SlideShare a Scribd company logo

You think you are safe online. Are You?

Download as PPTX, PDF
T
TechGenie

Do you think your home-based enterprise is too small to attract attention of hackers and cyber criminals? A hacker would be sitting behind you and follow your password over your shoulder as you are using a public Wi-Fi at Starbucks! Did you know that a pacemaker could be hacked to get personal and medical information to exploit against you for vandalism or monetary gain? The more you are unsuspecting and off-the-guard, the more you are prone to fall prey to devious schemes of cyber attacks. That’s why we created this presentation to present you everything you need to know to detect signs of cyber attacks including - all possible risks of cyber attacks - what’s your chances of getting hit by a hacker, - who is targeting you - What hackers can do? - what type of information they are trying to steal - Are you an Instagram addict? Get to know how your favorite social networking sites and other web-based services are exposing you to hackers - Different types of cyber attacks - Different types of baits, techniques and tools used by hackers - How each type of cyber attacks works - Do you know group of password crackers are at work in cracking your netbanking password? Check out if your password is strong and hard to crack - What tools are they using to crack your password? - How to verify all those banking email communications are NOT FROM YOUR BANK, but cyber attackers? Look out for these signs to distinguish between a phishing and a genuine email message. - Are you choosing the right browser? Is your browser a staple target of hackers – here is how to choose the right browser before you get online - Is your router doubling as a gateway for hackers to pass your information? Here is how to spot and prevent cyber attacks carried out through the router - How to identify if you are opening a genuine or fake website? Here is how you can safeguard yourself before revealing your personal or financial data on a genuine-looking fake website. And many more scary facts and trends of cyber attacks covered in this presentation which can be a small handy 101 guide to keep you alert and safe online. In addition to the information and tips, we have a powerful and really effective tool to help you dodge and combat against hackers as you use Internet. If you needed an active watchdog to monitor, block and guard you from all types of online malicious activities in the background, then you cannot possibly give this a miss to find the best online safety partner for you. Surf through the slides to find out everything you need to know and never thought you actually need… and let us know what you think. We are waiting!

