SlideShare a Scribd company logo

Module 2_ Cyber offenses & Cybercrime.pptx

nikshaikh786
nikshaikh786

Cyber Security and Laws

Engineering
1 of 73
Cyber offenses & Cybercrime ILO 7016.1-Understand the concept of cybercrime and its effect on outside world
Contents ● How criminal plan the attacks ● Social Engineering ● Cyber stalking ● Cyber café and Cybercrimes ● Botnets ● Attack vector ● Cloud computing ● Proliferation of Mobile and Wireless Devices ● Trends in Mobility ● Credit Card Frauds in Mobile and Wireless Computing Era ● Security Challenges Posed by Mobile Devices ● Registry Settings for Mobile Devices ● Authentication Service Security ● Attacks on Mobile/Cell Phones ● Mobile Devices: ○ Security Implications for Organizations ○ Organizational Measures for Handling Mobile ○ Devices-Related Security Issues ○ Organizational Security Policies and Measures in Mobile Computing Era ○ Laptops
How criminal plan attacks Criminals use various strategies and techniques to plan and execute cybercrime attacks. These attacks can range from simple schemes to highly sophisticated and coordinated operations. Here are some common ways criminals plan and carry out cybercrime attacks: ● Social Engineering: Criminals manipulate individuals into divulging sensitive information or performing actions that compromise security. This can include phishing emails, pretexting (creating a fabricated scenario to obtain information), baiting (luring victims with something enticing), and tailgating (gaining physical access to a restricted area by following an authorized person). ● Malware Distribution: Criminals create and distribute malicious software (malware) through methods such as infected email attachments, compromised websites, or malicious links. Once the malware is installed on a victim's device, it can be used for various purposes, including data theft, surveillance, or further attacks.
How criminal plan attacks ● Hacking and Exploiting Vulnerabilities: Cybercriminals identify and exploit weaknesses in computer systems, networks, or applications. They may use techniques such as SQL injection, cross-site scripting, or remote code execution to gain unauthorized access. ● Ransomware Attacks: Criminals use ransomware to encrypt a victim's data and demand payment in exchange for the decryption key. Ransomware attacks often involve social engineering to trick users into downloading the malicious software. ● Distributed Denial of Service (DDoS): Criminals use a network of compromised devices (botnets) to flood a target website or online service with excessive traffic, causing it to become unavailable to users. ● Identity Theft: Cybercriminals steal personal information, such as social security numbers, credit card details, or login credentials, to impersonate individuals or commit financial fraud.
How criminal plan attacks ● Insider Threats: Individuals with access to sensitive systems or information may misuse their privileges for personal gain. This could involve stealing data, causing disruptions, or assisting external attackers. ● Advanced Persistent Threats (APTs): Sophisticated and prolonged attacks by well-funded cybercriminals or nation- state actors involve carefully planned and orchestrated efforts to compromise specific targets. APTs often involve multiple stages, including initial access, lateral movement, data exfiltration, and maintaining a persistent presence. ● Cyber Espionage: Criminals engage in cyber espionage to steal sensitive information, trade secrets, or intellectual property for financial or political gain. This can involve targeted attacks against government agencies, corporations, or individuals.
How criminal plan attacks ● Credential Stuffing: Criminals use lists of stolen usernames and passwords to gain unauthorized access to accounts on various platforms. Since people often reuse passwords, this technique can be highly effective. ● Pharming: Criminals manipulate DNS settings or compromise routers to redirect users to fraudulent websites without their knowledge, often used for phishing attacks. ● Zero-Day Exploits: Criminals discover and exploit software vulnerabilities that are unknown to the software vendor, making it difficult for victims to defend against the attack. Criminals continuously adapt and innovate their techniques, making cybersecurity an ongoing challenge. Organizations and individuals need to stay vigilant, adopt security best practices, and employ robust cybersecurity measures to defend against these threats.
Social Engineering Social engineering is a tactic used by cybercriminals and attackers to manipulate individuals into divulging confidential information, performing actions, or making decisions that compromise the security of computer systems, networks, or sensitive data. Unlike traditional hacking, which focuses on exploiting technical vulnerabilities, social engineering preys on human psychology and interactions. Social engineering attacks exploit trust, fear, curiosity, or other emotions to trick individuals into taking actions that benefit the attacker. These attacks can be conducted through various communication channels, such as in-person interactions, phone calls, emails, text messages, or social media.
Common Types of Social Engineering Attacks: ● Phishing: Attackers send deceptive emails that appear to be from legitimate sources, such as banks, companies, or government agencies. These emails often contain malicious links or attachments that, when clicked or opened, install malware or direct users to fake websites where their credentials are stolen. ● Spear Phishing: Similar to phishing, but more targeted. Attackers customize their messages to specific individuals or organizations, often using personal information obtained from social media or other sources to increase credibility. ● Baiting: Attackers offer something enticing, such as a free software download or a USB drive, with the intention of tricking users into taking an action that compromises security, such as installing malware.
● Pretexting: Attackers create a fabricated scenario or pretext to elicit sensitive information from a target. This could involve impersonating a colleague, service provider, or authority figure to gain access to information or systems. ● Quid Pro Quo: Attackers promise a benefit or service in exchange for sensitive information or access. For example, they may pose as IT support and request remote access to a user's computer. ● Tailgating: Also known as "piggybacking," attackers gain physical access to a restricted area by following an authorized person. This can happen in office buildings, data centers, or other secure locations. ● Impersonation: Attackers pose as someone the target knows and trusts, such as a coworker, friend, or family member. They may ask for sensitive information or initiate fraudulent transactions.
Reverse Social Engineering: Attackers first gather information about a target from public sources or interactions, and then use that information to manipulate the target into revealing more sensitive information.
Mitigating Social Engineering ● Awareness and Education: Training individuals to recognize social engineering tactics and suspicious communication can help prevent successful attacks. ● Verification: Always verify the identity of anyone requesting sensitive information or actions, especially in unfamiliar situations. ● Multi-Factor Authentication (MFA): Implement MFA to add an extra layer of security, even if credentials are compromised. ● Data Protection: Be cautious about sharing personal or sensitive information online and on social media. ● Critical Thinking: Encourage critical thinking and skepticism, especially when encountering unexpected or unusual requests. Social engineering exploits human nature and interactions, making it a challenging and pervasive cybersecurity threat. Organizations and individuals need to stay vigilant and practice good cybersecurity hygiene to protect against social engineering attacks.
CYBER STALKING Cyberstalking is the use of electronic communication to harass, threaten, or intimidate another person. It can take many forms, including: ● Sending unwanted emails, text messages, or social media posts ● Posting embarrassing or threatening messages online ● Tracking the victim's online activity ● Creating fake online profiles to impersonate the victim ● Distributing the victim's personal information online ● Threatening to harm the victim or their loved ones Cyberstalking can have a devastating impact on the victim's mental and emotional health. It can cause anxiety, depression, fear, and even post-traumatic stress disorder. In some cases, it can lead to the victim taking drastic measures, such as suicide.
Cyberstalking is a crime in many countries. In India, it is punishable by up to three years in prison. If you are being cyberstalked, it is important to take steps to protect yourself. You can: ● Save all of the evidence of the stalking, such as emails, text messages, and social media posts. ● Report the stalking to the police. ● Change your passwords and security settings. ● Block the stalker from your social media accounts and email. ● Talk to a trusted friend or family member about what is happening. If you are being cyberstalked, you are not alone. There are many resources available to help you. You can contact the National Cyber Security Alliance (NCSA) at 888-335-7678 or visit their website at https://www.staysafeonline.org/.
Here are some additional tips to help you stay safe from cyberstalking: ● Be careful about what information you share online. ● Don't give out your personal information, such as your address or phone number, to strangers. ● Be wary of online dating profiles and social media accounts. ● Be careful about clicking on links in emails or text messages. ● Keep your software up to date. ● Use strong passwords and change them regularly.
Cyber café and Cybercrimes Cybercafes are a convenient place to access the internet, but they can also be a target for cybercrimes. Here are some of the most common cybercrimes that can occur in cybercafes: ● Phishing: This is a type of scam where the attacker sends a fraudulent email or text message that appears to be from a legitimate source, such as a bank or credit card company. The email or text message will often contain a link that, when clicked, will take the victim to a fake website that looks like the real website. Once the victim enters their personal information on the fake website, the attacker can steal it. ● Malware: This is software that is designed to harm a computer system. Malware can be installed on a computer through a variety of ways, such as clicking on a malicious link, opening an infected attachment, or downloading a file from an untrusted source. Once malware is installed on a computer, it can steal personal information, damage files, or even take control of the computer.
Identity theft: This is a crime in which someone steals someone else's personal information, such as their name, Social Security number, or credit card number. This information can then be used to open accounts, make purchases, or commit other crimes in the victim's name. Cyberstalking: This is the use of electronic communication to harass or threaten someone. Cyberstalkers may send unwanted emails, text messages, or social media posts. They may also post embarrassing or harmful information about the victim online. Child pornography: This is the possession, distribution, or production of images or videos of children engaged in sexual activity. Cybercafes can be used to download or share child pornography.
To protect yourself from cybercrimes in cybercafes, you should: ● Be careful about what websites you visit and what links you click on. If you're not sure whether a website is legitimate, don't click on any links on it. ● Don't open any attachments that you're not expecting. Attachments can contain malware. ● Only download files from trusted sources. If you're not sure whether a file is safe, don't download it. ● Keep your antivirus software up to date. Antivirus software can help to protect your computer from malware. ● Be aware of your surroundings. If you see something suspicious, such as someone trying to install malware on a computer, report it to the cybercafe staff. By following these tips, you can help to protect yourself from cybercrimes in cybercafes.
In addition to the above, here are some other things that cybercafes can do to prevent cybercrimes: ● Install antivirus software on all computers and keep it up to date. ● Use strong passwords and change them regularly. ● Monitor the computers for suspicious activity. ● Train staff on how to identify and report cybercrimes. By taking these steps, cybercafes can help to create a safe and secure environment for their customers.
Botnets A botnet is a network of computers that have been infected with malware and are controlled by a single attacker, known as the botmaster. The botmaster can use the botnet to perform a variety of malicious activities, such as: ● Sending spam emails ● Distributing malware ● Carrying out denial-of-service attacks ● Stealing data ● Mining cryptocurrency Botnets can be very large, with millions of infected devices. This makes them a powerful tool for attackers, as they can be used to launch large-scale attacks that would be difficult or impossible to carry out with a single computer.
There are a number of ways that computers can become infected with botnet malware. Some common methods include: ● Clicking on a malicious link in an email or text message ● Opening an infected attachment ● Downloading a file from an untrusted source ● Visiting a malicious website Once a computer is infected with botnet malware, the botmaster can then take control of the computer and use it to carry out malicious activities.
There are a number of things that you can do to protect your computer from botnet malware, including: ● Keep your operating system and software up to date ● Use a firewall and antivirus software ● Be careful about what websites you visit and what links you click on ● Don't open any attachments that you're not expecting ● Only download files from trusted sources ● Be aware of the latest cyber threats and how to protect yourself By following these tips, you can help to protect your computer from botnet malware and other cyber threats.
Here are some additional tips to protect yourself from botnets: ● Use strong passwords and change them regularly. ● Enable two-factor authentication whenever possible. ● Be careful about what information you share online. ● Only connect to trusted Wi-Fi networks. ● Keep your devices up to date with the latest security patches. ● Be aware of the latest scams and phishing attacks.
ATTACK VECTOR An attack vector is a method that an attacker can use to gain access to a system or network. Attack vectors can be categorized into three main types: ● Physical attack vectors: These attack vectors involve physical access to the system or network. For example, an attacker could steal a laptop or server, or they could install malware on a USB drive and then plug it into a computer. ● Remote attack vectors: These attack vectors do not require physical access to the system or network. For example, an attacker could send a phishing email or exploit a vulnerability in a software application. ● Social engineering attack vectors: These attack vectors rely on human interaction to trick the victim into giving up their personal information or clicking on a malicious link. For example, an attacker could pose as a legitimate company and call the victim, pretending to need their personal information to fix a problem with their account.
Here are some examples of attack vectors: ● Phishing: This is a type of social engineering attack where the attacker sends an email or text message that appears to be from a legitimate source, such as a bank or credit card company. The email or text message will often contain a link that, when clicked, will take the victim to a fake website that looks like the real website. Once the victim enters their personal information on the fake website, the attacker can steal it. ● Malware: This is software that is designed to harm a computer system. Malware can be installed on a computer through a variety of ways, such as clicking on a malicious link, opening an infected attachment, or downloading a file from an untrusted source. Once malware is installed on a computer, it can steal personal information, damage files, or even take control of the computer.
● Zero-day attack: This is an attack that exploits a vulnerability in software that the software vendor is not aware of. Zero-day attacks are often very difficult to defend against because there is no patch available to fix the vulnerability. ● Denial-of-service attack: This is an attack that is designed to make a system or network unavailable to its intended users. Denial-of-service attacks can be carried out by flooding the system or network with traffic, or by exploiting a vulnerability in the system or network. ● Man-in-the-middle attack: This is an attack where the attacker secretly relays communications between two parties. The attacker can then intercept and modify the communications. By understanding the different types of attack vectors, you can take steps to protect yourself from cyber attacks.
