SlideShare a Scribd company logo

Rise of cyber security v0.1

Sohail Gohir
Sohail Gohir

Cyber Security awareness

Education
1 of 25
Download to read offline
Sohail Gohir CCIEx3 #41610,CCNP (R&S,SEC), CCDP CASP,C)PTE,C)NFE,C)PTC,CCSE,CCSA Rise of Cyber Security 1 linkedin.com/in/sg41610
What is Cyber Security 2 — Connected electronic devices has become part of our daily lives . — Different types of organisations, such as educational, financial ,Oil and gas, law institutions use network to do business.They utilise network by sharing, storing, processing and collecting large amount of digital data/information. — As more digital information is gathered and stored it is essential to protect it. — Personal level: It is vital to protect your data, your identity and your computing Devices. — Organisational level : Cyber Security is combination of processes , practices and technologies aimed to protect computers (end nodes), network, software, operating systems (OS),Websites and data from unauthorised access, attack and damage .
Our Identity — As we spend more time online our identity both online and offline can effect our lives. — Our offline identity is human who our friends and family interact with at work/home/school. — They know our personal information such as name, age, where we live and maybe DOB. — Our online identity is who we present ourselves as online , and this should have minimal information about us. — We have to careful when choosing username online and it should not disclose personal information, it should not violate any policy.3
Your Data 4 — Your Identity — Medical data — Educational data — Information online — Employment — Information on devices — Financial data
Where is our data 5 — All this information is about us there is different laws that protect our privacy and data in our country. — When we visit doctor our medical record might be shared with insurance companies for different reasons. — When we share our pictures online with our friends, do we know who may have a copy of pictures?We have copies on our devices ,our friends might have them. If they were shared publicly then strangers might have access to them. — Shopping loyalty cards maybe be convenient way to save money but is they might be storing our shopping profile and might be using for marketing purposes.
Our computing Devices — Our devices don’t just store our information but they became information gateway for bad guys. — Unless we receive paper statement ,we use our computing devices to access data. — If we want most recent card statement we log online and access that information. — Beside allowing us to access information, these devices also generate information about us. — With all this information about us online our personal data has become more profitable to hackers.6
They want our money — If we have anything valuable ,the criminals want it. — Our online credentials are valuable . — They can trick our friend and family pretended to be us and ask them to transfer money somewhere with false stories. — The criminals can not only trick into us giving them our money but also they can steal our identity and ruin our lives. — They can steal frequent flyer points and use it for travelling. — A recent case shown on Rip of Britain, they managed to emptied bank account7
Types of Organisational Data — Traditional Data: This includes personnel information , intellectual properties and financial data. — Internet of Things & Big Data: With IoT on raise there is more data to manage and secure. IoT can include sensors ,IP cameras, DVRs and equipment that extend beyond the traditional computer network.All these connections plus we have expanded storage capacity & storage devices through cloud and virtualisation.This data has created new area of interest in technology and business called “Big Data”.8
Information Security for an organisation — Confidentiality: Company policies should restrict access to the information to authorised personnel. Methods to ensure this include data encryption, user & pass, 2FA and minimising exposure of sensitive information. — Integrity: is accuracy, consistency, and trustworthiness of the data during its entire life cycle. Checksum is used to verify integrity of data from one place to other over the network. — Availability: Marinating equipment, performing hardware repairs, keeping OS & software up to date, and creating backups ensure the availability of the network and data to the authorised users. Plans to recover from natural and man made disaster. 9
The Consequences of a Security Breach — Theft: If hackers are able to get into your website or network ,they will be able to access your bank information. — Revenue Lost: If a hacker gets into your site and crashes it or causes and extended period of downtime, your operation will cease & you will loose revenue. — Vandalism: Your company’s reputation could be ruined in matter of minutes if customers or others find poor information brazenly placed on your website. — Ruined Reputation: If you keep private documents online, they could easily be made public if your computer is hacked. — Damaged Intellectual property: If a hacker gets in and steals ideas, plans, or blueprints, you could miss out on being able to fully implement new products or designs. 10
