Cyber attack
21,345 views
29 slides
May 05, 2021
Slide 1 of 29
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
About This Presentation
CYBER ATTACK INTRODUCTION,TYPES OF CYBER ATTACK,DOS ATTACK,MAJOR CYBER ATTACK IN INDIA,PREVENTION TIPS
Slide Content
Cyber Attack an attempt by hackers to damage or destroy a computer network or system . A cyber - attack is an exploitation of computer systems and networks. It uses malicious code to alter computer code, logic or data and lead to cybercrimes, such as information and identity theft.
Types of cybercrime Here are some specific examples of the different types of cybercrime : Email and internet fraud. Identity fraud (where personal information is stolen and used). Theft of financial or card payment data. Theft and sale of corporate data. Cyberextortion (demanding money to prevent a threatened attack). Ransomware attacks (a type of cyberextortion ). Cryptojacking (where hackers mine cryptocurrency using resources they do not own). Cyberespionage (where hackers access government or company data).
Most Common types of Cyber-attacks Cyber Attack types DoS and DDoS attack XSS attack SQL Injection attack Man-in-the-Middle attack Birthday attack Password attack Eavesdropping attack Phishing and spear phishing attack Drive-by download attack 3
DoS and DDoS Attack 4 D oS m akes the s y s tem unrespon s i v e t o t he actual service requests It does so by overpowering the system resources DDoS attack is similar to the DoS attack D i f f eren c e is t hat t he a t t a c k i s laun c hed f rom a series of host machines
DoS and DDoS Attack types Dos and DDoS Attack Types SYN flood Attack TCP SYN flood attack Tear Drop attack S m urf atta c k Ping of death attack Bo t nets 5
SYN flood attack This attack compromises the initial handshake process It makes the server unavailable for the actual traffic It sends SYN packets repeatedly and eventually overwhelms the targeted server 6
TCP SYN flood attack During TCP connection establishment the attacker fills up the target machine with multiple connection requests It makes target machine to timeout, awaiting for permission to connect from the server 7
Tear Drop attack I t i s a D oS a tt a c k w here f rag m ented pa c k e t s are sent to a target machine T his m ak e s the v i c t i m ’ s c o m puter t o c rash overwhelming with packets IP Header Packet #1 Packet #2 IP Header IP ID = x Packet length = 820 Fragment offset = More fragments = 1 IP ID = x Packet length = 820 Fragment offset = 800 More fragments = 8
Smurf attack 9 It is a DoS attack which involves IP spoofing A Ping i s i s s ued t o the ent ire I P B roadca s t addresses I t st i m ula t e s re s p o n s e t o t he ping p a ck e t and the target computer T he pro c e s s i s r epeated an d au t o m a t ed to generate large amount of network congestion
An Example for Smurf Attack 10
Ping of death attack It happens when the network packets are used to ping the target machine with large packet size 11
Bo t ne t s Botnets are millions of computers compromised with viruses by the hacker who is under control of DDoS attacks As these bots can be located anywhere, they are generally very difficult to identify 12
Cross-site scripting attack (XSS Attack) 1 2 3 4 5 13 A ttacke r W e b s i t e Website Visitor Attacker discovers a website for having script injection vulnerabilities. The Attacker injects a payload in the website’s database with malicious JavaScript that steals cookies. The website transmits the victim’s browser the page with the attacker’s payload. The victim’s browser executes the malicious scripts. After script execution victim sends his cookie to the attacker. The attacker extracts victim’s cookie, after which he use it for session hijacking.
SQL injection attack 14 This attack is most common in database-driven websites H ere S Q L query is e x ecu t ed t o the d ataba s e as the input from the client and the server It mostly works if a website uses dynamic SQL
Man-in-the-middle attack (MITM Attack) T his happen s w hen a ha c k er m anipulates t he traffic by being in between the client and server 15
Types of MITM Attack MitM Attacks Session Hijacking IP Spoofing Re play Attack 16
Session hijacking 17 This happens when a hacker hijacks the established connection between a client and server The attacker changes the IP address for a trusted client Then it makes the computer believe it is communicating with the actual server
An example of Session hijacking 18
IP Spoofing Attack It is used to convince the victim that he or she is connected to a trusted and known entity 19
Replay Attacks It is also known as play-back attack It happens when a data transmission is hacked and purposely delayed or repeated 20
Birthday attack 21 M es s age produced by the hash function D ige s t ( MD ) of f i x ed length is m e ss age I t uniquel y c h a ra c t er i z es t he independent of its length The birthday attack refers to the probability that two random message generates have the same Message Digest
Password attack It happens by guessing passwords randomly or in systematic manner Brute-force Attack Dictionary Attack 22
Eavesdropping attack H a ck ing o f u s er c on f ident i al i n f or m a t ion s ent over the network I t o cc u r s t hrough t he i n t errup t ion o f ne t w ork traffic Eavesdropping Attack Active E a v e s d r o p ping Attack Passive E a v e s dropp ing Attack 23
Phishing and Spear Phishing attacks 24 Sending an email in the name of trusted sources by an attacker is known as phishing When a phishing attack is conducted on a targeted audience it is spear phishing This forces user to download malicious program on victim systems exposing personal data
Example for phishing attack 25
Major Cyber attacks in india Cosmos Bank Cyber Attack in Pune UIDAI Aadhaar Software Hacked ATM System Hacked Bib B Amitabh Bachchan ‘s Twitter Account Hacked! --Social media hack Facebook database leak data of 419 million users Personal Data Exposed from JustDial Database Data Breach in BIGBASKET
Cyber Security Measures for Organizations to Prevent Cyber Attacks 1)Educate employees on the emerging cyber attacks with security awareness training . 2) Keep all software and systems updated from time to time with the latest security patches. 3)Get regular Vulnerability Assessment and Penetration Testing to patch and remove the existing vulnerabilities in the network and web application . 4)Limit employee access to sensitive data or confidential information and limit their authority to install the software. 5)Use highly strong passwords for accounts and make sure to update them at long intervals. 6)Avoid the practice of openly password sharing at work .
Conclusion 28 We are living in digital era and digital technology has transformed our lives promoting the need for Cyber Security Cyber Attacks have started affecting most of the systems today because of the dependency on technology It is very important to know what are Cyber Attacks and how the Cyber Attacks affect the system
Cyber Security Is Everyone’s Responsibility
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 21,345
- Slides 29
- Favorites 7
- Age 1671 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views