{"id":71,"date":"2020-03-31T22:29:34","date_gmt":"2020-03-31T22:29:34","guid":{"rendered":"http:\/\/www.cyberlaws.org\/?p=71"},"modified":"2020-05-26T00:11:17","modified_gmt":"2020-05-26T00:11:17","slug":"common-cyber-security-threats","status":"publish","type":"post","link":"http:\/\/www.cyberlaws.org\/common-cyber-security-threats\/","title":{"rendered":"COMMON CYBER SECURITY THREATS"},"content":{"rendered":"
\n

LIST OF COMMON CYBER SECURITY THREATS WHICH EVERYONE SHOULD BE AWARE OF<\/u><\/strong><\/p>\n

In this era where every organisation like healthcare, financial, logistics and transportation, Construction ,government services ,real estate ,retail etc. are moving towards digitization and digitalization, also becoming prone to cyber threats.<\/p>\n

While everyone is talking about new regulations and compliances like Data Privacy, Information Security, GDPR etc., organisations are still unable protect their network and data from cyber criminals. Personnel Data theft news is making headlines every other day.<\/p>\n

What the Cyber Security threat is?<\/strong><\/p>\n

In a layman term it is a malicious act which can damage data, steal data or disrupt digital life and ultimately impact organisation\u2019s business objectives. These threats Masters of disguise and manipulation, and contently evolve new ways to accomplish their task of stealing, harming and annoying organisations. Organisations shall adequately arm themselves with resources and information to safeguard against complex and growing computer security threats and stay safe online.<\/p>\n

THESE ARE COMMON CYBER SECURITY THREATS<\/h2>\n

1. VIRUS<\/strong><\/h3>\n

What a virus is?<\/strong>\u00a0A computer virus is a malicious piece of program that may disturb the normal functioning .Virus are often sent as an attachment with email ,with an intention to infect your computer system as well as all other computers in your network. Sometimes virus are hosted on websites, whosoever visits malicious website gets infected.<\/p>\n

Examples of Computer Virus are:\u00a0<\/strong>Browser Hijacker, File Infector Virus, Boot Sector Virus, Web Scripting Virus, Polymorphic Virus etc<\/p>\n

\u00a0<\/strong><\/p>\n

What virus can do?<\/strong>\u00a0A computer virus can attach itself to email attachment, pdfs, doc files, USB, pen drives and hard drives .Any file which contains a virus is called infected file. If the infected file get copied to computer, virus also get copied<\/p>\n

    \n
  • A virus can damage software and data on a computer<\/li>\n
  • A virus can slow down the system processes<\/li>\n
  • A virus can destroy all data by formatting the hard drive<\/li>\n
  • A virus can steal critical information like password from your system<\/li>\n
  • It can display unwanted advertisements<\/li>\n
  • It can disable security setting and close your firewall<\/li>\n
  • It can hijack your web browser and slow down the speed and can steal critical data<\/li>\n<\/ul>\n

    \u00a0<\/strong><\/p>\n

    2. MALWARE<\/strong><\/h3>\n

    What a malware is:<\/strong><\/p>\n

    A malware is a malicious program or software that infects your computer, such as computer viruses, worms, Trojan horses, spyware, and adware.<\/p>\n

    What malware can do:<\/strong><\/p>\n

      \n
    • A malware can intimidate you by a pop-up message that tells you your computer has a security problem or other false information.<\/li>\n
    • A malware can reformat the hard drive of your computer causing you to lose all your information.<\/li>\n
    • A malware can alter or delete critical files.<\/li>\n
    • A malware can steal sensitive information like username and passwords.<\/li>\n
    • A malware can send fake emails on your behalf.<\/li>\n
    • A malware can take control of your computer and all the software running on it<\/li>\n<\/ul>\n

      \u00a0<\/strong><\/p>\n

      \u00a03.\u00a0<\/strong>TROJAN<\/strong><\/h3>\n

      What a trojan is?<\/strong><\/p>\n

      A Trojan is malicious program that is disguised as, or embedded within, legitimate software. It is an executable file wrapped with some genuine program and software \u00a0that will install itself and run automatically once it\u2019s downloaded.<\/p>\n

      Example:Trojan- Banker, Trojan-GameThief , Trojan-Dropper, Trojan Ransom, Trojan-SMS, Trojan- Spy etc<\/p>\n

