CYBER SECURITY Md.

Foysal Hasan
SOME FACTS…
•According to the University of Maryland, hackers attack every 39 seconds,
on an average 2,244 times a day.
•A low-end cyberattack returns around $25,000 to the creators, while high-
end ones return almost $1 million per month, estimates Deloitte.
•According to IBM 2019 Cost of a Data Breach report, it takes 279 days
globally to identify and contain a data breach.
IT SECURITY AND CYBER SECURITY

Information security is defined as “protecting information and

information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction,” according to U.S. law

Cybersecurity covers the protection of data on the internet-

particularly from hackers and other cybercriminals.
WHEN ARE WE SECURE?

Are we secure if our systems are properly patched?

Are we secure if we use strong passwords?
Are we secure if we are disconnected from the Internet entirely?
VULNERABILITIES, THREATS, AND
RISKS
HACKER VS CRACKER
Hackers are the good people who do hacking with a good purpose to
obtain more knowledge of how things work. Hackers are also known as
White Hats or saviour.
Crackers are also hackers. Crackers also have the same knowledge of the
systems, programming and coding as the hackers do. They also perform
the same activities as hackers do. However, their objective is of breaking
the system and network to gain unauthorized access. 
TYPES OF HACKERS
Black Hat Hacker: Black-hat Hackers are also known as an Unethical
Hacker or a Security Cracker. These people hack the system illegally to
steal money or to achieve their own illegal goals.
White Hat Hacker: White hat Hackers are also known as Ethical
Hackers or a Penetration Tester. White hat hackers are the good guys of
the hacker world.
Grey Hat Hacker: Gray hat Hackers are Hybrid between Black hat
Hackers and White hat hackers. They can hack any system even if they
don't have permission to test the security of the system but they will
never steal money or damage the system.
SECURITY THREATS
PHISHING

Phishing is a type of social engineering where an attacker sends a

fraudulent ("spoofed") message designed to trick a human victim into
revealing sensitive information to the attacker or to deploy malicious
software on the victim's infrastructure like ransomware.
PHISHING EXAMPLE
DOS VS DDOS
A Denial-of-Service (DoS) attack is an attack meant to shut down a
machine or network, making it inaccessible to its intended users. 
A distributed denial-of-service (DDoS) attack is a malicious attempt to
disrupt the normal traffic of a targeted server, service or network by
overwhelming the target or its surrounding infrastructure with a flood of
Internet traffic.
MALWARE

The term malware is a contraction of malicious software.

Simply put, malware is any piece of software that is designed with the intent
to damage, disrupt or gain unauthorised access to your device and inflict
harm to data and/or people in multiple ways.
Viruses, Worms, Trojan Horses, Ransomware, Adware, Spyware
WORMS
Worms spread via software vulnerabilities or phishing attacks. Once a
worm has installed itself into your computer’s memory, it starts to infect
the whole machine and in some cases… your whole network.
They can infect large numbers of computers fast, consuming bandwidth
and overloading your web server as they go.
VIRUSES
Unlike worms, viruses need an already-infected active operating system
or program to work. Viruses are typically attached to an executable file
or a word document.
Most people are probably aware that a .exe file extension could lead to
issues if it’s not from a trusted source. But there are hundreds of other
file extensions that denote an executable file.
TROJAN HORSES
Just as it sounds, a Trojan Horse is a malicious program that disguises
itself as a legitimate file.
Once you’ve got the Trojan on your device, hackers can use it to…
Delete, modify and capture data
Harvest your device as part of a botnet
Spy on your device
Gain access to your network
RANSOMWARE
Ransomware denies or restricts access to your own files. Then it demands
payment (usually with crypto-currencies) in return for letting you back in.
WannaCry affected MS Operating systems that did not have the latest patch
installed for a known vulnerability. To reduce the risk of ransomware
attacks…
Always keep your Operating System up to date
Keep your Anti-Virus software up to date
Back-up your most important files
Don’t open attachments from unknown sources (WannaCry was spread
via a .js attachment)
ADWARE AND SPYWARE
Adware is one of the better-known types of malware. It serves pop-ups and
display ads that often have no relevance to you.
Spyware secretly records your online activity, harvesting your data and
collecting personal information such as usernames, passwords and surfing
habits.
IF YOU’VE NOTICED ANY OF THE
FOLLOWING, YOU MAY HAVE MALWARE
ON YOUR DEVICE
 A slow, crashing or freezing computer
 Blue screen of death (BSOD)
 Programmes opening and closing automatically or altering themselves
 Lack of storage space
 Increased pop-ups, toolbars and other unwanted programs
 Emails and messages being sent without you prompting them
SOCIAL ENGINEERING
Social engineering is the term used for a broad range of malicious
activities accomplished through human interactions. It uses psychological
manipulation to trick users into making security mistakes or giving away
sensitive information.
The Dumpster Dive, Fake IT Employee, Changing Passwords, Tailgating
etc.
TOP TEN TIPS
Never write down or share your passwords

Don’t click on suspicious links or open attachments in email

Use antivirus, anti-spyware, and firewall and don’t disable

Don’t send sensitive data over unencrypted channels

Dispose of data properly

 Cross-cut shredding
 Multiple-wipe or physically destroy hard drives
TOP TEN TIPS
Don’t run programs from un-trusted sources

Lock your machine if you step away

Properly secure information

 Safes, locked drawers for physical documents
 Encryption for digital information

Verify correct person, website, etc.

If something seems too good to be true, it probably is