SlideShare a Scribd company logo

Cyber Wars.pptx

Download as PPTX, PDF
A
ArjunKumar684595

Cyberwar is a form of conflict conducted in the digital realm, where nations, organizations, or individuals use cyberattacks and cyber espionage to achieve strategic goals or gain an advantage over their adversaries. Here's a detailed description of the topic: 1. **Definition**: Cyberwar refers to the use of computer-based techniques and tactics to disrupt, damage, or gain unauthorized access to computer systems, networks, and critical infrastructure, often with the intent to exert influence, espionage, or conduct acts of aggression against an adversary. 2. **Goals and Objectives**: - **Espionage**: One primary objective of cyberwarfare is to gather intelligence by infiltrating the computer networks of other nations, organizations, or individuals. - **Disruption**: Cyberwarfare can be used to disrupt critical infrastructure, such as power grids, transportation systems, or financial institutions, causing chaos and economic damage. - **Destruction**: In some cases, cyberattacks may aim to destroy data, systems, or capabilities, causing long-term damage. - **Psychological Operations**: Cyberwarfare can be used for psychological operations (PsyOps) to manipulate public opinion or create fear and uncertainty. 3. **Methods**: - **Malware**: The use of malicious software like viruses, worms, Trojans, and ransomware to compromise systems. - **Phishing**: Deceptive emails or websites that trick individuals into revealing sensitive information like passwords. - **Denial of Service (DoS) and Distributed Denial of Service (DDoS)** attacks: Overwhelming a target's network or website to render it inaccessible. - **Advanced Persistent Threats (APTs)**: Long-term, targeted attacks aimed at stealing information or controlling systems. - **Zero-Day Exploits**: Exploiting vulnerabilities in software or hardware that are not yet known to the vendor. 4. **Attribution Challenges**: Determining the source of cyberattacks can be difficult due to the use of proxy servers, false flags, or the involvement of non-state actors. 5. **International Laws and Norms**: The legal framework for cyberwar is still evolving. Nations are working to establish rules and norms governing state behavior in cyberspace. 6. **Escalation and Deterrence**: The use of cyberweapons raises concerns about escalation and deterrence. The lack of clear boundaries in cyberspace can lead to unintended consequences. 7. **Notable Examples**: - Stuxnet: A computer worm allegedly developed by the United States and Israel to sabotage Iran's nuclear program. - NotPetya: A ransomware attack in 2017 that caused widespread damage, initially believed to be a cyberattack by Russia against Ukraine. - SolarWinds: A supply chain attack discovered in 2020, attributed to Russian hackers, which compromised numerous U.S. government and private sector.

