Professional Documents
Culture Documents
TEXT BOOK:
REFERENCE BOOK:
What is cybercrime?
Examples of cybercrime
So, what exactly counts as cybercrime? And are there any
well-known examples?
In this section, we look at famous examples of different types of
cybercrime attack used by cybercriminals. Read on to
understand what counts as cybercrime.
Malware attacks
Be sure to use strong passwords that people will not guess and
do not record them anywhere. Or use a reputable password
manager to generate strong passwords randomly to make this
easier.
Never open attachments in spam emails
data-leakage attacks
injection attacks and abuse of
functionality
spoofing
time-state attacks
buffer and data structure attacks
resource manipulation
stolen credentials usage
backdoors
dictionary attacks on passwords
exploitation of authentication
installation of unauthorized
software
removal of sensitive data
Intermediary Liability
Intermediary, dealing with any specific electronic records, is a
person who on behalf of another person accepts, stores or
transmits that record or provides any service with respect to that
record.
According to the above mentioned definition, it includes the
following −
Telecom service providers
Network service providers
Internet service providers
Web-hosting service providers
Search engines
Online payment sites
Online auction sites
1. You work with the latest and most updated security tools
available. For anti-virus tools to be effective and useful, they
need to work with the latest virus definitions, allowing them to
stomp out threats, even the newest ones. With security as a
service, you’re always using tools that are updated with the
latest threats and options. This means no more worrying that
your users are not updating their anti-virus software and keeping
other software up to date to ensure the latest security patches are
in use. The same case goes for updating and maintaining spam
filters.
2. You get the best security people working for you. IT security
experts are at your beck and call, and they may have more
experience and a better skillset than anybody on your IT team.
1. Interoperable.
Avoid vendor lock-in and have more flexibility by making sure
that the solutions you choose have no interoperability issues.
2. Low TCO.
The total cost of ownership (TCO) is a good criterion in
choosing a SECaaS provider. Read the fine print and be sure
that you get the language right, or else you might end up paying
more with your chosen package than a similar one with a
nominally higher advertised rate.
3. Reporting.
Your chosen solutions should have a reporting mechanism that
would allow you to see major security events, attack logs, and
other important data. While the primary benefit of SECaaS is
having a third party to manage the full security picture, you still
want the visibility option.Security as a Service is becoming
an increasingly popular option among enterprises and SMBs
alike. The growing adoption of SECaaS is driven by a shortage
of security resources including qualified infosec professionals as
well as skills and tools as a whole – coupled with the
ever-expanding threat landscape. For many companies today,
the idea of outsourcing the management, implementation, and
oversight of the complex realm of security simply makes sense,
and it’s proving a cost-effective investment for companies that
take advantage of it.
Lecture 10
Attacks on Mobile/Cell Phones, Mobile Devices
SMiShing :
Smishing become common now as smartphones are widely used.
SMiShing uses Short Message Service (SMS) to send fraud text
messages or links. The criminals cheat the user by calling.
Victims may provide sensitive information such as credit card
information, account information, etc. Accessing a website
might result in the user unknowingly downloading malware that
infects the device.
War driving :
War driving is a way used by attackers to find access points
wherever they can be. With the availability of free Wi-Fi
connection, they can drive around and obtain a very huge
amount of information over a very short period of time.
WEP attack :
Wired Equivalent Privacy (WEP) is a security protocol that
attempted to provide a wireless local area network with the same
level of security as a wired LAN. Since physical security steps
help to protect a wired LAN, WEP attempts to provide similar
protection for data transmitted over WLAN with encryption.
Bluejacking :
Bluejacking is used for sending unauthorized messages to
another Bluetooth device. Bluetooth is a high-speed but very
short-range wireless technology for exchanging data between
desktop and mobile computers and other devices.
Replay attacks :
In Replay attack an attacker spies on information being sent
between a sender and a receiver. Once the attacker has spied on
the information, he or she can intercept it and retransmit it again
thus leading to some delay in data transmission. It is also known
as playback attack.