Cyber Crime & Data Breach examples 1 — British Gas: In Oct 2015 they contacted 2,200 customers and warn them that their email addresses and account passwords were posted online in an unexplained data leak. — TalkTalk: In Oct 2015 cybercriminals hackedTalkTalk website (email addresses, names, DoB and phone were accessed) Other data included 16,000 bank account numbers and 28,000 credit/debit card details .TalkTalk says 157,000 customers were affected – latter fined £400,000 — Vodafone: Vodafone says hackers have accessed the accounts of 1,827 customers, just a week after a separate hacking attack atTalkTalk.The hack could potentially give criminals customers’ names, mobile numbers, sort codes and the last four digits of their bankACC. — Carphone warehouse: InAugust 2015, they said the personal details of up to 2.4 million of its customers may have been accessed in a cyber-attack.The encrypted credit card details of up to 90,000 people may have been accessed, the mobile phone firm said.11
— Tesco Bank: (Nov 2016) 40,000 customer accounts ofTesco bank out of a total of 136,000 were subject to suspicious transactions, 9,000 of these had money stolen from their accounts.The sums taken were relatively small varying up to amounts of £600 but eventually totalled £2,500,000. — National Lottery: (Nov 2016) Hackers gained access to 26,500 National Lottery accounts with the use of passwords and e-mail addresses that had been stolen from previous breaches. — Three Mobile: (Nov 2016) Three Mobile have advised that a customer database has been compromised as a result of a hacker attack, it is understood that 133,827 customers may have suffered a data breach. — Hospitals in Lincolnshire: (Oct 2016) Hospitals have been subject to a cyber attack after an NHS computer network was compromised.12 Cyber Crime & Data Breach examples 2
— Sage Group: (Aug 2016) Sage Group who provide accounting , payroll and payments software for many small and medium sized business have disclosed that an internal login has been utilized to gain unauthorized access to the data of of a number of its British clients. It is understood that the personal details of the employees of about 280 British companies were possibly exposed in this breach. — Cheltenham Hairdressing Salon: (June 2016)A local Cheltenham hairdresser discovered that their computers not longer worked which meant that they were unable to access their electronic diary to make and check bookings and to access their contact details. London Stock Exchange: (June 2016)The London Stock Exchange was apparently taken down for two hours by the hacking groupAnonymous . — Mumsnet: (July 2016)The Mumsnet website was notoriously hacked twice last year in July andAugust and up until now it has not be possible to identify who was responsible. The parenting site had to reset its 7.7 million members’ passwords.Teenager was charged 13 Cyber Crime & Data Breach examples 3
— NatWest accounts accessed by “SIM swap fraud”: (Mar 2016) NatWest bank were subject to a challenge to their security procedures after journalists from BBC Radio 4’s You andYours program managed to access an account online taking money. Only £1.50 was transferred, a token amount to demonstrate how this could be carried out. — Lincolnshire County Council Malware Attack: (Jan 2016) Lincolnshire County Council was been subject to a £1m ransomware demand which forced the council to shut down their PCs and servers across their entire network. It is understood that this was caused by an email containing malware that was launched by a member of staff following a phishing attack. — Hackers target house conveyancing industry: It has been reported by the Daily Telegraph that in excess of £10 million has been stolen by hackers who have managed to gain access to the e-mails of individuals buying and selling houses.Over 90 people have succumbed to this and it is understood that the average amount stolen is £112,000.14 Cyber Crime & Data Breach examples 4
— eBay: (2014) eBay asked 145m users to change their passwords after hackers stole customers' names, addresses, numbers and dates of birth — Heartbleed: (2014)A serious vulnerability was discovered in encryption technology used to protect many of the world's major websites, leaving them vulnerable to data theft — Sony: (2014)A cyber attack on Sony Pictures Entertainment resulted in a huge data leak, including private details of 47,000 employees and famous actors — US Central Command: (2015) Hackers claiming links to Isil managed to take control of CentCom'sTwitter andYouTube accounts, changing the logo to an image of a hooded fighter — Ashley Madison: (2015) Hackers threatened to publish the names of up to 37m AshleyMadison.com customers - a dating website for adulterous affairs — JDWetherspoon: (2015)A database containing names, email addresses, birth dates and phone numbers of of 656,723 customers was hacked.The company insisted only an “extremely limited” number of credit card details were taken 15 Cyber Crime & Data Breach examples 5
— CommodityThreats: Commodity threats are the random malware, viruses,Trojans, worms, botnets, ransomware, and other threats that are out propagating on the Internet all the time. Strictly by chance, commodity threats are undirected and may end up inside of the enterprise at any time. — Hacktivists: Activist hacking, or hacktivism, consists of targeted attacks. Hacktivists use hacking to make a public or political statement.Their goal is to use hacking to bolster their cause or embarrass their adversaries. Hacktivism may be used against individuals, enterprises, or governments, depending on the situation and the particular objectives of the hacktivists. — Organised Crime: Like hacktivism, organised crime attacks are targeted. Criminals and criminal organizations have found there is serious money to be made on the Internet. 16 Types of Cyber attackers -1