Education
1 of 47
Cyber War
Definition of Cyber War • Cyber warfare involves the actions by a nation-state or international organization to attack and attempt to damage another nation's computers or information networks through, for example, computer viruses or Denial-of-Service (DoS) attacks. • It has the potential to wreak havoc on government and civilian infrastructure and disrupt critical systems, resulting in damage to the state and even loss of life. • There are several examples of alleged cyber warfare in recent history, but there is no universal, formal, definition for how a cyber attack may constitute an act of war. (scale and severity matters the most)
• Cyber warfare typically involves a nation-state perpetrating cyber attacks on another, but in some cases, the attacks are carried out by terrorist organizations or non-state actors seeking to further the goal of a hostile nation. • There are several grey areas in the definition of Cyber War • One reason that the legal status of cyberwarfare has been blurred is that there is no international law that refers to cyberwar, because it is such a new concept • Some states are very willing to exploit this uncertainty, using the opportunity to test out cyberwar techniques in the knowledge that other states are uncertain about how they could react under international law. • Tallin Manual is an attempt to bring some clarity to the Cyber War concept
• Nearly every system we use is underpinned in some way by computers, which means pretty much every aspect of our lives could be vulnerable to cyberwarfare at some point, and some experts warn it is a case of when, not if. • Grim scenario involves:  one day your bank balance drops to zero and then suddenly leaps up, showing you've got millions in your account  Then stock prices start going crazy as hackers alter data flowing into the stock exchange  The next day the trains aren't running because the signalling stops working, and you can't drive anywhere because the traffic lights are all stuck on red, and the shops in big cities start running out of food.  Pretty soon a country could be reduced to gridlock and chaos, even without the doomsday scenarios of hackers disabling power stations or opening dams.
Types of Cyber Warfare Attacks o Espionage  Cyber espionage Closely related but separate to cyberwarfare is cyber espionage, whereby hackers infiltrate computer systems and networks to steal data and often intellectual property. o Sabotage  site hacking and injecting virus o Denial of Service (DoS) Attacks o Electric Power Grid
o Propaganda Attacks Attempts to control the minds and thoughts of people living in or fighting for a target country. Propaganda can be used to expose embarrassing truths, spread lies to make people lose trust in their country, or side with their enemies o Economic Disruption o Surprise Attacks
A Brief History Of Cyberwarfare 2010 Stuxnet • Stuxnet is a computer worm that targets industrial control systems • This was the first genuine cyberweapon which was designed to inflict physical damage. • It was developed by the US and Israel (although they have never confirmed this) to target the Iranian nuclear programme. • It reportedly ruined almost a fifth of Iran’s nuclear centrifuges and delayed the project • Stuxnet was a complicated worm, using four different zero-day exploits and likely took millions of dollars of research and months or years of work to create.
2014 Russian DDoS attack against Ukraine This is the second time Russia allegedly coordinated military and cyber- attack. A DDoS attack 32 times larger than the largest known attack disrupted the internet in Ukraine while Russian-armed pro-Russian rebels were seizing control of the Crimea. Russia vs. Ukrainian election commission Three days before Ukraine’s presidential election, a Russia-based hacking group took down both Ukraine’s election commission and a back-up system. The attack was an attempt to create chaos and aid the pro-Russian candidate.
2015 Russia vs. German parliament: German investigators discovered that hackers had infiltrated the computer network of the German Bundestag. Germany’s domestic intelligence service, the BfV, later said that the attack was performed by Russia and that they were seeking information on the workings of the Bundestag, German leaders, NATO, and others. China vs. United States Office of Personnel Management: The records of 21.5 million employees and unsuccessful applicants to the United States government were stolen from the U.S. Office of Personnel Management. U.S. government sources believe that the hacker was the government of China.
2016 Second Russian-caused power outage in Ukraine It is thought that Russian hackers hid in a power supplier’s network undetected for six months before taking the power offline. The power cut amounted to about a fifth of Kiev’s power consumption that night being lost. This attack happened almost one year to the date of the December 2015 cyber-attack which cut off power to 225,000 people in western Ukraine.
2017 WannaCry • WannaCry is an example of crypto ransomware, a type of malicious software (malware) used by cybercriminals to extort money. • WannaCry targeted computers running Microsoft Windows. • It encrypts data and demands payment of a ransom in the cryptocurrency Bitcoin for its return. • This attack is estimated to have affected more than 200,000 computers across 150 countries.
2017 NotPetya • This is the first major instance of weaponized ransomware. • The NotPetya malware was disguised as ransomware but its goal was to destroy files. • While the attack originated in Ukraine, it quickly spread worldwide. • The attack resulted in damages of about $10 billion. • Within hours of NotPetya’s release, the malware had raced around the world and infected countless computers. Victims included FedEx’s European subsidiary, TNT Express; several French companies; a hospital in Pennsylvania; the pharmaceutical company Merck; and, of course, Maersk. The radiation monitoring system at the Chernobyl Nuclear Plant went offline. The infection even spread back to Russia, corrupting state oil company Rosneft.
• Petya is a ransomware package that was used to extort money from compromised users in exchange for a decryption key. • NotPetya was not “legitimate” ransomware; its intent was purely destructive. Any ransom payment was wasted. There was no decryption key for the destroyed data.
Why are governments investing in cyberwarfare right now? • Unlike traditional military attacks, a cyberattack can be launched instantaneously from any distance, with little obvious evidence of any build-up, unlike a traditional military operation • Such as attack would be extremely hard to trace back with any certainty to its perpetrators, making retaliation harder. • The fear of being vulnerable to the cyberweapons of their rivals plus a desire to harness these tools to bolster their own standing in the world is leading many countries into a cyber arms race
Cyber Vulnerability in Banking System • Financial services firms fall victim to cybersecurity attacks far more frequently than businesses in other industries. • Malicious actors are taking advantage of this digital transformation and pose a growing threat to the global financial system, financial stability, and confidence in the integrity of the system. • Security breaches lead to lost revenue for banking institutions, interruptions in operations, and loss of both reputation and customers. • Financial establishments experience threats from a variety of sources led primarily by mobile applications and web portals. • Cyber criminals may steal or manipulate valuable user data and or “clone” banking apps in order to use them for nefarious purposes.
Why Is Cyber Security Important In Banking? • Digital India has led to an increase in the usage of cashless transactions, digital money. In this context, taking all the security measures is important to protect the data and privacy. • Data breaches are a serious problem in the banking sector. A weak cybersecurity system can cause their customer base to undergo cyber security threats. • When a bank’s data is breached, recovering from this data breach can be time-consuming and stressful. So enhancing the banking security system is a must! • Banks need to be on their guard 24/7; if not, your data with the bank can be breached.
• The malicious actors behind the attacks on banks include not only increasingly daring criminals—such as the Carbanak group, which targeted financial institutions to steal more than $1 billion during 2013-18—but also states and state-sponsored attackers. North Korea, for example, has stolen some $2 billion from at least 38 countries in the past five years. • In February 2016, hackers targeted the central bank of Bangladesh and exploited vulnerabilities in SWIFT, the global financial system’s main electronic payment messaging system, trying to steal $1 billion. While most transactions were blocked, $101 million still disappeared. • The October 2020 hack of Uganda’s largest mobile money networks, MTN and Airtel, for example, resulted in a major four- day disruption of service transactions.
Cyber Incidents involving Indian Financial Institutions • Union Bank of India Attempted SWIFT Heist On July 21, 2016, attackers attempted to use fraudulent SWIFT transactions to steal $170 million from the Union Bank of India (UBI), but the money was ultimately recovered within three days after the transactions were flagged. • City Union Bank SWIFT Attack In February 2018, City Union Bank in India suffered a breach that allowed $1 million to be transferred to a Chinese institution. • Indian ATMs Targeted with ATMDtrack Malware On September 23 2019, security researchers reported that North Korean hackers had developed and inserted malware to steal payment information from Indian ATMs and banking institutions.
• Indian Mobile Banking Apps Malware On May 14 2020, CERT-In, India’s national CERT, released a warning that a mobile banking malware called 'EventBot' that steals personal financial information was affecting Android users in India. • Indian Fintech Chqbook Suffers Breach On December 25 2021, two million credit score records from Chqbook, an Indian FinTech startup, were found on the dark web. • Banking trojan targets Indian Android-based financial customers On September 22, 2021, researchers reported that Android phone banking customers in India were being targeted the Drinik banking trojan malware. • CashMama data breach On April 6, 2022, India-based loans app CashMama reported a data breach, in which customer data that was invasively collected and stored was exposed.
What is SWIFT? • The Society for Worldwide Interbank Financial Telecommunication (Swift) is an international network that links banks to securely and privately exchange signals regarding actions like money transfers. • Every day, about 11,000 SWIFT members send close to 33.6 million transactions
Top Cybersecurity Threats Faced by Banks Spear Phishing • Spear-phishing is a type of phishing attack that targets specific individuals or organizations typically through malicious emails. • The goal of spear phishing is to steal sensitive information such as login credentials or infect the targets’ device with malware • Spear phishers carefully research their targets, so the attack appears to be from trusted senders in the targets’ life. • A spear phishing email uses social engineering techniques to urge the victim to click on a malicious link or attachment • Once the victim completes the intended action, the attacker can steal the credentials of a targeted legitimate user and enter a network undetected.