Bluesnarfing :
It occurs when the attacker copies the victim’s information from
his device. An attacker can access information such as the user’s
calendar, contact list, e-mail and text messages without leaving
any evidence of the attack.
RF Jamming :
Wireless signals are susceptible to electromagnetic interference
and radio-frequency interference. Radio frequency (RF)
jamming distorts the transmission of a satellite station so that the
signal does not reach the receiving station.
Attention reader! Don’t stop learning now. Get hold of all the
important CS Theory concepts for SDE interviews with the CS
Theory Course at a student-friendly price and become industry
ready.
Concept of Mishing
Misbing is a combination of mobile phone and Phishing.
Mishing attacks are attempted using mobile phone technology.
M-Commerce is fast becoming a part of everyday life. If you
use your mobile phone for purchasing goods/services and for
banking, you could be more vulnerable to a Mishing scam. A
typical Mishing attacker uses call termed as Vishing or message
(SMS) known as Smishing. Attacker will pretend to be an
employee-from your bank or another organization and will
claim a need for your personal details. Attackers are very
creative and they would try to convince you with different
reasons why they need this information from you.
Concept of Vishing
ID theft
Purchasing luxury goods and services
Transferring money/funds
Monitoring the victims' bank accounts
Making applications for loans and credit cards
How Vishing Works
There are many ways to handle the matter of creating policy for
mobile devices. One way is creating distinct mobile computing
policy. Another way is including such devices existing policy.
There are also approaches in between where mobile devices fall
under both existing policies and a new one.In the hybrid
approach, a new policy is created to address the specific needs
of the mobile devices but more general usage issues fall under
general IT policies. As a part of this approach, the "acceptable
use" policy for other technologies is extended to the mobile
devices. There may not be a need for separate policies for
wireless, LAN, wide area network (WAN), etc. because a
properly written network policy can cover all connections to the
company data, including mobile and wireless.
Companies new to mobile devices may adopt an umbrella
mobile policy but they find over time the the they will need to
modify their policies to match the challenges posed by different
kinds of mobile hand-held devices. For example, wireless
devices pose different challenges than non-wireless Also,
employees who use mobile devices more than 20%% of the time
will have different requirements than less-frequent users. It may
happen that over time, companies may need to create separate
policies for the mobile devices on the basis of whether they
connect wirelessly and with distinctions for devices that connect
to WANs and LANs .
It is never too early to start, planning for mobile devices, even
when a company, at a given point of time, cannot afford creating
any special security policies to mitigate the threats posed by
mobile computing devices to cyber security. It is, after all, an
issue of new technology adoption for many organizations. By
contemplating its uses companies may think of ways they can
use it and, perhaps just as important, how their competitors will
use it.
Lecture 13
Cyber Offenses
The faster world-wide connectivity has developed numerous
online crimes and these increased offences led to the need of
laws for protection. In order to keep in stride with the changing
generation, the Indian Parliament passed the Information
Technology Act 2000 that has been conceptualized on the
United Nations Commissions on International Trade Law
(UNCITRAL) Model Law.
The law defines the offenses in a detailed manner along with the
penalties for each category of offence.
Offences
Cyber offences are the illegitimate actions, which are carried out
in a classy manner where either the computer is the tool or target
or both.
Cyber-crime usually includes the following −
Unauthorized access of the computers
Data diddling
Virus/worms attack
Theft of computer system
Hacking
Denial of attacks
Logic bombs
Trojan attacks
Internet time theft
Web jacking
Email bombing
Salami attacks
Physically damaging computer system.
The offences included in the I.T. Act 2000 are as follows −
Tampering with the computer source documents.
Hacking with computer system.
Publishing of information which is obscene in electronic form.
Power of Controller to give directions.
Directions of Controller to a subscriber to extend facilities to
decrypt information.
