SlideShare une entreprise Scribd logo

SIT Summer School (Cyber Security)

Apurv Singh Gautam
Apurv Singh Gautam

This seminar was delivered at the Symbiosis Institute of Technology during Summer School.

Technologie
1  sur  60
SIT Computer Science & Information Technology Department Welcomes all Summer School Students Symbiosis Institute of Technology Symbiosis International (Deemed University)
CYBER SECURITY FUNDAMENTALS
Presented by ▪ Pooja Kamat, Assistant Professor (CS & IT department) – Research Interests include: Cyber security, Software Engineering ▪ Apurv Singh Gautam,ThirdYear (I.T) student – Network PenetrationTester, Security Enthusiast, Hacker, CTF Player – Speaker at Null the Open Security Community, Pune
WHAT TO EXPECT??
NEED OF SECURITY ▪ Increasing awareness of technology but not Security ▪ Continuous Development & Competition in IT ▪ Increasing number of Cyber Criminals ▪ Increasing use of Network elements & applications ▪ Decreasing level of skill set
NEED OF SECURITY ▪ Any Security breach in the website of any person increases the risk of the public image ▪ Any Security breach in the website of any company increases the risk of company reputation ▪ Any Security breach in the government website may increase the risk on project management and government operations ▪ Any Security breach in the Military sector may jeopardise the safety of any country
What is HACKING?? ▪ Hacking is an art of exploring various security breaches ▪ What people believe: It’s an anti-social activity : All the hackers are bad people ▪ The terms Hacker and Hacking are being misinterpreted and misunderstood with negative sidelines
COMMUNITIES OF HACKERS ▪ Hackers ▪ Crackers ▪ Phreaks ▪ Script Kiddies
TYPES OF HACKERS ▪ White Hat Hacker -They use their knowledge and skill set for good constructive intents.They find out new security loopholes and their solutions ▪ Black Hat Hacker -They use their knowledge and skill set for illegal activities and destructive intents ▪ Grey Hat Hacker –They use their knowledge and skill set for legal and illegal purpose.They are white hats in public but internally they do some black hat work
HACKING STRATEGY ▪ Reconnaissance (Information Gathering) ▪ Scanning ▪ Gaining Access ▪ Maintaining Access ▪ CoveringTracks
Cyber Crime is no more FUN…!!! ▪ Cyber crime controlled by IT ACT 2008 and respective IPC (constantly evolving) ▪ Complete control of Govt agencies over information stored, processed and transmitted over internet ▪ Upgradation of Investigating agencies with latest technology ▪ Service providers like ISPs, email service providers, etc are liable to share information with Govt agencies ▪ Upgradation of Forensic labs ▪ Stringent punishment for cyber crimes
Common Scenarios - Cyber Pornography ▪ Cyber pornography covers pornographic websites, pornographic magazines produced using computers and the Internet. ▪ Whoever publishes or transmits or causes to be published in the electronic form, any material which is obscene in nature falls under cyber pornography ▪ Section 67: Punishment for publishing or transmitting obscene material in electronic form ▪ Punishment – Imprisonment from 2 – 10 years with fine upto 10 lakhs
Common Scenarios – Identity Theft ▪ Identity theft is a term used to refer to fraud that involves stealing money or getting other benefits by pretending to be someone else. ▪ Section 66C Punishment for identity theft. Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh. ▪ Section 66D Punishment for cheating by personation by using computer resource Whoever, by means of any communication device or computer resource cheats by personation, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees.
INTRODUCTION TO SOCIAL ENGINEERING “Cause there’s no PATCH for HUMAN STUPIDITY”
What is SOCIAL ENGINEERING?? In context of Information Security, it is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
TECHNIQUE ▪ Human Interaction ▪ Respectable & Known Person or Entity ▪ Assembling all gathered information together
TYPES OF SOCIAL ENGINEERING ▪ Quid Pro Quo – Something for something ▪ Phishing ▪ Baiting ▪ Pretexting ▪ DiversionTheft
Phishing Email