Proliferation of Mobile and Wireless Devices The proliferation of mobile and wireless devices has had a significant impact on cybersecurity. Mobile devices are often more vulnerable to attack than traditional computers because they are often connected to untrusted networks and are more likely to be lost or stolen. Here are some of the security challenges posed by mobile devices: ● Data leakage: Mobile devices are often used to store sensitive data, such as financial information, passwords, and personal photos. If a mobile device is lost or stolen, this data could be compromised. ● Malware: Mobile devices can be infected with malware, just like traditional computers. Malware can steal data, track user activity, or even take control of the device. ● Phishing: Phishing attacks are often targeted at mobile devices. Phishing emails and text messages are designed to trick users into clicking on malicious links or providing personal information. ● Man-in-the-middle attacks: Man-in-the-middle attacks can be used to intercept data that is being transmitted between a mobile device and a server. This data could include passwords, credit card numbers, or other sensitive information. ● Zero-day attacks: Zero-day attacks exploit vulnerabilities in software that the software vendor is not aware of. Zero-day attacks are often very difficult to defend against because there is no patch available to fix the vulnerability.
Proliferation of Mobile and Wireless Devices To protect mobile devices from these security threats, users should take the following steps: ● Keep the operating system and software up to date. Software vendors often release security patches to fix vulnerabilities. Keeping the operating system and software up to date will help to protect the device from attack. ● Use a strong password and change it regularly. The password should be at least 12 characters long and should include a mix of upper and lowercase letters, numbers, and symbols. ● Be careful about what websites you visit and what links you click on. Phishing emails and malicious websites are often designed to look like legitimate websites. Be careful about what websites you visit and what links you click on. ● Only download apps from trusted sources. Apps can contain malware. Only download apps from trusted sources, such as the Apple App Store or the Google Play Store. ● Use a firewall and antivirus software. A firewall can help to protect the device from unauthorized access. Antivirus software can help to detect and remove malware. ● Be aware of the latest cyber threats. Cyber threats are constantly evolving. Stay informed about the latest threats so that you can take steps to protect yourself.
Proliferation of Mobile and Wireless Devices In addition to the above, organizations can also take steps to protect their mobile devices, such as: ● Implementing a mobile device management (MDM) solution. An MDM solution can help to manage and secure mobile devices. MDM solutions can be used to deploy security policies, track devices, and wipe devices remotely if they are lost or stolen. ● Educating employees about mobile security. Employees should be educated about the security risks posed by mobile devices and how to protect themselves. Employees should be taught about the importance of using strong passwords, being careful about what websites they visit, and only downloading apps from trusted sources. ● Regularly scanning mobile devices for malware. Mobile devices should be scanned for malware on a regular basis. This can be done using antivirus software or a mobile device management solution. ● Using a secure wireless network. Mobile devices should only be connected to secure wireless networks. Secure wireless networks use encryption to protect data that is being transmitted over the network.
Trends in Mobility Mobile computing is moving into a new era, third generation (3G), which promises greater variety in applications and have highly improved usability as well as speedier networking. “iPhone” from Apple and Google-led “Android” phones are the best examples of this trend and there are plenty of other developments that point in this direction. This smart mobile technology is rapidly gaining popularity and the attackers (hackers and crackers) are among its biggest fans.
CLOUD COMPUTING Cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the internet (“the cloud”). It eliminates the need for individuals and businesses to self-manage physical resources themselves, and only pay for what they use. The three main types of cloud computing are: ● Infrastructure as a Service (IaaS): IaaS provides access to virtual machines, storage, and networking resources. ● Platform as a Service (PaaS): PaaS provides a development environment for building and deploying applications. ● Software as a Service (SaaS): SaaS provides access to applications that are hosted in the cloud.
Here are some examples of how cloud computing is being used: ● E-commerce: Cloud computing is used by e-commerce businesses to store and process customer orders, manage inventory, and deliver products. ● Media and entertainment: Cloud computing is used by media and entertainment companies to store and stream videos, music, and other content. ● Healthcare: Cloud computing is used by healthcare providers to store patient records, manage electronic health records (EHRs), and deliver telehealth services. ● Education: Cloud computing is used by educational institutions to deliver online courses, manage student records, and provide research resources. ● Government: Cloud computing is used by governments to store and process data, manage IT infrastructure, and deliver public services.
Cybercrime related to cloud computing is any malicious activity that targets cloud computing systems or data. This can include: ● Data breaches: Hackers can gain access to sensitive data stored in the cloud, such as customerPII, financial information, or intellectual property. ● DDoS attacks: Attackers can use cloud-based resources to launch distributed denial-of-service (DDoS) attacks against websites or other online services. ● Malware attacks: Attackers can deploy malware in the cloud, such as ransomware or cryptojacking malware, to steal data, encrypt files, or mine cryptocurrency. ● Account hijacking: Attackers can steal or hijack cloud user accounts to gain access to sensitive data or resources. ● Insider threats: Employees or contractors with access to cloud systems can misuse their privileges to commit cybercrime.
Cloud computing can also be used to facilitate other types of cybercrime, such as: ● Phishing: Attackers can use cloud-based email services to send phishing emails. ● Spoofing: Attackers can use cloud-based IP addresses to spoof legitimate websites or services. ● Botnets: Attackers can use cloud-based resources to create and control botnets. The increasing popularity of cloud computing has made it a more attractive target for cybercriminals. As a result, it is important for businesses and organizations to take steps to protect their data and systems in the cloud.
Here are some tips for protecting against cybercrime in the cloud: ● Use strong passwords and two-factor authentication for all cloud accounts. ● Keep your cloud software up to date with the latest security patches. ● Segment your cloud environment to limit the impact of a breach. ● Monitor your cloud traffic for suspicious activity. ● Back up your data regularly in case of a breach.
By following these tips, you can help to protect your data and systems in the cloud from cybercrime. In addition to the above, here are some other ways that cloud computing can be used for cybercrime investigations: ● Cloud servers can be used to store evidence of cybercrime, such as logs, emails, and chat transcripts. ● Cloud-based tools can be used to analyze and investigate cybercrime data. ● Cloud computing can be used to collaborate with other investigators on a cybercrime case. Cloud computing can be a valuable tool for both cybercrime prevention and investigation. However, it is important to be aware of the risks and take steps to mitigate them.
Security Challenges Posed by Mobile Devices Mobile devices pose a number of security challenges, including: ● Malicious apps: Malicious apps can be downloaded from untrusted sources or installed through social engineering attacks. These apps can steal personal data, install malware, or even take control of the device. ● Data breaches: Mobile devices can be lost or stolen, which can expose sensitive data. Additionally, data can be compromised if the device is not properly secured. ● Network attacks: Mobile devices are often connected to public Wi-Fi networks, which can be insecure. This makes them vulnerable to man-in-the-middle attacks and other network-based attacks. ● Physical attacks: Mobile devices can be physically attacked to steal data or install malware. This can be done by exploiting vulnerabilities in the device's hardware or software. ● User errors: Users can make mistakes that can compromise the security of their mobile devices. This includes clicking on phishing links, downloading malicious apps, or not keeping their devices up to date.
Here are some tips for protecting mobile devices from security threats: ● Only download apps from trusted sources. ● Be careful about what information you share on your mobile device. ● Keep your mobile device's software up to date. ● Use a strong password and enable two-factor authentication. ● Be aware of the risks of public Wi-Fi networks. ● Back up your data regularly. By following these tips, you can help to protect your mobile devices from security threats.
Here are some additional security challenges posed by mobile devices: ● Jailbreaking and rooting: Jailbreaking and rooting are techniques that allow users to gain root access to their mobile devices. This can be used to install unauthorized apps, change system settings, and bypass security features. ● Sideloading: Sideloading is the process of installing apps from sources other than the official app store. This can be a way to install malicious apps. ● Firmware vulnerabilities: Mobile devices are often shipped with outdated firmware that contains security vulnerabilities. These vulnerabilities can be exploited by attackers to gain control of the device. ● Supply chain attacks: Supply chain attacks are attacks that target the companies that supply components or software to mobile device manufacturers. These attacks can be used to insert malicious code into the components or software, which can then be used to attack the devices. The security challenges posed by mobile devices are constantly evolving. It is important to stay up-to-date on the latest threats and to take steps to protect your devices.
Registry Settings for Mobile Devices The registry is a database that stores configuration settings for the operating system and applications on a mobile device. It is a critical part of the operating system and can be used to control a wide range of settings, including security settings. Some of the registry settings that can be used to improve security on mobile devices include: ● Enable PIN or password protection: This is one of the most important security settings for mobile devices. It prevents unauthorized users from accessing the device. ● Set a strong password: The password should be at least 8 characters long and include a mix of uppercase and lowercase letters, numbers, and symbols. ● Require a password to unlock the device after a short period of inactivity: This will help to prevent unauthorized users from accessing the device if it is left unattended. ● Encrypt the device's storage: This will prevent unauthorized users from accessing the data stored on the device, even if they are able to bypass the lock screen. ● Block unauthorized apps: This can be done by using a security app or by manually disabling apps that are not from trusted sources. ● Keep the device's software up to date: Software updates often include security patches that can help to protect the device from known vulnerabilities.
Registry Settings for Mobile Devices It is important to note that the specific registry settings that can be used to improve security on mobile devices will vary depending on the device and the operating system. It is always best to consult the device's documentation or the manufacturer's website for more information. Here are some additional registry settings that can be used to improve security on mobile devices: ● Disable USB debugging: USB debugging allows developers to access the device's system files and can be used to install malicious software. ● Disable remote wipe: Remote wipe allows users to delete all data from the device remotely if it is lost or stolen. ● Enable firewall: A firewall can help to block unauthorized access to the device's network ports. ● Enable location services only when needed: Location services can be used to track the device's location, which can be a privacy concern. ● Enable app permissions: App permissions allow apps to access certain features on the device. It is important to review app permissions and only grant permissions that are necessary for the app to function. By following these tips, you can help to improve the security of your mobile device's registry settings and protect your data from unauthorized access.
cyber crime related to Registry Settings for Mobile Devices Registry settings for mobile devices can be exploited by cybercriminals to gain unauthorized access to the device or its data. Some of the cybercrimes related to registry settings for mobile devices include: ● Data theft: Cybercriminals can modify registry settings to steal sensitive data from the device, such as passwords, credit card numbers, or contact information. ● Malware installation: Cybercriminals can modify registry settings to install malicious software on the device, such as ransomware or spyware. ● Device control: Cybercriminals can modify registry settings to take control of the device, such as by locking the device or accessing its camera or microphone. ● Identity theft: Cybercriminals can modify registry settings to steal the device's identity, such as its IMEI number or serial number. This can be used to commit fraud or to track the device.
To protect against cybercrimes related to registry settings for mobile devices, it is important to: ● Keep the device's software up to date. Software updates often include security patches that can help to protect the device from known vulnerabilities. ● Use a strong password and enable two-factor authentication. This will make it more difficult for cybercriminals to gain unauthorized access to the device. ● Be careful about what apps you install on the device. Only install apps from trusted sources. ● Be aware of the risks of public Wi-Fi networks. Do not connect to public Wi-Fi networks unless you absolutely have to. ● Back up your data regularly. This will help you to recover your data if the device is lost or stolen.
Here are some additional tips to protect your mobile device from registry-based attacks: ● Use a security app that can scan for and remove malicious software. ● Do not root or jailbreak your device. This can make it more vulnerable to attack. ● Be careful about what links you click on and what attachments you open. Cybercriminals often use phishing emails and malicious attachments to spread malware. ● Keep your device's security settings up to date. ● Be aware of the latest cyber threats and how to protect yourself from them.
Rooting Mobile Devices Rooting is the process of gaining administrative privileges on a mobile device. This gives you the ability to access and modify system files and settings, which can be used to customize the device or install unauthorized apps. On Android devices, root access is granted by the "root user" account. This account has full control over the device and can do anything that the device is capable of.
Rooting Mobile Devices Rooting a mobile device can be done for a variety of reasons, including: ● To install custom ROMs: A custom ROM is a modified version of the device's operating system. This can give you access to features that are not available on the stock ROM, such as new features or customization options. ● To remove bloatware: Bloatware is pre-installed software that comes with the device. This software can sometimes be unnecessary or unwanted, and rooting can be used to remove it. ● To improve performance: Rooting can sometimes improve the performance of a device by removing unnecessary restrictions. ● To access hidden features: Some devices have hidden features that can only be accessed with root access.
Rooting Mobile Devices Rooting a mobile device also has some risks, including: ● Voiding the warranty: Rooting a device may void the warranty, so it is important to check with the manufacturer before doing so. ● Making the device unstable: Rooting can sometimes make the device unstable and cause it to crash or malfunction. ● Making the device more vulnerable to malware: Rooting can make the device more vulnerable to malware attacks, as it gives attackers more access to the system. Overall, rooting is a powerful tool that can be used to customize and improve a mobile device. However, it is important to be aware of the risks before doing so.
Rooting Mobile Devices some things to consider before rooting your mobile device: ● Make sure you know what you are doing. Rooting can be a complex process, and there is a risk of bricking your device if you do something wrong. ● Read the instructions carefully. There are many different rooting methods available, and each one has its own set of instructions. Make sure you follow the instructions carefully to avoid any problems. ● Back up your data. Before you root your device, make sure you back up all of your data. This includes your contacts, photos, videos, and any other important files. ● Be prepared to lose your warranty. Rooting your device may void the warranty. If you are not comfortable with this, then you should not root your device.
Rooting Mobile Devices If you have decided to root your mobile device, then there are a few things you can do to protect yourself: ● Use a security app. A security app can help to protect your device from malware attacks. ● Be careful about what apps you install. Only install apps from trusted sources. ● Keep your device's software up to date. Software updates often include security patches that can help to protect your device from known vulnerabilities.