Protected system.
Penalty for misrepresentation.
Penalty for breach of confidentiality and privacy.
Penalty for publishing Digital Signature Certificate false in
certain particulars.
Publication for fraudulent purpose.
Act to apply for offence or contravention committed outside
India Confiscation.
Penalties or confiscation not to interfere with other punishments.
Power to investigate offences.
Classifications of Cybercrime
Crime is defined as "an act or the commission of an act that is
forbidden, or the omission of a duty that is commanded by a
public law and that makes the offender liable to punishment by
that law".
Cybercrimes are classified as follows:
1. Cybercrime against individual
Forgery
Cyberterrorism
Web Jacking
5. Crimes emanating from Usenet newsgroup
1. Reconnaissance
The literal meaning of "Reconnaissance" is an act of
reconnoitering- explore, often with the goal of finding
something or somebody (especially to gain information about an
enemy or potential enemy).
In the world of "hacking," reconnaissance phase begins with
"Footprinting" - this is the preparation toward preattack phase,
and involves accumulating data about the target's environment
and computer architecture to find ways to intrude into that
environment. Footprinting gives an overview about system
vulnerabilities and provides a judgment about possible
exploitation of those vulnerabilities. The objective of this
preparatory phase is to understand the system, its networking
ports and services, and any other aspects of its security that are
needful for launching the attack.
Thus, an attacker attempts to gather information in two phases:
passive and active attacks.
2. Passive Attacks
A passive attack involves gathering information about a target
without his/her (individual's or company's) knowledge. It can be
as simple as watching a building to identify what time
employees enter the building's premises. However, it is usually
done using Internet searches or by Googling (i,e., searching the
required information with the help of search engine Google) an
individual or company to gain information.
Google or Yahoo search: People search to locate information
about employees.
Surfing online community groups like Orkut/Facebook will
prove useful to gain the information about an individual.
Organization's website may provide a personnel directory or
information about key employees, for example, contact details,
E-Mail address, etc. These can be used in a social engineering
attack to reach the target.
Blogs, newsgroups, press releases, etc. are generally used as the
mediums to gain information about the company or employees.
Going through the job postings in particular job profiles for
technical persons can provide information about type of
technology, that is, servers or infrastructure devices a company
maybe using on its network.
3. Active Attacks
An active attack involves probing the network to discover
individual hosts to confirm the information (IP addresses,
operating system type and version, and services on the network)
gathered in the passive attack, phase. It involves the risk of
detection and is also called "Rattling the doorknobs" or "Active
reconnaissance."
Active reconnaissance can provide confirmation to an attacker
about security measures in place,, but the process can also
increase the chance of being caught or raise suspicion.
4. Scanning and Scrutinizing Gathered Information
Scanning is a key step to examine intelligently while gathering
information about the target. The objectives of scanning are as
follows:
Port scanning: Identify open/close ports and services.
Network scanning: Understand IP Addresses and related
information about the computer network systems.
Vulnerability scanning: Understand the existing weaknesses in
the system.
The scrutinizing phase is always called "enumeration" in the
hacking world. The objective behind this step is to identify:
The valid user accounts or groups;
Network resources and/or shared resources
OS and different applications that are running on the OS
5. Attack (Gaining and Maintaining the System Access)
After the scanning and enumeration, the attack is launched using
the following steps:
Crack the password
Exploit he password
Execute the malicious command/applications;
Hide the files (if required)
Lecture 15
Social Engineering
Types of proxy –
A proxy server may reside on the user’s local computer, or at
various points between the user’s computer and destination
servers on the Internet.
A proxy server that passes requests and responses unmodified is
usually called a gateway or sometimes a tunneling proxy.
A forward proxy is an Internet-facing proxy used to retrieve
from a wide range of sources (in most cases anywhere on the
Internet).