Phishing • Phishing attacks prioritize quantity. • The messaging in phishing emails, texts or phone calls are generic and sent to a large group of individuals or organizations in hopes of increasing the chance of “catching” a victim. • Phishing attacks via phone calls are often called vishing for voice-phishing • Attacks via text messages are known as smishing for SMS- phishing. Spear Phishing • Spear-phishing attacks prioritize quality. • Spear-phishing emails, texts or phone calls are highly personalized for a specific organization or individual. • Spear-phishing attacks are more likely to deceive potential victims due to the amount of research and time spent personalizing messages that appear to be from legitimate senders.
 Whaling • Whaling uses the same personalized strategy of spear-phishing attacks, except attackers specifically target higher level management to expose financial and confidential information. • Whaling attacks hope to extract more valuable, classified information by taking down big targets, which can magnify the damage inflicted upon an organization.
Trojans • Trojans are quiet common threat to private users. • Hackers can infect their targeted computers with Trojan virus by decisively making their target download a software which they thought was legitimate but was in fact malicious. • Once the software is in the computer then the hacker can do anything from recording your passwords by logging keystrokes to taking over your webcam to watch and record your every move.
 Ransomware
 Spoofing • Spoofing, as it pertains to cybersecurity, is when someone or something pretends to be something else in an attempt to gain our confidence, get access to our systems, steal data, steal money, or spread malware Few Types of Spoofing Attacks include: Email Spoofing Caller ID Spoofing Website or Domain Spoofing Facial spoofing
 Distributed Denial of Service (DDoS) • DDoS is a category of malicious cyber-attacks that hackers or cybercriminals employ in order to make an online service, network resource or host machine unavailable to its intended users on the Internet • Targets of DDoS attacks are flooded with thousands or millions of superfluous requests, overwhelming the machine and its supporting resources
Difference between DoS and DDoS Denial-of-Service (DoS) • In Dos attack single system targets the victim system. • Victim’s PC is loaded from the packet of data sent from a single location • Dos attack is slower as compared to DDoS. • DOS Attacks are Easy to trace. • Can be blocked easily as only one system is used. Distributed Denial-of-Service (DDoS) • In DDoS multiple systems attack the victim’s system • Victim PC is loaded from the packet of data sent from Multiple locations. • A DDoS attack is faster than Dos Attack. • DDOS Attacks are Difficult to trace. • It is difficult to block this attack as multiple devices are sending packets and attacking from multiple locations.
Cyber Vulnerability in Transportation System • Between June of 2020 and June of 2021, the transportation industry witnessed a 186 percent increase in weekly ransomware attacks (Cybertalk.org) • The number of ransomware attacks is increasing across all sectors, but transportation entities are seemingly bearing the brunt of this trend. • As the transportation companies have not historically deployed large security teams to protect their digital assets, they are more acutely affected by the global cybersecurity skills gap than other businesses.
• As part of critical public infrastructure, transportation is uniquely at risk. • Most people and businesses depend on transport, whether it is getting to work on time, sending goods or receiving medical supplies. • If an attack disrupts transportation, entire supply chains could come crashing down. • Traffic light or rail transit disruption could cause physical harm.
Prime threats affecting the transport sector ransomware attacks; data related threats; malware; denial-of-service (DoS), distributed denial-of-service (DDoS) and ransom denial-of-service (RDoS) attacks; phishing / spear phishing; supply-chain attacks.
Notable Transportation Industry Attacks NotPetya Maersk Ransomware attack (2017): • In 2017, one of the most widespread and devastating cyberattacks was perpetrated against worldwide shipping giant Maersk. • The Danish transport and logistics conglomerate fell prey to a campaign which used a modified version of the Petya ransomware, NonPetya, bringing down IT systems and operational controls across the board. • Maersk has revealed that the attack required close to a "complete infrastructure" overhaul and the reinstallation of thousands of machines. • The shipping giant has suffered millions of dollars in damage due to the ransomware attack.
• While no customer or business data is believed to have been exposed, the firm endured severe disruption and was forced to halt operations as the ransomware spread through core IT systems • In September, FedEx revealed the damage caused by falling victim to the Petya cyberattack. • The delivery giant faced losses of approximately $300 million after the operations of the firm's TNT Express unit in Europe were disrupted. • The disruption to the global supply chain, of which Maersk is a major component, was extensive, and losses accumulated into the billions
• In late 2020, the giant shipping company Matson was attacked by a gang of cybercriminals using the Windows REvil ransomware. The thieves claimed to have stolen a terabyte of data. • In June 2021, reports surfaced that North America’s largest transportation network, New York’s Metropolitan Transportation Authority, was hit with a cyberattack two months before. Cybersecurity experts suspect Chinese threat actors are responsible for the attack. The Chinese attackers reportedly exploited a zero-day vulnerability in a remote access product from Pulse Connect Secure to infiltrate the MTA’s network.
In 2020, 9 million EasyJet customers’ email addresses and travel details were stolen out of which credit card information of 2,208 were also compromised. The LockBit ransomware targeted the Agency for Aerial Navigation Safety in Africa and Madagascar (ASECNA). During this high severity incidence, the data of the agency’s 18 member countries have been encrypted, and the agency has threatened to disclose breached data to the dark web unless a $25,000 ransom is paid
• In 2018, investigators found 86% of 1,000 hardware devices that Cisco had supplied to San Francisco’s Bay Area Rapid Transit system contained “hidden backdoors on the devices, as well as a persistent ‘ping’ where data are sent to a foreign nation hostile to American interests”. • Transit cybersecurity efforts should include looking at the software supply chain, “so that you actually start to look at and understand Where did all the different pieces of this software come from? Where were they assembled? Who had a hand in it?”
Cyber Vulnerability in Communication System • Communication systems are a vital infrastructure. Communication lines and infrastructure include physical lines, satellites, and other wireless methods. • As more hackers start targeting these tools, a successful attack could be devastating. • By design, these systems convince multitudes of people to take a given action, making them dangerous if a malicious actor controls them. • Mass communications messages typically come from authoritative sources and often relate to emergencies. • As such, people are more likely to believe and respond to them. If a malicious threat actor infiltrated these systems, they could cause millions of people to act recklesslessly
• Physical lines can be cut off in physical attacks, but they are also vulnerable to the cyberattacks that can be used against wireless communications An unwanted wireless signal injected into the original signal may result in a temporary loss of wireless signals, poor receiver performance, or bad quality of output by the electronic equipment. Channel interferences influencing the performance of wireless communication systems can be co-channel interferences or adjacent channel interferences.
Overload attacks, like DDoS attacks are designed to overwhelm the available capacity of the infrastructure or absorb so much capacity that the negative influence on the service is notable. • Even our networks of satellites and space systems are vulnerable to cyberattacks, which can create a backdoor into the physical and digital systems we rely upon on a daily basis.
Example: Maritime Communication System a) Automatic Identification System – AIS AIS (Automatic Identification System) is a VHF radio-based system that allows ships to broadcast their current GPS-obtained location to nearby vessels. Key risk: Since AIS lacks any mechanism for validating messages are being broadcast correctly, it is possible to spoof messages to present as a different vessel, or ‘fake’ a vessel location. This is often used to conceal illegal activity such as illegal fishing or evading international sanctions. Additionally, since AIS is used to generate collision-avoidance warnings, spoofing locations could be used to ‘force’ a vessel off course and into dangerous waters.
b) Global Maritime Distress and Safety System - GMDSS GMDSS (Global Maritime Distress and Safety System) is a suite of procedures, protocols and communications systems designed to assist with rescuing vessels in distress. The key components are HF-radio and Satellite-based transmitters. Key risk: Given GMDSS’ key role in saving lives, ensuring its constant availability is crucial. While it could be possible to disrupt radio communications via jamming, the set of technologies used should mean other channels continue to work. A risk is its reliance on a single operator for satellite communications, but other providers are likely to be approved in the next few years.
c) Satellite communication Satellite communication has become the main way of transferring information when a vessel is at sea and can allow for the transmission of voice, internet and other data. Although traditionally high-cost, new operators and satellite launches mean bandwidth is becoming cheaper and more widely available. Key risk: The development of software-defined radio technology means that radio signals of the frequencies used by satellite communication systems can be received and analysed cheaply. If sensitive information is being transmitted in plain text, then it may be possible to intercept it. Older satellite equipment (e.g. terminals) may also be at risk of direct attacks over the internet.
d) VHF VHF radio is the most commonly used marine communication system, found on everything from large vessels to small recreational craft. It uses simple analogue FM modulation to transmit a voice signal which can be received by anyone in range of the transmitter. Key risk: Due to its broadcast nature and simple analogue modulation the lack of confidentiality means that VHF should not be used to transmit sensitive information. In practise, its use for general ship-to- ship and ship-to-shore communications means this is unlikely to occur.
Thank You!