Authentication Service Security Authentication service security in mobile devices refers to the measures taken to verify the identity of a user or device attempting to access a mobile device or its resources. This is important to protect the device from unauthorized access, which can lead to data theft, malware infection, or other security problems.
1. There are two components of security in mobile computing: security of devices and security in networks. 2. A secure network access involves mutual authentication between the device and the base stations or Web servers. 3. This is to ensure that only authenticated devices can be connected to the network for obtaining the requested services. 4. No Malicious Code can impersonate the service provider to trick the device into doing something it does not mean to. 5. Thus, the networks also play a crucial role in security of mobile devices. Some eminent kinds of attacks to which mobile devices are subjected to are: push attacks, pull attacks and crash attacks. 6. Authentication services security is important given the typical attacks on mobile devices through wireless networks: DoS attacks, traffi c analysis, eavesdropping, man in-the-middle attacks and session hijacking.
Authentication Service Security there are a number of other security measures that can be taken to protect mobile devices, such as: ● Keeping the device's software up to date: Software updates often include security patches that can help to protect the device from known vulnerabilities. ● Using a security app: A security app can help to protect the device from malware attacks. ● Being careful about what apps you install: Only install apps from trusted sources. ● Not connecting to public Wi-Fi networks: Public Wi-Fi networks are often insecure, so it is best to avoid connecting to them unless you absolutely have to. ● Backing up your data regularly: This will help you to recover your data if the device is lost or stolen.
Authentication Service Security Here are some additional considerations for authentication service security in mobile devices: ● The authentication method should be appropriate for the level of security required. For example, a simple password may be sufficient for accessing a public Wi-Fi network, but a stronger authentication method, such as 2FA, may be required for accessing a corporate network. ● The authentication method should be easy to use for the user. If the authentication method is too complex or difficult to use, users may be less likely to use it, which could compromise security. ● The authentication method should be resistant to attack. The authentication method should be designed to be resistant to attacks, such as brute-force attacks or phishing attacks.
Attacks on Mobile/Cell Phones Mobile phones are constantly evolving and becoming more and more powerful. This makes them a more attractive target for cybercriminals. Here are some of the most common attacks on mobile phones: ● Malware: Malware is software that is designed to harm a computer system. Malware can be installed on mobile phones through a variety of ways, such as clicking on a malicious link, opening a malicious attachment, or downloading a malicious app. Once malware is installed on a mobile phone, it can steal personal data, install other malware, or even take control of the device. ● Phishing: Phishing is a type of social engineering attack that is used to trick users into giving up their personal information. Phishing attacks often involve sending emails or text messages that appear to be from a legitimate source, such as a bank or credit card company. The emails or text messages will often contain a link that, when clicked, will take the user to a fake website that looks like the real website. Once the user enters their personal information on the fake website, the phisher can steal it.
Smishing: Smishing is a type of phishing attack that is carried out through SMS text messages. Smishing messages are often sent from phone numbers that look like they are from a legitimate source, such as a bank or credit card company. The messages will often contain a link that, when clicked, will take the user to a fake website that looks like the real website. Once the user enters their personal information on the fake website, the phisher can steal it. Vishing: Vishing is a type of phishing attack that is carried out through phone calls. Vishing calls are often made from phone numbers that look like they are from a legitimate source, such as a bank or credit card company. The caller will often claim to be from the company and will ask the victim to provide their personal information, such as their credit card number or Social Security number. Once the victim provides their personal information, the vishing caller can use it to commit fraud.
SIM swapping: SIM swapping is a type of attack that is used to take control of a mobile phone number. SIM swapping is often carried out by criminals who want to gain access to the victim's online accounts. To carry out a SIM swap, the criminals will first need to obtain the victim's phone number. They can do this by tricking the victim into giving them their phone number or by using social engineering techniques to obtain it. Once they have the victim's phone number, the criminals will contact the victim's mobile carrier and request that the SIM card be swapped. The mobile carrier will often comply with this request, thinking that the request is coming from the victim. Once the SIM card has been swapped, the criminals will have control of the victim's phone number and will be able to access the victim's online accounts.
Mobile Devices: Security Implications for Organizations Mobile devices are becoming increasingly popular in the workplace, as employees use them to access corporate data and applications. This trend has led to a number of security implications for organizations, as mobile devices are more vulnerable to attack than traditional desktop computers.
Mobile Devices: Security Implications for Organizations some of the main security implications of mobile devices for organizations: ● Increased risk of data breaches: Mobile devices are more likely to be lost or stolen than traditional desktop computers. If a mobile device containing sensitive corporate data is lost or stolen, it could be used by unauthorized individuals to access the data. ● Increased risk of malware infection: Mobile devices are more susceptible to malware infection than traditional desktop computers. This is because mobile devices are often used to connect to public Wi-Fi networks, which are often unsecured and can be used by attackers to distribute malware.
Mobile Devices: Security Implications for Organizations Increased risk of social engineering attacks: Mobile devices are more likely to be used to carry out social engineering attacks than traditional desktop computers. This is because mobile devices are often used to access personal information, such as contact information and financial data. Increased complexity of security management: Managing the security of mobile devices is more complex than managing the security of traditional desktop computers. This is because mobile devices are often used by employees outside of the office and can be difficult to keep track of.
To mitigate the security risks associated with mobile devices, organizations should implement a comprehensive mobile device security policy. This policy should include the following elements: ● A mobile device management (MDM) solution: An MDM solution can be used to manage the security of mobile devices, such as by enforcing password policies and remotely wiping devices. ● A security awareness training program: A security awareness training program should be implemented to educate employees about the security risks associated with mobile devices and how to protect themselves from these risks. ● A mobile device security policy: A mobile device security policy should be implemented to define the rules and regulations for the use of mobile devices in the workplace. ● Regular security updates: Mobile devices should be kept up to date with the latest security patches to protect them from known vulnerabilities.
Organizational Measures for Handling Mobile some organizational measures for handling mobile in cyber security: ● Implement a mobile device management (MDM) solution: An MDM solution can be used to manage the security of mobile devices, such as by enforcing password policies and remotely wiping devices. ● Educate employees about the security risks associated with mobile devices: A security awareness training program should be implemented to educate employees about the security risks associated with mobile devices and how to protect themselves from these risks. ● Create a mobile device security policy: A mobile device security policy should be implemented to define the rules and regulations for the use of mobile devices in the workplace. ● Keep mobile devices up to date with the latest security patches: Mobile devices should be kept up to date with the latest security patches to protect them from known vulnerabilities. ● Require employees to use strong passwords and enable two-factor authentication for their mobile devices: Strong passwords and two-factor authentication can help to protect mobile devices from unauthorized access. ● Restrict the use of mobile devices to authorized applications and websites: Only allowing employees to use authorized applications and websites can help to reduce the risk of malware infection. ● Monitor mobile device usage for suspicious activity: Monitoring mobile device usage can help to identify and respond to suspicious activity, such as unauthorized access attempts. ● Back up mobile device data regularly: Regularly backing up mobile device data can help to protect it in the event of a data breach or other incident.
● Use a mobile security solution: A mobile security solution can provide additional protection for mobile devices, such as by detecting and blocking malware, preventing unauthorized access, and encrypting data. ● Deploy a zero-trust security model: A zero-trust security model assumes that no device or user is inherently trusted, and that all access to resources must be authenticated and authorized. This can help to protect against unauthorized access to mobile devices, even if they are compromised. ● Use mobile device encryption: Encrypting mobile device data can help to protect it from unauthorized access, even if the device is lost or stolen. ● Implement mobile device security policies: Mobile device security policies should be implemented to define the rules and regulations for the use of mobile devices in the workplace. These policies should be enforced through employee training and monitoring. ● Conduct regular security assessments: Regular security assessments can help to identify and address security vulnerabilities in mobile devices and their applications.
Devices-Related Security Issues device-related security issues that can affect mobile devices. Here are some of the most common: ● Malware: Malware is software that is designed to harm a computer system. Malware can be installed on mobile devices through a variety of ways, such as clicking on a malicious link, opening a malicious attachment, or downloading a malicious app. Once malware is installed on a mobile device, it can steal personal data, install other malware, or even take control of the device. ● Phishing: Phishing is a type of social engineering attack that is used to trick users into giving up their personal information. Phishing attacks often involve sending emails or text messages that appear to be from a legitimate source, such as a bank or credit card company. The emails or text messages will often contain a link that, when clicked, will take the user to a fake website that looks like the real website. Once the user enters their personal information on the fake website, the phisher can steal it.
Sideloading: Sideloading is the process of installing apps from sources other than the official app store. This can be a way to install malicious apps. Firmware vulnerabilities: Mobile devices are often shipped with outdated firmware that contains security vulnerabilities. These vulnerabilities can be exploited by attackers to gain control of the device. Supply chain attacks: Supply chain attacks are attacks that target the companies that supply components or software to mobile device manufacturers. These attacks can be used to insert malicious code into the components or software, which can then be used to attack the devices.
Organizational Security Policies and Measures in Mobile Computing Era Organizational security policies and measures in the mobile computing era are designed to protect an organization's data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. These policies and measures should be tailored to the specific needs of the organization, but they should typically include the following elements: ● Mobile device management (MDM): MDM solutions can be used to manage the security of mobile devices, such as by enforcing password policies and remotely wiping devices. ● Security awareness training: Security awareness training should be implemented to educate employees about the security risks associated with mobile devices and how to protect themselves from these risks.
Organizational Security Policies and Measures in Mobile Computing Era Mobile device security policy: A mobile device security policy should be implemented to define the rules and regulations for the use of mobile devices in the workplace. Regular security updates: Mobile devices should be kept up to date with the latest security patches to protect them from known vulnerabilities. Require employees to use strong passwords and enable two-factor authentication for their mobile devices: Strong passwords and two-factor authentication can help to protect mobile devices from unauthorized access. Restrict the use of mobile devices to authorized applications and websites: Only allowing employees to use authorized applications and websites can help to reduce the risk of malware infection.
Organizational Security Policies and Measures in Mobile Computing Era ● Monitor mobile device usage for suspicious activity: Monitoring mobile device usage can help to identify and respond to suspicious activity, such as unauthorized access attempts. ● Back up mobile device data regularly: Regularly backing up mobile device data can help to protect it in the event of a data breach or other incident. In addition to these general security measures, organizations may also need to implement additional measures to address specific security risks associated with mobile devices. For example, organizations that use mobile devices to access sensitive data may need to implement encryption or tokenization.
Organizational Security Policies and Measures in Mobile Computing Era The specific organizational security policies and measures that are implemented will vary depending on the organization's specific needs and requirements. However, by implementing a comprehensive set of security policies and measures, organizations can help to protect their data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
Organizational Security Policies and Measures in Mobile Computing Era organizational security policies and measures that can be taken to improve mobile security in the mobile computing era: ● Use a mobile security solution: A mobile security solution can provide additional protection for mobile devices, such as by detecting and blocking malware, preventing unauthorized access, and encrypting data. ● Deploy a zero-trust security model: A zero-trust security model assumes that no device or user is inherently trusted, and that all access to resources must be authenticated and authorized. This can help to protect against unauthorized access to mobile devices, even if they are compromised. ● Use mobile device encryption: Encrypting mobile device data can help to protect it from unauthorized access, even if the device is lost or stolen. ● Implement mobile device security policies: Mobile device security policies should be implemented to define the rules and regulations for the use of mobile devices in the workplace. These policies should be enforced through employee training and monitoring. ● Conduct regular security assessments: Regular security assessments can help to identify and address security vulnerabilities in mobile devices and their applications.
Compare Vishing, Phising and Smishing in Cyber security Vishing, phishing, and smishing are all types of social engineering attacks that are used to trick victims into giving up their personal information or clicking on a malicious link. ● Vishing: Vishing is a type of phishing attack that is carried out through phone calls. The attacker will often pose as a legitimate company, such as a bank or credit card company, and will try to trick the victim into giving them their personal information, such as their credit card number or Social Security number. ● Phishing: Phishing is a type of social engineering attack that is carried out through email. The attacker will send an email that appears to be from a legitimate company, such as a bank or credit card company, and will try to trick the victim into clicking on a malicious link or opening an infected attachment. ● Smishing: Smishing is a type of phishing attack that is carried out through text messages. The attacker will send a text message that appears to be from a legitimate company, such as a bank or credit card company, and will try to trick the victim into clicking on a malicious link or opening an infected attachment.
Compare Vishing, Phising and Smishing in Cyber security
Questions 1. How criminals plan attack?Discuss various steps involved 2. Compare Vishing, Phising and Smishing in Cyber security 3. Discuss basic security precautions to be taken to safeguard laptops and wireless devices.
Module 2_ Cyber offenses & Cybercrime.pptx

