This document discusses cybercrime and cybersecurity. It defines cybercrime as illegal activities committed through computers and networks, such as internet fraud, cyberbullying, and identity theft. It also discusses different types of hackers (e.g. black hat, white hat), cyberattacks throughout history, and techniques used in cybercrimes like phishing scams and brute force attacks. The document concludes that while security is an illusion, being proactive, developing best practices, and increasing cybersecurity awareness can help address ongoing cyber threats.
In this slide I present you an awareness about cyber security and crimes for students. Targeted audience are students aged 14-17 years of age. I also present common mistakes we all do in our lives that lead to cyber insecurities
This is a summary of what cyber crime is all about, the history of cyber crime; motivation behind cyber attack as well as the various techniques used in committing those crimes; Cybercrime groups starting to operate like the Mafia; how cyber crimes exploits Web2.0 opportunites and Top Computer Secuity Actions.
In this slide I present you an awareness about cyber security and crimes for students. Targeted audience are students aged 14-17 years of age. I also present common mistakes we all do in our lives that lead to cyber insecurities
This is a summary of what cyber crime is all about, the history of cyber crime; motivation behind cyber attack as well as the various techniques used in committing those crimes; Cybercrime groups starting to operate like the Mafia; how cyber crimes exploits Web2.0 opportunites and Top Computer Secuity Actions.
Cyber Security introduction. Cyber security definition. Vulnerabilities. Social engineering and human error. Financial cost of security breaches. Computer protection. The cyber security job market
Ethical hacking also known as penetration testing or white-hat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the target’s permission. The intent of ethical hacking is to discover vulnerabilities from a hacker’s
viewpoint so systems can be better secured. It’s part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
** Cyber Security Course: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "What is Cyber Security" gives an introduction to the Cyber Security world and talks about its basic concepts. You get to know different kinds of attack in today's IT world and how cybersecurity is the solution to these attacks. Below are the topics covered in this tutorial:
1. Why we need Cyber Security?
2. What is Cyber Security?
3. The CIA Triad
4. Vulnerability, Threat and Risk
5. Cognitive Cyber Security
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
Cyber Security introduction. Cyber security definition. Vulnerabilities. Social engineering and human error. Financial cost of security breaches. Computer protection. The cyber security job market
Ethical hacking also known as penetration testing or white-hat hacking, involves the same tools, tricks, and techniques that hackers use, but with one major difference that Ethical hacking is legal. Ethical hacking is performed with the target’s permission. The intent of ethical hacking is to discover vulnerabilities from a hacker’s
viewpoint so systems can be better secured. It’s part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.
Cybersecurity Awareness Training Presentation v2021.08DallasHaselhorst
This free cybersecurity awareness training slide deck is meant to be used by organizations and end users to help them better understand ways they can avoid scams, cyber attacks, and become more security aware. This slide deck is based on version 2021.08 of our wildly popular slide deck we originally released as open-source in September 2019. In just over 6 months, version 1.0 was downloaded thousands of times and in over 150 countries!
On our website, you will also find several other related goodies. For example, we have free and downloadable worksheets referenced in the training. These worksheets provide material that attendees can take back home with them to try out and continue the security conversation. We also have free cybersecurity quizzes that are based directly off of this material so anyone can test their awareness knowledge. We even have a downloadable 'certificate of completion' for this training, which allows attendees to fill-in their name and date so they can then print it out to show others (or even their employer) that they are now more cyber aware.
https://www.treetopsecurity.com/cat
On our website, we also have a video/webinar presentation of this material if you would like to share it with others.
https://www.treetopsecurity.com/cat#video
Do you want to take this content and present it in your own community or business? Fantastic! You may download this slide deck as editable content. This allows you to make changes and present it at your local library, business events, co-working spaces, schools, etc. The latest version is always available on our website as a Microsoft PowerPoint presentation (.pptx) or Google Slides using ‘Make a Copy’. Those downloadable versions from our website also include speaker notes to provide talking points or tips for anyone delivering the content.