WEAKEST LINK?? No matter how strong your: ▪ Firewalls ▪ IDS & IPS ▪ Cryptography ▪ Anti-Virus Software ▪ You are the weakest link in computer security. People are more vulnerable than computers. ▪ “The weakest link in the security chain is the human element: - Kevin Mitnick
WAYS TO PREVENT SOCIAL ENGINEERING ▪ User Awareness ▪ Policies ▪ Third partyTest ▪ Be Smart
Students prone to Cyber Crime REASONS: ▪ Prank ▪ Jealousy ▪ Revenge ▪ Ignorance ▪ Ex-relationships ▪ Curiosity ▪ Blackmailing ▪ Pornography
RANSOMWARE
CYBER SECURITY AWARENESS TIPS
Safe Computing Tips ▪ Keep yourComputer Updated
▪ Keep all the software up to date ▪ Do not use openWi-Fi ▪ Lock the system when not in use ▪ Download Files Legally (Don’t useTorrents :P) ▪ Backup on regular basis ▪ Use goodAnti-Virus ▪ Use good Proxy/VPN
▪ Cover Mic and Camera withTape
▪ Don’t store password in browser
▪ UseTOR
Internet Surfing Tips ▪ Use private browsing in Chrome/Firefox ▪ Check for green lock and HTTPS in URL ▪ Keep your browser Up to Date ▪ Never click on unknown links ▪ Turn on Do NotTrack feature in the browser ▪ Delete your profile from sites which you don’t use (http://backgroundchecks.org/justdeleteme/) ▪ Use Sandboxie
▪ Use DuckDuckGo browser ▪ Use Panopticlick (https://panopticlick.eff.org/)
▪ UseVirusTotal for checking files (https://www.virustotal.com/#/home/upload)
Mobile Security Tips ▪ Lock your phone using screen lock ▪ Do not connect to unknownWi-Fi networks ▪ Do not connect your phone using USB to unknown devices ▪ Always update OS as soon as it releases ▪ Use LockApps for Files and Media ▪ Use Guest Mode ▪ Keep sensitive files on authentic Cloud Storages
▪ Do not Jailbreak or Root your smartphone ▪ Download apps from authorized app stores only ▪ Use Privacy options and disallow any permissions that is not necessary ▪ Do not accept calls from weird numbers (VoIP Calls) ▪ Schedule Routine Scans ▪ Don’t react to Scarewares and Adwares
Scarewares
Beware of these kind of APPS !!
Password Protection Tips ▪ Use different passwords for each account ▪ Always log off from your accounts ▪ Avoid entering password on computer that you don’t control ▪ Beware of keyloggers ▪ Use complex password (Take help of password generators) ▪ Use reliable password vaults (KeepPass, PassPack) ▪ Use two-factor authentication ▪ Don’t write true answers during security questions
Email & Chatting Tips ▪ Use encrypted emails like Proton Mail, Mailvelope ▪ Use end-to-end encrypted chat applications likeTelegram, Signal, Wickr, CHatSecure ▪ Delete unused accounts ▪ Don’t fill out your full information on social sites ▪ Use temporary mails for services you do not trust (Temp-Mail, Guerrilla Mail) ▪ Use Mail2Tor for sharing sensitive information
▪ Read all the permission that third party application want to access in your email account
Social Media Tips ▪ Check privacy settings. Do not show anything which is sensitive ▪ Limit your Bio information ▪ Avoid sharing account details ▪ Choose friends wisely over the internet ▪ Think before you share something online (status, pics, videos) ▪ Use different passwords for each social media account ▪ Restrict friend requests ▪ Access Control (who can see what)
▪ Protect your identity online ▪ Don’t share information to anyone including your friends like Full Name, Parent’s Name, D0B,Travel Plans etc
Did you Know that ? ▪ According to IT Act 2008 Section 66A Identity theft will result in 3 years jail and 5 lakh
Banking Tips ▪ Use OnlineVirtual Keyboard provided by the Banking website ▪ Never check “Remember Me” on banking websites ▪ Never use banking services on publicWi-Fis or cyber café. ▪ Always use 2 Factor Authentication ▪ Create a really strong password for Banking ▪ Change your password and ATM Pin regularly ▪ Beware of Shoulder Surfing
Preventing Online Scams ▪ Always check URLs of the sites you visit ▪ Always write the URL yourself instead of clicking on the link ▪ For suspicious links check the links on AVG ThreatLabs, Kaspersky VirusDesk, Scanurl, PhishTank, etc ▪ Never believe in any offers saying “you won something”. No one is giving free money ▪ Never click on unknown ads or pics ▪ Use pop-up blockers ▪ Try to avoid and make a distance with people having malicious intents
THANK YOU !! ▪ Email – ▪ pooja.kamat@sitpune.edu.in ▪ apurvsinghgautam@gmail.com ▪ Social Handle – apurvsinghgautam (LinkedIn,Twitter, Quora)

