You are on page 1of 78

Shafeeque Olassery Kunnikkal

C|EH, C|HFI, C|EI, MCP


Founder & CTO
Graytips Cyber Technologies
www.graytips.com
Email: shafeeque@graytips.com
Mobile: 9847113216

Topics
What is Cyber Security?
Common Cyber threats include:
Social Engineering Attacks
Malwares
Weak and Default Passwords
Unpatched or Outdated Software Vulnerabilities
Removable Media
Frauds - The Nigerian Email Scam

Secure Browsing Fundamentals

Graytips Cyber Technologies @ 2014

Topics
Mobile Devices Security
Social Media Security
Email Best Practices
What is spam?
What is BCC ? - Why would you want to use BCC?

Wireless Security
Common Network Attacks
Maintain Good Computer & Security Habits
Key Steps to Better Secure Your Company and Workplace

Graytips Cyber Technologies @ 2014

What is Cyber Security?


The protection of data and systems in networks

that connect to the internet

Applies to any computer or other device that can

transmit data to another device over a network


connection, whether it uses the internet or some
other network

Graytips Cyber Technologies @ 2014

What are the risks?

There are many risks, some more serious than others.


viruses erasing your entire system
someone breaking into your system and altering files
someone using your computer to attack others
someone stealing your credit card information and
making unauthorized purchases.

Graytips Cyber Technologies @ 2014

Common Cyber Threats


Social Engineering Attacks.
Computer Based Social Engineering

Phishing and spear phishing

Human based Social Engineering

Dumpster Diving
Shoulder Surfing
Eavesdropping
Piggybacking
Tailgating

Mobile based Social Engineering

Smishing
Vishing
Graytips Cyber Technologies @ 2014

Common Cyber Threats - contd


Malwares
Weak and default passwords
Unpatched or outdated software vulnerabilities
Removable media
Common Frauds
The Nigerian email scam

Graytips Cyber Technologies @ 2014

Social Engineering Attacks

Graytips Cyber Technologies @ 2014

Graytips Cyber Technologies @ 2014

Social Engineering Attack


Computer based Social Engineering
Phishing and Spear Phishing.

Human based Social Engineering


Dumpster Diving,
Shoulder Surfing
Eavesdropping
Piggybacking
Tailgating

Mobile Based Social Engineering


Smishing
Vishing
Graytips Cyber Technologies @ 2014

10

Phishing Email Example

Graytips Cyber Technologies @ 2014

11

Graytips Cyber Technologies @ 2014

12

Phishing and Spear Phishing


An e-mail to deceive you into disclosing personal

information.
Widely adopted method by Social Engineers.
you may be asked to click on a link or fraudulent
website which asks you to submit your personal data
or account information.
Spear phishing is a type of targeted phishing that
appears to be directed towards a specific individual
or group of individuals.
Graytips Cyber Technologies @ 2014

13

Common Symptoms

Uses e-mail
May include bad grammar, misspellings, and/or generic

greetings
May include maliciously-crafted attachments with varying
file extension or links to a malicious website
May appear to be from a position of authority or legitimate
company:
Your employer
Bank or credit card company
Online payment provider
Government organization

Asks you to update or validate information or click on a link


Threatens dire consequence or promises reward
Appears to direct you to a web site that looks real
Graytips Cyber Technologies @ 2014

14

Spear Phishing
Has a high level of targeting sophistication and

appears to come from an associate, client, or


acquaintance
May be contextually relevant to your job
May appear to originate from someone in your
email address book
May contain graphics that make the email look
legitimate
Graytips Cyber Technologies @ 2014

15

Countermeasures
Ensure anti-virus software and definitions are up to date
Never trust an unsolicited email, text message, pop-up

window, Facebook message, etc. that asks you to: give


sensitive information such as your Adhar Number or bank
account numbers;
Before clicking any link check the actual address by
hovering the cursor over a link (bottom left in Chrome
and Internet Explorer 10 and 11), make sure it looks
legitimate.
i.e the text in the URL and the text for the hyperlink are
same.
Do not delete suspicious e-mails, report to your companies
system administrators.
Graytips Cyber Technologies @ 2014

16

Countermeasures - contd
Turn off the option to automatically download

attachments
Save and scan any attachments before opening them
Dont trust the message no matter how convincing or
official it looks; no matter if it appears to come from your
bank, the government, your ISP, or your best friend.
Always independently verify the authenticity of the
message before you respond.
Dont use an email address, link, or phone number in the
message itself. If its from your bank, search online for the
customer service line and call the bank
Graytips Cyber Technologies @ 2014

17

Countermeasure - contd
Do not:
Open suspicious e-mails
Click on suspicious links or attachments

in e-mails
Call telephone numbers provided

Graytips Cyber Technologies @ 2014

18

Phishing

It's demo time !!!