A reverse proxy is usually an Internet-facing proxy used as a
front-end to control and protect access to a server on a private
network. A reverse proxy commonly also performs tasks such as
load-balancing, authentication, decryption or caching.
Open proxies – An open proxy is a forwarding proxy server that
is accessible by any Internet user. Gordon Lyon estimates there
are “hundreds of thousands” of open proxies on the Internet. An
anonymous open proxy allows users to conceal their IP address
while browsing the Web or using other Internet services. There
are varying degrees of anonymity however, as well as a number
of methods of ‘tricking’ the client into revealing itself regardless
of the proxy being used.
Phishing - Techniques
Types of viruses:
i. Parasitic Virus: The traditional and still most common form of
virus. A parasitic virus attaches itself to executable and
replicates when the infected program is executed.
ii. Memory resident Virus: Lodges in main memory as part of a
resident system program. From that point on, the virus infects
every program that executes.
iii. Boot-Sector Virus: Infects a master boot record or boot
record and spreads when a system is booted from the disk
containing the virus.
iv. Stealth Virus: A form of virus explicitly designed to hide
itself from detection by antivirus software.
v. Polymorphic Virus: A virus that mutates with every infection,
making detection by the “signature” of the virus impossible.
vi. Metamorphic Virus: A metamorphic virus mutates with
every infection. The difference is that a metamorphic virus
rewrites itself completely at each iteration, increasing the
difficulty of detection. Metamorphic viruses may change their
behaviour as well as their appearance.
Examples of recent viruses:
i. Macro viruses:
Worms:
Trojan Horse
A Trojan horse, commonly known as a “Trojan,” is a type
of malware that disguises itself as a normal file or program
to trick users into downloading and installing malware.
A Trojan can give a malicious party remote access to an
infected computer.
Once an attacker has access to an infected computer, it is
possible for the attacker to steal data (logins, financial data, even
electronic money), install more malware, modify files, monitor
user activity (screen watching, key logging, etc), use the
computer in botnets, and anonymise internet activity by the
attacker.
Lecture 26
Steganography, DoS and DDoS attacks
DoS - Attack
in this type of criminal act, the attacker floods the bandwidth of
the victim's network or fills his E-Mail box with Spam mail
depriving him of the services he is entitled to access or provide.
Although the means to carry out, motives for, and targets of a
DoS attack may vary, it generally consists of the concerted
efforts of a person or people to prevent the Internet site or
service from functioning efficiently or at all, temporarily or
indefinitely. The attackers typically target sites or services
hosted on high-profile web servers such as banks, credit card
payment gateways, mobile phone networks and even root name
servers (i.e., domain name, servers). Buffer overflow technique
is employed to commit such kind of criminal attack known as
spoofing. The term IP address Spoofing refers to the creation of
IP packets with a forged (spoofed) source IP address with the
purpose of concealing the ID of the sender or impersonating
another computing system. A packet is a formatted unit of data
carried by a packet mode computer network. The attacker spoofs
the IP address and floods the network of the victim with
repeated requests. As the IP address is fake, the victim machine
keeps waiting for response from the attacker's machine for each
request. This consumes the bandwidth of the network which
then fails to serve the legitimate requests and ultimately breaks
down.
The United States Computer Emergency Response Team
defines symptoms of DoS attacks to include:
Unusually slow network performance (opening files or
accessing websites);
Unavailability of a particular website;
Inability to access any website;
Dramatic increase in the number of Spam E-Mails receive of
DoS attack is termed as an E-Mail bomb).
The goal of DoS is not to gain unauthorized access to systems or
data, but to prevent intended users (i.e., legitimate users) of a
service from using it. A DoS attack may do the following:
Flood a network with traffic, thereby preventing legitimate
network traffic.
Disrupt connections between two systems, thereby preventing
access to a service.
Prevent a particular individual from accessing a service.
Disrupt service to a specific system or person.