Recommended

Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
Maira Asif
 
Network security threats ahmed s. gifel
Network security threats ahmed s. gifelNetwork security threats ahmed s. gifel
Network security threats ahmed s. gifel
Ahmed Tememe
 
"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!
amit_shanu
 
Brooks18
Brooks18Brooks18
Brooks18
Chuck Brooks
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
Chuck Brooks
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
Arindam Sarkar
 
Cyber crime and issues
Cyber crime and issuesCyber crime and issues
Cyber crime and issues
Roshan Mastana
 
Cybercrime
CybercrimeCybercrime
Cybercrime
Vansh Verma
 

Recommended

Cyber warfare ss
Cyber warfare ssCyber warfare ss
Cyber warfare ss
Maira Asif
 
Network security threats ahmed s. gifel
Network security threats ahmed s. gifelNetwork security threats ahmed s. gifel
Network security threats ahmed s. gifel
Ahmed Tememe
 
"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!"Cyber crime", or computer-oriented crime..!!
"Cyber crime", or computer-oriented crime..!!
amit_shanu
 
Brooks18
Brooks18Brooks18
Brooks18
Chuck Brooks
 
Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...Event: George Washington University -- National Security Threat Convergence: ...
Event: George Washington University -- National Security Threat Convergence: ...
Chuck Brooks
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
Arindam Sarkar
 
Cyber crime and issues
Cyber crime and issuesCyber crime and issues
Cyber crime and issues
Roshan Mastana
 
Cybercrime
CybercrimeCybercrime
Cybercrime
Vansh Verma
 
Cyber crimes Challenges in Global and Oman
Cyber crimes Challenges in Global and OmanCyber crimes Challenges in Global and Oman
Cyber crimes Challenges in Global and Oman
Mubarak Al Hadadi
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
shreemala1
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docx
bkbk37
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docx
write12
 
Cyber security
Cyber securityCyber security
Cyber security
TonyYeung23
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
Gaurav Singh
 
Cyber crime: A Quick Survey
Cyber crime: A Quick SurveyCyber crime: A Quick Survey
Cyber crime: A Quick Survey
Arindam Sarkar
 
Cybercrime
CybercrimeCybercrime
Cybercrime
SERCOD
 
Types of Cyber Threats By Dr.S.Jagadeesh Kumar
Types of Cyber Threats By Dr.S.Jagadeesh KumarTypes of Cyber Threats By Dr.S.Jagadeesh Kumar
Types of Cyber Threats By Dr.S.Jagadeesh Kumar
Dr.S.Jagadeesh Kumar
 