Cloning Facebook
Cloning akesissstar.info

Malwares
Malware - short for malicious software - that is

intended to do harm to your computer or software


Viruses
Trojan horses
Worms
Keyloggers
Adware
Spyware
Rootkits
Backdoors
Graytips Cyber Technologies @ 2014

20

What is a Virus?

Graytips Cyber Technologies @ 2014

21

Symptoms
System will not start normally (e.g. blue screen of

death)
System repeatedly crashes for no obvious reason
Internet browser goes to unwanted web pages
Antivirus software appears not to be working
Many unwanted advertisements pop up on the
screen
The user cannot control the mouse/pointer
Graytips Cyber Technologies @ 2014

22

Countermeasures
Ensure Antivirus software is fully uptodate

according to manufacturers standards


Dont fall for fake Antivirus offers

Graytips Cyber Technologies @ 2014

23

TROJAN

Graytips Cyber Technologies @ 2014

24

What is a TROJAN ?
The main objective of this type of malware is

toinstall other applications on the infected


computer, so it can be controlled from other
computers.
Looks like a legitimate program but when
installed it does harmful things.
The term Trojan refers to the wooden horse used
by the Greeks to sneak inside the city of Troy and
capture it.
Graytips Cyber Technologies @ 2014

25

Common Behavior of a Trojan


Is a standalone program or malicious file,
These do not infect other files but often pretend to a

legitimate program,
They can harm their host computer,
Corrupt the file allocation table on your computer,
Install keyloggers, steal bank details, logons to websites,
Install other software including third party malware,
Watch what the user is doing on screen,
Upload files from your computer,
Graytips Cyber Technologies @ 2014

26

Common Behavior of a Trojan


Give a hacker remote access to the infected computer, take

advantage of unpatched systems to run other malware etc.


Remove files from the infected computer.
Download files to the infected computer.
Make registry changes to the infected computer.
Delete files on the infected computer.
Steal passwords and other confidential information.
Log keystrokes of the computer user.
Rename files on the infected computer.
Disable a keyboard, mouse, or other peripherals.
Shut down or reboot the infected computer.
Run selected applications or terminate open applications.
Disable virus protection or other computer security software.
Graytips Cyber Technologies @ 2014

27

Trojan

It's demo time !!!


Trojan Prorat
Making dropper
Wrapping inside a game

What is an Adware ?
Adware is the name given to programs that are

designed to advertising banners, re-directs you to


websites, and otherwise conducts advertising on
your computer. Also collect marketing-type data
about you for example, the types of websites that
you visit so that customized adverts can be
displayed.

Graytips Cyber Technologies @ 2014

29

Adware Example

Graytips Cyber Technologies @ 2014

30

Adware Example

Graytips Cyber Technologies @ 2014

31

Adware Example

Graytips Cyber Technologies @ 2014

32

What is a Spyware?
Spyware is software that gathers information about

you, your browsing and Internet usage habits, as well


as other data.
How does it reach users?
Spyware is installed on computers without the users
knowledge. It can be installed when downloading
certain content from the Web or from P2P networks,
when installing freeware, or simply when visiting
dubious websites.
Graytips Cyber Technologies @ 2014

33

Types Of Spyware
Video Spyware
Audio Spyware
Desktop Spyware
USB Spyware
Email Spyware

Spytechagent

It's demo time !!!

What is a Rootkit?
Malware authors use rootkits to hide

malware on your PC.


Malware hidden by rootkits often
monitor, filter, and steal your data or
abuse your computers resources

Graytips Cyber Technologies @ 2014

36

Keylogger
A program designed to capture the keystrokes
Two Types

Hardware keylogger
Software Keylogger

Graytips Cyber Technologies @ 2014

37

Hardware Keylogger

Graytips Cyber Technologies @ 2014

38

Symptoms of Malware
Your computer is running extremely slow.
Unexpected Crashes:
Excessive Hard Drive Activity:
Random Network Activity
Erratic Email:
Beware of pop-ups!
Your Antivirus and firewall protection is

unexpectedly disabled.
Unfamiliar and peculiar error messages
Graytips Cyber Technologies @ 2014