— Espionage: Cyberespionage centers on stealing trade secrets for commercial advantage or national secrets for political or military advantage — Cyberwar: Whereas espionage is generally focused on stealing information, cyberwar is about damaging the ability of enterprises or governments to operate in cyberspace.This damage is done by overwhelming, overloading, disabling, or destroying the IT systems used by the victims, or even using those IT systems to cause physical systems to malfunction and damage themselves or their operators. — Organised Crime: Like hacktivism, organised crime attacks are targeted. Criminals and criminal organizations have found there is serious money to be made on the Internet. 17 Types of Cyber attackers – 2
— Databases: The most interesting place to look for hackers is database, however these tend to relatively well protected inside the enterprise. — Backups: Enterprise databases which contains critical business and customer data should be backed up. Usually the backups are not encrypted or are backed non-secure systems. Second backup location usually doesn't have security best practices. — Application Servers: Databases somehow have to make their data available to front end application servers .Breaches of these systems can be used to gain access to data through the applications, bypassing encryption and other protection methods. — Systems Administrators: If attackers get access to these accounts, they can bypass all other data protections and can steal valuable information. Usually they stay quit for long time before taking any bad action. 18 Types of Cyber attackers – Confidentiality
— Hijacking: altering infrastructure data about internet properties such as domain names, social media identities or registered network locations. Some of these properties can be worth thousands/millions. — Sarbanes-Oxley: In the wake of the Enron disaster, the Sarbanes-Oxley regulations were developed to protect the integrity of financial data published by publicly traded corporations. — Online Banking: Attackers can get access to online business banking that can include payroll, investments, stock funds and other assets worth thousands/millions. — Direct Deposit: With bank direct deposit settings, employees are vulnerable to thefts where their pay can be redirected to attacker’s account. — Vandalism: Malicious actors try to infect websites or modify public material to embarrass the victim. Internet facing systems can be hard to protect fully. 19 Types of Cyber attackers – Integrity
— Distributed Denial of Service(DDOS): attackers can send large request or traffic by using infected systems, which can include IoT devices which are considered non-secure and easy to control.This can cause large organisations loss in millions. — Targeted Denial of Service: attacks involve hacking into victim and then disabling systems so that they need to be rebuilt or recovered. Depending on the severity of the damage it could take some time for IT department to recover systems and restores, if backups are affected as well as the primary systems. — Physical Destruction:Attacks involve using cyberattacks to cause physical destruction.As more and more critical systems are now days computer controlled, these types of attacks will become potentially more dangerous and destructive over time. 20 Types of Cyber attackers – Availability
— The global IT security industry will face a shortfall of 1.8 million workers by 2022, according to a new study, while the UK faces the prospect of its workforce actually shrinking. — The Center for Cyber Safety and Education surveyed 19,000 cyber-security professionals for its eighth bi-annual Global Information SecurityWorkforce Study (GISWS), sponsored by non-profit professionals' association (ISC)². — It found that the perceived shortfall in cyber-security experts had risen 20 percent, up from 1.5 million, the figure it published in its previous survey in 2015. — The UK government's recent Cyber Security Strategy called Britain's cyber-security skills gap a “national vulnerability that must be resolved”. — The survey found that two-thirds of firms in the UK don't have enough infosecurity personnel to meet their needs, and it is impacting economic security.Around 47 percent claimed the reason behind this was an absence of qualified candidates. — The skills shortage issue has already impacted UK firms, with 46 percent of UK companies reporting that the shortfall of cyber-security personnel is having significant impact on their customers and 45 percent warning that it is leading to security breaches. — more information https://www.scmagazineuk.com/uk-approaching-skills-cliff-edge-as-cyber-workforce-ages--report/article/638146/ 21 Need for Cyber Security Professionals
22 Why Become a Cyber Security Specialist? — High Earning Potential:There is skill gap for cyber security professionals this lead to higher earning potential — Challenging Career: IT changes constantly, for cybersecurity it is more dynamic field which will be challenging and fascinating. Cybersecurity professionals would need to always be up to date with new threats. — Highly Portable Career:A cybersecurity specialist job exist almost everywhere in the world. It is portable job. — Service to the Public:A cybersecurity specialist provide a necessary service to their organisations, societies and countries, very much like law enforcement or emergency responders. — Becoming a cybersecurity specialist is a rewarding career opportunity.
23 Industry Certifications — https://certification.comptia.org/docs/default-source/downloadablefiles/it-certification-roadmap.pdf
24 Industry Certifications — CompTIA https://certification.comptia.org/certifications — mile2 https://mile2.com/certifications.html — EC-Council https://www.eccouncil.org/programs/ — Cisco http://www.cisco.com/c/en/us/training-events/training-certifications/overview.html — SANS https://uk.sans.org/courses — ISC2 https://isc2.org/credentials/default.aspx — ISACA http://www.isaca.org/certification/Pages/default.aspx — GIAC https://www.giac.org/certifications
The end… 25