Cybercrimeppt 160421074211
Cybercrimeppt 160421074211Cybercrimeppt 160421074211
Cybercrimeppt 160421074211
Andreaa Viv
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
Journalist Ish
 
cyber_crime (1).pptx
cyber_crime (1).pptxcyber_crime (1).pptx
cyber_crime (1).pptx
KoukiGaz
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
Sai praveen Seva
 
Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)
Anshuman Tripathi
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
glendar3
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
todd581
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
sweetpeace1
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
aritraranjan
 
Cyber Crimes.pptx
Cyber Crimes.pptxCyber Crimes.pptx
Cyber Crimes.pptx
mnm Lastopop
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
Dharani Adusumalli
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
Celine George
 
VAMOS CUIDAR DO NOSSO PLANETA! .
VAMOS CUIDAR DO NOSSO PLANETA! .VAMOS CUIDAR DO NOSSO PLANETA! .
VAMOS CUIDAR DO NOSSO PLANETA! .
Colégio Santa Teresinha
 

More Related Content

Similar to Cyber Wars.pptx

7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
shreemala1
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docx
bkbk37
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docx
write12
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
Sai praveen Seva
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
glendar3
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
todd581
 

Similar to Cyber Wars.pptx (20)

Cyber crimes Challenges in Global and Oman
Cyber crimes Challenges in Global and OmanCyber crimes Challenges in Global and Oman
Cyber crimes Challenges in Global and Oman
 
7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank7 mike-steenberg-carlos-lopera-us-bank
7 mike-steenberg-carlos-lopera-us-bank
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docx
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docx
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security by Gaurav Singh
Cyber security by Gaurav SinghCyber security by Gaurav Singh
Cyber security by Gaurav Singh
 
Cyber crime: A Quick Survey
Cyber crime: A Quick SurveyCyber crime: A Quick Survey
Cyber crime: A Quick Survey
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Types of Cyber Threats By Dr.S.Jagadeesh Kumar
Types of Cyber Threats By Dr.S.Jagadeesh KumarTypes of Cyber Threats By Dr.S.Jagadeesh Kumar
Types of Cyber Threats By Dr.S.Jagadeesh Kumar
 
Cybercrimeppt 160421074211
Cybercrimeppt 160421074211Cybercrimeppt 160421074211
Cybercrimeppt 160421074211
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
cyber_crime (1).pptx
cyber_crime (1).pptxcyber_crime (1).pptx
cyber_crime (1).pptx
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
 
Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)Cyber crime-140128140443-phpapp02 (1)
Cyber crime-140128140443-phpapp02 (1)
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
 
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docxRunning head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
Running head METHODS USED IN CYBER WARFARE1METHODS USED IN CYB.docx
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Crimes.pptx
Cyber Crimes.pptxCyber Crimes.pptx
Cyber Crimes.pptx
 
28658043 cyber-terrorism
28658043 cyber-terrorism28658043 cyber-terrorism
28658043 cyber-terrorism
 

Recently uploaded

QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
httgc7rh9c
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
EADTU
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
AnaAcapella
 

Recently uploaded (20)

How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
VAMOS CUIDAR DO NOSSO PLANETA! .
VAMOS CUIDAR DO NOSSO PLANETA! .VAMOS CUIDAR DO NOSSO PLANETA! .
VAMOS CUIDAR DO NOSSO PLANETA! .
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learning
 
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lessonQUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
QUATER-1-PE-HEALTH-LC2- this is just a sample of unpacked lesson
 
REMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptxREMIFENTANIL: An Ultra short acting opioid.pptx
REMIFENTANIL: An Ultra short acting opioid.pptx
 
Python Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docxPython Notes for mca i year students osmania university.docx
Python Notes for mca i year students osmania university.docx
 
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptxOn_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
On_Translating_a_Tamil_Poem_by_A_K_Ramanujan.pptx
 
Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111Details on CBSE Compartment Exam.pptx1111
Details on CBSE Compartment Exam.pptx1111
 
OSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsOSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & Systems
 
AIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.pptAIM of Education-Teachers Training-2024.ppt
AIM of Education-Teachers Training-2024.ppt
 
Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdf
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
Transparency, Recognition and the role of eSealing - Ildiko Mazar and Koen No...
 
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPSSpellings Wk 4 and Wk 5 for Grade 4 at CAPS
Spellings Wk 4 and Wk 5 for Grade 4 at CAPS
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
On National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan FellowsOn National Teacher Day, meet the 2024-25 Kenan Fellows
On National Teacher Day, meet the 2024-25 Kenan Fellows
 
FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024FSB Advising Checklist - Orientation 2024
FSB Advising Checklist - Orientation 2024
 
How to Add a Tool Tip to a Field in Odoo 17
How to Add a Tool Tip to a Field in Odoo 17How to Add a Tool Tip to a Field in Odoo 17
How to Add a Tool Tip to a Field in Odoo 17
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 