39

Distribution Of Malwares
E-mail attachments
Downloading files
Visiting an infected website
Removable media
Cracked/Pirated Games and Softwares

downloaded from torrents and file


sharing servers
Graytips Cyber Technologies @ 2014

40

Countermeasures
To guard against malicious code in email:
View e-mail messages in plain text
Use caution when opening e-mail
Scan all attachments
Delete e-mail from senders you do not know
Turn off automatic downloading

Graytips Cyber Technologies @ 2014

41

Countermeasures
To guard against malicious code in websites:
Block malicious links / IP addresses
Block all unnecessary ports at the Firewall and Host
Disable unused protocols and services
Stay current with all operating system service packs and
software patches

Graytips Cyber Technologies @ 2014

42

Weak and Default Passwords


The use of weak and default passwords creates

easily exploitable system vulnerabilities.

Graytips Cyber Technologies @ 2014

43

Symptoms
Words found in the dictionary
Readily available information significant to you

(names, dates, cities, etc.)


Lack of character diversity (e.g., all lower case
letters)
Personal information such as birth date,
names of self, or family, or pets, or anything
else that could easily be learned by others.
Remember: if a piece of information is on a
social networking site, it should never be used
in a password.
Graytips Cyber Technologies @ 2014

44

Countermeasures
Combine letters, numbers, special characters,

Include a combination of upper case and lower


case letters, at least one number and at least one
special character, such as a punctuation mark
Do not use personal information
Do not use common phrases or words

Graytips Cyber Technologies @ 2014

45

Countermeasures
Do not write down your password, memorize it
Change password according to your organizations

policy
Enforce account lockout for end-user accounts after a
set number of retry attempts
Do not save your passwords or login credentials in
your browser
NEVER share your password

Graytips Cyber Technologies @ 2014

46

Common Password Attacks


Dictionary Attack
Brute-force Attack
Hybrid attacks
Syllable Attack
Rule-based Attack

Graytips Cyber Technologies @ 2014

47

Weak Windows Password


Cracking

It's demo time !!!


Retrieving Windows

Passwords from SAM


Lophtcrack
password cracker

Unpatched or Outdated Software


Vulnerabilities
Unpatched or outdated software provide

vulnerabilities and opportunities for adversaries to


access information systems.

Graytips Cyber Technologies @ 2014

49

Symptoms
List of suspicious indicators related to unpatched and

outdated software:
Unauthorized system access attempts
Unauthorized system access to or disclosure of
information
Unauthorized data storage or transmission
Unauthorized hardware and software modifications

Graytips Cyber Technologies @ 2014

50

Countermeasures
Comply with the measures in your organizations

policies
Stay current with patches and updates
Conduct frequent computer audits
Ideally: Daily
At minimum: Weekly
Do not rely on firewalls to protect against all attacks

Graytips Cyber Technologies @ 2014

51

Removable Media
Removable media is any type of storage device that

can be added to and removed from a computer while


the system is running. Adversaries may use removable
media to gain access to your system. Examples of
removable media include:
Thumb drives
Flash drives
CDs
DVDs
External hard drives
Graytips Cyber Technologies @ 2014

52

Symptoms
Adversaries may:
Leave removable media, such as thumb drives, at

locations for personnel to pick up


Send removable media to personnel under the guise
of a prize or free product trial
Effects include, but are not limited to:
Corrupt files and destroyed or modified
information
Hacker access and sabotaged systems

Graytips Cyber Technologies @ 2014

53

Countermeasures
Follow your organizations removable media policy
Disable autorun/autoplay

Graytips Cyber Technologies @ 2014

54

The Nigerian Email Scam

Graytips Cyber Technologies @ 2014

55

Secure Browsing
Fundamentals
Avoid Microsoft Internet Explorer
Google Chrome is currently the best choice
Safari and Firefox are the middle choices
Login in as a Limited User
Make sure https for financial transaction
Use NoScript or NotScripts
Know what link you are clicking

Graytips Cyber Technologies @ 2014

56

Mobile Devices Security


Avoid free and open hotspots
Use Virtual Private Networks (VPN)
Restrict usage in free and open hotspots
Maintain an Upto Date OS
Disable interfaces that are not currently in use,

such as Bluetooth, infrared, or Wi-Fi.


Only download Apps from trusted sources
Install Antivirus for Android

Graytips Cyber Technologies @ 2014

57

Mobile Devices Security


Configure the device to be more secure.
Configure web accounts to use secure

connections.
Set Bluetooth-enabled devices to nondiscoverable.
Delete all information stored in a device prior to
discarding it.
Do not root or jailbreak the device.

