2. COMMON CYBER THREATS
• Ransomware. This is a form of malware (malicious software) that attempts to
encrypt (scramble) your data and then extort a ransom to release an unlock
code. ...
• Phishing
• Trojan horse
• sql injections
• Hacking
• Public Wi-Fi
• malware…(spyware,viruses and worms are including)
2
3. RANSOMWARE CYBER THREAT
⮚ Normally loaded onto a computer via a
download/attachment/link from an email or website.
⮚ Will either lock the screen or encrypt your data.
⮚ Once Ransomware is uploaded on your
computer/tablet/phone it is very difficult to remove
without removing all of the data
⮚ Wannacry attack 2017 - One of the biggest cyber
attacks to occur.
⮚ Is said to have hit 300,000 computers in 150
countries.
⮚ Companies affected include; NHS, Renault, FedEx,
Spanish telecoms and gas companies, German railway 3
Ransomware is a type of malicious software (malware) that threatens to publish or blocks access to data or a computer system,
usually by encrypting it, until the victim pays a ransom fee to the attacker.
4. HOW TO TACKLE RANSOMEWARE
⮚Back up- Keep a backed up copy of your data. Ensure its not
permanently connected to the network.
⮚ Patch- Keep your software up to date. Wannacry was successful
as those affected computers hadn’t updated. The update
contained a fix for the problem.
⮚ Attachments- Don’t click on links from emails/SMS as this could
easily be from an untrusted source and contain malware like
Ransomware 4
5. PHISHING
✔Is the attempt to obtain
sensitive information by
deception.
✔ They will be after your
login credentials,
payment card details or
to upload malware to
your computer
✔ The email will normally
impersonate a genuine
company or person.
5
7. HOW TO TACKLE PHISHING ATTACK
❑ Don’t click any links on an email unless you can guarantee who its from.
❑ Use a trusted method of contacting the company via a phone number, app or
website.
❑ Mark the email as spam and contact the organisation.
❑ Disconnect your device from the internet and any network it is linked to. ..
❑ Perform a complete scan of your system using your anti-virus software. ...
❑ Change your details.
7
8. TROJAN HORSE
➢ Trojan is designed to damage, disrupt, steal, or in general inflict some other
harmful action on your data or network.
8
❏ A Trojan horse is a type of malware that downloads onto a computer
disguised as a legitimate program. A Trojan horse is so-called due to its
delivery method, which typically sees an attacker use social engineering to
hide malicious code within legitimate software.
❏ a Trojan horse might be used to infect a personal computer: The victim
receives an official-looking email with an attachment. The attachment
contains malicious code that is executed as soon as the victim clicks on the
attachment.
10. How Trojans impact mobile devices
➢ Trojans aren’t problems for only laptop and desktop computers. They can
also impact your mobile devices, including cell phones and tablets.
➢ In general, a Trojan comes attached to what looks like a legitimate program.
In reality, it is a fake version of the app, loaded up with malware.
Cybercriminals will usually place them on unofficial and pirate app markets
for unsuspecting users to download.
➢ In addition, these apps can also steal information from your device, and
generate revenue by sending premium SMS texts.
➢ One form of Trojan malware has targeted Android devices specifically. Caled
Switcher Trojan, it infects users’ devices to attack the routers on their
wireless networks. The result? Cybercriminals could redirect traffic on the
Wi-Fi-connected devices and use it to commit various crimes.
10
11. How do Trojans work ?
➢Here’s a Trojan malware example to show how it works.
➢ You might think you’ve received an email from someone you know and
click on what looks like a legitimate attachment. But you’ve been
fooled. The email is from a cybercriminal, and the file you clicked on —
and downloaded and opened — has gone on to install malware on your
device.
➢ When you execute the program, the malware can spread to other files
and damage your computer.
11
12. Common types of Trojan malware, from A to Z.
➔Backdoor Trojan
➔Downloader Trojan
➔Fake AV Trojan
➔Game-thief Trojan
➔Infostealer Trojan
➔Mailfinder Trojan
12
➔Ransom Trojan
➔Remote Access Trojan
➔Rootkit Trojan
➔SMS Trojan
➔Trojan banker
➔Trojan IM
13. How to help protect against Trojans
★ Never download or install software from a source you don’t trust completely
★ Never open an attachment or run a program sent to you in an email from
someone you don’t know.
★ Keep all software on your computer up to date with the latest patches
★ Make sure a Trojan antivirus is installed and running on your computer
★ Back up your files regularly. If a Trojan infects your computer, this will help
you to restore your data.
