Cyber Security Seminar
“It Will Never Happen To Me”
What is Cyber Crime
Webopedia Definition
• Cyber crime encompasses any criminal act dealing with computers and networks(called hacking)
• Additionally, cyber crime also includes traditional crimes conducted through the internet
• For example; hate crimes, telemarketing and Internet fraud, identity theft,
• Credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.
Cyber Crime Statistics
*Crime rate in England and Wales soars as cybercrime is included for first time
• The sharp rise in the headline figures is due to the inclusion of an estimated 5.1m online fraud incidents and 2.5m cybercrime offences for the first time
• The detailed figures for online fraud show 14% of victims lost less than £20, 27% lost less than £100 and a further 37% lost less than £500. One per cent lost more than £5,000.
• The virus or malware, known as Dridex netted criminals £20m in funds from UK Banks in 1 heist
• Report also stated is was reported to have netted over $100m worldwide
What is Ransomware
• Ransomware is a strain of malware (malicious software) that encrypts or locks all of the files on your computer or server, and then demands a payment (or ransom) to unlock your files.
• It takes many forms, including its most infamous incarnation, Cryptolocker.
• Other strains include Locky, Teslacrypt, and Cryptowall.• In some instances, ransomware’s presence can be betrayed by a .EXE
file extension - but cyber criminals are getting more and more sophisticated, so this often isn’t the case.
How Does Ransomware Spread ?
• Like many viruses, the most common source of infection is from emails, when a user opens contaminated attachments or clicks a malicious link. However, there are many other sources, like rogue USB sticks, or even joining free WiFi networks.
How can I Remove it ?
• Unfortunately, there’s no sure-fire way to remove Ransomware.
• Even paying up doesn’t always work; criminals have been known to ask for higher and higher sums, or claim to have lost the ‘key’.
• The best approach is to access your backups.
What can I do to avoid Ransomware?
• There are three major forms of protection:
• Preventative measures,
• Anti-virus & backup.
• Preventative measures are the first lines of defence against Ransomware: education can ensure that staff are aware of the risks and know what to look out for, and changing system permissions can lower the risk of infection.
• Anti-virus is a must for all businesses, and can detect and deflect a high percentage of attacks.
What can I do to avoid Ransomware? Cont’d
• However, due to the ever-changing nature of Ransomware, these steps aren’t 100% effective. That’s when you need a backup and business continuity solution. This allows you to roll back to a point prior to infection.
Who would want to hack us ?
• What have we got that can't be found elsewhere more easily
• Credit/Debit Card Details
• Online Account Details such as Pay Pal
• Scanning of passports or credit cards
Who would want to hack us ?
• There are basic kinds of phishing
• Blanket
• Spear Phishing
• Whaling
Types of attacks?
Example of Social Engineering
Example of Blanket Attack
Example of Blanket Attack
Example of Blanket Attack
Example of Blanket Attack
Example of Blanket Attack
• They will ring you up to inform you , “you have an issue with Internet Traffic from your connection “ you may have spyware
• Call reference you Credit Card being used
• Scammers who pretend to be tech support from Microsoft
Tech Support Scammers
• Crypto Locker , CryptoDefense and CryptoWall
• 5 Stages of Crypto Ransomware
1. Installation2. Contacting Headquarters3. Hand Shake and Keys4. Encryption5. Extortion
Most Commonly known attack !
• You don’t get calls from your Bank about the Balance in your account
• You don’t get phone calls from Microsoft Technical Support or other support
agents
• You don’t get emails from HMRC “ You are owed credit and to contact them”
• You probably don’t have a long lost Relative in the Congo who has Millions that
they need you to hold for them just short term
• Passwords should be changed regularly and not use common ones
How Do we Protect OurselvesEducating our users on the Do’s and Don'ts is a Major factor in reducing he impact to your Business