Cyber Wars.pptx

  • 2. Definition of Cyber War • Cyber warfare involves the actions by a nation-state or international organization to attack and attempt to damage another nation's computers or information networks through, for example, computer viruses or Denial-of-Service (DoS) attacks. • It has the potential to wreak havoc on government and civilian infrastructure and disrupt critical systems, resulting in damage to the state and even loss of life. • There are several examples of alleged cyber warfare in recent history, but there is no universal, formal, definition for how a cyber attack may constitute an act of war. (scale and severity matters the most)
  • 3. • Cyber warfare typically involves a nation-state perpetrating cyber attacks on another, but in some cases, the attacks are carried out by terrorist organizations or non-state actors seeking to further the goal of a hostile nation. • There are several grey areas in the definition of Cyber War • One reason that the legal status of cyberwarfare has been blurred is that there is no international law that refers to cyberwar, because it is such a new concept • Some states are very willing to exploit this uncertainty, using the opportunity to test out cyberwar techniques in the knowledge that other states are uncertain about how they could react under international law. • Tallin Manual is an attempt to bring some clarity to the Cyber War concept
  • 4. • Nearly every system we use is underpinned in some way by computers, which means pretty much every aspect of our lives could be vulnerable to cyberwarfare at some point, and some experts warn it is a case of when, not if. • Grim scenario involves:  one day your bank balance drops to zero and then suddenly leaps up, showing you've got millions in your account  Then stock prices start going crazy as hackers alter data flowing into the stock exchange  The next day the trains aren't running because the signalling stops working, and you can't drive anywhere because the traffic lights are all stuck on red, and the shops in big cities start running out of food.  Pretty soon a country could be reduced to gridlock and chaos, even without the doomsday scenarios of hackers disabling power stations or opening dams.
  • 5. Types of Cyber Warfare Attacks o Espionage  Cyber espionage Closely related but separate to cyberwarfare is cyber espionage, whereby hackers infiltrate computer systems and networks to steal data and often intellectual property. o Sabotage  site hacking and injecting virus o Denial of Service (DoS) Attacks o Electric Power Grid
  • 6. o Propaganda Attacks Attempts to control the minds and thoughts of people living in or fighting for a target country. Propaganda can be used to expose embarrassing truths, spread lies to make people lose trust in their country, or side with their enemies o Economic Disruption o Surprise Attacks
  • 7. A Brief History Of Cyberwarfare 2010 Stuxnet • Stuxnet is a computer worm that targets industrial control systems • This was the first genuine cyberweapon which was designed to inflict physical damage. • It was developed by the US and Israel (although they have never confirmed this) to target the Iranian nuclear programme. • It reportedly ruined almost a fifth of Iran’s nuclear centrifuges and delayed the project • Stuxnet was a complicated worm, using four different zero-day exploits and likely took millions of dollars of research and months or years of work to create.
  • 8. 2014 Russian DDoS attack against Ukraine This is the second time Russia allegedly coordinated military and cyber- attack. A DDoS attack 32 times larger than the largest known attack disrupted the internet in Ukraine while Russian-armed pro-Russian rebels were seizing control of the Crimea. Russia vs. Ukrainian election commission Three days before Ukraine’s presidential election, a Russia-based hacking group took down both Ukraine’s election commission and a back-up system. The attack was an attempt to create chaos and aid the pro-Russian candidate.
  • 9. 2015 Russia vs. German parliament: German investigators discovered that hackers had infiltrated the computer network of the German Bundestag. Germany’s domestic intelligence service, the BfV, later said that the attack was performed by Russia and that they were seeking information on the workings of the Bundestag, German leaders, NATO, and others. China vs. United States Office of Personnel Management: The records of 21.5 million employees and unsuccessful applicants to the United States government were stolen from the U.S. Office of Personnel Management. U.S. government sources believe that the hacker was the government of China.
  • 10. 2016 Second Russian-caused power outage in Ukraine It is thought that Russian hackers hid in a power supplier’s network undetected for six months before taking the power offline. The power cut amounted to about a fifth of Kiev’s power consumption that night being lost. This attack happened almost one year to the date of the December 2015 cyber-attack which cut off power to 225,000 people in western Ukraine.
  • 11. 2017 WannaCry • WannaCry is an example of crypto ransomware, a type of malicious software (malware) used by cybercriminals to extort money. • WannaCry targeted computers running Microsoft Windows. • It encrypts data and demands payment of a ransom in the cryptocurrency Bitcoin for its return. • This attack is estimated to have affected more than 200,000 computers across 150 countries.
  • 12. 2017 NotPetya • This is the first major instance of weaponized ransomware. • The NotPetya malware was disguised as ransomware but its goal was to destroy files. • While the attack originated in Ukraine, it quickly spread worldwide. • The attack resulted in damages of about $10 billion. • Within hours of NotPetya’s release, the malware had raced around the world and infected countless computers. Victims included FedEx’s European subsidiary, TNT Express; several French companies; a hospital in Pennsylvania; the pharmaceutical company Merck; and, of course, Maersk. The radiation monitoring system at the Chernobyl Nuclear Plant went offline. The infection even spread back to Russia, corrupting state oil company Rosneft.
  • 13. • Petya is a ransomware package that was used to extort money from compromised users in exchange for a decryption key. • NotPetya was not “legitimate” ransomware; its intent was purely destructive. Any ransom payment was wasted. There was no decryption key for the destroyed data.
  • 14.
  • 15. Why are governments investing in cyberwarfare right now? • Unlike traditional military attacks, a cyberattack can be launched instantaneously from any distance, with little obvious evidence of any build-up, unlike a traditional military operation • Such as attack would be extremely hard to trace back with any certainty to its perpetrators, making retaliation harder. • The fear of being vulnerable to the cyberweapons of their rivals plus a desire to harness these tools to bolster their own standing in the world is leading many countries into a cyber arms race
  • 16. Cyber Vulnerability in Banking System • Financial services firms fall victim to cybersecurity attacks far more frequently than businesses in other industries. • Malicious actors are taking advantage of this digital transformation and pose a growing threat to the global financial system, financial stability, and confidence in the integrity of the system. • Security breaches lead to lost revenue for banking institutions, interruptions in operations, and loss of both reputation and customers. • Financial establishments experience threats from a variety of sources led primarily by mobile applications and web portals. • Cyber criminals may steal or manipulate valuable user data and or “clone” banking apps in order to use them for nefarious purposes.