Graytips Cyber Technologies @ 2014

58

Mobile Devices Security


Be careful when using social networking

applications.

Graytips Cyber Technologies @ 2014

59

Social Media Security


Its Too Easy to Share Too Much Information
How can you protect yourself in social media?

Limit the amount of personal information you post


Remember that the internet is a public resource
Be wary of strangers

Graytips Cyber Technologies @ 2014

60

Social Media Security


Be skeptical Evaluate your settings Be wary of third-party applications Use strong passwords
Check privacy policies
Keep software, particularly your web browser, up to

date

Graytips Cyber Technologies @ 2014

61

Social Media Security


Avoid links to other pages
Use a different email
Dont post complete personal information
Keep your computer up to date

Graytips Cyber Technologies @ 2014

62

Email Best Practices


Avoid sending or accepting sensitive information via

email
Avoid phishing attempts
Look for an email provider with strong antispam
filtering capability.
Use filters
Identify unwanted spam with the spam button.

Graytips Cyber Technologies @ 2014

63

Email Best Practices


Consider viewing email in plain text.
Turn off auto downloads
Never respond to spam and avoid chain mail
Use separate emails for work and home
Configure email software securely
Be aware of hoaxes and scams

Graytips Cyber Technologies @ 2014

64

What is spam?
Spam is the electronic version of "junk mail."

Graytips Cyber Technologies @ 2014

65

How can you reduce the amount


of spam?
Don't give your email address out arbitrarily
Check privacy policies
Report messages as spam
Don't follow links in spam messages
Disable the automatic downloading of graphics in

HTML mail
Consider opening an additional email account

Graytips Cyber Technologies @ 2014

66

Blind Carbon Copy - BCC


What is BCC ? - Why would you want to use BCC?
Privacy
Tracking
Respect for your recipients
Reduce the risk

Graytips Cyber Technologies @ 2014

67

Wireless Security
Change the default username and password
Use the highest encryption level (e.g.
WPA/WPA2
Do not use WEP encryption
Change the default Service Set Identifier (SSID)
Do not automatically connect to an open wireless
network
Turn off the wireless network when not in use

Graytips Cyber Technologies @ 2014

68

Common Network Attacks


ARP Spoofing
Network sniffing (Packet sniffing)
Denial Of Service Attack(DOS)/DDOS
Man In The Middle Attack

Graytips Cyber Technologies @ 2014

69

ARP Spoofing

Graytips Cyber Technologies @ 2014

70

Network Sniffing

Graytips Cyber Technologies @ 2014

71

Graytips Cyber Technologies @ 2014

72

Man In The Middle Attack

Graytips Cyber Technologies @ 2014

73

Maintain Good Computer &


Security Habits
Update Automatically
Install a Comprehensive HostBased Security Suite
Limit Use of the Administrator Account
Use a Web Browser with Sandboxing
Update to a PDF Reader with Sandboxing Capabilities
Enable File Sharing with passwords for required

users.
Lock your computer When you are away.
Disconnecting your computer from the Internet
when you aren't using it.
Backup your important data regularly
Graytips Cyber Technologies @ 2014

74

Key Steps to Better Secure Your


Company and Workplace
Watch out for Social Engineering attacks
Separate machines for handling sensitive

information like payroll


Enable Firewall
If ISP not providing DNS use Open DNS or
google's Public DNS
Change Default Username and Password on the
devices like router, computer, smartphone or any
device you use
Graytips Cyber Technologies @ 2014

75

Key Steps to Better Secure Your


Company and Workplace

Set strong passwords


Install Antivirus

Use any browser EXCEPT Internet Explorer

(Chrome and Chromium are really good, Opera,


Safari, Firefox are mid level choice
Install Antivirus
Uninstall unused applications
Ensure https:// and the lock picture while doing
financial transactions
Use virtual keyboard available in banking site for
entering passwords.
Use Thunderbird as Email-client
Graytips Cyber Technologies @ 2014

76

Q&A
Graytips Cyber Technologies @ 2014

77

Thank You
Shafeeque Olassery Kunnikkal
C|EH, C|HFI, C|EI, MCP
Founder & CTO
Graytips Cyber Technologies
www.graytips.com
Email: shafeeque@graytips.com
Mobile: 9847113216
Graytips Cyber Technologies @ 2014

78

You might also like