Professional Documents
Culture Documents
The Cybersecurity Essentials Booklet
The Cybersecurity Essentials Booklet
CYBERSECURITY THREATS
FOR SCHOOLS?
OW N I T. S E C U R E I T. P R O T E C T I T.
2
Contents
Phising & Spear Phishing 4
Malware Attack 7
Drive-By Attack 8
Password Attack 9
Program 10
OWN IT.
SECURE IT.
PROTECT IT.
3
PHISHING & SPEAR
THREATS PHISHING
SPEAR PHISHING PHISHING
Spear phishing or phishing involves
sending emails with malicious
attachments designed to steal APPROACH
personal information. The phishing
attack can also lead the victim to Spray & Pray Targeted Attack
an illegitimate website that steals
passwords, credit card details, and TARGETING
other sensitive data. A phishing
attack uses technical trickery and Broad & Specific employee
social engineering to achieve its Automated and/or company
goals. Attackers employing phishing
choose their targets carefully and
take on the guise of a trusted source HACKING LEVEL
that victims are less likely to
question. The attackers also use
Not Very Requires Advanced
personalized messages that make Sophisticated Techniques
the emails look relevant and
trustworthy. As a result, schools THE ATTACK
might ind it challenging to protect
themselves from spear phishing Usually Obvious Harder to Detect
attacks.
Phishing is one of the most
common forms of cyber threats.
WHAT THEY’RE AFTER
Usernames, Passwords, Confidential
Credit Card Details, etc. Information, etc.
In 2020, phishing
was responsible for
more than 80% of
reported security
incidents.
4
DISTRIBUTED
THREATS
DENIAL-OF-
SERVICE (DDOS)
Distributed Denial-of-service
(DDoS) is an attack which targets
the resources of a server, network,
website, or computer to take it
Hackers Activate Zombies
on Innocent Computers down or disrupt services. DDoS
attacks generally have a host system
that infects other computers or
servers connected to the network.
DDoS attacks overload a system
AS AS
with constant flooding of connection
requests, notifications and traffic. As
a result, the system denies service
Peering ISP Backbone requests by legitimate users. DDoS
Point Infrastructure-Level
DDoS Attacks attacks don’t benefit the attacker
directly as they don’t steal any
information, it just compromises
the systems so they can’t function
Bandwidth-Level properly. Nonetheless, DDoS attacks
DDoS Attacks
can be damaging for schools as it
Web can halt operations and result in
Server
Server-level damages often as high as 100’s of
Schools
AS DDoS Attacks thousands of dollars via things like
Incl. HTTP, DNS, etc.
lost revenue, lost productivity and
Attacked reputational damage.
Server
Between January
2020 and March
2021, DDoS attacks
increased by 55%
5
MAN-IN-THE- STEP 1: Hijacking the Session
THREATS
MIDDLE (MITM)
ATTACK Session
A MitM attack occurs when a hacker
inserts themselves between the
communications of a client and a
SNIFFING
server. Here are some common VICTIM SERVER
192.168.1.23
types of man-in-the-middle attacks:
Session Hijacking
Cybercriminals use session hijacking
to gain control of the victim’s
sessions and get access to resources
ATTACKER
or data. The most common method
is IP spoofing, where the hijacker
uses the IP of the trusted client to
avail unauthorized services from a
server or application.
VICTIM
Disconnected
SERVER
Compromised or
Copied Traffic
ATTACKER
192.168.1.23
6
MALWARE
THREATS
Macro viruses File infectors
Macro viruses target the initialization
sequence of an application to
File infectors find their way in your
system through executable codes like ATTACK
compromise programs such as Microsoft .exe extensions. The infector becomes Malware or malicious software
Excel or Word. active when you access the .exe file or is designed for compromising a
the executable code. system for a purpose. A user can
Trojans unknowingly download malware
Logic bombs that infects a system and replicates
Trojans are non-replicating viruses that itself. Malware can be designed to
Logic bombs are pieces of malicious
gain unauthorized access to a system.
codes that get initialized when act in many ways, just like software.
Trojans often camouflage themselves in
the form of legitimate software.
predefined conditions are met. Attackers Some popular types of malware
can program logic bombs to serve a include:
range of purposes.
System or 1. Macro viruses
boot-record infectors Worms 2. Trojans
These infectors attach to executable Worms don’t need a host file to 3. System or boot-record infectors
codes residing in parts of a disc. Boot- propagate themselves on a network or 4. Polymorphic viruses
record infectors can connect to a hard system. They are self- contained forms 5. Stealth viruses
disk’s Master Boot Records and even of viruses.
6. File infectors
boot sectors of USB flash drives. The
7. Logic bombs
infectors are initialized when someone Droppers 8. Worms
boots using the compromised disk or
Droppers help viruses find their way into 9. Droppers
drive.
your networks and systems. Most often, 10. Ransomware
your antivirus will not detect droppers
Polymorphic viruses as they don’t contain the malicious code-
Polymorphic viruses replicate endlessly they just lead to it!
to sabotage systems. They use dynamic
encryption keys every time to avoid Ransomware
detection.
Ransomware can take the form of any
virus that holds a victim’s data hostage
Stealth viruses for ransom. Ransomware attacks often
Stealth viruses hide under the guise of encrypt data or files and demand money
system functions. They also infect your in exchange for decryption keys.
computer’s defenses to stay undetected.
600%
66 Days Increase in Cyber
The number of days to discover a Cyber-Attack Crime DueTo
COVID-19 Pandemic
7
DRIVE-BY
THREATS
VICTIM
ATTACK Visit Malicious Website
Drive-by attacks use various online
resources to compromise a user’s
system. The malicious code can be
inserted in internet ads, HTTP or Re
dire WEB SERVER
ct
PHP codes on websites, or even Reverse Shell
to
M (Compromised)
alw
applications. Contrary to other forms to Attacker Ex
p loi
are
Se
tB rve
of Cyber-Attacks, a user doesn’t row
ser
r
92 PERCENT
more.
The attacks also run in the
background and are not visible
to the user. As a result, you can’t
take any concrete steps to identify
incorrect codes. Only being
of Malware is Delivered by Email.
proactive can help schools protect
themselves from drive-by attacks.
8
IN 2018 HACKERS STOLE PASSWORD
THREATS
ATTACK
98 PERCENT
73 PERCENT of Cyber-Attacks rely
on Social Engineering.
of Passwords are Duplicates.
9
5 Crucial Elements of an
Effective Cyber Security
Program:
1. Offence Informs Defense
Learning and acquiring knowledge from
actual attacks that compromised your system
can lead to effective and practical defenses.
Your defense should be built only on controls
that have proven successful in preventing
real-world attacks for the best results.
2. Prioritization
Schools should only focus on controls that can
reduce risk most effectively and protect the
organization from dangerous cyber threats.
Also, the control should be feasible enough to
be implemented in your computing
environment.
5. Automation
Automation helps schools ensure compliance
with controls and gain a scalable and reliable
way to fight off cyber threats. Automation
also increases efficiencies and saves both
time and labour.
10
WE CAN HELP!
HOW WE CAN HELP
TALK TO US TODAY
dan@appsevents.com
appsevents.com
12