      What trojan can do?<\/strong><\/p>\n

        \n
      • A Trojan can delete your files.<\/li>\n
      • A Trojan is used to create your computer a zombie or a bot.<\/li>\n
      • A Trojan can watch you through your web cam.<\/li>\n
      • A Trojan log your keystrokes (such as a credit card number you entered in an online purchase).<\/li>\n
      • A Trojan record personal information like usernames, passwords<\/li>\n<\/ul>\n

        \u00a0<\/strong><\/p>\n

        4. RANSOMWARE<\/strong><\/h3>\n

        What is a Ransomware ?<\/strong><\/p>\n

        Ransomware is a type of malicious software that block the access to your computer system or your files, usually by encrypting it and displays a message that demands payment in order for the restriction to be removed. In many cases it comes with deadlines, if the victim doesn\u2019t pay the ransom, the data is gone forever.<\/p>\n

        The two most common mode of spreading ransom ware are phishing emails that contain malicious attachments and website pop-up advertisements<\/p>\n

        Examples of ransom ware are: WannaCry, Crypto Locker, NonPetya, Bad Rabbitetc.<\/p>\n

        What Ransom ware can do?<\/strong><\/p>\n

        There are two common types of ransomware:<\/p>\n

          \n
        • Locker Ransom ware<\/strong>: displays an image that prevents you from accessing your computer<\/li>\n
        • Encryption\/Crypto\u00a0 Ransom ware:<\/strong>\u00a0encrypts files on your system\u2019s hard drive and sometimes on shared network drives, USB drives, external hard drives, and even some cloud storage drives, preventing you from opening them<\/li>\n<\/ul>\n

          Ransom ware encrypts the computer or data files and display a ransom\/payment notification for regaining access. Once the ransom is paid, victim will receive the decryption key and may attempt to decrypt the files. Sometimes the victims never receives the keys.<\/p>\n

          \u00a0<\/strong><\/p>\n

          5. BOTNETS<\/strong><\/h3>\n

          What are botnets?<\/strong>\u00a0Botnets -Botnet is a network of infected computers often known as zombies used for malicious purposes .This Botnet is combination of Robot and Network. So here the network of computer robots is used to perform cyber crime controlled by Cyber criminal known as bot masters.<\/p>\n

          Botnet is controlled by the originator and the infected computer might unaware of its being a zombie.<\/p>\n

          Example:<\/strong>IRC (Internet Relay Chat)\u00a0botnet<\/strong>, P2P (Peer-to-Peer)\u00a0botnet<\/strong>, HTTP (Hyper Text Transfer Protocol)\u00a0botnet<\/strong>\u00a0and the hybrid\u00a0botnet<\/strong><\/p>\n

          What Botnets can do?<\/strong><\/p>\n

            \n
          • Botnet can be used to spread malicious emails.<\/li>\n
          • Botnet is used to spread malware.<\/li>\n
          • Botnet is used to perform Denial of Services attach<\/li>\n<\/ul>\n

            6. DDOS<\/strong><\/h3>\n

            What is DDOS?<\/strong><\/p>\n

            This is an attack a network of zombie computers us used to sabotage specific website or server. These zombie computer are being controlled for performing specific task such as making the website and server unavailable .In DDOS the attacker use the vulnerability existing in user computer<\/p>\n

            \u00a0<\/strong><\/p>\n

            What DOS\/DDOS can do?<\/strong><\/p>\n

            The purpose of DOS\/ DDOS attack is to make essential services unavailable, which can sometimes leads to server crash.<\/p>\n

              \n
            • Loss of data<\/li>\n
            • Loss of revenue<\/li>\n
            • Impact on business reputation<\/li>\n
            • Disappointment to users, they may never return.<\/li>\n
            • Compensation of damage occurred by DDOS.<\/li>\n<\/ul>\n

              7. PHISHING<\/strong><\/h3>\n

              What is Phishing?<\/strong><\/p>\n

              Phishing is a social engineering attack used by cyber criminals used for gathering personal information of including login credentials and credit card details using deceptive emails or website.<\/p>\n

              Attackers create fake emails, text messages and websites which look like they\u2019re from authentic companies. This is also known as \u201cspoofing\u201d<\/p>\n