Technology
1 of 16
You Think You Are Safe online. Are You? ©2014 iYogi Limited. All Rights Reserved. Presented By:
Do you think hackers can? Transform a mobile device into an audio bug? Turn Dropbox into a backdoor gateway to a network? Well yes, they can do all these. A lot more, actually... Let’s find out. Convert a phone into a spy sensor? Extract details from a pacemaker? Install surveillance tools unbeknown to you? ©2014 iYogi Limited. All Rights Reserved.
Prying Eyes You Never Noticed! The attacker can be your Which type of cyber attacks spooks market the most?  next door nerdy neighbor  a suave, introvert colleague  a geeky guy at the gym  that local computer repair shop engineer ©2014 iYogi Limited. All Rights Reserved.
Common Cyber Attack Methods Attack Techniques July 2014 ©2014 iYogi Limited. All Rights Reserved.
You Are On Their Hitlist! The more connected you are, the likelier you are to be their target. So, who’s their target? High-security locks of homes Cloud computing services Social media Smartphone and mobile devices Smart devices Power plants Your pacemaker (oh, yes!) Your car Your geo-location Bring-your-own-devices (BYOD) ©2014 iYogi Limited. All Rights Reserved.
Types Of Cyber Attacks (you should be afraid of!) Trojan attack Impersonation Phishing Spoofing DDoS attacks DNS Poisoning Password Cracking ©2014 iYogi Limited. All Rights Reserved.
Trojan Attack – How It Works? Attackers hide Trojan program inside chat messages. The Trojan gets installed on your PC. It takes control of your PC. It removes, moves, extracts data and execute a file. Every time you are online, Trojan notifies the hacker. The hacker monitors and controls your PC and steal data. 1 2 3 4 5 6 1. Download file 3. Malicious network connection to command and control center Customized Virtual Machine End user Machine 2. File get executed in workstation File System Registry & Processes 2. File get executed in a similar environment inside sandbox ©2014 iYogi Limited. All Rights Reserved.
Impersonation – How It Works? Hackers follow you on Instant Messengers. They access your account details. They steal your user names and passwords. They impersonate the retrieved data Interact with your contacts without your knowledge. 1 2 3 4 5 Thus, your IM account gets exposed to identity thefts. Victim Attacker Internet Connection How Impersonation works? ©2014 iYogi Limited. All Rights Reserved.
Phishing – How It Works? Hackers divert you to a fake charitable websites A Trojan is installed on your PC. It takes control of your PC It removes, moves, extracts data and execute a file. Every time you are online, Trojan notifies the hacker. The hacker monitors and controls your PC and steal data 1 2 3 4 5 6 Different methods of phishing:  Fake websites  Image manipulation  Phone phishing  Link manipulation  JavaScript commands ©2014 iYogi Limited. All Rights Reserved.
Spoofing – How It Works? Hackers search for IP addresses of legitimate hosts. They impersonate the message originated from that trusted host. They gather data from your infected PC. 1 2 3 Different methods of spoofing include:  Man-in-the-middle attack  Spyware techniques Spoofed Packed Source IP : 192.168.1.100 (Sniffer) Destination IP : 192.168.1.1 (Target)  Rogue antispyware programs  Server spoofing IP : 10.0.0.1 Gather Sniffed Data 1 3 Spoof Response 2 Target IP : 192.168.1.1 Sniffer IP: 192.168.1.100 IP Spoofing Attach ©2014 iYogi Limited. All Rights Reserved.
DDoSAttacks – How It Works? Hackers target large websites They create a “zombie” network. Install client software Gain remote access on machines connected to the network. The client software floods infected website with data traffic You get infected while accessing the infected site. 1 2 3 4 5 6 Various types of DDoS cyber attacks are –  Buffer Overflow Attacks  SYN Flood Attacks  Teardrop Attacks  Smurf Attacks  Virus and worms  Ping of death Distributed Denial of Service (or mostly known as DDoS) are conducted on massive level. Send cookies, Online banking credentials and webmail credentials. Orders Slowloris DoS attacks on Anonymous hacktivism targets Slowloris DoS attacks Anonymous Hacktivism Webpage Target Zeus-Infected Clients Hacker C&C Server ©2014 iYogi Limited. All Rights Reserved.
DNS Poisoning – How It Works? Hackers forge DNS information. They send false DNS information to redirect the traffic. They send fake DNS reply with fake information The DNS server stores information in cache. 1 2 3 4 DNS poisoning is used to redirect site visitors from online bank account to a fake website to collect users’ bank account credentials so that they logon and steal data/money. DNS Cache Poisoning 1 2 3 4 5 6 Cache poisoned Cache 203.74.17.22 208.174.175.2032 203.74.17.22 What is the IP address of www.xyz.com? What is the IP address of www.xyz.com? Name server Authoritative server(s) Client www.xyz.com Attacking server 1. Fictitious addresses ©2014 iYogi Limited. All Rights Reserved.
Password Cracking – How It Works? Hackers distribute the load of password on several computers They make a collaborative attempt of cracking password Password thieves use password cracking tools They automate the process of deciphering the password 1 2 3 4 Common password cracking tools are –  Mio-Star  Saltine Cracker  Slurpie  John the Ripper  L0phtCrack (LC3) ©2014 iYogi Limited. All Rights Reserved.
Safety Measures to Protect Against Cyber Attacks ©2014 iYogi Limited. All Rights Reserved.
3 Golden Rules of Online Safety VERIFY  Check for the proof of presence in the real-world such as address, phone number, email address so that you can make a phone call when in doubt.  Right-click on the link, choose ‘Properties’ to verify if the destination of the link matches with the information in the email and under Properties window.  Look for a padlock in the browser window or if the URL starts with “https://” .  Check if it has the same address of the actual website. SECURE  Check for the proof of presence in the real-world such as address, phone number, email address so that you can make a phone call when in doubt.  Right-click on the link, choose ‘Properties’ to verify if the destination of the link matches with the information in the email and under Properties window.  Look for a padlock in the browser window or if the URL starts with “https://” .  Check if it has the same address of the actual website. PREVENT  Use less popular browsers having small market share compared to Internet Explorer, Google Chrome . Smaller browsers are unprofitable for hackers to target.  Perform regular virus scan to prevent DDoS types of cyber attacks.  Secure host systems by updating security patches, firewall and real-time threat detection tools. With these security and filtering measures, packets sent out to the Internet are scrutinized by the security program installed on the host machine.  Configure modems/routers to prevent those send/receive broadcast messages to the network. ©2014 iYogi Limited. All Rights Reserved.
Above All These, You Should Also Remember – There is no patch for human negligence toward cyber attacks No security to prevent greed toward phishing mail with lures of lottery prize money, large funds transfer etc. Refrain from visiting unknown donation sites If you are too startled to use web services, email accounts or social networking sites, then leave your cyber attack worries on the expert – TechGenie Absolute. ©2014 iYogi Limited. All Rights Reserved.