https://www.treetopsecurity.com/slides
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
** Cyber Security Course: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "What is Cyber Security" gives an introduction to the Cyber Security world and talks about its basic concepts. You get to know different kinds of attack in today's IT world and how cybersecurity is the solution to these attacks. Below are the topics covered in this tutorial:
1. Why we need Cyber Security?
2. What is Cyber Security?
3. The CIA Triad
4. Vulnerability, Threat and Risk
5. Cognitive Cyber Security
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
0x01 - Newton's Third Law: Static vs. Dynamic AbusersOWASP Beja
f you offer a service on the web, odds are that someone will abuse it. Be it an API, a SaaS, a PaaS, or even a static website, someone somewhere will try to figure out a way to use it to their own needs. In this talk we'll compare measures that are effective against static attackers and how to battle a dynamic attacker who adapts to your counter-measures.
About the Speaker
===============
Diogo Sousa, Engineering Manager @ Canonical
An opinionated individual with an interest in cryptography and its intersection with secure software development.
Sharpen existing tools or get a new toolbox? Contemporary cluster initiatives...Orkestra
UIIN Conference, Madrid, 27-29 May 2024
James Wilson, Orkestra and Deusto Business School
Emily Wise, Lund University
Madeline Smith, The Glasgow School of Art
Acorn Recovery: Restore IT infra within minutesIP ServerOne
Introducing Acorn Recovery as a Service, a simple, fast, and secure managed disaster recovery (DRaaS) by IP ServerOne. A DR solution that helps restore your IT infra within minutes.
This presentation by Morris Kleiner (University of Minnesota), was made during the discussion “Competition and Regulation in Professions and Occupations” held at the Working Party No. 2 on Competition and Regulation on 10 June 2024. More papers and presentations on the topic can be found out at oe.cd/crps.
This presentation was uploaded with the author’s consent.
Have you ever wondered how search works while visiting an e-commerce site, internal website, or searching through other types of online resources? Look no further than this informative session on the ways that taxonomies help end-users navigate the internet! Hear from taxonomists and other information professionals who have first-hand experience creating and working with taxonomies that aid in navigation, search, and discovery across a range of disciplines.
2. 2
Abstract:
Being one of the most rapidly expanding sector, internet has become one of the
most vital part of our life from work to entertainment there's no other option
now but it comes with a price of our privacy.
Cyber Crimes are also on the rapid expansion causing our sensitive data to be
used without our permission. Governments are aware of this matter doing
everything they can to secure our networks but many say security is just an
illusion.
In this whole report we will analyse the strength of the people who are trying to
spoil the Cyber Ecosystem and the higher grounds where we can deceive them.
3. 3
Introduction:
Cybercrime is a type of crime or an illegal activity that is basically committed through a computer with the help of
networking.
The ideal or most familiar word for this would be "Hacking".
Following are the examples of cybercrime.
1) Internet Fraud.
2) Spams.
3) Cyberbullying.
4) Gathering Information Illegally.
5) Identity Theft.
6) Phishing scams.
7) Hate Crimes.
Internet Fraud:
Whenever one tries to purchase a product from the internet, he/she is on a great risk of being victimized by internet
fraud. So, it is very important for a person to research and study the sources from which he/she is purchasing the
product. The e-commerce environment is stuffed with fake companies and organizations who distribute worst quality
products to the customers and are greatly involved in stealing customers bank account data. These Internet crimes
became a larger platform for crimes in the late 1990s and early 2000s. A single virus outbreak was blamed for 80$
Billion loss. In this scenario, HBL has introduced a 3-D secure e-commerce web certification which allows the user to
recognize websites that can be trusted for online shopping. There are some famous websites which could be trusted
on the basis of current circumstances for online shopping.Some of the trustworthy websites are given below:
1) www.daraz.pk
2) www.kaymu.pk
3) www.amazon.com
4) www.alibaba.com
5) www.microsoft.com
Cyberbullying.
Cyberbullying is done through digital devices for example Cell Phones, Computers, Tablets, iPhone, Ipads etc
Mentally torturing, harassment, Humiliation is cyberbullying. It includes sending, posting or sharing taunting, offending
and sexual contents "publicly" or sending it to a specific person. The content could be personal data like pictures,
email, chats etc.
Platforms for cyberbullying are given below:
1) Social Media such as Facebook, Twitter, Snapchat, Instagram.
