This document discusses web security and ransomware. It defines web security as protecting networks, systems, and data from harm or theft. It also covers two types of security - cloud security and online application security - that protect cloud services and web applications. The document then discusses the challenges of securing data and information from cyber attacks seeking money or to disrupt systems. It provides details on how ransomware works and how computers become infected with ransomware, typically through malicious emails or drive-by downloads. Prevention methods like backups and updates are recommended. Finally, it lists some of the most dangerous cyber viruses of all time like CryptoLocker and Zeus.

1. WHAT IS WEB SECURITY?
▪ Protecting networks and computer systems from harm or theft for software,
and hardware . It covers safeguarding computer systems from being
misdirected or disrupted while performing their functions.
▪ Web security is associated with cybersecurity and also refers to website
security, which is the process of defending websites against assaults. Cloud
security and online application security are two types of security that
protect cloud services and web-based applications, respectively. Web
security also includes the protection of a virtual private network (VPN).

2. WEB SECURITY
▪ According to formerCisco CEO John Chambers, “There are two types
of companies: those that have been hacked, and those who don’t yet
know they have been hacked.”
▪ The motives for cyber attacks are many. One is money. Cyber
attackers may take a system offline and demand payment to restore
its functionality. Ransomware, an attack that requires payment to
restore services, is now more sophisticated than ever.
▪ Corporations are vulnerable to cyber attacks, but individuals are
targets too, often because they store personal information on their
mobile phones and use insecure public networks.

3. How does ransomware work?
▪ Asymmetric encryption is used by ransomware that encrypts and
decrypts files using a pair of keys.
▪ The attacker generates a unique public-private pair of keys for the
victim, with the private key used to decrypt data saved on the
attacker's server, the attacker may not always make the private key
available to the victim once the ransom is paid.
▪ Secret key is needed to restore files

4. CHALLENGES IN SECURING INFORMATION
▪ It’s a huge challenge for many data scientist to eliminate risk in data
management because of what we called “competition”. Some big
companies will hire an expert to find holes in the system to make
them more influential and make their name on top, and if that
vulnerabilities will leak to the wrong person it will be catastrophic to
everyone.

5. How does a computer become infected with
Ransomware?
▪ Ransomware is often spread through emails that contain malicious
attachments or through drive-by downloading. Drive-by
downloading occurs when a user unknowingly visits an infected
website and then malware is downloaded and installed without the
user’s knowledge.
If get infected by ransomware it will shutdown or reboot the system
and create a shortcut to any file which in not accessible anymore.

6. Ransomware vs. Malware: What’s the
Difference?
Malware is an umbrella term that is used to describe all types of malicious
software. Malware can be used by attackers to perform variety of malicious
actions like spying on the target using spyware, destroying data and resources,
causing error in the system and slow down the performance.Virus,Trojan horses,
worms and spyware are the various types of malware along with a few others.
Ransomware is a type of malware that is designed to block user access from own
system until a ransom fee is paid to ransomware creator. Ransomware is a lot
dangerous than a regular malware and spread through emails having infected
attachments. Ransomware has emerged over the last few years and can attack
individuals or organizations.
all ransomware is malware — but not all malware is ransomware.

7. HOW RANSOMWARE ATTACK

8. Ransomware Prevention
▪ Take frequent back-ups, so if data is encrypted by ransomware, there
is a recent restore point.
▪ Install a program that will check for malicious programs and install
software updates.
▪ Virus scan all external drives and mobile devices connected to the
network.

9. Top 10 Most Dangerous Cyber Viruses of
All Time
▪ CryptoLocker 2013 AVictim has to pay a certain amount through bitcoin
▪ PlugX 2012 primarily targets government entities, targets specific businesses
and organizations
▪ Zeus Gameover 2011 main purpose of the Zeus virus is to access the victim’s
sensitive bank account details and steal all of the victim’s funds. Cost of damage
$100 million
▪ Mydoom 2004 originated from Russia and is written in C++. Cost of damage $38
billion
▪ Sasser and Netsky 2004 were created by a 17 years old German named Sven
Jaschan.The virus slows down the Internet and puts some sites to a complete
halt. cost of damage US$3.12 billion

10. ASSiGNMENT “ VIDEO REPORTING ” use our
video template format.
▪ CodeRed
▪ Nimba
▪ ILOVEYOU
▪ Melissa

11. Layers Involved in Web Security
▪ Hardware Physical access to computer hardware provides even the most
inexperienced user complete control over it. Nothing else in a computer system can
be deemed safe without physical security to protect hardware (i.e. locks).
▪ Operating System As the program in charge of regulating access to the hardware,
file system, and network,Crackers are mainly interested in flaws in an operating
system's network. • User names and passwords are used for the majority of OS
▪ Service A "service" is any type of program that runs unattended on a computer for
our needs. In response to a network-based request, a server-style computer executes
some activity.FTP servers, web servers (e.g., Apache, IIS), and server-side scripting
platformsEmail servers (such as Sendmail, Qmail, and Exim),Telnet and SSH servers,
and file and print servers are all examples.(for example, SMB/Samba), and database
servers (for example, Oracle, SQL Server, MySQL, DB/2, etc.).

12. Layers Involved in Web Security
▪ Data Backups should be secured in some way to prevent anyone who comes
into contact with the media from reading the whole organization's data.This
encryption is rarely used in practice.
▪ Application Injections are commonly used into one of the application's forms
some client-side browser scripting code (e.g. JavaScript)That code is run (on
the end user's browser) once it is shown on the site. SQL Injection XSS (Cross
Site Scripting) Remote Command Execution PathTraversal may result to
Access to restricted content,Compromised user accounts, Installation of
malicious code,Lost sales revenue,Loss of trust with customers,Damaged
brand reputation

13. Layers Involved in Web Security
▪ Network Protocol provides both authentication and encryption services to
communicating computers using digital certificates issued by Certificate
Authorities (CAs) also known asTrust Authorities
▪ Browser consists of all measures, procedures, and policies necessary to
protect users accessing the Internet from a web browser application