Recommended

Internet security
Internet securityInternet security
Internet security
Mohamed El-malki
 
Web security
Web securityWeb security
Web security
Jatin Grover
 
Web Security
Web SecurityWeb Security
Web Security
Bharath Manoharan
 
Protecting Your Business From Cybercrime
Protecting Your Business From CybercrimeProtecting Your Business From Cybercrime
Protecting Your Business From Cybercrime
David J Rosenthal
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
HarishBabuKaveri
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 
Network Security
Network SecurityNetwork Security
Network Security
Mohammed Adam
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
Thangaraj Murugananthan
 

Recommended

Internet security
Internet securityInternet security
Internet security
Mohamed El-malki
 
Web security
Web securityWeb security
Web security
Jatin Grover
 
Web Security
Web SecurityWeb Security
Web Security
Bharath Manoharan
 
Protecting Your Business From Cybercrime
Protecting Your Business From CybercrimeProtecting Your Business From Cybercrime
Protecting Your Business From Cybercrime
David J Rosenthal
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
HarishBabuKaveri
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 
Network Security
Network SecurityNetwork Security
Network Security
Mohammed Adam
 
Ethical hacking (legal)
Ethical hacking (legal)Ethical hacking (legal)
Ethical hacking (legal)
Thangaraj Murugananthan
 
Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server Security
JITENDRA KUMAR PATEL
 
Five habits that might be a cyber security risk
Five habits that might be a cyber security riskFive habits that might be a cyber security risk
Five habits that might be a cyber security risk
K. A. M Lutfullah
 
Hacking
HackingHacking
Hacking
Anil Shrivastav
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applications
Devnology
 
Phishing
PhishingPhishing
Phishing
defquon
 
Cybercrime
CybercrimeCybercrime
Cybercrime
Marite Rojas Ojeda
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
Lokender Yadav
 
ETHICAL HACKING PPT
ETHICAL HACKING PPTETHICAL HACKING PPT
ETHICAL HACKING PPT
Sweta Leena Panda
 
Web security
Web securityWeb security
Web security
Muhammad Usman
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
aashish2cool4u
 
Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hacking
Sahil Rai
 
My presentation
My presentationMy presentation
My presentation
Devashri Balinge
 
Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
padmeshagrekar
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
Tenet Systems Pvt Ltd
 
Attack chaining for web exploitation
Attack chaining for web exploitationAttack chaining for web exploitation
Attack chaining for web exploitation
n|u - The Open Security Community
 
Spoofing
Spoofing Spoofing
Spoofing
paulina villanueva
 
Cyber security[1118]
Cyber security[1118]Cyber security[1118]
Cyber security[1118]
MeeraNairJ
 
Web security
Web securityWeb security
Web security
kareem zock
 
Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.
JasminJaman1
 
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
EnergySec
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...
Jack Whitsitt
 
A Cyber Infrastructure SCADA Testbed Environment for Research on the Nation\'...
A Cyber Infrastructure SCADA Testbed Environment for Research on the Nation\'...A Cyber Infrastructure SCADA Testbed Environment for Research on the Nation\'...
A Cyber Infrastructure SCADA Testbed Environment for Research on the Nation\'...
Christopher Klaus
 

More Related Content

What's hot

What's hot (19)

Introduction to Web Server Security
Introduction to Web Server SecurityIntroduction to Web Server Security
Introduction to Web Server Security
 
Five habits that might be a cyber security risk
Five habits that might be a cyber security riskFive habits that might be a cyber security risk
Five habits that might be a cyber security risk
 
Hacking
HackingHacking
Hacking
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applications
 
Phishing
PhishingPhishing
Phishing
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Ethical Hacking & Network Security
Ethical Hacking & Network Security Ethical Hacking & Network Security
Ethical Hacking & Network Security
 
