Successfully reported this slideshow.
Your SlideShare is downloading. ×

Cyber security for Small and Medium CA

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Loading in …3
×

Check these out next

1 of 46 Ad
Advertisement

More Related Content

Slideshows for you (20)

Advertisement

More from Nanda Mohan Shenoy (20)

Recently uploaded (20)

Advertisement

Cyber security for Small and Medium CA

  1. 1. Cyber Security for Small & Medium CA Office Nanda Mohan D Shenoy
  2. 2. 1.Cyber Introduction Recent Cyber Attacks Popular Attack Vectors Rainbow Principle for CAs Report Incidents & Cyber Crimes Agenda 2 3 5 2 4 1
  3. 3. Cyber Etymology 3 Confidentiality Integrity Availability Reputation 3
  4. 4. Cyber-The Top Technological Risk Confidentiality Integrity Availability Reputation
  5. 5. India’s Rank in GCI (195 Countries) 47 5 5
  6. 6. Poll-1 Q1-What are the reasons for increase in Cyber Attacks(Multiple Choice) i. The Cost of communication ii. The Application moving from Intranet to Internet iii. Hacking tools as a service (HaaS) iv. The proliferation of the Darknet Q2- What is the linkage between Work from Home (WFH) and Cyber attacks? i. The attack surface for the hacker has increased ii. The cost of hacking has got reduced because of WFH iii. Anybody can see the network Traffic Q3- The percentage of Traffic which flows through the Surface web /Clearnet as the over all percentage i. Less than 15 % ii. Between 15% and 50 % iii. Between 51% and 65% iv. Greater than 65% 6
  7. 7. Why Cyber-1 7
  8. 8. Why Cyber-2 ? 8
  9. 9. Why Cyber-3 ? 9
  10. 10. Borderless Universe • Cyber is the new hype /fashion whatever you may call it • Cyber and data privacy are the two hot topics that we hear day in and day out. • The changing face of ransomware attacks{steal, lock/encrypt and inform} – Availability – Confidentiality • Work From Home saw massive explosion in the attack surface 10
  11. 11. Ransomware Statistics • PRESENTATION TITLE Double Extortion
  12. 12. Bad News for Ransomware • PRESENTATION TITLE
  13. 13. Ransomware as a service- Netwalker • PRESENTATION TITLE Some of the high- profile victims targeted by NetWalker include Equinix, Enel Group, the Argentina immigr ation agency, University of California San Francisco (UCSF), and K-Electric
  14. 14. Darkweb 14 14
  15. 15. Carding Forums 5 Darkweb 15
  16. 16. Hacking is a Profession 16 Ramnicu Valcea 16
  17. 17. 1.Cyber Introduction Recent Cyber Incidents Popular Attack Vectors Rainbow Principle for CAs Report Cyber Crimes Agenda 17 3 5 2 4 1 17
  18. 18. Cyber Impact 18 Year No. of cases 2020 2.90 Lacs 2019 2.46 Lacs 2018 1.59 Lacs 795 Incidents per day in 2020
  19. 19. Other Recent Attacks
  20. 20. 2020 Global Cyber Attack Trends E-mail Office Files Pdf documents
  21. 21. File based Malware • PRESENTATION TITLE
  22. 22. COVID & SPAM
  23. 23. Sector wise Analysis • PRESENTATION TITLE
  24. 24. 1.Cyber Introduction Recent Cyber Incidents Popular Attack Vectors Rainbow Principle for CAs Report Incidents & Cyber Crimes Agenda 3 5 2 4 1 24
  25. 25. Popular Cyber Attacks • Phishing • Email • Website • Whaling • Spear phishing • Vishing • Smishing • Website Defacement • Trojans • Cyber Bullying • Cyber Stalking • Cyber Espionage • Cyber Warfare 25 25 25
  26. 26. Seeing is not believing 26
  27. 27. BEC Fraud using Whaling & Vishing 27
  28. 28. What is wrong with this website? http://www.pmcarerelieffund.com/ ₹17.7 Lacs ₹34.7 Lacs 28
  29. 29. New Generation 29
  30. 30. New Vectors 30
  31. 31. Cyber Bullying & Stalking 31
  32. 32. Live Cyber Threat Global Map • PRESENTATION TITLE https://threatmap.checkpoint.com/
  33. 33. 1.Cyber Introduction Recent Cyber Attacks Popular Attack Vectors Rainbow Principle for CAs Report Incidents & Cyber Crimes Agenda 3 5 2 4 1 33
  34. 34. Rainbow Principle for Cyber Security 1. Use Genuine OS &Patching 2. Implement Firewall & VPN on all devices 3. No Administrator rights on laptops/desktops 4. Awareness amongst employees 5. Restrict Download of any type of software/Mail attachments 6. Passwords on Tally Client level /Use Password Vaults and no excel for saving passwords 7. Regular Backups
  35. 35. Principle for email क्लिक कर 35
  36. 36. Prevent Identity Theft • Simplest Way • 2 FA • Other Hygiene • No common password for financial accounts and non financial • Privacy Risk leads to impersonation risk • Date of Birth • Mobile Number • Emailid etc 36
  37. 37. 1.Risk & Opening thoughts Cyber landscape in COVID Times Popular Attack Vectors Cyber Hygiene& Privacy Report Incidents & Cyber Crimes Agenda 3 5 2 4 1 37
  38. 38. Responding to Cyber Attacks 38 It is not about getting about being attacked, it is all about how you respond to the Cyber Attack
  39. 39. Reporting Cyber Crimes-1/5 https://cybercrime.gov.in/ 39
  40. 40. Main Categories-9 Reporting Cyber Crimes-2/5 40
  41. 41. Reporting Cyber Crimes-3/5 41
  42. 42. Reporting Cyber Crimes-4/5 42
  43. 43. Reporting Cyber Crimes-5/5 43
  44. 44. Summary Forward/ Click Kar 44
  45. 45. • What is wonder? • Day after day countless people die. Yet the living wish to live forever. O Lord, what can be a greater wonder • Day after day countless cyber attacks happen . Yet the Top Management thinks that their organisation will not be attacked. O Lord, what can be a greater wonder than this Conclusion 45
  46. 46. Resources https://www.youtube.com/channel/UCyxNwXY8j66H1GUDanv-boQ https://www.slideshare.net/NandaMohanShenoy/ https://www.youtube.com/channel/UCyY-1ZeELIaHC8qeT9p5Hlg https://www.apnacourse.com/course/cisa nmds@bestfitsolutions. in