3) Mobile Messaging.
80% teenagers use cell phones and some other related devices and 20% of them are bullied on daily basis.
4. 4
Phishing scams:
This is an attempt to gather users password and sensitive information by generating and disguising a fake webpage of
an authentic website. When a user comes across this kind of fake webpage he inputs his personal data in the sign in
or sign up form resulting in stolen data of the user.
Cyber Criminals :
Someone who penetrates and breaks the security system of an organization or a network and exploits the flaws in
that computer system is known as Hacker and process is known as Hacking.
There are many types of hackers.
1) Script Kiddie.
2) White Hat Hackers
3) Grey Hat Hackers
4) Black Hat Hackers
5) Green Hat Hackers
6) Red Hat Hackers
7) Blue Hat Hackers
But main of them are Blackhat, White hat and grey hat.
Script Kiddie:
Basically, they cannot be called hackers, because they just copy some kind of coded script and use it as a virus or use
predefined software like maltego, hydra,Metasploit etc for penetration.
White Hat Hackers:
White hat hackers are known as Ethical Hacker or Legal Hackers. These type of hackers help organizations to make
their system secure or they help victim company to prevent the viruses. White Hat Hackers are certified to hack.
Black Hat Hackers:
Blackhat hackers are famous as "Crackers" .They find companies, organizations, especially bank that have weak and
small security system and when they find it they steal the money, credit card information and etc
Gray Hat Hackers:
They are nor Ethical Hackers neither Unethical Hackers. They don't harm people with their hacking nor steal anything,
like money or personal information but sometimes they try to penetrate into a system.
Green Hat Hackers:
Green Hat Hackers are types of hackers that really love hacking and care about it .They are unlike script-kiddies and
they work hard and strive and struggle to become a legendary hacker.
Red Hat Hackers:
Red Hat Hackers are the wanted criminals of the world. They steal money, steal data, harm the computer system,
sometimes leaks the information to the outer world .It may include Terrorist.
5. 5
History of Cyber Attacks:
In February 2000. DDoS flooded Yahoo, eBay, CNN and ZDNet with huge data, blocking access for thousands of users
for two to three hours.
Love Letter virus struck companies worldwide in May the same year, flooding e-mail servers and causing them to
crash as it spreads.
1994:
A hacker known as Merc manages to dial into a server at the Salt River Project and explores computers used to monitor
canals in the Phoenix region.
1988:
"Robert Morris" released a worm that infected around 3,000 to 4,000 of the Internet's approximately servers.
WannaCry ransomware attack was a May 2017 global cyber offence
Which targeted computers running Microsoft Windows operating systems. Their sole objective was to encrypt whole
computers data and then demanded ransom for the decryption keys.
Cyber Warfare:
Cyber warfare is a modern form of warfare in which countries attack each other for proving their strength or for gaining
political/foreign policy victories.
Cyber warfare is an important evolutionary addition in the battle fronts that has the potential for significant effect on
the citizens and especially on the computer scientists of the world.
Cyber warfare may be used as a political tool to increase the control of the government on the citizens and different
organizations by keeping in checking their data and resources. Some of the techniques of the cyber-attacks include
breaking into someone's personal computer or servers.
Cyber warfare became elite warfare when In the last United States elections Russian government Hacked into the
election and moulded the results whatever they wanted it to be. This created a mass tension around the globe as it
was one of the most powerful and unique display of power by one of the Superpower.
Another tactic is to create hindrance in the functionality of computers and the embedded equipment by using worms
and viruses. In addition, some hackers use logic bombs and some other malware to malfunction the computer
networks of important facilities.
The main scope and platform for the cyber warfare is internet and local network with a strong help from the ruling
Government as generally they are the master planner of the attacks.
Because of increasing Cybercrimes and warfare around the globe and also because of some political reasons The
Pakistani Government has also passed a Cyber Crime Bill which was targeted frequently by the critics.
Some of the salient features of the Pakistans Cyber Crime bill are mentioned below:
1) Up to 3 years imprisonment, Rs1 million fine or both for unauthorised access to critical Network system or data.