Recommandé

Online Netiquette
Online NetiquetteOnline Netiquette
Online Netiquette
Zoro18
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & Security
Uday Bhaskarwar
 
CYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYCYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTY
FaMulan2
 
Cyber Security for 5th and 6th Graders
Cyber Security for 5th and 6th GradersCyber Security for 5th and 6th Graders
Cyber Security for 5th and 6th Graders
Stephen Thomas, CISSP
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquette
Angelito Quiambao
 
Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri
Moumita Chatterjee
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
Jay Nagar
 
NewIinternet security
NewIinternet securityNewIinternet security
NewIinternet security
university of mumbai
 

Recommandé

Online Netiquette
Online NetiquetteOnline Netiquette
Online Netiquette
Zoro18
 
Cyber Crime & Security
Cyber Crime & SecurityCyber Crime & Security
Cyber Crime & Security
Uday Bhaskarwar
 
CYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTYCYBER ETHICS, CRIMES AND SAFTY
CYBER ETHICS, CRIMES AND SAFTY
FaMulan2
 
Cyber Security for 5th and 6th Graders
Cyber Security for 5th and 6th GradersCyber Security for 5th and 6th Graders
Cyber Security for 5th and 6th Graders
Stephen Thomas, CISSP
 
Online safety, security, ethics & etiquette
Online safety, security, ethics & etiquetteOnline safety, security, ethics & etiquette
Online safety, security, ethics & etiquette
Angelito Quiambao
 
Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri Cyber Security For Kids by Shounak Ray Chaudhuri
Cyber Security For Kids by Shounak Ray Chaudhuri
Moumita Chatterjee
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness Cyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
Jay Nagar
 
NewIinternet security
NewIinternet securityNewIinternet security
NewIinternet security
university of mumbai
 
Cybercrimes (Against Children)
Cybercrimes (Against Children)Cybercrimes (Against Children)
Cybercrimes (Against Children)
Can R. PAHALI
 
Internet Security
Internet SecurityInternet Security
Internet Security
mjelson
 
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTEEMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
AlminaVelasco
 
Cyber security awareness for students
Cyber security awareness for students Cyber security awareness for students
Cyber security awareness for students
Akhil Nadh PC
 
OSINT - Open Soure Intelligence - Webinar on CyberSecurity
OSINT - Open Soure Intelligence - Webinar on CyberSecurityOSINT - Open Soure Intelligence - Webinar on CyberSecurity
OSINT - Open Soure Intelligence - Webinar on CyberSecurity
Mohammed Adam
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
ShyamalPatra
 
Nat'l Cyber Security Awareness Month (NCSAM) Posters
Nat'l Cyber Security Awareness Month (NCSAM) PostersNat'l Cyber Security Awareness Month (NCSAM) Posters
Nat'l Cyber Security Awareness Month (NCSAM) Posters
NetLockSmith
 
Computer Project on Cyber Safety
Computer Project on Cyber SafetyComputer Project on Cyber Safety
Computer Project on Cyber Safety
Harsh Tekriwal
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
ShyamalPatra
 
CYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIACYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIA
charitha garimella
 
Online safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and EtiquetteOnline safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and Etiquette
DOFJLCCDD
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and Etiquette
Juan Miguel Palero
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness Presentation
Jamie Proctor-Brassard
 
Internet Safety Glossary of Terms
Internet Safety Glossary of TermsInternet Safety Glossary of Terms
Internet Safety Glossary of Terms
mikel_l
 