  • 17. Why Is Cyber Security Important In Banking? • Digital India has led to an increase in the usage of cashless transactions, digital money. In this context, taking all the security measures is important to protect the data and privacy. • Data breaches are a serious problem in the banking sector. A weak cybersecurity system can cause their customer base to undergo cyber security threats. • When a bank’s data is breached, recovering from this data breach can be time-consuming and stressful. So enhancing the banking security system is a must! • Banks need to be on their guard 24/7; if not, your data with the bank can be breached.
  • 18. • The malicious actors behind the attacks on banks include not only increasingly daring criminals—such as the Carbanak group, which targeted financial institutions to steal more than $1 billion during 2013-18—but also states and state-sponsored attackers. North Korea, for example, has stolen some $2 billion from at least 38 countries in the past five years. • In February 2016, hackers targeted the central bank of Bangladesh and exploited vulnerabilities in SWIFT, the global financial system’s main electronic payment messaging system, trying to steal $1 billion. While most transactions were blocked, $101 million still disappeared. • The October 2020 hack of Uganda’s largest mobile money networks, MTN and Airtel, for example, resulted in a major four- day disruption of service transactions.
  • 19. Cyber Incidents involving Indian Financial Institutions • Union Bank of India Attempted SWIFT Heist On July 21, 2016, attackers attempted to use fraudulent SWIFT transactions to steal $170 million from the Union Bank of India (UBI), but the money was ultimately recovered within three days after the transactions were flagged. • City Union Bank SWIFT Attack In February 2018, City Union Bank in India suffered a breach that allowed $1 million to be transferred to a Chinese institution. • Indian ATMs Targeted with ATMDtrack Malware On September 23 2019, security researchers reported that North Korean hackers had developed and inserted malware to steal payment information from Indian ATMs and banking institutions.
  • 20. • Indian Mobile Banking Apps Malware On May 14 2020, CERT-In, India’s national CERT, released a warning that a mobile banking malware called 'EventBot' that steals personal financial information was affecting Android users in India. • Indian Fintech Chqbook Suffers Breach On December 25 2021, two million credit score records from Chqbook, an Indian FinTech startup, were found on the dark web. • Banking trojan targets Indian Android-based financial customers On September 22, 2021, researchers reported that Android phone banking customers in India were being targeted the Drinik banking trojan malware. • CashMama data breach On April 6, 2022, India-based loans app CashMama reported a data breach, in which customer data that was invasively collected and stored was exposed.
  • 21. What is SWIFT? • The Society for Worldwide Interbank Financial Telecommunication (Swift) is an international network that links banks to securely and privately exchange signals regarding actions like money transfers. • Every day, about 11,000 SWIFT members send close to 33.6 million transactions
  • 22. Top Cybersecurity Threats Faced by Banks Spear Phishing • Spear-phishing is a type of phishing attack that targets specific individuals or organizations typically through malicious emails. • The goal of spear phishing is to steal sensitive information such as login credentials or infect the targets’ device with malware • Spear phishers carefully research their targets, so the attack appears to be from trusted senders in the targets’ life. • A spear phishing email uses social engineering techniques to urge the victim to click on a malicious link or attachment • Once the victim completes the intended action, the attacker can steal the credentials of a targeted legitimate user and enter a network undetected.
  • 23. Phishing • Phishing attacks prioritize quantity. • The messaging in phishing emails, texts or phone calls are generic and sent to a large group of individuals or organizations in hopes of increasing the chance of “catching” a victim. • Phishing attacks via phone calls are often called vishing for voice-phishing • Attacks via text messages are known as smishing for SMS- phishing. Spear Phishing • Spear-phishing attacks prioritize quality. • Spear-phishing emails, texts or phone calls are highly personalized for a specific organization or individual. • Spear-phishing attacks are more likely to deceive potential victims due to the amount of research and time spent personalizing messages that appear to be from legitimate senders.
  • 24.  Whaling • Whaling uses the same personalized strategy of spear-phishing attacks, except attackers specifically target higher level management to expose financial and confidential information. • Whaling attacks hope to extract more valuable, classified information by taking down big targets, which can magnify the damage inflicted upon an organization.
  • 25. Trojans • Trojans are quiet common threat to private users. • Hackers can infect their targeted computers with Trojan virus by decisively making their target download a software which they thought was legitimate but was in fact malicious. • Once the software is in the computer then the hacker can do anything from recording your passwords by logging keystrokes to taking over your webcam to watch and record your every move.
  • 27.  Spoofing • Spoofing, as it pertains to cybersecurity, is when someone or something pretends to be something else in an attempt to gain our confidence, get access to our systems, steal data, steal money, or spread malware Few Types of Spoofing Attacks include: Email Spoofing Caller ID Spoofing Website or Domain Spoofing Facial spoofing
  • 28.  Distributed Denial of Service (DDoS) • DDoS is a category of malicious cyber-attacks that hackers or cybercriminals employ in order to make an online service, network resource or host machine unavailable to its intended users on the Internet • Targets of DDoS attacks are flooded with thousands or millions of superfluous requests, overwhelming the machine and its supporting resources
  • 29. Difference between DoS and DDoS Denial-of-Service (DoS) • In Dos attack single system targets the victim system. • Victim’s PC is loaded from the packet of data sent from a single location • Dos attack is slower as compared to DDoS. • DOS Attacks are Easy to trace. • Can be blocked easily as only one system is used. Distributed Denial-of-Service (DDoS) • In DDoS multiple systems attack the victim’s system • Victim PC is loaded from the packet of data sent from Multiple locations. • A DDoS attack is faster than Dos Attack. • DDOS Attacks are Difficult to trace. • It is difficult to block this attack as multiple devices are sending packets and attacking from multiple locations.
  • 30. Cyber Vulnerability in Transportation System • Between June of 2020 and June of 2021, the transportation industry witnessed a 186 percent increase in weekly ransomware attacks (Cybertalk.org) • The number of ransomware attacks is increasing across all sectors, but transportation entities are seemingly bearing the brunt of this trend. • As the transportation companies have not historically deployed large security teams to protect their digital assets, they are more acutely affected by the global cybersecurity skills gap than other businesses.