Recommended

Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Cyber crime ✔
Cyber crime ✔Cyber crime ✔
Cyber crime ✔hubbysoni
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation sweetpeace1
 
Cyber security system presentation
Cyber security system presentationCyber security system presentation
Cyber security system presentationA.S. Sabuj
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks Anuradha Moti T
 

Recommended

Module 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxModule 1- Introduction to Cybercrime.pptx
Module 1- Introduction to Cybercrime.pptxnikshaikh786
 
Cybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationCybersecurity Attack Vectors: How to Protect Your Organization
Cybersecurity Attack Vectors: How to Protect Your OrganizationTriCorps Technologies
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
1. introduction to cyber security
1. introduction to cyber security1. introduction to cyber security
1. introduction to cyber securityAnimesh Roy
 
Cyber crime ✔
Cyber crime ✔Cyber crime ✔
Cyber crime ✔hubbysoni
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation sweetpeace1
 
Cyber security system presentation
Cyber security system presentationCyber security system presentation
Cyber security system presentationA.S. Sabuj
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks Anuradha Moti T
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAbhishek Baranwal
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)mmubashirkhan
 
Social Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesSocial Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesLearningwithRayYT
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityEng. Shuaib ibrahim
 
Cybercrime and security
Cybercrime and securityCybercrime and security
Cybercrime and securitySheetal Kandhare
 
cyber security
cyber security cyber security
cyber security NiharikaVoleti
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecuritydivyanshigarg4
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeHarendra Singh
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?btpsec
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat IntelligenceDeepak Kumar (D3)
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessArjith K Raj
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
Cyber security
Cyber securityCyber security
Cyber securityKrishanu Ghosh
 
Exposing Cybercriminals Tactics: Understanding the Threat Landscape
Exposing Cybercriminals Tactics: Understanding the Threat LandscapeExposing Cybercriminals Tactics: Understanding the Threat Landscape
Exposing Cybercriminals Tactics: Understanding the Threat Landscapecyberprosocial
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityYellowSlice1
 

More Related Content

What's hot

Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)mmubashirkhan
 
Social Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesSocial Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesLearningwithRayYT
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTIONumme ayesha
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber security
Cyber securityCyber security
Cyber securitymanoj duli
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?btpsec
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessArjith K Raj
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 

What's hot (20)

Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
Advanced persistent threat (apt)
Advanced persistent threat (apt)Advanced persistent threat (apt)
Advanced persistent threat (apt)
 
Social Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesSocial Engineering Attacks & Principles
Social Engineering Attacks & Principles
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cybercrime and security
Cybercrime and securityCybercrime and security
Cybercrime and security
 
cyber security
cyber security cyber security
cyber security
 
PHISHING DETECTION
PHISHING DETECTIONPHISHING DETECTION
PHISHING DETECTION
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber security
Cyber securityCyber security
Cyber security
 
CyberSecurity
CyberSecurityCyberSecurity
CyberSecurity
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
What is Penetration Testing?
What is Penetration Testing?What is Penetration Testing?
What is Penetration Testing?
 
Threat Intelligence
Threat IntelligenceThreat Intelligence
Threat Intelligence
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber security
Cyber securityCyber security
Cyber security
 

Similar to Module 2_ Cyber offenses & Cybercrime.pptx

Exposing Cybercriminals Tactics: Understanding the Threat Landscape
Exposing Cybercriminals Tactics: Understanding the Threat LandscapeExposing Cybercriminals Tactics: Understanding the Threat Landscape
Exposing Cybercriminals Tactics: Understanding the Threat Landscapecyberprosocial
 
Exploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat LandscapeExploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat Landscapecyberprosocial
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”tunzida045
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”tunzida045
 
Data Breaches and Prevention of the Data breaches
Data Breaches and Prevention of the Data breachesData Breaches and Prevention of the Data breaches
Data Breaches and Prevention of the Data breachesDeepakDeepu503835
 
Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...Ankita Shirke
 
Top Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in EuropeTop Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in Europeroxanaaleena
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...null - The Open Security Community
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdfAnupmaMunshi
 
Understanding Cybersecurity Risk_ Protecting Your Digital Assets.pptx
Understanding Cybersecurity Risk_ Protecting Your Digital Assets.pptxUnderstanding Cybersecurity Risk_ Protecting Your Digital Assets.pptx
Understanding Cybersecurity Risk_ Protecting Your Digital Assets.pptxoffensoSEOwork
 
Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password ProtectionNikhil D
 

Similar to Module 2_ Cyber offenses & Cybercrime.pptx (20)

Exposing Cybercriminals Tactics: Understanding the Threat Landscape
Exposing Cybercriminals Tactics: Understanding the Threat LandscapeExposing Cybercriminals Tactics: Understanding the Threat Landscape
Exposing Cybercriminals Tactics: Understanding the Threat Landscape
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Exploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat LandscapeExploring Cyber Attack Types: Understanding the Threat Landscape
Exploring Cyber Attack Types: Understanding the Threat Landscape
 
Information Security
Information SecurityInformation Security
Information Security
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
Data Breaches and Prevention of the Data breaches
Data Breaches and Prevention of the Data breachesData Breaches and Prevention of the Data breaches
Data Breaches and Prevention of the Data breaches
 
Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...Cyber Safety and cyber security. Safety measures towards computer networks a...
Cyber Safety and cyber security. Safety measures towards computer networks a...
 
Cyber security
Cyber security Cyber security
Cyber security
 
Top Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in EuropeTop Companies Providing Cyber Security in Europe
Top Companies Providing Cyber Security in Europe
 
Security Awareness Training.pptx
Security Awareness Training.pptxSecurity Awareness Training.pptx
Security Awareness Training.pptx
 
Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...Get Started with Cyber Security and Its Landscape Null Community Presentation...
Get Started with Cyber Security and Its Landscape Null Community Presentation...
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
 
Understanding Cybersecurity Risk_ Protecting Your Digital Assets.pptx
Understanding Cybersecurity Risk_ Protecting Your Digital Assets.pptxUnderstanding Cybersecurity Risk_ Protecting Your Digital Assets.pptx
Understanding Cybersecurity Risk_ Protecting Your Digital Assets.pptx
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
Shailendra Pandey.ppt
Shailendra Pandey.pptShailendra Pandey.ppt
Shailendra Pandey.ppt
 
Cyber Privacy & Password Protection
Cyber Privacy & Password ProtectionCyber Privacy & Password Protection
Cyber Privacy & Password Protection
 
Shailendra Pandey.ppt
Shailendra Pandey.pptShailendra Pandey.ppt
Shailendra Pandey.ppt
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
 

More from nikshaikh786

Module 2_ Divide and Conquer Approach.pptx
Module 2_ Divide and Conquer Approach.pptxModule 2_ Divide and Conquer Approach.pptx
Module 2_ Divide and Conquer Approach.pptxnikshaikh786
 
Module 1_ Introduction.pptx
Module 1_ Introduction.pptxModule 1_ Introduction.pptx
Module 1_ Introduction.pptxnikshaikh786
 
Module 1_ Introduction to Mobile Computing.pptx
Module 1_ Introduction to Mobile Computing.pptxModule 1_ Introduction to Mobile Computing.pptx
Module 1_ Introduction to Mobile Computing.pptxnikshaikh786
 
Module 2_ GSM Mobile services.pptx
Module 2_ GSM Mobile services.pptxModule 2_ GSM Mobile services.pptx
Module 2_ GSM Mobile services.pptxnikshaikh786
 
MODULE 4_ CLUSTERING.pptx
MODULE 4_ CLUSTERING.pptxMODULE 4_ CLUSTERING.pptx
MODULE 4_ CLUSTERING.pptxnikshaikh786
 
MODULE 5 _ Mining frequent patterns and associations.pptx
MODULE 5 _ Mining frequent patterns and associations.pptxMODULE 5 _ Mining frequent patterns and associations.pptx
MODULE 5 _ Mining frequent patterns and associations.pptxnikshaikh786
 
Module 3_ Classification.pptx
Module 3_ Classification.pptxModule 3_ Classification.pptx
Module 3_ Classification.pptxnikshaikh786
 
