2.

TYPES OF SECURITY AND SECURITY MANAGEMENT

A cyber-attack is an exploitation of computer systems and networks. It uses malicious code

to alter computer code, logic or data and lead to cybercrimes, such as information and
identity theft.

We are living in a digital era. Now a day, most of the people use computer and internet.
Due to the dependency on digital things, the illegal computer activity is growing and
changing like any type of crime.

Cyber-attacks can be classified into the following categories:

Web-based attacks
These are the attacks which occur on a website or web applications. Some of the important
web-based attacks are as follows-

1. Injection attacks

It is the attack in which some data will be injected into a web application to manipulate the
application and fetch the required information.

Example- SQL Injection, code Injection, log Injection, XML Injection etc.

2. DNS Spoofing

DNS Spoofing is a type of computer security hacking. Whereby a data is introduced into a
DNS resolver's cache causing the name server to return an incorrect IP address, diverting
traffic to the attacker?s computer or any other computer. The DNS spoofing attacks can go
on for a long period of time without being detected and can cause serious security issues.

3. Session Hijacking
It is a security attack on a user session over a protected network. Web applications create
cookies to store the state and user sessions. By stealing the cookies, an attacker can have
access to all of the user data.

4. Phishing

Phishing is a type of attack which attempts to steal sensitive information like user login
credentials and credit card number. It occurs when an attacker is masquerading as a
trustworthy entity in electronic communication.

5. Brute force

It is a type of attack which uses a trial and error method. This attack generates a large
number of guesses and validates them to obtain actual data like user password and
personal identification number. This attack may be used by criminals to crack encrypted
data, or by security, analysts to test an organization's network security.

6. Denial of Service

It is an attack which meant to make a server or network resource unavailable to the users.
It accomplishes this by flooding the target with traffic or sending it information that triggers
a crash. It uses the single system and single internet connection to attack a server. It can
be classified into the following-

Volume-based attacks- Its goal is to saturate the bandwidth of the attacked site, and is
measured in bit per second.

Protocol attacks- It consumes actual server resources, and is measured in a packet.

Application layer attacks- Its goal is to crash the web server and is measured in request
per second.

7. Dictionary attacks

This type of attack stored the list of a commonly used password and validated them to get
original password.

8. URL Interpretation

It is a type of attack where we can change the certain parts of a URL, and one can make a
web server to deliver web pages for which he is not authorized to browse.

9. File Inclusion attacks

It is a type of attack that allows an attacker to access unauthorized or essential files which
is available on the web server or to execute malicious files on the web server by making use
of the include functionality.

10. Man in the middle attacks

It is a type of attack that allows an attacker to intercepts the connection between client and
server and acts as a bridge between them. Due to this, an attacker will be able to read,
insert and modify the data in the intercepted connection.

System-based attacks
These are the attacks which are intended to compromise a computer or a computer
network. Some of the important system-based attacks are as follows-

1. Virus

It is a type of malicious software program that spread throughout the computer files without
the knowledge of a user. It is a self-replicating malicious computer program that replicates
by inserting copies of itself into other computer programs when executed. It can also
execute instructions that cause harm to the system.

2. Worm

It is a type of malware whose primary function is to replicate itself to spread to uninfected

computers. It works same as the computer virus. Worms often originate from email
attachments that appear to be from trusted senders.

3. Trojan horse

It is a malicious program that occurs unexpected changes to computer setting and unusual
activity, even when the computer should be idle. It misleads the user of its true intent. It
appears to be a normal application but when opened/executed some malicious code will run
in the background.

4. Backdoors

It is a method that bypasses the normal authentication process. A developer may create a
backdoor so that an application or operating system can be accessed for troubleshooting or
other purposes.

5. Bots

A bot (short for "robot") is an automated process that interacts with other network services.
Some bots program run automatically, while others only execute commands when they
receive specific input. Common examples of bots program are the crawler, chatroom bots,
and malicious bots.

E-Commerce Security:-
E-Commerce refers to the activity of buying and selling things over the internet. Simply, it
refers to the commercial transactions which are conducted online. E-commerce can be
drawn on many technologies such as mobile commerce, Internet marketing, online
transaction processing, electronic funds transfer, supply chain management, electronic data
interchange (EDI), inventory management systems, and automated data collection systems.
E-commerce threat is occurring by using the internet for unfair means with the intention of
stealing, fraud and security breach. There are various types of e-commerce threats. Some
are accidental, some are purposeful, and some of them are due to human error. The most
common security threats are an electronic payments system, e-cash, data misuse,
credit/debit card frauds, etc.