  • 31. • As part of critical public infrastructure, transportation is uniquely at risk. • Most people and businesses depend on transport, whether it is getting to work on time, sending goods or receiving medical supplies. • If an attack disrupts transportation, entire supply chains could come crashing down. • Traffic light or rail transit disruption could cause physical harm.
  • 32. Prime threats affecting the transport sector ransomware attacks; data related threats; malware; denial-of-service (DoS), distributed denial-of-service (DDoS) and ransom denial-of-service (RDoS) attacks; phishing / spear phishing; supply-chain attacks.
  • 33.
  • 34. Notable Transportation Industry Attacks NotPetya Maersk Ransomware attack (2017): • In 2017, one of the most widespread and devastating cyberattacks was perpetrated against worldwide shipping giant Maersk. • The Danish transport and logistics conglomerate fell prey to a campaign which used a modified version of the Petya ransomware, NonPetya, bringing down IT systems and operational controls across the board. • Maersk has revealed that the attack required close to a "complete infrastructure" overhaul and the reinstallation of thousands of machines. • The shipping giant has suffered millions of dollars in damage due to the ransomware attack.
  • 35. • While no customer or business data is believed to have been exposed, the firm endured severe disruption and was forced to halt operations as the ransomware spread through core IT systems • In September, FedEx revealed the damage caused by falling victim to the Petya cyberattack. • The delivery giant faced losses of approximately $300 million after the operations of the firm's TNT Express unit in Europe were disrupted. • The disruption to the global supply chain, of which Maersk is a major component, was extensive, and losses accumulated into the billions
  • 36. • In late 2020, the giant shipping company Matson was attacked by a gang of cybercriminals using the Windows REvil ransomware. The thieves claimed to have stolen a terabyte of data. • In June 2021, reports surfaced that North America’s largest transportation network, New York’s Metropolitan Transportation Authority, was hit with a cyberattack two months before. Cybersecurity experts suspect Chinese threat actors are responsible for the attack. The Chinese attackers reportedly exploited a zero-day vulnerability in a remote access product from Pulse Connect Secure to infiltrate the MTA’s network.
  • 37. In 2020, 9 million EasyJet customers’ email addresses and travel details were stolen out of which credit card information of 2,208 were also compromised. The LockBit ransomware targeted the Agency for Aerial Navigation Safety in Africa and Madagascar (ASECNA). During this high severity incidence, the data of the agency’s 18 member countries have been encrypted, and the agency has threatened to disclose breached data to the dark web unless a $25,000 ransom is paid
  • 38. • In 2018, investigators found 86% of 1,000 hardware devices that Cisco had supplied to San Francisco’s Bay Area Rapid Transit system contained “hidden backdoors on the devices, as well as a persistent ‘ping’ where data are sent to a foreign nation hostile to American interests”. • Transit cybersecurity efforts should include looking at the software supply chain, “so that you actually start to look at and understand Where did all the different pieces of this software come from? Where were they assembled? Who had a hand in it?”
  • 39. Cyber Vulnerability in Communication System • Communication systems are a vital infrastructure. Communication lines and infrastructure include physical lines, satellites, and other wireless methods. • As more hackers start targeting these tools, a successful attack could be devastating. • By design, these systems convince multitudes of people to take a given action, making them dangerous if a malicious actor controls them. • Mass communications messages typically come from authoritative sources and often relate to emergencies. • As such, people are more likely to believe and respond to them. If a malicious threat actor infiltrated these systems, they could cause millions of people to act recklesslessly
  • 40.
  • 41. • Physical lines can be cut off in physical attacks, but they are also vulnerable to the cyberattacks that can be used against wireless communications An unwanted wireless signal injected into the original signal may result in a temporary loss of wireless signals, poor receiver performance, or bad quality of output by the electronic equipment. Channel interferences influencing the performance of wireless communication systems can be co-channel interferences or adjacent channel interferences.
  • 42. Overload attacks, like DDoS attacks are designed to overwhelm the available capacity of the infrastructure or absorb so much capacity that the negative influence on the service is notable. • Even our networks of satellites and space systems are vulnerable to cyberattacks, which can create a backdoor into the physical and digital systems we rely upon on a daily basis.
  • 43. Example: Maritime Communication System a) Automatic Identification System – AIS AIS (Automatic Identification System) is a VHF radio-based system that allows ships to broadcast their current GPS-obtained location to nearby vessels. Key risk: Since AIS lacks any mechanism for validating messages are being broadcast correctly, it is possible to spoof messages to present as a different vessel, or ‘fake’ a vessel location. This is often used to conceal illegal activity such as illegal fishing or evading international sanctions. Additionally, since AIS is used to generate collision-avoidance warnings, spoofing locations could be used to ‘force’ a vessel off course and into dangerous waters.
  • 44. b) Global Maritime Distress and Safety System - GMDSS GMDSS (Global Maritime Distress and Safety System) is a suite of procedures, protocols and communications systems designed to assist with rescuing vessels in distress. The key components are HF-radio and Satellite-based transmitters. Key risk: Given GMDSS’ key role in saving lives, ensuring its constant availability is crucial. While it could be possible to disrupt radio communications via jamming, the set of technologies used should mean other channels continue to work. A risk is its reliance on a single operator for satellite communications, but other providers are likely to be approved in the next few years.
  • 45. c) Satellite communication Satellite communication has become the main way of transferring information when a vessel is at sea and can allow for the transmission of voice, internet and other data. Although traditionally high-cost, new operators and satellite launches mean bandwidth is becoming cheaper and more widely available. Key risk: The development of software-defined radio technology means that radio signals of the frequencies used by satellite communication systems can be received and analysed cheaply. If sensitive information is being transmitted in plain text, then it may be possible to intercept it. Older satellite equipment (e.g. terminals) may also be at risk of direct attacks over the internet.
  • 46. d) VHF VHF radio is the most commonly used marine communication system, found on everything from large vessels to small recreational craft. It uses simple analogue FM modulation to transmit a voice signal which can be received by anyone in range of the transmitter. Key risk: Due to its broadcast nature and simple analogue modulation the lack of confidentiality means that VHF should not be used to transmit sensitive information. In practise, its use for general ship-to- ship and ship-to-shore communications means this is unlikely to occur.