2) The government will cooperate with any foreign agency investigating about Cyber Criminals residing in the authority
of Pakistan.
3) Rs5 million fine, Up to three years imprisonment or both for breaching and using an individual Identity and crucial
data without authorization.
6. 6
4) If anyone's information has been used intentionally or without authorization he/she can report it 24/7 to the Cyber
Security department of FIA.
Resources and the techniques used for Cyber Crimes:
There are many resources but we will only discuss about most popular of them. Kali linux is the operating system and
python is the programming language which is widely used by the network penetrators.
Techniques used by hackers :
Brute force attack: In this technique, all possible combinations of the password are applied in order to find the
correct combination.
Dictionary attack: Common dictionary words are used For predicting password.
Waterhole attacks: When the objective of the hacker is to gather as many sensitive information as he can they target
public places like internet café, coffee shops or other most visited public places.
Fake wifi points: They can create fake wifi points in order to grab the sensitive data of the user who tries to log in from
the wifi.
Backdoors: The points from which they penetrate into a system is known as the backdoor.
Usage of proxy networks for defence: Universities and institutions use proxy servers in order to defend their user
from being attacked. This proxy network changes the IP address of their traffic who are accessing the internet so that
a foreigner whose intentions are bad fails in tracking the genuine IP address of their member.
DDOS Attack stands for distributed denial of service attack. In this, the victim is attacked from different sources. This
makes it very difficult to defend the network from the attack.
Hackers point out bugs in the system of the targeted computer and then manipulate that weak point of the system
in order to get access to the pc/network. This mainly happens when OS update is released but the targeted pc has not
updated yet which leaves that bug unresolved and prove as an open attack on people like black hat hackers. That's
the reason why our windows always recommend us to always turn on the automatic updates.
The internet as a whole consist of three layers world wide web, deep web and dark web. Worldwide is the portion of
internet consisting google search engine and the whole social media and many more websites. There are other
different websites which our search engines cannot access therefore we can call them hidden or the webs which can
be accessed via password or authorization. Which can only be logged in by using genuine authorization these are the
deep web content that won't show up on our common search engine.
The other one is dark web which is quite popular in the underworld of criminals and unethical hackers. Dark web is
part of worldwide that require a special browser to access.
The dark web is also called "Onionland" because of its content accessible only using services like Tor. It can be identified
by the domain ".onion" whereas other normal websites identified by the domain .com.
The darkweb is used for illegal activities such as drug trade, media and confidential information exchange also for
pedophiles and terrorists who want to hide their illegal activities use the dark web. People who want to hide their
identity and want to search illegal articles use the dark web. Dark web is notorious for being the base of all cyber
crimes.
7. 7
About Tor Browser :
Tor is a web browser or an internet networking protocol which is used commonly to reach Dark web and also to
anonymize the data relayed to across it. Torr makes it difficult for anyone to track the internet activity of the user.By
using it trackers may face a lot of hindrances in order to track and analyse users IP address .When someone runs tor
online data collectors such as Google Ads and little known but powerful Crawlers will not be able to gather your data.
Conclusions:
Security is an illusion: Whatever technique we use to secure our networks it will be defeated in any time soon.
This cycle keeps on running until meaning of security loses it's worth.
develop best security practices:
People believe that security is an illusion but we can do much more to give them a tough time.Technology tycoons like
Facebook have thousands of their employees dedicated to the Cybersecurity wing. Which allows their customers to
trust them .The ones who know how to penetrate can also secure our networks as they know what a hacker looks for
before penetrating into a system.
Be proactive:
Do not wait until your networks are doomed in one way or another .Use every possible defence techniques which
cannot be deceived by the hackers.
Strict cyber laws should be deployed: Maximum people out there think we cannot/should not categorize Cyber
Crimes into regular crimes. But as the events are happening and the world has started facing heavy losses because of
cybercrimes it is becoming more and more clear that introducing strict cyber laws is the only way to handle these
activities.
Increase security awareness among the masses: Most of the people do not give much more important
to their data and they also imagine no one can really hurt them by grabbing their data but ironically the reality is
opposite. Being tech people we have a responsibility to create awareness among the masses about the dark side of
the cyber ecosystem.