Scribd
Upload
103 views5 pages

Overview of Cyber Security Threats

Cyber security refers to protecting organizations, employees, and assets from cyber threats through a variety of solutions. There are many types of cyber threats including malware attacks, social engineering, phishing, password attacks, ransomware, man-in-the-middle attacks, and distributed denial of service attacks. The National Cybersecurity Protection System is an integrated system that delivers capabilities like intrusion detection and prevention to help secure federal networks and infrastructure from advanced cyber threats.

Uploaded by

Krrish
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
103 views5 pages

Overview of Cyber Security Threats

Cyber security refers to protecting organizations, employees, and assets from cyber threats through a variety of solutions. There are many types of cyber threats including malware attacks, social engineering, phishing, password attacks, ransomware, man-in-the-middle attacks, and distributed denial of service attacks. The National Cybersecurity Protection System is an integrated system that delivers capabilities like intrusion detection and prevention to help secure federal networks and infrastructure from advanced cyber threats.

Uploaded by

Krrish
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

 

                                                            Introduction to Cyber security

Cyber security refers to every aspect of protecting an organization and its employees and
assets against cyber threats. As cyberattacks become more common and sophisticated and
corporate networks grow more complex, a variety of cyber security solutions are required to
mitigate corporate cyber risk.
Individually there are many cyberthreats, one can gain unauthorised  access in this case cyber
security help In providing job against these unauthorised access or cyber attacks. In this job
you play a important role in protecting your organisation from these threats and save valuable
data

CYBER THREATS
Any circumstance or event with the potential to adversely impact organizational operations
(including mission, functions, image, or reputation), organizational assets, or individuals
through an information system via unauthorized access, destruction, disclosure, modification
of information, and/or denial of service.
There are many type of cyberthreats which are as follows 
••Malware attack.
•Social engineering attacks.
•Software supply chain attacks.
••Advanced persistent threats (APT)
••Distributed denial of service (DDoS)
••Man-in-the-middle attack (MitM)
••Password attacks.
••Ransomware
••Phishing
••Code injection attacks

Malware
Malware is a malacious software which when enters the target host ,gives an attacker full or
limited control over the target. They can either damage or modify the functionalities of target
host helping an attacker to steal or destroy information.
Social engineering attack

 A social engineering attack is a malicious attack which typically involves some form of
psychological manipulation, specifically fooling otherwise unsuspecting users or employees
into handing over confidential or sensitive [Link] of the greatest dangers of social
engineering is that the attacks don't have to work against everyone: A single successfully
fooled victim can provide enough information to trigger an attack that can affect an entire
organization.

Over time, social engineering attacks have grown increasingly sophisticated. Not only do fake
websites or emails look realistic enough to fool victims into revealing data that can be used for
identity theft, social engineering has also become one of the most common ways for attackers
to breach an organization's initial defenses in order to cause further disruption and harm.

Phishing
Phishing attacks are the practice of sending fraudulent communications that appear to come
from a reputable source. It is usually done through email. The goal is to steal sensitive data like
credit card and login information, or to install malware on the victim’s machine. Phishing is a
common type of cyber attack that everyone should learn about in order to protect themselves. 

Password attack

Password attacks involve exploiting a broken authorization vulnerability in the system


combined with automatic password attack tools that speed up the guessing and cracking
passwords. The attacker uses various techniques to access and expose the credentials of a
legitimate user, assuming their identity and privileges. The username-password combination is
one of the oldest known account authentication techniques, so adversaries have had time to
craft multiple methods of obtaining guessable passwords. Additionally, applications that use
passwords as the sole authentication factor are vulnerable to password attacks since the
vulnerabilities are well understood.
Phishing come under password attacks. 
Precautions against password attacks can be taken by providing strong(tough) password. 

Ransomware

Ransomware is malware that employs encryption to hold a victim’s information at ransom. A


user or organization’s critical data is encrypted so that they cannot access files, databases, or
applications. A ransom is then demanded to provide access. Ransomware is often designed to
spread across a network and target database and file servers, and can thus quickly paralyze an
entire organization. It is a growing threat, generating billions of dollar in payment to
cybercriminals and inflicting significant damage and expenses for business and governmental
organisations. 
After a successful exploit, ransomware drops and executes a malicious binary on the infected
system. This binary then searches and encrypts valuable files, such as Microsoft Word
documents, images, databases, and so on. The ransomware may also exploit system and
network vulnerabilities to spread to other systems and possibly across entire organizations.
Once files are encrypted, ransomware prompts the user for a ransom to be paid within 24 to 48
hours to decrypt the files, or they will be lost forever. If a data backup is unavailable or those
backups were themselves encrypted, the victim is faced with paying the ransom to recover
personal files.

Man in the middle attack


A man-in-the-middle (MITM) attack is a cyber attack in which a threat actor puts themselves in
the middle of two parties, typically a user and an application, to intercept their communications
and data exchanges and use them for malicious purposes like making unauthorized purchases
or hacking.
Man-in-the-middle attacks offer hackers a path to intercept sensitive information such as
usernames, passwords, credit card numbers, and bank account details. It's dangerous because
the user has no idea there is another presence between them and the application they're
interacting with or that their data is rerouting to a malicious party.
Once a criminal has this information, they can manipulate account credentials, steal funds, or
make unauthorized purchases. Because of its scope, MITM attackers often target banking,
online retailers, and software-as-a-service (SaaS) platform customers
Distributed denial of service
A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the normal traffic
of a targeted server, service or network by overwhelming the target or its surrounding
infrastructure with a flood of Internet traffic.

DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as


sources of attack traffic. Exploited machines can include computers and other networked
resources such as IoT devices.

National cyber security protection system


The National Cybersecurity Protection System (NCPS) is an integrated system-of-
systems that delivers a range of capabilities, such as intrusion detection, analytics,
information sharing, and intrusion prevention. These capabilities provide a
technological foundation that enables the Cybersecurity and Infrastructure Security
Agency (CISA) to secure and defend the Federal Civilian Executive Branch (FCEB)
agencies' information technology infrastructure against advanced cyber threats.
NCPS advances CISA's responsibilities as delineated in the Comprehensive National
Cybersecurity Initiative (CNCI).

NCPS includes the hardware, software, supporting processes, training, and services
that the program acquires, engineers, and supports to fulfill the agency's
cybersecurity mission. One of CISA's key technologies within NCPS is EINSTEIN, one
of many tools and capabilities that assist in federal network defense. The goal of the
NCPS EINSTEIN set of capabilities is to provide the Federal Government with an
early warning system, improved situational awareness of intrusion threats to FCEB
networks, near real-time identification of malicious cyber activity, and prevention of
that malicious cyber activity.

Development of NCPS capabilities relies on tight collaboration and integration with


cross-federal stakeholders to support the defense of their underlying networks.
Through these relationships, CISA can develop and deliver analytic products and
real-time defensive services. This collaboration provides valuable cyber incident
information and generates situational awareness and decision support data that is
used by incident response teams, governmental and critical infrastructure
organizations, and national leadership.

You might also like