ETHICAL HACKING PPT
ETHICAL HACKING PPTETHICAL HACKING PPT
ETHICAL HACKING PPT
 
Web security
Web securityWeb security
Web security
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Information security & ethical hacking
Information security & ethical hackingInformation security & ethical hacking
Information security & ethical hacking
 
My presentation
My presentationMy presentation
My presentation
 
Types of Attack in Information and Network Security
Types of Attack in Information and Network SecurityTypes of Attack in Information and Network Security
Types of Attack in Information and Network Security
 
Hacking by Pratyush Gupta
Hacking by Pratyush GuptaHacking by Pratyush Gupta
Hacking by Pratyush Gupta
 
Attack chaining for web exploitation
Attack chaining for web exploitationAttack chaining for web exploitation
Attack chaining for web exploitation
 
Spoofing
Spoofing Spoofing
Spoofing
 
Cyber security[1118]
Cyber security[1118]Cyber security[1118]
Cyber security[1118]
 
Web security
Web securityWeb security
Web security
 
Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.Hacking- Ethical/ Non-ethical, Cyber Security.
Hacking- Ethical/ Non-ethical, Cyber Security.
 

Viewers also liked

Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
EnergySec
 

Viewers also liked (12)

Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
Essential Power Case Study: Protecting Critical Infrastructure From Cyber Att...
 
Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...Introduction to National Critical Infrastructure Cyber Security: Background a...
Introduction to National Critical Infrastructure Cyber Security: Background a...
 
A Cyber Infrastructure SCADA Testbed Environment for Research on the Nation\'...
A Cyber Infrastructure SCADA Testbed Environment for Research on the Nation\'...A Cyber Infrastructure SCADA Testbed Environment for Research on the Nation\'...
A Cyber Infrastructure SCADA Testbed Environment for Research on the Nation\'...
 
The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...The relation between internet of things, critical infrastructure and cyber se...
The relation between internet of things, critical infrastructure and cyber se...
 
Cyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework PanelCyber Critical Infrastructure Framework Panel
Cyber Critical Infrastructure Framework Panel
 
rpt-world-eco-forum Final
rpt-world-eco-forum Finalrpt-world-eco-forum Final
rpt-world-eco-forum Final
 
Critical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber ThreatCritical Infrastructure and Cyber Threat
Critical Infrastructure and Cyber Threat
 
Critical Infrastructure and Cyber Sec in Transportation Sector
Critical Infrastructure and Cyber Sec in Transportation SectorCritical Infrastructure and Cyber Sec in Transportation Sector
Critical Infrastructure and Cyber Sec in Transportation Sector
 
Critical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challengesCritical Infrastructure and Cyber Security: trends and challenges
Critical Infrastructure and Cyber Security: trends and challenges
 
Malaysia's National Cyber Security Policy
Malaysia's National Cyber Security PolicyMalaysia's National Cyber Security Policy
Malaysia's National Cyber Security Policy
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service Attacks
 
DDoS Attacks
DDoS AttacksDDoS Attacks
DDoS Attacks
 

Similar to You think you are safe online. Are You?

Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
Keshab Nath
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
DHRUV562167
 

Similar to You think you are safe online. Are You? (20)

Dos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle AttackDos & Ddos Attack. Man in The Middle Attack
Dos & Ddos Attack. Man in The Middle Attack
 
Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3Cisco cybersecurity essentials chapter 3
Cisco cybersecurity essentials chapter 3
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Ransomware hostage rescue manual
Ransomware hostage rescue manualRansomware hostage rescue manual
Ransomware hostage rescue manual
 
Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure" Frontier Secure: Handout for small business leaders on "How to be Secure"
Frontier Secure: Handout for small business leaders on "How to be Secure"
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
CYBER CRIME AWARENESS (Thematic Presentation)
CYBER CRIME AWARENESS (Thematic Presentation)CYBER CRIME AWARENESS (Thematic Presentation)
CYBER CRIME AWARENESS (Thematic Presentation)
 
Lecture about network and host security to NII students
Lecture about network and host security to NII studentsLecture about network and host security to NII students
Lecture about network and host security to NII students
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 
Impacts of spoofing- why it’s a serious cybersecurity concern
Impacts of spoofing- why it’s a serious cybersecurity concernImpacts of spoofing- why it’s a serious cybersecurity concern
Impacts of spoofing- why it’s a serious cybersecurity concern
 
