Cyber Security – Overview

Greetings to all Readers…

What is Cyber Security?

Cyber security practice is to provide solution to protect any enterprise information systems to make it secure and hack free.

To provide best practices which addresses secure interoperability, usability and privacy continues to be need of the hour.

Attack Classification:

  • Non-technical attacks
    • Physical attacks like entering your secured building etc.
  • Network attacks
    • Unsecured Wireless access point
    • Exploiting via ports
    • Installing network analyzer and capturing the packet
  • Operating System attacks
    • Missing patches
    • Cracking password and weak security implementation
  • Application attacks
    • Mobile App attacks
    • Web Application

Type of Attacks:

  • Malware
    • A malicious code that damages/disables and steals information from the computer
    • Botnets, Viruses, Trojan horses, backdoor, spyware and adware are some examples of malwares
  • Phishing
    • Disclosing confidential information or downloading malware by clicking on a hyperlink in the message.
  • Spear Phishing
    • Same as phishing but more targeted where the attacker learns about the victim and impersonates someone he or she knows and trusts.
  • Man in the middle attack
    • Attacker establishes a position between the sender and recipient of electronic messages and interrupts them.
  • Denial of service attack
  • SQL injection
  • Zero day exploit
    • Zero-day vulnerability is a software security flaw but doesn’t have a patch in place to fix the flaw.
  • DNS tunneling

Attack Carriers:

  • File Transfer Apps
  • Instant messaging Apps
  • Webmail
  • Social Media platforms
  • Micro blogging
  • Collaboration Apps

Common Attack:

  • SQL injection attack
    • SQL Injection is a type of cyber-attack that targets databases through SQL statements
    • executed via a website interface
    • Poorly coded are prone to SQL injection attacks
  • Distributed Denial-of-Service (DDoS)
    • Acts like a traffic jam
    • Flooding the network traffic
  • Cross-site scripting (XSS) attacks
    • Data enters a Web application through an untrusted source, most frequently a web request.
  • Weak security practices and undisclosed vulnerabilities

Hackers:

  • Black hat hackers
    • External unauthorized users try to compromise your environment
  • White hat hackers
    • White-hat hackers are often referred to as ethical hackers
  • Grey hat hackers
    • Grey hats exploit networks and computer systems in the way that black hats do, but do so without any malicious intent, disclosing all loopholes and vulnerabilities to law enforcement agencies or intelligence agencies.

Common Hacking Tools:

  • Rootkits
    • Rootkit is 2 different words. Root and Kit.
    • Rootkit is a set of tools that enables root- or administrator-level access on a computer system
    • Allows hackers to gain remote access via backdoor
  • Key loggers
    • records every key pressed on a system
    • key loggers arrive as malware that allows cybercriminals to steal sensitive data.
    • Key loggers can capture credit card numbers, personal messages, mobile numbers etc.

Attack lifecycle:

  • Infection
    • Luring users to click on a bad link
    • Infect the target system with malware
  • Persistence
    • Rootkits and bootkits are installed on compromised systems
  • Communication
    • Communicating with other infected systems
  • Command and Control
    • Capture the infected systems and enable command and control over the infected systems to extract stolen data

Common Defense mechanism:

  • Firewall
  • Intrusion prevention
  • Antivirus
  • Content Filtering
  • Web Application Firewall

Common safety tips:

  • Keep updated your security patches regularly
  • Avoid easy and dictionary password. Use strong passwords.
  • Avoid opening attachments from unknown sender or recipient

Protection Strategy:

  • Design best security policy
  • Application controls
  • User controls
  • Network controls
  • End Point controls
  • Enforce drive-by-download protection
  • Track unknown and unclassified URLs

Hope the above would have helped the readers to get an overall understanding of cyber security landscape and being aware of what all disruption the hackers can do to the Information technology eco-system.

Will conclude saying Prevention is better than cure and always don’t forget to be on a reconnaissance mission..

Written by: Arun Velayudhan

(Founder/Technology consultant)

Mail: arun.velayudhan@tutelage.co.in

Leave a Reply

Your email address will not be published. Required fields are marked *