              What Phishing can do?<\/strong><\/p>\n

              \uf0b7By phishing hackers\/cyber criminals trick you into giving them information by asking you to update, validate or confirm your account. It is often presented in a manner than seems official and intimidating, to encourage you to take action.<\/p>\n

              \uf0b7Phishing provides hackers\/cyber criminals with your username and passwords so that they can access your accounts (your online bank account, shopping accounts, etc.) and steal your credit card numbers<\/p>\n

              8.HACKING<\/strong><\/h3>\n

              What is Hacking?<\/strong>\u00a0Hacking: Hacking is an attempt of unauthorised access to users computer by exploiting the existing vulnerabilities\u00a0 for performing fraudulent activities like personal data stealing , invasion in privacy, financial fraud etc.<\/p>\n

              What Hacking can do?<\/strong><\/p>\n

              Hackers find out weakness in your system and exploit it for different purpose<\/p>\n

                \n
              • Denial of service Attack<\/li>\n
              • Electronic Fund Transfer<\/li>\n
              • ATM Fraud<\/li>\n
              • Identity Theft<\/li>\n
              • Stealing intellectual information<\/li>\n<\/ul>\n

                \u00a0<\/strong><\/p>\n

                Ways to prevent Cyber Security Threats<\/strong><\/p>\n

                  \n
                • Educate employees and individuals about cyber security and its countermeasure<\/li>\n
                • Use inbound and outbound firewalls on your network. Change the default passwords and customise it according to your business needs.<\/li>\n
                • Take backup of important business information and data on regular basis, in order to maintain business continuity after crisis.<\/li>\n
                • Install and regularly patch antivirus and antispyware on every server and computers on your network<\/li>\n
                • Have a controlled logical and physical access to all your computer and network components.<\/li>\n
                • Always use licenced software and update the patches for Operating Systems and Applications<\/li>\n
                • Impose a password policy, use a strong password and change them regularly. Remember, weak passwords are prone to hacking<\/li>\n
                • If you are using Wi Fi at work, use WPA2 and above security. You can hide the SSID and don\u2019t forget to use strong password.<\/li>\n
                • Don\u2019t give Admin privileges to every employees. Network and Computers shall be run on Principle of least Privilege.<\/li>\n
                • Segregate your data according to criticality and appropriate security shall be provided by using DLP, Endpoint protection etc.<\/li>\n
                • Never click on suspicious mails and, never ever download from P2P and file sharing system<\/li>\n
                • Regularly scan your application and network for vulnerabilities, also perform penetration testing at least once in every year.<\/li>\n
                • Regularly monitor your network for suspicious activities<\/li>\n<\/ul>\n

                  Using common sense is the best protection .One shall never download free videos, files or songs from suspicious websites, never click on suspicious links .Never ever share your personal data online. Be aware of what is happening around.Cyber threats are effective if and only if you have weaknesses in your system. More vulnerabilities will expose the system to threats and hence more risky, however less loopholes means less risk.<\/p>\n

                  Remember Precaution is better than Cure.<\/p>\n

                  <\/div>\n<\/div>\n
                  Posted in<\/span>\u00a0blockchain,\u00a0blog,\u00a0CYBER CRISIS,\u00a0cybersecurity,\u00a0Digital Marketing,\u00a0featured,\u00a0ISO 27001,\u00a0Legal,\u00a0RISK MANAGEMENT,\u00a0Social Media Marketing<\/span>\u00a0|\u00a0Tagged<\/span>\u00a0cyber awareness,\u00a0GDPR,\u00a0HIPPA,\u00a0Information Security,\u00a0ISMS<\/span><\/div>\n","protected":false},"excerpt":{"rendered":"

                  LIST OF COMMON CYBER SECURITY THREATS WHICH EVERYONE SHOULD BE AWARE OF In this era where every organisation like healthcare, financial, logistics and transportation, Construction ,government services… <\/p>\n","protected":false},"author":1,"featured_media":72,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[4],"tags":[35,6,36,14,37],"_links":{"self":[{"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/posts\/71"}],"collection":[{"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/comments?post=71"}],"version-history":[{"count":3,"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/posts\/71\/revisions"}],"predecessor-version":[{"id":411,"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/posts\/71\/revisions\/411"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/media\/72"}],"wp:attachment":[{"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/media?parent=71"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/categories?post=71"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.cyberlaws.org\/wp-json\/wp\/v2\/tags?post=71"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}