipe function if supported. For iOS devices, iCloud provides the
“Find my iPhone” service for free. Android and other mobile operating systems also have similar
functionality.
THANK
YOU…!!!