Module 2_ Introduction to Data Mining, Data Exploration and Data Pre-processi...
Module 2_ Introduction to Data Mining, Data Exploration and Data Pre-processi...Module 2_ Introduction to Data Mining, Data Exploration and Data Pre-processi...
Module 2_ Introduction to Data Mining, Data Exploration and Data Pre-processi...nikshaikh786
 
Module 1_Data Warehousing Fundamentals.pptx
Module 1_Data Warehousing Fundamentals.pptxModule 1_Data Warehousing Fundamentals.pptx
Module 1_Data Warehousing Fundamentals.pptxnikshaikh786
 
MODULE 5- EDA.pptx
MODULE 5- EDA.pptxMODULE 5- EDA.pptx
MODULE 5- EDA.pptxnikshaikh786
 
MODULE 4-Text Analytics.pptx
MODULE 4-Text Analytics.pptxMODULE 4-Text Analytics.pptx
MODULE 4-Text Analytics.pptxnikshaikh786
 
Module 3 - Time Series.pptx
Module 3 - Time Series.pptxModule 3 - Time Series.pptx
Module 3 - Time Series.pptxnikshaikh786
 
Module 2_ Regression Models..pptx
Module 2_ Regression Models..pptxModule 2_ Regression Models..pptx
Module 2_ Regression Models..pptxnikshaikh786
 
MODULE 1_Introduction to Data analytics and life cycle..pptx
MODULE 1_Introduction to Data analytics and life cycle..pptxMODULE 1_Introduction to Data analytics and life cycle..pptx
MODULE 1_Introduction to Data analytics and life cycle..pptxnikshaikh786
 
MAD&PWA VIVA QUESTIONS.pdf
MAD&PWA VIVA QUESTIONS.pdfMAD&PWA VIVA QUESTIONS.pdf
MAD&PWA VIVA QUESTIONS.pdfnikshaikh786
 
VIVA QUESTIONS FOR DEVOPS.pdf
VIVA QUESTIONS FOR DEVOPS.pdfVIVA QUESTIONS FOR DEVOPS.pdf
VIVA QUESTIONS FOR DEVOPS.pdfnikshaikh786
 

More from nikshaikh786 (20)

Module 2_ Divide and Conquer Approach.pptx
Module 2_ Divide and Conquer Approach.pptxModule 2_ Divide and Conquer Approach.pptx
Module 2_ Divide and Conquer Approach.pptx
 
Module 1_ Introduction.pptx
Module 1_ Introduction.pptxModule 1_ Introduction.pptx
Module 1_ Introduction.pptx
 
Module 1_ Introduction to Mobile Computing.pptx
Module 1_ Introduction to Mobile Computing.pptxModule 1_ Introduction to Mobile Computing.pptx
Module 1_ Introduction to Mobile Computing.pptx
 
Module 2_ GSM Mobile services.pptx
Module 2_ GSM Mobile services.pptxModule 2_ GSM Mobile services.pptx
Module 2_ GSM Mobile services.pptx
 
MODULE 4_ CLUSTERING.pptx
MODULE 4_ CLUSTERING.pptxMODULE 4_ CLUSTERING.pptx
MODULE 4_ CLUSTERING.pptx
 
MODULE 5 _ Mining frequent patterns and associations.pptx
MODULE 5 _ Mining frequent patterns and associations.pptxMODULE 5 _ Mining frequent patterns and associations.pptx
MODULE 5 _ Mining frequent patterns and associations.pptx
 
DWM-MODULE 6.pdf
DWM-MODULE 6.pdfDWM-MODULE 6.pdf
DWM-MODULE 6.pdf
 
TCS MODULE 6.pdf
TCS MODULE 6.pdfTCS MODULE 6.pdf
TCS MODULE 6.pdf
 
Module 3_ Classification.pptx
Module 3_ Classification.pptxModule 3_ Classification.pptx
Module 3_ Classification.pptx
 
Module 2_ Introduction to Data Mining, Data Exploration and Data Pre-processi...
Module 2_ Introduction to Data Mining, Data Exploration and Data Pre-processi...Module 2_ Introduction to Data Mining, Data Exploration and Data Pre-processi...
Module 2_ Introduction to Data Mining, Data Exploration and Data Pre-processi...
 
Module 1_Data Warehousing Fundamentals.pptx
Module 1_Data Warehousing Fundamentals.pptxModule 1_Data Warehousing Fundamentals.pptx
Module 1_Data Warehousing Fundamentals.pptx
 
MODULE 5- EDA.pptx
MODULE 5- EDA.pptxMODULE 5- EDA.pptx
MODULE 5- EDA.pptx
 
MODULE 4-Text Analytics.pptx
MODULE 4-Text Analytics.pptxMODULE 4-Text Analytics.pptx
MODULE 4-Text Analytics.pptx
 
Module 3 - Time Series.pptx
Module 3 - Time Series.pptxModule 3 - Time Series.pptx
Module 3 - Time Series.pptx
 
Module 2_ Regression Models..pptx
Module 2_ Regression Models..pptxModule 2_ Regression Models..pptx
Module 2_ Regression Models..pptx
 
MODULE 1_Introduction to Data analytics and life cycle..pptx
MODULE 1_Introduction to Data analytics and life cycle..pptxMODULE 1_Introduction to Data analytics and life cycle..pptx
MODULE 1_Introduction to Data analytics and life cycle..pptx
 
IOE MODULE 6.pptx
IOE MODULE 6.pptxIOE MODULE 6.pptx
IOE MODULE 6.pptx
 
MAD&PWA VIVA QUESTIONS.pdf
MAD&PWA VIVA QUESTIONS.pdfMAD&PWA VIVA QUESTIONS.pdf
MAD&PWA VIVA QUESTIONS.pdf
 
VIVA QUESTIONS FOR DEVOPS.pdf
VIVA QUESTIONS FOR DEVOPS.pdfVIVA QUESTIONS FOR DEVOPS.pdf
VIVA QUESTIONS FOR DEVOPS.pdf
 
IOE MODULE 5.pptx
IOE MODULE 5.pptxIOE MODULE 5.pptx
IOE MODULE 5.pptx
 

Recently uploaded

Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINESIVASHANKAR N
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZTE
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130Suhani Kapoor
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSCAESB
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAbhinavSharma374939
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).pptssuser5c9d4b1
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxwendy cai
 

Recently uploaded (20)

Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
 
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
Call Girls in Nagpur Suman Call 7001035870 Meet With Nagpur Escorts
 
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINEMANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
MANUFACTURING PROCESS-II UNIT-2 LATHE MACHINE
 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
★ CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
 
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANJALI) Dange Chowk Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
VIP Call Girls Service Kondapur Hyderabad Call +91-8250192130
 
GDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentationGDSC ASEB Gen AI study jams presentation
GDSC ASEB Gen AI study jams presentation
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
Analog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog ConverterAnalog to Digital and Digital to Analog Converter
Analog to Digital and Digital to Analog Converter
 
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
247267395-1-Symmetric-and-distributed-shared-memory-architectures-ppt (1).ppt
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
What are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptxWhat are the advantages and disadvantages of membrane structures.pptx
What are the advantages and disadvantages of membrane structures.pptx
 

