Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Combating Cyber Crime by Priyanka Tomar @ OWASP Delhi July, 2014 Meeting

Combating Cyber Crime by Priyanka Tomar @ OWASP Delhi July, 2014 Meeting in Adobe Systems, Noida

  • Sé el primero en comentar

Combating Cyber Crime by Priyanka Tomar @ OWASP Delhi July, 2014 Meeting

  1. 1. Presentation by : Priyanka Tomar
  2. 2. Objective  Provide a brief idea of cyber/computer attacks and preventive measure to be adopted with reference to Law Enforcement Agencies.
  3. 3. PREREQUISITES  Computer Hardware  Computer Software  Internet Surfing  Email  Networking  IP Address
  4. 4. Combating Cyber Crime  Cyber + Security  What is Security  What is Cyber Security  involves detection, prevention and responding to attacks  Why do we need Cyber Security –Phishing, Credit Card Frauds
  5. 5. Combating Cyber Crime  Who is Vulnerable –e.g. screen hack
  6. 6. Cyber Security Threats  Virus  Worm  Trojan Horse  Remote Administration Tool – Prorat, Poison Ivy
  7. 7. Cyber Security Threats-RAT The operator controls the RAT through a network connection. RAT provide an operator the following capabilities:  Screen/camera control.  File management (download/upload/execute etc.  Shell control (from command prompt).  Computer control (power off/on/log off).  Registry management (query/add/delete/modify).  Start, stop and restart Windows services.  Copy/delete files and format disks.  View and clear the windows event logs.  Other software product-specific functions.
  8. 8. Cyber Security Threats  Hackers  Identity Thieves  Spyware/Adware  Website advertisements
  9. 9. Consequences of Inaction  Loss of access  Loss of confidentiality, integrity and public trust  Lawsuits, Disciplinary action The US has charged six members of an international cybercrime gang that hacked into user accounts to defraud eBay's Stubhub ticket reselling website of about $1m. The men were arrested in the UK, Canada and Spain in connection with the scam in which more than 1,600 StubHub users had their credit cards used to buy tickets, which were then sold on by the criminals.
  10. 10. Preventive Measures -I  OS/Software Updates  Anti virus  Personal Firewalls  Check Open Ports -
  11. 11. How to block Ports  Block Ports  Control Panel>System and Security> Windows Firewall  Advanced Settings  See inbound and outbound rules  Create your own rule
  12. 12. How to know if there is spyware?  Endless pop-up windows.  Redirected to other websites automatically.  Random Windows error messages .  Computer suddenly seems slow.  New and unexpected toolbars appear in web browser.  New and unexpected icons appear in the task tray.  Browser's home page suddenly changed.  Search engine your browser opens has been changed.
  13. 13.  Don't click on links within pop-up windows  Be careful while installing free software , never forget to read user agreement.  Block pop-up windows and cookies by adjusting browser preferences.  Be aware of unexpected dialog boxes asking -Do you want to run a xxxx program . Always select "no" or "cancel," or close the dialog box. Prevent Spyware Installation
  14. 14. Remove Spyware  Spyware copies several files to different directories and changes the registry. Use a spyware remover - a program dedicated to removal of sypware.  Run a legitimate product to remove spyware e.g Ad-Aware, Microsoft Window Defender, Webroot's SpySweeper etc.
  15. 15. Preventive Measures-II  Prevent Identity Theft-Beware of phishing scams - a form of fraud that uses email messages that appear to be from a reputable business (often a financial institution) in an attempt to gain personal/ financial account information. These often do not include a personal salutation. Never enter personal information into an online form you accessed via a link in an email you were not expecting. Legitimate businesses will not ask for personal information online.  Intrusion Detection Software/Device
  16. 16. Phishing Google Security Team to Sunitha Verification Required. Dear Gmail User, The Gmail infrastructure is going through an annual security and performance overhaul. In the same respect, you are requested to verify your account by clicking on the following link. The Google Security Team is available to provide you all the assistance for secure communication over the Internet. Happy surfing! 72d You are requested to act on this immediately to guarantee the smooth functioning of your mail account. Thanks, Account Security Administrator Google Security Team Google, Inc. Phone: +1 650-253-0000 You are receiving this message from Google because you are a valued member. Google respects your privacy. To learn more, please read our online Privacy Statement. For more information or for general questions regarding your e-mail account, please visit Gmail Help. Google Inc, 1600 Amphitheatre Parkway, Mountain View, CA 94043. All rights reserved.
  17. 17. Preventive Measures  Protect Passwords  Regular Backup
  18. 18. Preventive Measures -II  Setup Cyber Security Policies  Email Virus Filtering Services  Firewall Services  Email attachment Filtering  Vulnerability Scanning  Intrusion Prevention System
  19. 19. By: Priyanka Tomar