DDoS - Attack
In a DDoS attack, an attacker may use your computer to attack
another computer. By taking advantage of security
vulnerabilities or weaknesses, an attacker could take control of
your computer. He/she could then force your computer to send
huge amounts of data to a website or send Spam to particular
E-Mail addresses. The attack is "distributed" because the
attacker is using multiple computers, including yours, to launch
the DoS attack.
A DDoS attack is a distributed DoS wherein a large number of
zombie systems are synchronized to attack a particular system.
The zombie systems are called "secondary victims" and the
main target is called "primary victim."
Tools used to launch DDoS attack
1. Trinoo: It is a set of computer programs to conduct a DDoS
attack. It is believed that Trinoo networks have been set up on
thousands of systems on the Internet that have been
compromised by remote buffer overrun exploit.
2. Tribe Flood Network (TFN): It is a set of computer
programs to conduct various DDoS attacks such as ICMP flood,
SYN flood, UDP flood and Smurf attack.
3. Stacheldraht: It is written by Random for Linux and Solaris
systems, which acts as a DDoS agent. It combines features of
Trinoo with TFN and adds encryption.
4. Shaft: This network looks conceptually similar to a Trinoo; it
is a packet flooding attack and the client controls the size of the
flooding packets and duration of the attack.
5. MStream: It uses spoofed TCP packets with the ACK flag set
to attack the target. Communication is not encrypted and is
performed through TCP and UDP. packers. Access to the
handler is password protected. This program has a feature not
found in other DDoS tools. It informs all connected users of
access, successful or not, to the handler(s) by competing parties.
Lecture 27
SQL Injection
Structured Query Language (SQL) is a database computer
language designed for managing data in relational database
management systems (RDBMS). SQL injection is a code
injection technique that exploits a security vulnerability
occurring in the database layer of an application. The
vulnerability is present when user input is either filtered
incorrectly for string literal escape characters embedded in SQL
statements or user input is not strongly typed and thereby
unexpectedly executed. It is an instance of a more general class
of vulnerabilities that can occur whenever one programming or
scripting language is embedded inside another. SQL injection
attacks are also known as SQL insertion attacks.
Attackers target the SQL servers - common database servers
used by many organizations to store confidential data. The
prime objective behind SQL injection attack is to obtain the
information while accessing a database table that may contain
personal information such as credit card numbers, social
security numbers or passwords. During an SQL injection attack,
Malicious Code is inserted into a web form field or the website's
code to make a system execute a command shell or other
arbitrary commands. Just as a legitimate user enters queries and
additions to the SQL database via a web form, the attacker can
insert commands to the SQL server through the same web form
field. For example, an arbitrary command from an attacker
might open a command prompt or display a table from the
database. This makes an SQL server a high-value target and
therefore a system seems to be very attractive to attackers.
The attacker determines whether a database and the tables
residing into it are vulnerable, before launching an attack. Many
webpages take parameters from web user and make SQL query
to the database. For example, when a user logs in with username
and password, an SQL query is sent to the database to check if a
user has valid name and password. With SQL injection, it is
possible for an attacker to send crafted username and/or
password field that will change the SQL query.
With the growth in the use of internet these days the cyber
crimes are also growing. Cyber theft of Intellectual Property(IP)
is one of them. Cyber theft of IP means stealing of copyrights,
trade secrets, patents etc., using internet and computers.
Copyrights and trade secrets are the two forms of IP that is
frequently stolen. For example, stealing of software, a unique
recipe of a well-known dish, business strategies etc. Generally,
the stolen material is sold to the rivals or others for further sale
of the product. This may result in the huge loss to the company
who originally created it.
Earlier, a lot of physical labour, time and money was spent to
steal a trade secret or make a pirated version of anything. The
original copies had to be physically stolen which used to take lot
of time and money. But in the present scenario these works can
be done easily sitting at one place without shedding too much
time and money on it without leaving any proof of it.
One of the major cyber theft of IP faced by India is piracy.