How to stay safe online
How to stay safe onlineHow to stay safe online
How to stay safe online
xlilmermaidx
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rules
ritz482
 
Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2
NetLockSmith
 
Cyber security
Cyber securityCyber security
Cyber security
Debaroy1995
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
Bunmi Omololu-Afilaka
 
Cybercrime
CybercrimeCybercrime
Cybercrime
Fraz Ali
 
Log Out Cyber Awareness
Log Out Cyber AwarenessLog Out Cyber Awareness
Log Out Cyber Awareness
Apurv Singh Gautam
 
Cyber Crime &Cyber Awareness
Cyber Crime &Cyber AwarenessCyber Crime &Cyber Awareness
Cyber Crime &Cyber Awareness
ShwetaSingh713663
 

Contenu connexe

Tendances

Tendances (20)

Cybercrimes (Against Children)
Cybercrimes (Against Children)Cybercrimes (Against Children)
Cybercrimes (Against Children)
 
Internet Security
Internet SecurityInternet Security
Internet Security
 
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTEEMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
EMPOWERMENT TECHNOLOGY 11 - ICT SAFETY, SECURITY, AND NETIQUETTE
 
Cyber security awareness for students
Cyber security awareness for students Cyber security awareness for students
Cyber security awareness for students
 
OSINT - Open Soure Intelligence - Webinar on CyberSecurity
OSINT - Open Soure Intelligence - Webinar on CyberSecurityOSINT - Open Soure Intelligence - Webinar on CyberSecurity
OSINT - Open Soure Intelligence - Webinar on CyberSecurity
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Nat'l Cyber Security Awareness Month (NCSAM) Posters
Nat'l Cyber Security Awareness Month (NCSAM) PostersNat'l Cyber Security Awareness Month (NCSAM) Posters
Nat'l Cyber Security Awareness Month (NCSAM) Posters
 
Computer Project on Cyber Safety
Computer Project on Cyber SafetyComputer Project on Cyber Safety
Computer Project on Cyber Safety
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
CYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIACYBER SECURITY ON SOCIAL MEDIA
CYBER SECURITY ON SOCIAL MEDIA
 
Online safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and EtiquetteOnline safety, Security, Ethics and Etiquette
Online safety, Security, Ethics and Etiquette
 
Empowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and EtiquetteEmpowerment Technologies - Online Safety, Ethics and Etiquette
Empowerment Technologies - Online Safety, Ethics and Etiquette
 
National Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness PresentationNational Life IT Department's Cyber Security Awareness Presentation
National Life IT Department's Cyber Security Awareness Presentation
 
Internet Safety Glossary of Terms
Internet Safety Glossary of TermsInternet Safety Glossary of Terms
Internet Safety Glossary of Terms
 
How to stay safe online
How to stay safe onlineHow to stay safe online
How to stay safe online
 
Ten Important Rules
Ten Important RulesTen Important Rules
Ten Important Rules
 
Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber safety
Cyber safetyCyber safety
Cyber safety
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 

Similaire à SIT Summer School (Cyber Security)

Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media Security
Hem Pokhrel
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
MansoorAhmed57263
 

Similaire à SIT Summer School (Cyber Security) (20)

Log Out Cyber Awareness
Log Out Cyber AwarenessLog Out Cyber Awareness
Log Out Cyber Awareness
 
Cyber Crime &Cyber Awareness
Cyber Crime &Cyber AwarenessCyber Crime &Cyber Awareness
Cyber Crime &Cyber Awareness
 
Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....Steps and Tips to Protect Yourself and your Private Information while Online....
Steps and Tips to Protect Yourself and your Private Information while Online....
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber_Crime_Security.pptx
Cyber_Crime_Security.pptxCyber_Crime_Security.pptx
Cyber_Crime_Security.pptx
 
Cyber Safety & Cyber Crimes by me.pptx
Cyber Safety & Cyber Crimes by me.pptxCyber Safety & Cyber Crimes by me.pptx
Cyber Safety & Cyber Crimes by me.pptx
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Cyber Safety ppt.pptx
Cyber Safety ppt.pptxCyber Safety ppt.pptx
Cyber Safety ppt.pptx
 
Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media Security
 
Chp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptxChp-15 Cyber Safety ppt-std 11.pptx
Chp-15 Cyber Safety ppt-std 11.pptx
 
Cyberattacks.pptx
Cyberattacks.pptxCyberattacks.pptx
Cyberattacks.pptx
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
 
Types of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security ThreatsTypes of Cyber Crimes and Security Threats
Types of Cyber Crimes and Security Threats
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
it act
it actit act
it act
 
Cyber Security and Cyber Awareness
Cyber Security and Cyber AwarenessCyber Security and Cyber Awareness
Cyber Security and Cyber Awareness
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security Presentation
 

Plus de Apurv Singh Gautam

Automating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty thingsAutomating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty things
Apurv Singh Gautam
 
Threat Hunting on the Dark Web
Threat Hunting on the Dark WebThreat Hunting on the Dark Web
Threat Hunting on the Dark Web
Apurv Singh Gautam
 

Plus de Apurv Singh Gautam (14)

Automating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty thingsAutomating Threat Hunting on the Dark Web and other nitty-gritty things
Automating Threat Hunting on the Dark Web and other nitty-gritty things
 
Threat Hunting on the Dark Web
Threat Hunting on the Dark WebThreat Hunting on the Dark Web
Threat Hunting on the Dark Web
 
All about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS studentAll about Cyber Security - From the perspective of a MS student
All about Cyber Security - From the perspective of a MS student
 
Cyber Security Seminar Day 2
Cyber Security Seminar Day 2Cyber Security Seminar Day 2
Cyber Security Seminar Day 2
 
Cyber Security Seminar Day 1
Cyber Security Seminar Day 1Cyber Security Seminar Day 1
Cyber Security Seminar Day 1
 
Cyber Security Fundamentals
Cyber Security FundamentalsCyber Security Fundamentals
Cyber Security Fundamentals
 
Bitcoin Forensics
Bitcoin ForensicsBitcoin Forensics
Bitcoin Forensics
 
OSINT
OSINTOSINT
OSINT
 
Intro to Network Vapt
Intro to Network VaptIntro to Network Vapt
Intro to Network Vapt
 
Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)Security News Bytes (Aug Sept 2017)
Security News Bytes (Aug Sept 2017)
 
Anonymous traffic network
Anonymous traffic networkAnonymous traffic network
Anonymous traffic network
 
Flexible Displays
Flexible DisplaysFlexible Displays
Flexible Displays
 
India against corruption
India against corruptionIndia against corruption
India against corruption
 
Encrypted database management system
Encrypted database management systemEncrypted database management system
Encrypted database management system
 

Dernier

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 

Dernier (20)

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 

SIT Summer School (Cyber Security)