CyberCrime attacks on Small Businesses
CyberCrime attacks on Small BusinessesCyberCrime attacks on Small Businesses
CyberCrime attacks on Small Businesses
 
Computer security and privacy
Computer security and privacyComputer security and privacy
Computer security and privacy
 
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdfCybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
Cybersecurity Awareness Month_2021_PartnerPresentation_Final.pdf
 
hacking
hackinghacking
hacking
 
Cyber Crime And Security
Cyber Crime And Security Cyber Crime And Security
Cyber Crime And Security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi Hacking Presentation v2 By Raffi
Hacking Presentation v2 By Raffi
 
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECTHACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
HACKING DESCRIBE IN DETAIL FOR UNIVERSITY PROJECT
 
web-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdfweb-security-1215757214755670-9.pdf
web-security-1215757214755670-9.pdf
 

Recently uploaded

Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
RTTS
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
ScyllaDB
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 

Recently uploaded (20)

Powerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara LaskowskaPowerful Start- the Key to Project Success, Barbara Laskowska
Powerful Start- the Key to Project Success, Barbara Laskowska
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Introduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG EvaluationIntroduction to Open Source RAG and RAG Evaluation
Introduction to Open Source RAG and RAG Evaluation
 
JMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and GrafanaJMeter webinar - integration with InfluxDB and Grafana
JMeter webinar - integration with InfluxDB and Grafana
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Optimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through ObservabilityOptimizing NoSQL Performance Through Observability
Optimizing NoSQL Performance Through Observability
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 

You think you are safe online. Are You?