Editor's Notes

  • Poll 1- on privacy as per GDPR and q-2 will be the fine imposed
  • Risk perception of CFO/CISO/CEO etc will keep varying
  • https://www.ubs.com/global/en/our-firm/business-unusual/coronavirus-fraud-awareness.html

    https://www.interpol.int/en/News-and-Events/News/2020/Unmasked-International-COVID-19-fraud-exposed
    https://www.fraud-magazine.com/article.aspx?id=4295012581
    https://www.forbes.com/uk/advisor/personal-finance/2021/01/05/fraud-5-hot-scams-in-2021-and-how-to-avoid-them/
    https://www.bbc.com/news/business-53573408
    https://www.experian.com/data-breach/data-breach-industry-forecast
    https://www.advisenltd.com/
  • Poll 1- on privacy as per GDPR and q-2 will be the fine imposed
  • https://www.gktoday.in/current-affairs/digital-banking-over-2-9-lakh-cyber-security-incidents-reported-in-2020/amp/#Cases_of_cyber_incidents
  • https://timesofindia.indiatimes.com/business/india-business/india-is-second-in-global-ransom-payouts-for-cyberattacks-survey/articleshow/79290107.cms
  • https://www.sonicwall.com/resources/2020-cyber-threat-report-mid-year-update-pdf/
  • Poll 1- on privacy as per GDPR and q-2 will be the fine imposed
  • APT attack discovered by Kaspersky
    The APT platform consists of two main parts: Tokyo and Yokohama. Both were detected on all infected computers. Tokyo acts as the main back door and delivers the second-stage malware. Interestingly, it remains in the system even after the second phase starts, evidently to operate as an additional communication channel. Yokohama, meanwhile, is the weapon payload of the second stage. It creates a virtual file system complete with plugins, third-party libraries, and configuration files. Its arsenal is extensive in the extreme:
    Stealing cookies,
    Intercepting documents from the print queue,
    Collecting data about the victim (including a list of backup copies of their iOS device),
    Recording and taking screenshots of VoIP calls,
    Stealing optical disc images made by the victim,
    Indexing files, including those on external drives, and potentially stealing specific files when the drive is detected again.
  • https://threatmap.checkpoint.com/
    https://www.digitalattackmap.com/#anim=1&color=3&country=ALL&list=1&time=18672&view=map
    https://threatmap.bitdefender.com/
    https://www.imperva.com/cyber-threat-attack-map/
    https://threatmap.fortiguard.com/
    https://www.fireeye.com/cyber-map/threat-map.html
    https://securitycenter.sonicwall.com/m/page/worldwide-attacks
    https://threatbutt.com/map/
  • Poll 1- on privacy as per GDPR and q-2 will be the fine imposed
  • Poll 1- on privacy as per GDPR and q-2 will be the fine imposed

×