Recommended

2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki... Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...ArielMcCurdy
 
Cyber security and threats
Cyber security and threatsCyber security and threats
Cyber security and threatsHarsh Kumar
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021lior mazor
 
Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011IbuSrikandi
 
English in written
English in writtenEnglish in written
English in writtenazhar manap
 
Cyber Law and Cyber Crime
Cyber Law and Cyber Crime Cyber Law and Cyber Crime
Cyber Law and Cyber Crime Col Mukteshwar Prasad
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeNitin Kanaujia
 

Recommended

2015 Labris SOC Annual Report
2015 Labris SOC Annual Report2015 Labris SOC Annual Report
2015 Labris SOC Annual ReportLabris Networks
 
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki... Business Fraud and Cybersecurity Best Practices in the Office or While Worki...
Business Fraud and Cybersecurity Best Practices in the Office or While Worki...ArielMcCurdy
 
Cyber security and threats
Cyber security and threatsCyber security and threats
Cyber security and threatsHarsh Kumar
 
Application security meetup data privacy_27052021
Application security meetup data privacy_27052021Application security meetup data privacy_27052021
Application security meetup data privacy_27052021lior mazor
 
Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011Risk base approach for security management fujitsu-fms event 15 aug 2011
Risk base approach for security management fujitsu-fms event 15 aug 2011IbuSrikandi
 
English in written
English in writtenEnglish in written
English in writtenazhar manap
 
Cyber Law and Cyber Crime
Cyber Law and Cyber Crime Cyber Law and Cyber Crime
Cyber Law and Cyber Crime Col Mukteshwar Prasad
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeNitin Kanaujia
 
87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crime87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crimehomeworkping4
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBakerTillyConsulting
 
Cyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY VinayCyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY VinayVinay Pancholi
 
Cyber law
Cyber lawCyber law
Cyber lawabiabel
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignmentRini Mahade
 
Rajveer choudhary cyber crime presentation
Rajveer choudhary cyber crime presentationRajveer choudhary cyber crime presentation
Rajveer choudhary cyber crime presentationRajveer Choudhary
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenVidaB
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internetijtsrd
 
Cyber Crime
Cyber Crime Cyber Crime
Cyber Crime Maruti Nandan
 
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Fusion Informatics
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber InsuranceClubHack
 
Internet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityInternet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityDheeraj Kumar Tiwari
 
Insecure mag-33
Insecure mag-33Insecure mag-33
Insecure mag-33cheinyeanlim
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sectorChristos Laganas
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 
Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trumpMAXfocus
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
 

More Related Content

What's hot

87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crime87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crimehomeworkping4
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & ForensicsHarshita Ved
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shiftsmalvvv
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBakerTillyConsulting
 
Cyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY VinayCyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY VinayVinay Pancholi
 
Cyber law
Cyber lawCyber law
Cyber lawabiabel
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignmentRini Mahade
 
Rajveer choudhary cyber crime presentation
Rajveer choudhary cyber crime presentationRajveer choudhary cyber crime presentation
Rajveer choudhary cyber crime presentationRajveer Choudhary
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenVidaB
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internetijtsrd
 
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Fusion Informatics
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerceSudeshna07
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber InsuranceClubHack
 
Internet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityInternet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityDheeraj Kumar Tiwari
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sectorChristos Laganas
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internetAlexander Decker
 

What's hot (20)

87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crime87161911 selected-case-studies-on-cyber-crime
87161911 selected-case-studies-on-cyber-crime
 
Cyber Law & Forensics
Cyber Law & ForensicsCyber Law & Forensics
Cyber Law & Forensics
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Rpt paradigm shifts
Rpt paradigm shiftsRpt paradigm shifts
Rpt paradigm shifts
 
Baker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in CybersecurityBaker Tilly Presents: Emerging Trends in Cybersecurity
Baker Tilly Presents: Emerging Trends in Cybersecurity
 
Cyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY VinayCyber Crime and Cyber Law of India BY Vinay
Cyber Crime and Cyber Law of India BY Vinay
 
Cyber law
Cyber lawCyber law
Cyber law
 
Updated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools TacticsUpdated Cyber Security and Fraud Prevention Tools Tactics
Updated Cyber Security and Fraud Prevention Tools Tactics
 
Cyber law assignment
Cyber law assignmentCyber law assignment
Cyber law assignment
 
Rajveer choudhary cyber crime presentation
Rajveer choudhary cyber crime presentationRajveer choudhary cyber crime presentation
Rajveer choudhary cyber crime presentation
 
Chapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce JenChapter 17 a fraud in e commerce Jen
Chapter 17 a fraud in e commerce Jen
 
A Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the InternetA Survey Paper on Identity Theft in the Internet
A Survey Paper on Identity Theft in the Internet
 
Cyber Crime
Cyber Crime Cyber Crime
Cyber Crime
 
Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020Overcome Security Threats Affecting Mobile Financial Solutions 2020
Overcome Security Threats Affecting Mobile Financial Solutions 2020
 
Cyber fraud a threat to E commerce
Cyber fraud a threat to E commerceCyber fraud a threat to E commerce
Cyber fraud a threat to E commerce
 
Cyber Insurance
Cyber InsuranceCyber Insurance
Cyber Insurance
 
Internet cybercrime,ebanking and security
Internet cybercrime,ebanking and securityInternet cybercrime,ebanking and security
Internet cybercrime,ebanking and security
 
Insecure mag-33
Insecure mag-33Insecure mag-33
Insecure mag-33
 
08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector08 notable-security-incidents-in-the-finance-sector
08 notable-security-incidents-in-the-finance-sector
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internet
 

Similar to Rise of cyber security v0.1

Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trumpMAXfocus
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Alisha Deboer
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfKALPITKALPIT1
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityMd Nishad
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceDulanja Liyanage
 
Cubeitz 1 Million Bit Encryption
Cubeitz 1 Million Bit EncryptionCubeitz 1 Million Bit Encryption
Cubeitz 1 Million Bit EncryptionIan Ray
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia LunaAviva Spectrum™
 
Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1newbie2019
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case StudyPratham Jaiswal
 
CyberSecurity.pptx
CyberSecurity.pptxCyberSecurity.pptx
CyberSecurity.pptxPranavRaj96
 
List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022ndcmanagement
 
INSECURE Magazine - 33
INSECURE Magazine - 33INSECURE Magazine - 33
INSECURE Magazine - 33Felipe Prado
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Vikalp Sharma
 
INFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfINFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfEarlvonDeiparine1
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Tech and Law Center
 
Identity Theft: Evolving with Technology
Identity Theft: Evolving with TechnologyIdentity Theft: Evolving with Technology
Identity Theft: Evolving with Technology- Mark - Fullbright
 

Similar to Rise of cyber security v0.1 (20)

Year of pawnage - Ian trump
Year of pawnage - Ian trumpYear of pawnage - Ian trump
Year of pawnage - Ian trump
 
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
Dave Mahon - CenturyLink & Cyber Security - How Modern Cyber Attacks Are Disr...
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Emerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business ReadyEmerging Threats to Digital Payments - Is Your Business Ready
Emerging Threats to Digital Payments - Is Your Business Ready
 
Databreach forecast
Databreach forecastDatabreach forecast
Databreach forecast
 
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in CyberspaceColombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
Colombo White Hat Security 3rd Meetup - Recent Trends & Attacks in Cyberspace
 
What Happens to Your Data When a Company Gets Breached
What Happens to Your Data When a Company Gets BreachedWhat Happens to Your Data When a Company Gets Breached
What Happens to Your Data When a Company Gets Breached
 
Cubeitz 1 Million Bit Encryption
Cubeitz 1 Million Bit EncryptionCubeitz 1 Million Bit Encryption
Cubeitz 1 Million Bit Encryption
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
 
Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1Fundamentals of information systems security ( pdf drive ) chapter 1
Fundamentals of information systems security ( pdf drive ) chapter 1
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case Study
 
CyberSecurity.pptx
CyberSecurity.pptxCyberSecurity.pptx
CyberSecurity.pptx
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
 
List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022List of data breaches and cyber attacks in january 2022
List of data breaches and cyber attacks in january 2022
 
INSECURE Magazine - 33
INSECURE Magazine - 33INSECURE Magazine - 33
INSECURE Magazine - 33
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
 
INFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdfINFORMATION ASSURANCE AND SECURITY 1.pdf
INFORMATION ASSURANCE AND SECURITY 1.pdf
 
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
Cybercrime, Digital Investigation and Public Private Partnership by Francesca...
 