  • 1. You Think You Are Safe online. Are You? ©2014 iYogi Limited. All Rights Reserved. Presented By:
  • 2. Do you think hackers can? Transform a mobile device into an audio bug? Turn Dropbox into a backdoor gateway to a network? Well yes, they can do all these. A lot more, actually... Let’s find out. Convert a phone into a spy sensor? Extract details from a pacemaker? Install surveillance tools unbeknown to you? ©2014 iYogi Limited. All Rights Reserved.
  • 3. Prying Eyes You Never Noticed! The attacker can be your Which type of cyber attacks spooks market the most?  next door nerdy neighbor  a suave, introvert colleague  a geeky guy at the gym  that local computer repair shop engineer ©2014 iYogi Limited. All Rights Reserved.
  • 4. Common Cyber Attack Methods Attack Techniques July 2014 ©2014 iYogi Limited. All Rights Reserved.
  • 5. You Are On Their Hitlist! The more connected you are, the likelier you are to be their target. So, who’s their target? High-security locks of homes Cloud computing services Social media Smartphone and mobile devices Smart devices Power plants Your pacemaker (oh, yes!) Your car Your geo-location Bring-your-own-devices (BYOD) ©2014 iYogi Limited. All Rights Reserved.
  • 6. Types Of Cyber Attacks (you should be afraid of!) Trojan attack Impersonation Phishing Spoofing DDoS attacks DNS Poisoning Password Cracking ©2014 iYogi Limited. All Rights Reserved.
  • 7. Trojan Attack – How It Works? Attackers hide Trojan program inside chat messages. The Trojan gets installed on your PC. It takes control of your PC. It removes, moves, extracts data and execute a file. Every time you are online, Trojan notifies the hacker. The hacker monitors and controls your PC and steal data. 1 2 3 4 5 6 1. Download file 3. Malicious network connection to command and control center Customized Virtual Machine End user Machine 2. File get executed in workstation File System Registry & Processes 2. File get executed in a similar environment inside sandbox ©2014 iYogi Limited. All Rights Reserved.
  • 8. Impersonation – How It Works? Hackers follow you on Instant Messengers. They access your account details. They steal your user names and passwords. They impersonate the retrieved data Interact with your contacts without your knowledge. 1 2 3 4 5 Thus, your IM account gets exposed to identity thefts. Victim Attacker Internet Connection How Impersonation works? ©2014 iYogi Limited. All Rights Reserved.
  • 9. Phishing – How It Works? Hackers divert you to a fake charitable websites A Trojan is installed on your PC. It takes control of your PC It removes, moves, extracts data and execute a file. Every time you are online, Trojan notifies the hacker. The hacker monitors and controls your PC and steal data 1 2 3 4 5 6 Different methods of phishing:  Fake websites  Image manipulation  Phone phishing  Link manipulation  JavaScript commands ©2014 iYogi Limited. All Rights Reserved.
  • 10. Spoofing – How It Works? Hackers search for IP addresses of legitimate hosts. They impersonate the message originated from that trusted host. They gather data from your infected PC. 1 2 3 Different methods of spoofing include:  Man-in-the-middle attack  Spyware techniques Spoofed Packed Source IP : 192.168.1.100 (Sniffer) Destination IP : 192.168.1.1 (Target)  Rogue antispyware programs  Server spoofing IP : 10.0.0.1 Gather Sniffed Data 1 3 Spoof Response 2 Target IP : 192.168.1.1 Sniffer IP: 192.168.1.100 IP Spoofing Attach ©2014 iYogi Limited. All Rights Reserved.
  • 11. DDoSAttacks – How It Works? Hackers target large websites They create a “zombie” network. Install client software Gain remote access on machines connected to the network. The client software floods infected website with data traffic You get infected while accessing the infected site. 1 2 3 4 5 6 Various types of DDoS cyber attacks are –  Buffer Overflow Attacks  SYN Flood Attacks  Teardrop Attacks  Smurf Attacks  Virus and worms  Ping of death Distributed Denial of Service (or mostly known as DDoS) are conducted on massive level. Send cookies, Online banking credentials and webmail credentials. Orders Slowloris DoS attacks on Anonymous hacktivism targets Slowloris DoS attacks Anonymous Hacktivism Webpage Target Zeus-Infected Clients Hacker C&C Server ©2014 iYogi Limited. All Rights Reserved.
  • 12. DNS Poisoning – How It Works? Hackers forge DNS information. They send false DNS information to redirect the traffic. They send fake DNS reply with fake information The DNS server stores information in cache. 1 2 3 4 DNS poisoning is used to redirect site visitors from online bank account to a fake website to collect users’ bank account credentials so that they logon and steal data/money. DNS Cache Poisoning 1 2 3 4 5 6 Cache poisoned Cache 203.74.17.22 208.174.175.2032 203.74.17.22 What is the IP address of www.xyz.com? What is the IP address of www.xyz.com? Name server Authoritative server(s) Client www.xyz.com Attacking server 1. Fictitious addresses ©2014 iYogi Limited. All Rights Reserved.
  • 13. Password Cracking – How It Works? Hackers distribute the load of password on several computers They make a collaborative attempt of cracking password Password thieves use password cracking tools They automate the process of deciphering the password 1 2 3 4 Common password cracking tools are –  Mio-Star  Saltine Cracker  Slurpie  John the Ripper  L0phtCrack (LC3) ©2014 iYogi Limited. All Rights Reserved.
  • 14. Safety Measures to Protect Against Cyber Attacks ©2014 iYogi Limited. All Rights Reserved.
  • 15. 3 Golden Rules of Online Safety VERIFY  Check for the proof of presence in the real-world such as address, phone number, email address so that you can make a phone call when in doubt.  Right-click on the link, choose ‘Properties’ to verify if the destination of the link matches with the information in the email and under Properties window.  Look for a padlock in the browser window or if the URL starts with “https://” .  Check if it has the same address of the actual website. SECURE  Check for the proof of presence in the real-world such as address, phone number, email address so that you can make a phone call when in doubt.  Right-click on the link, choose ‘Properties’ to verify if the destination of the link matches with the information in the email and under Properties window.  Look for a padlock in the browser window or if the URL starts with “https://” .  Check if it has the same address of the actual website. PREVENT  Use less popular browsers having small market share compared to Internet Explorer, Google Chrome . Smaller browsers are unprofitable for hackers to target.  Perform regular virus scan to prevent DDoS types of cyber attacks.  Secure host systems by updating security patches, firewall and real-time threat detection tools. With these security and filtering measures, packets sent out to the Internet are scrutinized by the security program installed on the host machine.  Configure modems/routers to prevent those send/receive broadcast messages to the network. ©2014 iYogi Limited. All Rights Reserved.
  • 16. Above All These, You Should Also Remember – There is no patch for human negligence toward cyber attacks No security to prevent greed toward phishing mail with lures of lottery prize money, large funds transfer etc. Refrain from visiting unknown donation sites If you are too startled to use web services, email accounts or social networking sites, then leave your cyber attack worries on the expert – TechGenie Absolute. ©2014 iYogi Limited. All Rights Reserved.