  • 1. SIT Computer Science & Information Technology Department Welcomes all Summer School Students Symbiosis Institute of Technology Symbiosis International (Deemed University)
  • 3. Presented by ▪ Pooja Kamat, Assistant Professor (CS & IT department) – Research Interests include: Cyber security, Software Engineering ▪ Apurv Singh Gautam,ThirdYear (I.T) student – Network PenetrationTester, Security Enthusiast, Hacker, CTF Player – Speaker at Null the Open Security Community, Pune
  • 5. NEED OF SECURITY ▪ Increasing awareness of technology but not Security ▪ Continuous Development & Competition in IT ▪ Increasing number of Cyber Criminals ▪ Increasing use of Network elements & applications ▪ Decreasing level of skill set
  • 6.
  • 7. NEED OF SECURITY ▪ Any Security breach in the website of any person increases the risk of the public image ▪ Any Security breach in the website of any company increases the risk of company reputation ▪ Any Security breach in the government website may increase the risk on project management and government operations ▪ Any Security breach in the Military sector may jeopardise the safety of any country
  • 8.
  • 9. What is HACKING?? ▪ Hacking is an art of exploring various security breaches ▪ What people believe: It’s an anti-social activity : All the hackers are bad people ▪ The terms Hacker and Hacking are being misinterpreted and misunderstood with negative sidelines
  • 10. COMMUNITIES OF HACKERS ▪ Hackers ▪ Crackers ▪ Phreaks ▪ Script Kiddies
  • 11. TYPES OF HACKERS ▪ White Hat Hacker -They use their knowledge and skill set for good constructive intents.They find out new security loopholes and their solutions ▪ Black Hat Hacker -They use their knowledge and skill set for illegal activities and destructive intents ▪ Grey Hat Hacker –They use their knowledge and skill set for legal and illegal purpose.They are white hats in public but internally they do some black hat work
  • 12. HACKING STRATEGY ▪ Reconnaissance (Information Gathering) ▪ Scanning ▪ Gaining Access ▪ Maintaining Access ▪ CoveringTracks
  • 13. Cyber Crime is no more FUN…!!! ▪ Cyber crime controlled by IT ACT 2008 and respective IPC (constantly evolving) ▪ Complete control of Govt agencies over information stored, processed and transmitted over internet ▪ Upgradation of Investigating agencies with latest technology ▪ Service providers like ISPs, email service providers, etc are liable to share information with Govt agencies ▪ Upgradation of Forensic labs ▪ Stringent punishment for cyber crimes
  • 14. Common Scenarios - Cyber Pornography ▪ Cyber pornography covers pornographic websites, pornographic magazines produced using computers and the Internet. ▪ Whoever publishes or transmits or causes to be published in the electronic form, any material which is obscene in nature falls under cyber pornography ▪ Section 67: Punishment for publishing or transmitting obscene material in electronic form ▪ Punishment – Imprisonment from 2 – 10 years with fine upto 10 lakhs
  • 15. Common Scenarios – Identity Theft ▪ Identity theft is a term used to refer to fraud that involves stealing money or getting other benefits by pretending to be someone else. ▪ Section 66C Punishment for identity theft. Whoever, fraudulently or dishonestly make use of the electronic signature, password or any other unique identification feature of any other person, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to rupees one lakh. ▪ Section 66D Punishment for cheating by personation by using computer resource Whoever, by means of any communication device or computer resource cheats by personation, shall be punished with imprisonment of either description for a term which may extend to three years and shall also be liable to fine which may extend to one lakh rupees.
  • 16. INTRODUCTION TO SOCIAL ENGINEERING “Cause there’s no PATCH for HUMAN STUPIDITY”
  • 17. What is SOCIAL ENGINEERING?? In context of Information Security, it is the use of deception to manipulate individuals into divulging confidential or personal information that may be used for fraudulent purposes.
  • 18.
  • 19. TECHNIQUE ▪ Human Interaction ▪ Respectable & Known Person or Entity ▪ Assembling all gathered information together
  • 20. TYPES OF SOCIAL ENGINEERING ▪ Quid Pro Quo – Something for something ▪ Phishing ▪ Baiting ▪ Pretexting ▪ DiversionTheft
  • 22.
  • 23.