13
14. What is SQL Injection?
❖ SQL injection is one of the most common web attack mechanisms utilized by attackers to
steal sensitive data from organizations. While SQL Injection can affect any data-driven
application that uses a SQL database, it is most often used to attack web sites.
❖ SQL Injection is a code injection technique that hackers can use to insert malicious SQL
statements into input fields for execution by the underlying SQL database. This technique
is made possible because of improper coding of vulnerable web applications.
14
15. SQL INJECTION
SQL INJECTION :- Structured Query Language
★ SQL Injection (SQLi) is a type of an injection attack
that makes it possible to execute malicious SQL
statements. These statements control a database
server behind a web application. ... They can also use
SQL Injection to add, modify, and delete records in the
database.
15
16. How to Prevent SQL Injections
❖ The most basic SQL injections can be prevented by filtering input. However, it will not stop
more complex attacks.
❖ To prevent maximum SQL injection damage, it is recommended to separate your sensitive
data and store it in multiple databases.
❖ Customize your error messages so they don't give away any information about the
structure of your database to a potential intruder.
16
18. WHAT IS HACKING ?
• A commonly used hacking definition is the act of
compromising digital devices and networks
through unauthorized access to an account or
computer system. Hacking is not always a
malicious act, but it is most commonly associated
with illegal activity and data theft by cyber
criminals.
• Hacking refers to the misuse of devices like
computers, smartphones, tablets, and networks
to cause damage to or corrupt systems, gather
information on users, steal data and documents,
or disrupt data-related activity.
18
19. PUBLIC WI-FI
⮚ May not be trustworthy. They
could share your information
to other companies who
operate in countries without
any data protection.
⮚ You may not know who is
watching you whilst you’re
online.
19
20. RISKS WHEN WE USE PUBLIIC WIFI
• Theft of Personal Information. One of the most serious and common threats concerns theft of personal
information. ...
• Cyber Attacks on Businesses. ...
• Man-In-The-Middle Attacks. ...
• Unencrypted Connections. ...
• Packet Sniffing / Eavesdropping. ...
• Malware Distribution. ...
• Session Hijacking.
20
21. TYPE OF CYBER CRIME.
→ EMAIL AND INTERNET FRAUD.
→ IDENTITY FRAUD (WHERE PERSONAL INFORMATION IS STOLEN AND USED ).
→ THEFT OF FINANCIAL OR CARD PAYMENT DATA.
→ RENSOMWARE ATTACKS.
21
22. ADVICE FOR COMPUTER SECURITY
• Keep software up-to-date. ...
• Avoid Phishing scams - beware of suspicious emails and phone calls. ...
• Practice good password management. ...
• Be careful what you click. ...
• Never leave devices unattended.
• Enable and Configure a Firewall
• Cyber insurance
• Staff awareness
• Data encryption
• Prepare Plan
22
23. PASSWORD ADVICE
1. MAKE YOUR PASSWORD LONG. ...
2. MAKE YOUR PASSWORD A NONSENSE PHRASE. ..
3. INCLUDE NUMBERS, SYMBOLS, AND UPPERCASE AND LOWERCASE LETTERS. ...
4. AVOID USING OBVIOUS PERSONAL INFORMATION. ...
5. DO NOT REUSE PASSWORDS. ...
6. START USING A PASSWORD MANAGER. ...
7. KEEP YOUR PASSWORD UNDER WRAPS.
8. CHANGE YOUR PASSWORDS REGULARLY.
9. If you follow this advice your passwords security will be significantly
increased against a brute force attack
23
24. CYBERCRIME REPORTING PORTAL
❖ The Cybercrime reporting portal is an initiative of the Ministry of
Home Affairs, Government of India under National Mission for
the safety of women to facilitate victims/complainants to report
cybercrime complaints online.
❖https://cybercrime.gov.in/
24
25. ACTION FRAUD
• Action Fraud is the UK's national reporting centre for fraud and cyber
crime where you should report fraud if you have been scammed,
defrauded or experienced ...
• Can be reported 24/7 via the website.
• https://www.actionfraud.police.uk/
25
26. NATIONAL CYBER SECURITY CENTRE (NCSC)
❑ The National Cyber Security Centre (NCSC) provides cyber security guidance and support helping to
make the UK the safest place to live and work online.
❑ National Cyber Security Centre - NCSC.GOV.UK
❑ https://www.ncsc.gov.uk
26