Module 2_ Cyber offenses & Cybercrime.pptx

  • 1. Cyber offenses & Cybercrime ILO 7016.1-Understand the concept of cybercrime and its effect on outside world
  • 2. Contents ● How criminal plan the attacks ● Social Engineering ● Cyber stalking ● Cyber café and Cybercrimes ● Botnets ● Attack vector ● Cloud computing ● Proliferation of Mobile and Wireless Devices ● Trends in Mobility ● Credit Card Frauds in Mobile and Wireless Computing Era ● Security Challenges Posed by Mobile Devices ● Registry Settings for Mobile Devices ● Authentication Service Security ● Attacks on Mobile/Cell Phones ● Mobile Devices: ○ Security Implications for Organizations ○ Organizational Measures for Handling Mobile ○ Devices-Related Security Issues ○ Organizational Security Policies and Measures in Mobile Computing Era ○ Laptops
  • 3. How criminal plan attacks Criminals use various strategies and techniques to plan and execute cybercrime attacks. These attacks can range from simple schemes to highly sophisticated and coordinated operations. Here are some common ways criminals plan and carry out cybercrime attacks: ● Social Engineering: Criminals manipulate individuals into divulging sensitive information or performing actions that compromise security. This can include phishing emails, pretexting (creating a fabricated scenario to obtain information), baiting (luring victims with something enticing), and tailgating (gaining physical access to a restricted area by following an authorized person). ● Malware Distribution: Criminals create and distribute malicious software (malware) through methods such as infected email attachments, compromised websites, or malicious links. Once the malware is installed on a victim's device, it can be used for various purposes, including data theft, surveillance, or further attacks.
  • 4. How criminal plan attacks ● Hacking and Exploiting Vulnerabilities: Cybercriminals identify and exploit weaknesses in computer systems, networks, or applications. They may use techniques such as SQL injection, cross-site scripting, or remote code execution to gain unauthorized access. ● Ransomware Attacks: Criminals use ransomware to encrypt a victim's data and demand payment in exchange for the decryption key. Ransomware attacks often involve social engineering to trick users into downloading the malicious software. ● Distributed Denial of Service (DDoS): Criminals use a network of compromised devices (botnets) to flood a target website or online service with excessive traffic, causing it to become unavailable to users. ● Identity Theft: Cybercriminals steal personal information, such as social security numbers, credit card details, or login credentials, to impersonate individuals or commit financial fraud.
  • 5. How criminal plan attacks ● Insider Threats: Individuals with access to sensitive systems or information may misuse their privileges for personal gain. This could involve stealing data, causing disruptions, or assisting external attackers. ● Advanced Persistent Threats (APTs): Sophisticated and prolonged attacks by well-funded cybercriminals or nation- state actors involve carefully planned and orchestrated efforts to compromise specific targets. APTs often involve multiple stages, including initial access, lateral movement, data exfiltration, and maintaining a persistent presence. ● Cyber Espionage: Criminals engage in cyber espionage to steal sensitive information, trade secrets, or intellectual property for financial or political gain. This can involve targeted attacks against government agencies, corporations, or individuals.
  • 6. How criminal plan attacks ● Credential Stuffing: Criminals use lists of stolen usernames and passwords to gain unauthorized access to accounts on various platforms. Since people often reuse passwords, this technique can be highly effective. ● Pharming: Criminals manipulate DNS settings or compromise routers to redirect users to fraudulent websites without their knowledge, often used for phishing attacks. ● Zero-Day Exploits: Criminals discover and exploit software vulnerabilities that are unknown to the software vendor, making it difficult for victims to defend against the attack. Criminals continuously adapt and innovate their techniques, making cybersecurity an ongoing challenge. Organizations and individuals need to stay vigilant, adopt security best practices, and employ robust cybersecurity measures to defend against these threats.
  • 7. Social Engineering Social engineering is a tactic used by cybercriminals and attackers to manipulate individuals into divulging confidential information, performing actions, or making decisions that compromise the security of computer systems, networks, or sensitive data. Unlike traditional hacking, which focuses on exploiting technical vulnerabilities, social engineering preys on human psychology and interactions. Social engineering attacks exploit trust, fear, curiosity, or other emotions to trick individuals into taking actions that benefit the attacker. These attacks can be conducted through various communication channels, such as in-person interactions, phone calls, emails, text messages, or social media.
  • 8. Common Types of Social Engineering Attacks: ● Phishing: Attackers send deceptive emails that appear to be from legitimate sources, such as banks, companies, or government agencies. These emails often contain malicious links or attachments that, when clicked or opened, install malware or direct users to fake websites where their credentials are stolen. ● Spear Phishing: Similar to phishing, but more targeted. Attackers customize their messages to specific individuals or organizations, often using personal information obtained from social media or other sources to increase credibility. ● Baiting: Attackers offer something enticing, such as a free software download or a USB drive, with the intention of tricking users into taking an action that compromises security, such as installing malware.
  • 9. ● Pretexting: Attackers create a fabricated scenario or pretext to elicit sensitive information from a target. This could involve impersonating a colleague, service provider, or authority figure to gain access to information or systems. ● Quid Pro Quo: Attackers promise a benefit or service in exchange for sensitive information or access. For example, they may pose as IT support and request remote access to a user's computer. ● Tailgating: Also known as "piggybacking," attackers gain physical access to a restricted area by following an authorized person. This can happen in office buildings, data centers, or other secure locations. ● Impersonation: Attackers pose as someone the target knows and trusts, such as a coworker, friend, or family member. They may ask for sensitive information or initiate fraudulent transactions.
  • 10. Reverse Social Engineering: Attackers first gather information about a target from public sources or interactions, and then use that information to manipulate the target into revealing more sensitive information.
  • 11. Mitigating Social Engineering ● Awareness and Education: Training individuals to recognize social engineering tactics and suspicious communication can help prevent successful attacks. ● Verification: Always verify the identity of anyone requesting sensitive information or actions, especially in unfamiliar situations. ● Multi-Factor Authentication (MFA): Implement MFA to add an extra layer of security, even if credentials are compromised. ● Data Protection: Be cautious about sharing personal or sensitive information online and on social media. ● Critical Thinking: Encourage critical thinking and skepticism, especially when encountering unexpected or unusual requests. Social engineering exploits human nature and interactions, making it a challenging and pervasive cybersecurity threat. Organizations and individuals need to stay vigilant and practice good cybersecurity hygiene to protect against social engineering attacks.
  • 12. CYBER STALKING Cyberstalking is the use of electronic communication to harass, threaten, or intimidate another person. It can take many forms, including: ● Sending unwanted emails, text messages, or social media posts ● Posting embarrassing or threatening messages online ● Tracking the victim's online activity ● Creating fake online profiles to impersonate the victim ● Distributing the victim's personal information online ● Threatening to harm the victim or their loved ones Cyberstalking can have a devastating impact on the victim's mental and emotional health. It can cause anxiety, depression, fear, and even post-traumatic stress disorder. In some cases, it can lead to the victim taking drastic measures, such as suicide.
  • 13. Cyberstalking is a crime in many countries. In India, it is punishable by up to three years in prison. If you are being cyberstalked, it is important to take steps to protect yourself. You can: ● Save all of the evidence of the stalking, such as emails, text messages, and social media posts. ● Report the stalking to the police. ● Change your passwords and security settings. ● Block the stalker from your social media accounts and email. ● Talk to a trusted friend or family member about what is happening. If you are being cyberstalked, you are not alone. There are many resources available to help you. You can contact the National Cyber Security Alliance (NCSA) at 888-335-7678 or visit their website at https://www.staysafeonline.org/.
  • 14. Here are some additional tips to help you stay safe from cyberstalking: ● Be careful about what information you share online. ● Don't give out your personal information, such as your address or phone number, to strangers. ● Be wary of online dating profiles and social media accounts. ● Be careful about clicking on links in emails or text messages. ● Keep your software up to date. ● Use strong passwords and change them regularly.
  • 15. Cyber café and Cybercrimes Cybercafes are a convenient place to access the internet, but they can also be a target for cybercrimes. Here are some of the most common cybercrimes that can occur in cybercafes: ● Phishing: This is a type of scam where the attacker sends a fraudulent email or text message that appears to be from a legitimate source, such as a bank or credit card company. The email or text message will often contain a link that, when clicked, will take the victim to a fake website that looks like the real website. Once the victim enters their personal information on the fake website, the attacker can steal it. ● Malware: This is software that is designed to harm a computer system. Malware can be installed on a computer through a variety of ways, such as clicking on a malicious link, opening an infected attachment, or downloading a file from an untrusted source. Once malware is installed on a computer, it can steal personal information, damage files, or even take control of the computer.
  • 16. Identity theft: This is a crime in which someone steals someone else's personal information, such as their name, Social Security number, or credit card number. This information can then be used to open accounts, make purchases, or commit other crimes in the victim's name. Cyberstalking: This is the use of electronic communication to harass or threaten someone. Cyberstalkers may send unwanted emails, text messages, or social media posts. They may also post embarrassing or harmful information about the victim online. Child pornography: This is the possession, distribution, or production of images or videos of children engaged in sexual activity. Cybercafes can be used to download or share child pornography.
  • 17. To protect yourself from cybercrimes in cybercafes, you should: ● Be careful about what websites you visit and what links you click on. If you're not sure whether a website is legitimate, don't click on any links on it. ● Don't open any attachments that you're not expecting. Attachments can contain malware. ● Only download files from trusted sources. If you're not sure whether a file is safe, don't download it. ● Keep your antivirus software up to date. Antivirus software can help to protect your computer from malware. ● Be aware of your surroundings. If you see something suspicious, such as someone trying to install malware on a computer, report it to the cybercafe staff. By following these tips, you can help to protect yourself from cybercrimes in cybercafes.
  • 18. In addition to the above, here are some other things that cybercafes can do to prevent cybercrimes: ● Install antivirus software on all computers and keep it up to date. ● Use strong passwords and change them regularly. ● Monitor the computers for suspicious activity. ● Train staff on how to identify and report cybercrimes. By taking these steps, cybercafes can help to create a safe and secure environment for their customers.
  • 19. Botnets A botnet is a network of computers that have been infected with malware and are controlled by a single attacker, known as the botmaster. The botmaster can use the botnet to perform a variety of malicious activities, such as: ● Sending spam emails ● Distributing malware ● Carrying out denial-of-service attacks ● Stealing data ● Mining cryptocurrency Botnets can be very large, with millions of infected devices. This makes them a powerful tool for attackers, as they can be used to launch large-scale attacks that would be difficult or impossible to carry out with a single computer.
  • 20. There are a number of ways that computers can become infected with botnet malware. Some common methods include: ● Clicking on a malicious link in an email or text message ● Opening an infected attachment ● Downloading a file from an untrusted source ● Visiting a malicious website Once a computer is infected with botnet malware, the botmaster can then take control of the computer and use it to carry out malicious activities.
  • 21. There are a number of things that you can do to protect your computer from botnet malware, including: ● Keep your operating system and software up to date ● Use a firewall and antivirus software ● Be careful about what websites you visit and what links you click on ● Don't open any attachments that you're not expecting ● Only download files from trusted sources ● Be aware of the latest cyber threats and how to protect yourself By following these tips, you can help to protect your computer from botnet malware and other cyber threats.
  • 22. Here are some additional tips to protect yourself from botnets: ● Use strong passwords and change them regularly. ● Enable two-factor authentication whenever possible. ● Be careful about what information you share online. ● Only connect to trusted Wi-Fi networks. ● Keep your devices up to date with the latest security patches. ● Be aware of the latest scams and phishing attacks.
  • 23. ATTACK VECTOR An attack vector is a method that an attacker can use to gain access to a system or network. Attack vectors can be categorized into three main types: ● Physical attack vectors: These attack vectors involve physical access to the system or network. For example, an attacker could steal a laptop or server, or they could install malware on a USB drive and then plug it into a computer. ● Remote attack vectors: These attack vectors do not require physical access to the system or network. For example, an attacker could send a phishing email or exploit a vulnerability in a software application. ● Social engineering attack vectors: These attack vectors rely on human interaction to trick the victim into giving up their personal information or clicking on a malicious link. For example, an attacker could pose as a legitimate company and call the victim, pretending to need their personal information to fix a problem with their account.
  • 24. Here are some examples of attack vectors: ● Phishing: This is a type of social engineering attack where the attacker sends an email or text message that appears to be from a legitimate source, such as a bank or credit card company. The email or text message will often contain a link that, when clicked, will take the victim to a fake website that looks like the real website. Once the victim enters their personal information on the fake website, the attacker can steal it. ● Malware: This is software that is designed to harm a computer system. Malware can be installed on a computer through a variety of ways, such as clicking on a malicious link, opening an infected attachment, or downloading a file from an untrusted source. Once malware is installed on a computer, it can steal personal information, damage files, or even take control of the computer.
  • 25. ● Zero-day attack: This is an attack that exploits a vulnerability in software that the software vendor is not aware of. Zero-day attacks are often very difficult to defend against because there is no patch available to fix the vulnerability. ● Denial-of-service attack: This is an attack that is designed to make a system or network unavailable to its intended users. Denial-of-service attacks can be carried out by flooding the system or network with traffic, or by exploiting a vulnerability in the system or network. ● Man-in-the-middle attack: This is an attack where the attacker secretly relays communications between two parties. The attacker can then intercept and modify the communications. By understanding the different types of attack vectors, you can take steps to protect yourself from cyber attacks.