Identity Theft: Evolving with Technology
Identity Theft: Evolving with TechnologyIdentity Theft: Evolving with Technology
Identity Theft: Evolving with Technology
 

Recently uploaded

Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPoojaSen20
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxVishalSingh1417
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxPoojaSen20
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfSanaAli374401
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 

Recently uploaded (20)

Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 

Rise of cyber security v0.1

  • 1. Sohail Gohir CCIEx3 #41610,CCNP (R&S,SEC), CCDP CASP,C)PTE,C)NFE,C)PTC,CCSE,CCSA Rise of Cyber Security 1 linkedin.com/in/sg41610
  • 2. What is Cyber Security 2 — Connected electronic devices has become part of our daily lives . — Different types of organisations, such as educational, financial ,Oil and gas, law institutions use network to do business.They utilise network by sharing, storing, processing and collecting large amount of digital data/information. — As more digital information is gathered and stored it is essential to protect it. — Personal level: It is vital to protect your data, your identity and your computing Devices. — Organisational level : Cyber Security is combination of processes , practices and technologies aimed to protect computers (end nodes), network, software, operating systems (OS),Websites and data from unauthorised access, attack and damage .
  • 3. Our Identity — As we spend more time online our identity both online and offline can effect our lives. — Our offline identity is human who our friends and family interact with at work/home/school. — They know our personal information such as name, age, where we live and maybe DOB. — Our online identity is who we present ourselves as online , and this should have minimal information about us. — We have to careful when choosing username online and it should not disclose personal information, it should not violate any policy.3
  • 4. Your Data 4 — Your Identity — Medical data — Educational data — Information online — Employment — Information on devices — Financial data
  • 5. Where is our data 5 — All this information is about us there is different laws that protect our privacy and data in our country. — When we visit doctor our medical record might be shared with insurance companies for different reasons. — When we share our pictures online with our friends, do we know who may have a copy of pictures?We have copies on our devices ,our friends might have them. If they were shared publicly then strangers might have access to them. — Shopping loyalty cards maybe be convenient way to save money but is they might be storing our shopping profile and might be using for marketing purposes.
  • 6. Our computing Devices — Our devices don’t just store our information but they became information gateway for bad guys. — Unless we receive paper statement ,we use our computing devices to access data. — If we want most recent card statement we log online and access that information. — Beside allowing us to access information, these devices also generate information about us. — With all this information about us online our personal data has become more profitable to hackers.6
  • 7. They want our money — If we have anything valuable ,the criminals want it. — Our online credentials are valuable . — They can trick our friend and family pretended to be us and ask them to transfer money somewhere with false stories. — The criminals can not only trick into us giving them our money but also they can steal our identity and ruin our lives. — They can steal frequent flyer points and use it for travelling. — A recent case shown on Rip of Britain, they managed to emptied bank account7
  • 8. Types of Organisational Data — Traditional Data: This includes personnel information , intellectual properties and financial data. — Internet of Things & Big Data: With IoT on raise there is more data to manage and secure. IoT can include sensors ,IP cameras, DVRs and equipment that extend beyond the traditional computer network.All these connections plus we have expanded storage capacity & storage devices through cloud and virtualisation.This data has created new area of interest in technology and business called “Big Data”.8
  • 9. Information Security for an organisation — Confidentiality: Company policies should restrict access to the information to authorised personnel. Methods to ensure this include data encryption, user & pass, 2FA and minimising exposure of sensitive information. — Integrity: is accuracy, consistency, and trustworthiness of the data during its entire life cycle. Checksum is used to verify integrity of data from one place to other over the network. — Availability: Marinating equipment, performing hardware repairs, keeping OS & software up to date, and creating backups ensure the availability of the network and data to the authorised users. Plans to recover from natural and man made disaster. 9
  • 10. The Consequences of a Security Breach — Theft: If hackers are able to get into your website or network ,they will be able to access your bank information. — Revenue Lost: If a hacker gets into your site and crashes it or causes and extended period of downtime, your operation will cease & you will loose revenue. — Vandalism: Your company’s reputation could be ruined in matter of minutes if customers or others find poor information brazenly placed on your website. — Ruined Reputation: If you keep private documents online, they could easily be made public if your computer is hacked. — Damaged Intellectual property: If a hacker gets in and steals ideas, plans, or blueprints, you could miss out on being able to fully implement new products or designs. 10