  • 24. WEAKEST LINK?? No matter how strong your: ▪ Firewalls ▪ IDS & IPS ▪ Cryptography ▪ Anti-Virus Software ▪ You are the weakest link in computer security. People are more vulnerable than computers. ▪ “The weakest link in the security chain is the human element: - Kevin Mitnick
  • 25. WAYS TO PREVENT SOCIAL ENGINEERING ▪ User Awareness ▪ Policies ▪ Third partyTest ▪ Be Smart
  • 26.
  • 27.
  • 28. Students prone to Cyber Crime REASONS: ▪ Prank ▪ Jealousy ▪ Revenge ▪ Ignorance ▪ Ex-relationships ▪ Curiosity ▪ Blackmailing ▪ Pornography
  • 29.
  • 32. Safe Computing Tips ▪ Keep yourComputer Updated
  • 33. ▪ Keep all the software up to date ▪ Do not use openWi-Fi ▪ Lock the system when not in use ▪ Download Files Legally (Don’t useTorrents :P) ▪ Backup on regular basis ▪ Use goodAnti-Virus ▪ Use good Proxy/VPN
  • 34. ▪ Cover Mic and Camera withTape
  • 35. ▪ Don’t store password in browser
  • 37. Internet Surfing Tips ▪ Use private browsing in Chrome/Firefox ▪ Check for green lock and HTTPS in URL ▪ Keep your browser Up to Date ▪ Never click on unknown links ▪ Turn on Do NotTrack feature in the browser ▪ Delete your profile from sites which you don’t use (http://backgroundchecks.org/justdeleteme/) ▪ Use Sandboxie
  • 38. ▪ Use DuckDuckGo browser ▪ Use Panopticlick (https://panopticlick.eff.org/)
  • 39. ▪ UseVirusTotal for checking files (https://www.virustotal.com/#/home/upload)
  • 40. Mobile Security Tips ▪ Lock your phone using screen lock ▪ Do not connect to unknownWi-Fi networks ▪ Do not connect your phone using USB to unknown devices ▪ Always update OS as soon as it releases ▪ Use LockApps for Files and Media ▪ Use Guest Mode ▪ Keep sensitive files on authentic Cloud Storages
  • 41. ▪ Do not Jailbreak or Root your smartphone ▪ Download apps from authorized app stores only ▪ Use Privacy options and disallow any permissions that is not necessary ▪ Do not accept calls from weird numbers (VoIP Calls) ▪ Schedule Routine Scans ▪ Don’t react to Scarewares and Adwares
  • 43. Beware of these kind of APPS !!
  • 44. Password Protection Tips ▪ Use different passwords for each account ▪ Always log off from your accounts ▪ Avoid entering password on computer that you don’t control ▪ Beware of keyloggers ▪ Use complex password (Take help of password generators) ▪ Use reliable password vaults (KeepPass, PassPack) ▪ Use two-factor authentication ▪ Don’t write true answers during security questions
  • 45.
  • 46. Email & Chatting Tips ▪ Use encrypted emails like Proton Mail, Mailvelope ▪ Use end-to-end encrypted chat applications likeTelegram, Signal, Wickr, CHatSecure ▪ Delete unused accounts ▪ Don’t fill out your full information on social sites ▪ Use temporary mails for services you do not trust (Temp-Mail, Guerrilla Mail) ▪ Use Mail2Tor for sharing sensitive information
  • 47. ▪ Read all the permission that third party application want to access in your email account
  • 48. Social Media Tips ▪ Check privacy settings. Do not show anything which is sensitive ▪ Limit your Bio information ▪ Avoid sharing account details ▪ Choose friends wisely over the internet ▪ Think before you share something online (status, pics, videos) ▪ Use different passwords for each social media account ▪ Restrict friend requests ▪ Access Control (who can see what)
  • 49.
  • 50. ▪ Protect your identity online ▪ Don’t share information to anyone including your friends like Full Name, Parent’s Name, D0B,Travel Plans etc
  • 51.
  • 52. Did you Know that ? ▪ According to IT Act 2008 Section 66A Identity theft will result in 3 years jail and 5 lakh
  • 53. Banking Tips ▪ Use OnlineVirtual Keyboard provided by the Banking website ▪ Never check “Remember Me” on banking websites ▪ Never use banking services on publicWi-Fis or cyber café. ▪ Always use 2 Factor Authentication ▪ Create a really strong password for Banking ▪ Change your password and ATM Pin regularly ▪ Beware of Shoulder Surfing
  • 54.
  • 55.
  • 56. Preventing Online Scams ▪ Always check URLs of the sites you visit ▪ Always write the URL yourself instead of clicking on the link ▪ For suspicious links check the links on AVG ThreatLabs, Kaspersky VirusDesk, Scanurl, PhishTank, etc ▪ Never believe in any offers saying “you won something”. No one is giving free money ▪ Never click on unknown ads or pics ▪ Use pop-up blockers ▪ Try to avoid and make a distance with people having malicious intents
  • 57.
  • 58.
  • 59.
  • 60. THANK YOU !! ▪ Email – ▪ pooja.kamat@sitpune.edu.in ▪ apurvsinghgautam@gmail.com ▪ Social Handle – apurvsinghgautam (LinkedIn,Twitter, Quora)