These days one can get pirated version of movies, software etc.
The piracy results in a huge loss of revenue to the copyright
holder. It is difficult to find the cyber thieves and punish them
because everything they do is over internet, so they erase the
data immediately and disappear within fraction of a second. The
country has started taking strict measures to curb this offence.
Telangana Intellectual Property Crime Unit (TIPCU) is one of
the first unit that has been launched to deal with the IP crime.
Some of the ways through which one can protect IP from cyber
theft are:
Frequently updating the list of IPs' that need to be secured.
The company can increase the security to access its trade
secrets.
It can reduce the number of people who can access their trade
secrets.
Company needs to be up to date with software systems.
Constantly checking for some unusual cyber activities.
Constantly educate their employees about cyber security.
Constructing some threat mitigating programmes.
Installing up-to date anti-virus software.
Allowing employees to reach only some classified data.
Even after taking all these steps to protect IP's there is no
guarantee that they cannot be stolen because human dependence
on the internet is growing constantly and people come up with
new ways to do even a small thing so even in this case these
cyber thieves may come up with new ways to crack all these
security systems.
Copyrights
Copyrights include "literary and artistic works," which are
described in Article 2(1) of the Berne Convention for the
Protection of Literary and Artistic Works of 1886 as,
The expression 'literary and artistic works' shall include every
production in the literary, scientific and artistic domain,
whatever may be the mode or form of its expression, such as
books, pamphlets and other writings; lectures, addresses,
sermons and other works of the same nature; dramatic or
dramatico-musical works; choreographic works and
entertainments in dumb show; musical compositions with or
without words; cinematographic works to which are assimilated
works expressed by a process analogous to cinematography;
works of drawing, painting, architecture, sculpture, engraving
and lithography; photographic works to which are assimilated
works expressed by a process analogous to photography; works
of applied art; illustrations, maps, plans, sketches and
three-dimensional works relative to geography, topography,
architecture or science.
In addition to the Berne Convention, the International
Convention for the Protection of Performers, Producers of
Phonograms and Broadcasting Organisations of 1961 (Rome
Neighbouring Rights Convention) also protects copyrights and
delineates the rights of copyright holders. The World
Intellectual Property Organization (WIPO), the International
Labour Organization (ILO) and the United Nations Educational,
Scientific and Cultural Organization (UNESCO) jointly
administer this convention. WIPO, ILO and UNESCO also
jointly administer the Convention for the Protection of
Producers of Phonograms Against Unauthorized Duplication of
Their Phonograms of 1971 (Geneva Phonograms Convention).
"Recognizing the profound impact of the development and
convergence of information and communication technologies on
the production and use of performances and phonograms,"
WIPO's Performances and Phonograms Treaty of 1996 covers
the rights of "performers (actors, singers, musicians, etc.);
and …producers of phonograms (persons or legal entities that
take the initiative and have the responsibility for the fixation of
sounds)" "in the digital environment" (WIPO, n.d.).
Additionally, WIPO's Copyright Treaty of 1996, "a special
agreement under the Berne Convention…[,] deals with the
protection of works and the rights of their authors in the digital
environment…[including]computer programs, whatever the
mode or form of their expression… and …compilations of data
or other material ("databases") (WIPO, "WIPO Copyright
Treaty").National laws (e.g., Burundi, Law No. 1/021 of 30
December 2005, on the Protection of Copyright and Related
Rights) and regional treaties also exist that protect copyrights
(e.g., Organization of American States (OAS) Inter-American
Convention on the Rights of the Author in Literary, Scientific,
and Artistic Works of 1947).
The infringement of copyright protection online is known
as digital piracy, which involves the uploading, streaming,
downloading and sharing of copyrighted works (e.g., books,
music, and films) beyond authorization for access, use and
distribution prescribed by law. A case in point was Napster, an
online platform that enabled the illegal distribution of music
through peer-to-peer file sharing ( A&M Records, Inc. v.