  • 11. Cyber Crime & Data Breach examples 1 — British Gas: In Oct 2015 they contacted 2,200 customers and warn them that their email addresses and account passwords were posted online in an unexplained data leak. — TalkTalk: In Oct 2015 cybercriminals hackedTalkTalk website (email addresses, names, DoB and phone were accessed) Other data included 16,000 bank account numbers and 28,000 credit/debit card details .TalkTalk says 157,000 customers were affected – latter fined £400,000 — Vodafone: Vodafone says hackers have accessed the accounts of 1,827 customers, just a week after a separate hacking attack atTalkTalk.The hack could potentially give criminals customers’ names, mobile numbers, sort codes and the last four digits of their bankACC. — Carphone warehouse: InAugust 2015, they said the personal details of up to 2.4 million of its customers may have been accessed in a cyber-attack.The encrypted credit card details of up to 90,000 people may have been accessed, the mobile phone firm said.11
  • 12. — Tesco Bank: (Nov 2016) 40,000 customer accounts ofTesco bank out of a total of 136,000 were subject to suspicious transactions, 9,000 of these had money stolen from their accounts.The sums taken were relatively small varying up to amounts of £600 but eventually totalled £2,500,000. — National Lottery: (Nov 2016) Hackers gained access to 26,500 National Lottery accounts with the use of passwords and e-mail addresses that had been stolen from previous breaches. — Three Mobile: (Nov 2016) Three Mobile have advised that a customer database has been compromised as a result of a hacker attack, it is understood that 133,827 customers may have suffered a data breach. — Hospitals in Lincolnshire: (Oct 2016) Hospitals have been subject to a cyber attack after an NHS computer network was compromised.12 Cyber Crime & Data Breach examples 2
  • 13. — Sage Group: (Aug 2016) Sage Group who provide accounting , payroll and payments software for many small and medium sized business have disclosed that an internal login has been utilized to gain unauthorized access to the data of of a number of its British clients. It is understood that the personal details of the employees of about 280 British companies were possibly exposed in this breach. — Cheltenham Hairdressing Salon: (June 2016)A local Cheltenham hairdresser discovered that their computers not longer worked which meant that they were unable to access their electronic diary to make and check bookings and to access their contact details. London Stock Exchange: (June 2016)The London Stock Exchange was apparently taken down for two hours by the hacking groupAnonymous . — Mumsnet: (July 2016)The Mumsnet website was notoriously hacked twice last year in July andAugust and up until now it has not be possible to identify who was responsible. The parenting site had to reset its 7.7 million members’ passwords.Teenager was charged 13 Cyber Crime & Data Breach examples 3
  • 14. — NatWest accounts accessed by “SIM swap fraud”: (Mar 2016) NatWest bank were subject to a challenge to their security procedures after journalists from BBC Radio 4’s You andYours program managed to access an account online taking money. Only £1.50 was transferred, a token amount to demonstrate how this could be carried out. — Lincolnshire County Council Malware Attack: (Jan 2016) Lincolnshire County Council was been subject to a £1m ransomware demand which forced the council to shut down their PCs and servers across their entire network. It is understood that this was caused by an email containing malware that was launched by a member of staff following a phishing attack. — Hackers target house conveyancing industry: It has been reported by the Daily Telegraph that in excess of £10 million has been stolen by hackers who have managed to gain access to the e-mails of individuals buying and selling houses.Over 90 people have succumbed to this and it is understood that the average amount stolen is £112,000.14 Cyber Crime & Data Breach examples 4
  • 15. — eBay: (2014) eBay asked 145m users to change their passwords after hackers stole customers' names, addresses, numbers and dates of birth — Heartbleed: (2014)A serious vulnerability was discovered in encryption technology used to protect many of the world's major websites, leaving them vulnerable to data theft — Sony: (2014)A cyber attack on Sony Pictures Entertainment resulted in a huge data leak, including private details of 47,000 employees and famous actors — US Central Command: (2015) Hackers claiming links to Isil managed to take control of CentCom'sTwitter andYouTube accounts, changing the logo to an image of a hooded fighter — Ashley Madison: (2015) Hackers threatened to publish the names of up to 37m AshleyMadison.com customers - a dating website for adulterous affairs — JDWetherspoon: (2015)A database containing names, email addresses, birth dates and phone numbers of of 656,723 customers was hacked.The company insisted only an “extremely limited” number of credit card details were taken 15 Cyber Crime & Data Breach examples 5
  • 16. — CommodityThreats: Commodity threats are the random malware, viruses,Trojans, worms, botnets, ransomware, and other threats that are out propagating on the Internet all the time. Strictly by chance, commodity threats are undirected and may end up inside of the enterprise at any time. — Hacktivists: Activist hacking, or hacktivism, consists of targeted attacks. Hacktivists use hacking to make a public or political statement.Their goal is to use hacking to bolster their cause or embarrass their adversaries. Hacktivism may be used against individuals, enterprises, or governments, depending on the situation and the particular objectives of the hacktivists. — Organised Crime: Like hacktivism, organised crime attacks are targeted. Criminals and criminal organizations have found there is serious money to be made on the Internet. 16 Types of Cyber attackers -1