  • 26. Proliferation of Mobile and Wireless Devices The proliferation of mobile and wireless devices has had a significant impact on cybersecurity. Mobile devices are often more vulnerable to attack than traditional computers because they are often connected to untrusted networks and are more likely to be lost or stolen. Here are some of the security challenges posed by mobile devices: ● Data leakage: Mobile devices are often used to store sensitive data, such as financial information, passwords, and personal photos. If a mobile device is lost or stolen, this data could be compromised. ● Malware: Mobile devices can be infected with malware, just like traditional computers. Malware can steal data, track user activity, or even take control of the device. ● Phishing: Phishing attacks are often targeted at mobile devices. Phishing emails and text messages are designed to trick users into clicking on malicious links or providing personal information. ● Man-in-the-middle attacks: Man-in-the-middle attacks can be used to intercept data that is being transmitted between a mobile device and a server. This data could include passwords, credit card numbers, or other sensitive information. ● Zero-day attacks: Zero-day attacks exploit vulnerabilities in software that the software vendor is not aware of. Zero-day attacks are often very difficult to defend against because there is no patch available to fix the vulnerability.
  • 27. Proliferation of Mobile and Wireless Devices To protect mobile devices from these security threats, users should take the following steps: ● Keep the operating system and software up to date. Software vendors often release security patches to fix vulnerabilities. Keeping the operating system and software up to date will help to protect the device from attack. ● Use a strong password and change it regularly. The password should be at least 12 characters long and should include a mix of upper and lowercase letters, numbers, and symbols. ● Be careful about what websites you visit and what links you click on. Phishing emails and malicious websites are often designed to look like legitimate websites. Be careful about what websites you visit and what links you click on. ● Only download apps from trusted sources. Apps can contain malware. Only download apps from trusted sources, such as the Apple App Store or the Google Play Store. ● Use a firewall and antivirus software. A firewall can help to protect the device from unauthorized access. Antivirus software can help to detect and remove malware. ● Be aware of the latest cyber threats. Cyber threats are constantly evolving. Stay informed about the latest threats so that you can take steps to protect yourself.
  • 28. Proliferation of Mobile and Wireless Devices In addition to the above, organizations can also take steps to protect their mobile devices, such as: ● Implementing a mobile device management (MDM) solution. An MDM solution can help to manage and secure mobile devices. MDM solutions can be used to deploy security policies, track devices, and wipe devices remotely if they are lost or stolen. ● Educating employees about mobile security. Employees should be educated about the security risks posed by mobile devices and how to protect themselves. Employees should be taught about the importance of using strong passwords, being careful about what websites they visit, and only downloading apps from trusted sources. ● Regularly scanning mobile devices for malware. Mobile devices should be scanned for malware on a regular basis. This can be done using antivirus software or a mobile device management solution. ● Using a secure wireless network. Mobile devices should only be connected to secure wireless networks. Secure wireless networks use encryption to protect data that is being transmitted over the network.
  • 29. Trends in Mobility Mobile computing is moving into a new era, third generation (3G), which promises greater variety in applications and have highly improved usability as well as speedier networking. “iPhone” from Apple and Google-led “Android” phones are the best examples of this trend and there are plenty of other developments that point in this direction. This smart mobile technology is rapidly gaining popularity and the attackers (hackers and crackers) are among its biggest fans.
  • 30.
  • 31. CLOUD COMPUTING Cloud computing is the delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the internet (“the cloud”). It eliminates the need for individuals and businesses to self-manage physical resources themselves, and only pay for what they use. The three main types of cloud computing are: ● Infrastructure as a Service (IaaS): IaaS provides access to virtual machines, storage, and networking resources. ● Platform as a Service (PaaS): PaaS provides a development environment for building and deploying applications. ● Software as a Service (SaaS): SaaS provides access to applications that are hosted in the cloud.
  • 32. Here are some examples of how cloud computing is being used: ● E-commerce: Cloud computing is used by e-commerce businesses to store and process customer orders, manage inventory, and deliver products. ● Media and entertainment: Cloud computing is used by media and entertainment companies to store and stream videos, music, and other content. ● Healthcare: Cloud computing is used by healthcare providers to store patient records, manage electronic health records (EHRs), and deliver telehealth services. ● Education: Cloud computing is used by educational institutions to deliver online courses, manage student records, and provide research resources. ● Government: Cloud computing is used by governments to store and process data, manage IT infrastructure, and deliver public services.
  • 33. Cybercrime related to cloud computing is any malicious activity that targets cloud computing systems or data. This can include: ● Data breaches: Hackers can gain access to sensitive data stored in the cloud, such as customerPII, financial information, or intellectual property. ● DDoS attacks: Attackers can use cloud-based resources to launch distributed denial-of-service (DDoS) attacks against websites or other online services. ● Malware attacks: Attackers can deploy malware in the cloud, such as ransomware or cryptojacking malware, to steal data, encrypt files, or mine cryptocurrency. ● Account hijacking: Attackers can steal or hijack cloud user accounts to gain access to sensitive data or resources. ● Insider threats: Employees or contractors with access to cloud systems can misuse their privileges to commit cybercrime.
  • 34. Cloud computing can also be used to facilitate other types of cybercrime, such as: ● Phishing: Attackers can use cloud-based email services to send phishing emails. ● Spoofing: Attackers can use cloud-based IP addresses to spoof legitimate websites or services. ● Botnets: Attackers can use cloud-based resources to create and control botnets. The increasing popularity of cloud computing has made it a more attractive target for cybercriminals. As a result, it is important for businesses and organizations to take steps to protect their data and systems in the cloud.
  • 35. Here are some tips for protecting against cybercrime in the cloud: ● Use strong passwords and two-factor authentication for all cloud accounts. ● Keep your cloud software up to date with the latest security patches. ● Segment your cloud environment to limit the impact of a breach. ● Monitor your cloud traffic for suspicious activity. ● Back up your data regularly in case of a breach.
  • 36. By following these tips, you can help to protect your data and systems in the cloud from cybercrime. In addition to the above, here are some other ways that cloud computing can be used for cybercrime investigations: ● Cloud servers can be used to store evidence of cybercrime, such as logs, emails, and chat transcripts. ● Cloud-based tools can be used to analyze and investigate cybercrime data. ● Cloud computing can be used to collaborate with other investigators on a cybercrime case. Cloud computing can be a valuable tool for both cybercrime prevention and investigation. However, it is important to be aware of the risks and take steps to mitigate them.
  • 37. Security Challenges Posed by Mobile Devices Mobile devices pose a number of security challenges, including: ● Malicious apps: Malicious apps can be downloaded from untrusted sources or installed through social engineering attacks. These apps can steal personal data, install malware, or even take control of the device. ● Data breaches: Mobile devices can be lost or stolen, which can expose sensitive data. Additionally, data can be compromised if the device is not properly secured. ● Network attacks: Mobile devices are often connected to public Wi-Fi networks, which can be insecure. This makes them vulnerable to man-in-the-middle attacks and other network-based attacks. ● Physical attacks: Mobile devices can be physically attacked to steal data or install malware. This can be done by exploiting vulnerabilities in the device's hardware or software. ● User errors: Users can make mistakes that can compromise the security of their mobile devices. This includes clicking on phishing links, downloading malicious apps, or not keeping their devices up to date.
  • 38. Here are some tips for protecting mobile devices from security threats: ● Only download apps from trusted sources. ● Be careful about what information you share on your mobile device. ● Keep your mobile device's software up to date. ● Use a strong password and enable two-factor authentication. ● Be aware of the risks of public Wi-Fi networks. ● Back up your data regularly. By following these tips, you can help to protect your mobile devices from security threats.
  • 39. Here are some additional security challenges posed by mobile devices: ● Jailbreaking and rooting: Jailbreaking and rooting are techniques that allow users to gain root access to their mobile devices. This can be used to install unauthorized apps, change system settings, and bypass security features. ● Sideloading: Sideloading is the process of installing apps from sources other than the official app store. This can be a way to install malicious apps. ● Firmware vulnerabilities: Mobile devices are often shipped with outdated firmware that contains security vulnerabilities. These vulnerabilities can be exploited by attackers to gain control of the device. ● Supply chain attacks: Supply chain attacks are attacks that target the companies that supply components or software to mobile device manufacturers. These attacks can be used to insert malicious code into the components or software, which can then be used to attack the devices. The security challenges posed by mobile devices are constantly evolving. It is important to stay up-to-date on the latest threats and to take steps to protect your devices.
  • 40. Registry Settings for Mobile Devices The registry is a database that stores configuration settings for the operating system and applications on a mobile device. It is a critical part of the operating system and can be used to control a wide range of settings, including security settings. Some of the registry settings that can be used to improve security on mobile devices include: ● Enable PIN or password protection: This is one of the most important security settings for mobile devices. It prevents unauthorized users from accessing the device. ● Set a strong password: The password should be at least 8 characters long and include a mix of uppercase and lowercase letters, numbers, and symbols. ● Require a password to unlock the device after a short period of inactivity: This will help to prevent unauthorized users from accessing the device if it is left unattended. ● Encrypt the device's storage: This will prevent unauthorized users from accessing the data stored on the device, even if they are able to bypass the lock screen. ● Block unauthorized apps: This can be done by using a security app or by manually disabling apps that are not from trusted sources. ● Keep the device's software up to date: Software updates often include security patches that can help to protect the device from known vulnerabilities.
  • 41. Registry Settings for Mobile Devices It is important to note that the specific registry settings that can be used to improve security on mobile devices will vary depending on the device and the operating system. It is always best to consult the device's documentation or the manufacturer's website for more information. Here are some additional registry settings that can be used to improve security on mobile devices: ● Disable USB debugging: USB debugging allows developers to access the device's system files and can be used to install malicious software. ● Disable remote wipe: Remote wipe allows users to delete all data from the device remotely if it is lost or stolen. ● Enable firewall: A firewall can help to block unauthorized access to the device's network ports. ● Enable location services only when needed: Location services can be used to track the device's location, which can be a privacy concern. ● Enable app permissions: App permissions allow apps to access certain features on the device. It is important to review app permissions and only grant permissions that are necessary for the app to function. By following these tips, you can help to improve the security of your mobile device's registry settings and protect your data from unauthorized access.
  • 42. cyber crime related to Registry Settings for Mobile Devices Registry settings for mobile devices can be exploited by cybercriminals to gain unauthorized access to the device or its data. Some of the cybercrimes related to registry settings for mobile devices include: ● Data theft: Cybercriminals can modify registry settings to steal sensitive data from the device, such as passwords, credit card numbers, or contact information. ● Malware installation: Cybercriminals can modify registry settings to install malicious software on the device, such as ransomware or spyware. ● Device control: Cybercriminals can modify registry settings to take control of the device, such as by locking the device or accessing its camera or microphone. ● Identity theft: Cybercriminals can modify registry settings to steal the device's identity, such as its IMEI number or serial number. This can be used to commit fraud or to track the device.
  • 43. To protect against cybercrimes related to registry settings for mobile devices, it is important to: ● Keep the device's software up to date. Software updates often include security patches that can help to protect the device from known vulnerabilities. ● Use a strong password and enable two-factor authentication. This will make it more difficult for cybercriminals to gain unauthorized access to the device. ● Be careful about what apps you install on the device. Only install apps from trusted sources. ● Be aware of the risks of public Wi-Fi networks. Do not connect to public Wi-Fi networks unless you absolutely have to. ● Back up your data regularly. This will help you to recover your data if the device is lost or stolen.
  • 44. Here are some additional tips to protect your mobile device from registry-based attacks: ● Use a security app that can scan for and remove malicious software. ● Do not root or jailbreak your device. This can make it more vulnerable to attack. ● Be careful about what links you click on and what attachments you open. Cybercriminals often use phishing emails and malicious attachments to spread malware. ● Keep your device's security settings up to date. ● Be aware of the latest cyber threats and how to protect yourself from them.
  • 45. Rooting Mobile Devices Rooting is the process of gaining administrative privileges on a mobile device. This gives you the ability to access and modify system files and settings, which can be used to customize the device or install unauthorized apps. On Android devices, root access is granted by the "root user" account. This account has full control over the device and can do anything that the device is capable of.
  • 46. Rooting Mobile Devices Rooting a mobile device can be done for a variety of reasons, including: ● To install custom ROMs: A custom ROM is a modified version of the device's operating system. This can give you access to features that are not available on the stock ROM, such as new features or customization options. ● To remove bloatware: Bloatware is pre-installed software that comes with the device. This software can sometimes be unnecessary or unwanted, and rooting can be used to remove it. ● To improve performance: Rooting can sometimes improve the performance of a device by removing unnecessary restrictions. ● To access hidden features: Some devices have hidden features that can only be accessed with root access.
  • 47. Rooting Mobile Devices Rooting a mobile device also has some risks, including: ● Voiding the warranty: Rooting a device may void the warranty, so it is important to check with the manufacturer before doing so. ● Making the device unstable: Rooting can sometimes make the device unstable and cause it to crash or malfunction. ● Making the device more vulnerable to malware: Rooting can make the device more vulnerable to malware attacks, as it gives attackers more access to the system. Overall, rooting is a powerful tool that can be used to customize and improve a mobile device. However, it is important to be aware of the risks before doing so.
  • 48. Rooting Mobile Devices some things to consider before rooting your mobile device: ● Make sure you know what you are doing. Rooting can be a complex process, and there is a risk of bricking your device if you do something wrong. ● Read the instructions carefully. There are many different rooting methods available, and each one has its own set of instructions. Make sure you follow the instructions carefully to avoid any problems. ● Back up your data. Before you root your device, make sure you back up all of your data. This includes your contacts, photos, videos, and any other important files. ● Be prepared to lose your warranty. Rooting your device may void the warranty. If you are not comfortable with this, then you should not root your device.
  • 49. Rooting Mobile Devices If you have decided to root your mobile device, then there are a few things you can do to protect yourself: ● Use a security app. A security app can help to protect your device from malware attacks. ● Be careful about what apps you install. Only install apps from trusted sources. ● Keep your device's software up to date. Software updates often include security patches that can help to protect your device from known vulnerabilities.