Napster, Inc., 2001). Copyright infringement also occurred on
other peer-to-peer file sharing and Torrent sites (such as Kazaa,
Limewire, and PirateBay), and cryptolockers (i.e., sites that
provide cloud storage and sharing services to clients; e.g.,
Megaupload) (Drath, 2012). Like other forms of cyber-enabled
intellectual property crime, digital piracy deprives the authors
and publishers of copyrighted works of economic returns on
their creations, property and labour. For example, HBO (a US
channel network that requires viewers to pay to view content)
experienced millions of dollars in lost US revenue when
episodes of one of its TV series, Game of Thrones, were leaked
online for free viewing (Denham, 2015).Scripts of Game of
Thrones' episodes and the unaired episodes of the HBO TV
shows were also leaked online following a data breach that HBO
experienced in 2017 (Gibbs, 2017).
Trademarks
Trademarks are identifiers that distinguish the source of a good
or service (Maras, 2016). This source can be either a business,
person or geographical location. Trademarks can include logos,
symbols, designs, names, and slogans, among other things,
which belong to and distinguish between goods, services, and
brands. The identifiers that make up trademarks acquire value
through the labour, money, knowledge, and the skills of the
trademark owners. The value acquired is based on the
characteristics, quality and/or reliability of the good or service.
Trademarks protect owners of the trademark from unfair
competition practices that seek to profit from the owner's
investment in the development and/or provision of the good or
service (WIPO, 1993). Trademarks also protect consumers by
helping them recognize the source of a good or service.
Patents
Patents are novel and unique creations, innovations, and
inventions that have been registered with a governing body,
which may extend protections nationally and/or internationally.
Patents proscribe the use and exploitation of innovations without
the authorization (i.e., explicit consent or permission) of the
patent owner. Design patents (or industrial designs) are also a
protected form of intellectual property. Industrial designs are
considered a form of intellectual property because these designs
are created with the specific purpose of being aesthetically
pleasing to consumers and impacts consumers' choices between
products. Industrial designs, therefore, impact the marketability
and commercial value of products (WIPO, 2006).
Lecture 31
Web threats for Organizations
2. TROJANS HORSE
Trojan horse is a malicious code or program that developed by
hackers to disguise as legitimate software to gain access to
organization’s systems. It has designed to delete, modify,
damage, block, or some other harmful action on
your data or network.
HOW DOES TROJANS HORSE ATTACK?
3. ADWARE
Adware is a software program that contains commercial and
marketing related advertisements such as
display advertisements through pop-up windows or bars, banner
ads, video on your computer screen.
Its main purpose is to generate revenue for its developer
(Adware) by serving different types advertisements to an
internet user.
HOW DOES ADWARE ATTACK?
7. PHISHING
Phishing is a type of social engineering attack that attempt to
gain confidential information such as usernames, passwords,
credit card information, login credentials, and so more.
HOW DOES PHISHING ATTACK?
8. SQL INJECTION
SQL injection is type of an injection attack and one of the most
common web hacking techniques that allows attacker to control
the back end database to change or delete data.
HOW DOES SQL INJECTION ATTACK?
It is an application security weakness and when an application
fails to properly sanitize the SQL statements then attacker can
include their own malicious SQL commands to access the
organization database. Attacker includes the malicious code
in SQL statements, via web page input.
9. ROOTKIT
Rootkit is a malicious program that installs and executes
malicious code on a system without user consent in order gain
administrator-level access to a computer or network system.
There are different types of Rootkit virus such as Bootkits,
Firmware Rootkits, Kernel-Level Rootkits and application
Rootkits.
HOW DOES ROOTKIT INSTALL?
It can be infected in a computer either by sharing infected disks
or drives. It is typically installed through a stolen password or
installed through by exploiting system vulnerabilities, social
engineering tactics, and phishing techniques without the
victim’s knowledge.