  • 17. — Espionage: Cyberespionage centers on stealing trade secrets for commercial advantage or national secrets for political or military advantage — Cyberwar: Whereas espionage is generally focused on stealing information, cyberwar is about damaging the ability of enterprises or governments to operate in cyberspace.This damage is done by overwhelming, overloading, disabling, or destroying the IT systems used by the victims, or even using those IT systems to cause physical systems to malfunction and damage themselves or their operators. — Organised Crime: Like hacktivism, organised crime attacks are targeted. Criminals and criminal organizations have found there is serious money to be made on the Internet. 17 Types of Cyber attackers – 2
  • 18. — Databases: The most interesting place to look for hackers is database, however these tend to relatively well protected inside the enterprise. — Backups: Enterprise databases which contains critical business and customer data should be backed up. Usually the backups are not encrypted or are backed non-secure systems. Second backup location usually doesn't have security best practices. — Application Servers: Databases somehow have to make their data available to front end application servers .Breaches of these systems can be used to gain access to data through the applications, bypassing encryption and other protection methods. — Systems Administrators: If attackers get access to these accounts, they can bypass all other data protections and can steal valuable information. Usually they stay quit for long time before taking any bad action. 18 Types of Cyber attackers – Confidentiality
  • 19. — Hijacking: altering infrastructure data about internet properties such as domain names, social media identities or registered network locations. Some of these properties can be worth thousands/millions. — Sarbanes-Oxley: In the wake of the Enron disaster, the Sarbanes-Oxley regulations were developed to protect the integrity of financial data published by publicly traded corporations. — Online Banking: Attackers can get access to online business banking that can include payroll, investments, stock funds and other assets worth thousands/millions. — Direct Deposit: With bank direct deposit settings, employees are vulnerable to thefts where their pay can be redirected to attacker’s account. — Vandalism: Malicious actors try to infect websites or modify public material to embarrass the victim. Internet facing systems can be hard to protect fully. 19 Types of Cyber attackers – Integrity
  • 20. — Distributed Denial of Service(DDOS): attackers can send large request or traffic by using infected systems, which can include IoT devices which are considered non-secure and easy to control.This can cause large organisations loss in millions. — Targeted Denial of Service: attacks involve hacking into victim and then disabling systems so that they need to be rebuilt or recovered. Depending on the severity of the damage it could take some time for IT department to recover systems and restores, if backups are affected as well as the primary systems. — Physical Destruction:Attacks involve using cyberattacks to cause physical destruction.As more and more critical systems are now days computer controlled, these types of attacks will become potentially more dangerous and destructive over time. 20 Types of Cyber attackers – Availability
  • 21. — The global IT security industry will face a shortfall of 1.8 million workers by 2022, according to a new study, while the UK faces the prospect of its workforce actually shrinking. — The Center for Cyber Safety and Education surveyed 19,000 cyber-security professionals for its eighth bi-annual Global Information SecurityWorkforce Study (GISWS), sponsored by non-profit professionals' association (ISC)². — It found that the perceived shortfall in cyber-security experts had risen 20 percent, up from 1.5 million, the figure it published in its previous survey in 2015. — The UK government's recent Cyber Security Strategy called Britain's cyber-security skills gap a “national vulnerability that must be resolved”. — The survey found that two-thirds of firms in the UK don't have enough infosecurity personnel to meet their needs, and it is impacting economic security.Around 47 percent claimed the reason behind this was an absence of qualified candidates. — The skills shortage issue has already impacted UK firms, with 46 percent of UK companies reporting that the shortfall of cyber-security personnel is having significant impact on their customers and 45 percent warning that it is leading to security breaches. — more information https://www.scmagazineuk.com/uk-approaching-skills-cliff-edge-as-cyber-workforce-ages--report/article/638146/ 21 Need for Cyber Security Professionals
  • 22. 22 Why Become a Cyber Security Specialist? — High Earning Potential:There is skill gap for cyber security professionals this lead to higher earning potential — Challenging Career: IT changes constantly, for cybersecurity it is more dynamic field which will be challenging and fascinating. Cybersecurity professionals would need to always be up to date with new threats. — Highly Portable Career:A cybersecurity specialist job exist almost everywhere in the world. It is portable job. — Service to the Public:A cybersecurity specialist provide a necessary service to their organisations, societies and countries, very much like law enforcement or emergency responders. — Becoming a cybersecurity specialist is a rewarding career opportunity.
  • 24. 24 Industry Certifications — CompTIA https://certification.comptia.org/certifications — mile2 https://mile2.com/certifications.html — EC-Council https://www.eccouncil.org/programs/ — Cisco http://www.cisco.com/c/en/us/training-events/training-certifications/overview.html — SANS https://uk.sans.org/courses — ISC2 https://isc2.org/credentials/default.aspx — ISACA http://www.isaca.org/certification/Pages/default.aspx — GIAC https://www.giac.org/certifications