  • 50. Authentication Service Security Authentication service security in mobile devices refers to the measures taken to verify the identity of a user or device attempting to access a mobile device or its resources. This is important to protect the device from unauthorized access, which can lead to data theft, malware infection, or other security problems.
  • 51. 1. There are two components of security in mobile computing: security of devices and security in networks. 2. A secure network access involves mutual authentication between the device and the base stations or Web servers. 3. This is to ensure that only authenticated devices can be connected to the network for obtaining the requested services. 4. No Malicious Code can impersonate the service provider to trick the device into doing something it does not mean to. 5. Thus, the networks also play a crucial role in security of mobile devices. Some eminent kinds of attacks to which mobile devices are subjected to are: push attacks, pull attacks and crash attacks. 6. Authentication services security is important given the typical attacks on mobile devices through wireless networks: DoS attacks, traffi c analysis, eavesdropping, man in-the-middle attacks and session hijacking.
  • 52. Authentication Service Security there are a number of other security measures that can be taken to protect mobile devices, such as: ● Keeping the device's software up to date: Software updates often include security patches that can help to protect the device from known vulnerabilities. ● Using a security app: A security app can help to protect the device from malware attacks. ● Being careful about what apps you install: Only install apps from trusted sources. ● Not connecting to public Wi-Fi networks: Public Wi-Fi networks are often insecure, so it is best to avoid connecting to them unless you absolutely have to. ● Backing up your data regularly: This will help you to recover your data if the device is lost or stolen.
  • 53. Authentication Service Security Here are some additional considerations for authentication service security in mobile devices: ● The authentication method should be appropriate for the level of security required. For example, a simple password may be sufficient for accessing a public Wi-Fi network, but a stronger authentication method, such as 2FA, may be required for accessing a corporate network. ● The authentication method should be easy to use for the user. If the authentication method is too complex or difficult to use, users may be less likely to use it, which could compromise security. ● The authentication method should be resistant to attack. The authentication method should be designed to be resistant to attacks, such as brute-force attacks or phishing attacks.
  • 54. Attacks on Mobile/Cell Phones Mobile phones are constantly evolving and becoming more and more powerful. This makes them a more attractive target for cybercriminals. Here are some of the most common attacks on mobile phones: ● Malware: Malware is software that is designed to harm a computer system. Malware can be installed on mobile phones through a variety of ways, such as clicking on a malicious link, opening a malicious attachment, or downloading a malicious app. Once malware is installed on a mobile phone, it can steal personal data, install other malware, or even take control of the device. ● Phishing: Phishing is a type of social engineering attack that is used to trick users into giving up their personal information. Phishing attacks often involve sending emails or text messages that appear to be from a legitimate source, such as a bank or credit card company. The emails or text messages will often contain a link that, when clicked, will take the user to a fake website that looks like the real website. Once the user enters their personal information on the fake website, the phisher can steal it.
  • 55. Smishing: Smishing is a type of phishing attack that is carried out through SMS text messages. Smishing messages are often sent from phone numbers that look like they are from a legitimate source, such as a bank or credit card company. The messages will often contain a link that, when clicked, will take the user to a fake website that looks like the real website. Once the user enters their personal information on the fake website, the phisher can steal it. Vishing: Vishing is a type of phishing attack that is carried out through phone calls. Vishing calls are often made from phone numbers that look like they are from a legitimate source, such as a bank or credit card company. The caller will often claim to be from the company and will ask the victim to provide their personal information, such as their credit card number or Social Security number. Once the victim provides their personal information, the vishing caller can use it to commit fraud.
  • 56. SIM swapping: SIM swapping is a type of attack that is used to take control of a mobile phone number. SIM swapping is often carried out by criminals who want to gain access to the victim's online accounts. To carry out a SIM swap, the criminals will first need to obtain the victim's phone number. They can do this by tricking the victim into giving them their phone number or by using social engineering techniques to obtain it. Once they have the victim's phone number, the criminals will contact the victim's mobile carrier and request that the SIM card be swapped. The mobile carrier will often comply with this request, thinking that the request is coming from the victim. Once the SIM card has been swapped, the criminals will have control of the victim's phone number and will be able to access the victim's online accounts.
  • 57. Mobile Devices: Security Implications for Organizations Mobile devices are becoming increasingly popular in the workplace, as employees use them to access corporate data and applications. This trend has led to a number of security implications for organizations, as mobile devices are more vulnerable to attack than traditional desktop computers.
  • 58. Mobile Devices: Security Implications for Organizations some of the main security implications of mobile devices for organizations: ● Increased risk of data breaches: Mobile devices are more likely to be lost or stolen than traditional desktop computers. If a mobile device containing sensitive corporate data is lost or stolen, it could be used by unauthorized individuals to access the data. ● Increased risk of malware infection: Mobile devices are more susceptible to malware infection than traditional desktop computers. This is because mobile devices are often used to connect to public Wi-Fi networks, which are often unsecured and can be used by attackers to distribute malware.
  • 59. Mobile Devices: Security Implications for Organizations Increased risk of social engineering attacks: Mobile devices are more likely to be used to carry out social engineering attacks than traditional desktop computers. This is because mobile devices are often used to access personal information, such as contact information and financial data. Increased complexity of security management: Managing the security of mobile devices is more complex than managing the security of traditional desktop computers. This is because mobile devices are often used by employees outside of the office and can be difficult to keep track of.
  • 60. To mitigate the security risks associated with mobile devices, organizations should implement a comprehensive mobile device security policy. This policy should include the following elements: ● A mobile device management (MDM) solution: An MDM solution can be used to manage the security of mobile devices, such as by enforcing password policies and remotely wiping devices. ● A security awareness training program: A security awareness training program should be implemented to educate employees about the security risks associated with mobile devices and how to protect themselves from these risks. ● A mobile device security policy: A mobile device security policy should be implemented to define the rules and regulations for the use of mobile devices in the workplace. ● Regular security updates: Mobile devices should be kept up to date with the latest security patches to protect them from known vulnerabilities.
  • 61. Organizational Measures for Handling Mobile some organizational measures for handling mobile in cyber security: ● Implement a mobile device management (MDM) solution: An MDM solution can be used to manage the security of mobile devices, such as by enforcing password policies and remotely wiping devices. ● Educate employees about the security risks associated with mobile devices: A security awareness training program should be implemented to educate employees about the security risks associated with mobile devices and how to protect themselves from these risks. ● Create a mobile device security policy: A mobile device security policy should be implemented to define the rules and regulations for the use of mobile devices in the workplace. ● Keep mobile devices up to date with the latest security patches: Mobile devices should be kept up to date with the latest security patches to protect them from known vulnerabilities. ● Require employees to use strong passwords and enable two-factor authentication for their mobile devices: Strong passwords and two-factor authentication can help to protect mobile devices from unauthorized access. ● Restrict the use of mobile devices to authorized applications and websites: Only allowing employees to use authorized applications and websites can help to reduce the risk of malware infection. ● Monitor mobile device usage for suspicious activity: Monitoring mobile device usage can help to identify and respond to suspicious activity, such as unauthorized access attempts. ● Back up mobile device data regularly: Regularly backing up mobile device data can help to protect it in the event of a data breach or other incident.
  • 62. ● Use a mobile security solution: A mobile security solution can provide additional protection for mobile devices, such as by detecting and blocking malware, preventing unauthorized access, and encrypting data. ● Deploy a zero-trust security model: A zero-trust security model assumes that no device or user is inherently trusted, and that all access to resources must be authenticated and authorized. This can help to protect against unauthorized access to mobile devices, even if they are compromised. ● Use mobile device encryption: Encrypting mobile device data can help to protect it from unauthorized access, even if the device is lost or stolen. ● Implement mobile device security policies: Mobile device security policies should be implemented to define the rules and regulations for the use of mobile devices in the workplace. These policies should be enforced through employee training and monitoring. ● Conduct regular security assessments: Regular security assessments can help to identify and address security vulnerabilities in mobile devices and their applications.
  • 63. Devices-Related Security Issues device-related security issues that can affect mobile devices. Here are some of the most common: ● Malware: Malware is software that is designed to harm a computer system. Malware can be installed on mobile devices through a variety of ways, such as clicking on a malicious link, opening a malicious attachment, or downloading a malicious app. Once malware is installed on a mobile device, it can steal personal data, install other malware, or even take control of the device. ● Phishing: Phishing is a type of social engineering attack that is used to trick users into giving up their personal information. Phishing attacks often involve sending emails or text messages that appear to be from a legitimate source, such as a bank or credit card company. The emails or text messages will often contain a link that, when clicked, will take the user to a fake website that looks like the real website. Once the user enters their personal information on the fake website, the phisher can steal it.
  • 64. Sideloading: Sideloading is the process of installing apps from sources other than the official app store. This can be a way to install malicious apps. Firmware vulnerabilities: Mobile devices are often shipped with outdated firmware that contains security vulnerabilities. These vulnerabilities can be exploited by attackers to gain control of the device. Supply chain attacks: Supply chain attacks are attacks that target the companies that supply components or software to mobile device manufacturers. These attacks can be used to insert malicious code into the components or software, which can then be used to attack the devices.
  • 65. Organizational Security Policies and Measures in Mobile Computing Era Organizational security policies and measures in the mobile computing era are designed to protect an organization's data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction. These policies and measures should be tailored to the specific needs of the organization, but they should typically include the following elements: ● Mobile device management (MDM): MDM solutions can be used to manage the security of mobile devices, such as by enforcing password policies and remotely wiping devices. ● Security awareness training: Security awareness training should be implemented to educate employees about the security risks associated with mobile devices and how to protect themselves from these risks.
  • 66. Organizational Security Policies and Measures in Mobile Computing Era Mobile device security policy: A mobile device security policy should be implemented to define the rules and regulations for the use of mobile devices in the workplace. Regular security updates: Mobile devices should be kept up to date with the latest security patches to protect them from known vulnerabilities. Require employees to use strong passwords and enable two-factor authentication for their mobile devices: Strong passwords and two-factor authentication can help to protect mobile devices from unauthorized access. Restrict the use of mobile devices to authorized applications and websites: Only allowing employees to use authorized applications and websites can help to reduce the risk of malware infection.
  • 67. Organizational Security Policies and Measures in Mobile Computing Era ● Monitor mobile device usage for suspicious activity: Monitoring mobile device usage can help to identify and respond to suspicious activity, such as unauthorized access attempts. ● Back up mobile device data regularly: Regularly backing up mobile device data can help to protect it in the event of a data breach or other incident. In addition to these general security measures, organizations may also need to implement additional measures to address specific security risks associated with mobile devices. For example, organizations that use mobile devices to access sensitive data may need to implement encryption or tokenization.
  • 68. Organizational Security Policies and Measures in Mobile Computing Era The specific organizational security policies and measures that are implemented will vary depending on the organization's specific needs and requirements. However, by implementing a comprehensive set of security policies and measures, organizations can help to protect their data and systems from unauthorized access, use, disclosure, disruption, modification, or destruction.
  • 69. Organizational Security Policies and Measures in Mobile Computing Era organizational security policies and measures that can be taken to improve mobile security in the mobile computing era: ● Use a mobile security solution: A mobile security solution can provide additional protection for mobile devices, such as by detecting and blocking malware, preventing unauthorized access, and encrypting data. ● Deploy a zero-trust security model: A zero-trust security model assumes that no device or user is inherently trusted, and that all access to resources must be authenticated and authorized. This can help to protect against unauthorized access to mobile devices, even if they are compromised. ● Use mobile device encryption: Encrypting mobile device data can help to protect it from unauthorized access, even if the device is lost or stolen. ● Implement mobile device security policies: Mobile device security policies should be implemented to define the rules and regulations for the use of mobile devices in the workplace. These policies should be enforced through employee training and monitoring. ● Conduct regular security assessments: Regular security assessments can help to identify and address security vulnerabilities in mobile devices and their applications.
  • 70. Compare Vishing, Phising and Smishing in Cyber security Vishing, phishing, and smishing are all types of social engineering attacks that are used to trick victims into giving up their personal information or clicking on a malicious link. ● Vishing: Vishing is a type of phishing attack that is carried out through phone calls. The attacker will often pose as a legitimate company, such as a bank or credit card company, and will try to trick the victim into giving them their personal information, such as their credit card number or Social Security number. ● Phishing: Phishing is a type of social engineering attack that is carried out through email. The attacker will send an email that appears to be from a legitimate company, such as a bank or credit card company, and will try to trick the victim into clicking on a malicious link or opening an infected attachment. ● Smishing: Smishing is a type of phishing attack that is carried out through text messages. The attacker will send a text message that appears to be from a legitimate company, such as a bank or credit card company, and will try to trick the victim into clicking on a malicious link or opening an infected attachment.
  • 71. Compare Vishing, Phising and Smishing in Cyber security
  • 72. Questions 1. How criminals plan attack?Discuss various steps involved 2. Compare Vishing, Phising and Smishing in Cyber security 3. Discuss basic security precautions to be taken to safeguard laptops and wireless devices.