10. MALWARE
Malware is software that typically consists of program or code
and which is developed by cyber attackers. It is types of cyber
security threats to organizations which are designed to extensive
damage to systems or to gain unauthorized access to a computer.
HOW DOES MALWARE ATTACK?
1. Content Marketing
Content marketing can help you build credibility while addressing the major
challenge of educating your prospects. In order for your content
to be effective, it’s essential that your company provides
real-world examples to demonstrate both the importance of
cyber security and the effectiveness of your solutions.
Blogs
Downloadable Content
Offering downloadable content like e-books and whitepapers is
also an excellent way to convert your site traffic into leads that
you can later nurture. Not every topic is suited for long-form
content, and the truth is that you just won’t have time or
resources to create long-form content on every topic. Review
analytics for your current content to find the most popular or
searched for topics and terms. These are often the best places to
start when planning topics for downloadable content.
Video
Explanation videos are another great way to communicate what
your cyber security offering does and why it can be valuable to
your prospects. This can be an especially helpful tactic when
you’re trying to target CEOs and other C-level executives who
need more education. According to inbound marketing experts
at HubSpot, 75% of executives watch work-related videos on
business websites at least once a week, and 59% of executives
would rather watch a video than read text. These statistics
indicate that executives are open to learning more from video
content and may even prefer it over written content.
There are many ways that your company can use video to
engage and educate your audience. You might use video content
to break down statistics on cyberattacks, recovery expenses, and
the value of cyber security solutions. By providing real
examples of these issues in your video content, you can help
make the statistics more relevant and help create a stronger
sense of urgency.
You can also use this visual format to better explain how your
solution works and emphasize the value that your company can
offer its target audience. As with any offering from a technology
company, cyber security solutions can be difficult for those
outside of the IT world to understand. However, video content
allows you to more easily break down complex ideas for a wider
reading audience. This makes it ideal for cyber security
companies that need to communicate their value, especially to
C-level executives who may need a bit more explanation.
2. Email Marketing
Since education and awareness is a barrier to selling your
solution, it can often take a potential lead a significant amount
of time to reach the point where they are ready to request a
demo or contact a sales representative. In the meantime, you
need a way to nurture these leads and move them further down
the funnel. Email marketing is an effective way to do just that.
Links to your most recent blog posts talking about recent attacks
or security concerns and those that break down complex cyber
security topics for a wider reading audience.
Monthly offers and sales promotions like a free trail, which can
encourage prospects to sign up.
3. Webinars
Webinars are a great way for cyber security marketers to
connect with bottom-of-the-funnel leads. Webinars attendees are
already interested in learning more about your solution and the
threats it protects against, and they typically have taken some
time to do research. This means that they are more likely to be
engaged in the topics you are presenting.
Whether you are marketing to the CEO or the CTO, some things
remain the same – it is vital that you are honest about your
solution’s capabilities and take a data-driven approach to
messaging. Use these tips to stay on track:
5. Statement of Applicability
This document actually shows the security profile of your
company – based on the results of the risk treatment you need to
list all the controls you have implemented, why you have
implemented them and how. This document is also very
important because the certification auditor will use it as the main
guideline for the audit.
For details about this document, see article The importance of
Statement of Applicability for ISO 27001.
Thus, ISO 27001 asks you to select the security objectives and
security controls that address your unique security risks and
requirements, and then to use this information to prepare what
ISO calls an SoA. This SoA is, in turn, used to prepare a
detailed Risk Treatment Plan. Once you have implemented this
Plan, you have established ISMS, one that meets your
organization's unique InfoSec needs and requirements.
Fortunately, the ISO 17799 security objectives and security
controls are included with the ISO 27001 standard, so there is no
need to purchase ISO 17799 in order to build the ISMS.
However, for getting additional detailed implementation
guidance and other related information one has to purchase ISO
17799 . It is to be noted that ISO 17799 will eventually become
ISO 27002 .