Electronic payments system:

With the rapid development of the computer, mobile, and network technology, e-commerce
has become a routine part of human life. In e-commerce, the customer can order products
at home and save time for doing other things. There is no need of visiting a store or a shop.
The customer can select different stores on the Internet in a very short time and compare
the products with different characteristics such as price, colour, and quality.

The electronic payment systems have a very important role in e-commerce. E-commerce
organizations use electronic payment systems that refer to paperless monetary
transactions. It revolutionized the business processing by reducing paperwork, transaction
costs, and labour cost. E-commerce processing is user-friendly and less time consuming
than manual processing. Electronic commerce helps a business organization expand its
market reach expansion. There is a certain risk with the electronic payments system.

Some of them are:

The Risk of Fraud

An electronic payment system has a huge risk of fraud. The computing devices use an
identity of the person for authorizing a payment such as passwords and security questions.
These authentications are not full proof in determining the identity of a person. If the
password and the answers to the security questions are matched, the system doesn't care
who is on the other side. If someone has access to our password or the answers to our
security question, he will gain access to our money and can steal it from us.

The Risk of Tax Evasion

The Internal Revenue Service law requires that every business declare their financial
transactions and provide paper records so that tax compliance can be verified. The problem
with electronic systems is that they don't provide cleanly into this paradigm. It makes the
process of tax collection very frustrating for the Internal Revenue Service. It is at the
business's choice to disclose payments received or made via electronic payment systems.
The IRS has no way to know that it is telling the truth or not that makes it easy to evade
taxation.

The Risk of Payment Conflicts

In electronic payment systems, the payments are handled by an automated electronic
system, not by humans. The system is prone to errors when it handles large amounts of
payments on a frequent basis with more than one recipients involved. It is essential to
continually check our pay slip after every pay period ends in order to ensure everything
makes sense. If it is a failure to do this, may result in conflicts of payment caused by
technical glitches and anomalies.

E-cash
E-cash is a paperless cash system which facilitates the transfer of funds anonymously. E-
cash is free to the user while the sellers have paid a fee for this. The e-cash fund can be
either stored on a card itself or in an account which is associated with the card. The most
common examples of e-cash system are transit card, PayPal, GooglePay, Paytm, etc.

E-cash has four major components-

1. Issuers - They can be banks or a non-bank institution.

2. Customers - They are the users who spend the e-cash.
3. Merchants or Traders - They are the vendors who receive e-cash.
4. Regulators - They are related to authorities or state tax agencies.

In e-cash, we stored financial information on the computer, electronic device or on the

internet which is vulnerable to the hackers. Some of the major threats related to e-cash
system are-

Backdoors Attacks
It is a type of attacks which gives an attacker to unauthorized access to a system by
bypasses the normal authentication mechanisms. It works in the background and hides
itself from the user that makes it difficult to detect and remove.
Denial of service attacks
A denial-of-service attack (DoS attack) is a security attack in which the attacker takes
action that prevents the legitimate (correct) users from accessing the electronic devices. It
makes a network resource unavailable to its intended users by temporarily disrupting
services of a host connected to the Internet.

Direct Access Attacks

Direct access attack is an attack in which an intruder gains physical access to the computer
to perform an unauthorized activity and installing various types of software to compromise
security. These types of software loaded with worms and download a huge amount of
sensitive data from the target victims.

Eavesdropping
This is an unauthorized way of listening to private communication over the network. It does
not interfere with the normal operations of the targeting system so that the sender and the
recipient of the messages are not aware that their conversation is tracking.

Credit/Debit card fraud

A credit card allows us to borrow money from a recipient bank to make purchases. The
issuer of the credit card has the condition that the cardholder will pay back the borrowed
money with an additional agreed-upon charge.

A debit card is of a plastic card which issued by the financial organization to account holder
who has a savings deposit account that can be used instead of cash to make purchases. The
debit card can be used only when the fund is available in the account.

Some of the important threats associated with the debit/credit card are-

ATM (Automated Teller Machine)-

It is the favourite place of the fraudster from there they can steal our card details. Some of
the important techniques which the criminals opt for getting hold of our card information is:

Skimming-

It is the process of attaching a data-skimming device in the card reader of the ATM. When
the customer swipes their card in the ATM card reader, the information is copied from the
magnetic strip to the device. By doing this, the criminals get to know the details of the Card
number, name, CVV number, expiry date of the card and other details.

Unwanted Presence-
It is a rule that not more than one user should use the ATM at a time. If we find more than
one people lurking around together, the intention behind this is to overlook our card details
while we were making our transaction.

Vishing/Phishing

Phishing is an activity in which an intruder obtained the sensitive information of a user such
as password, usernames, and credit card details, often for malicious reasons, etc.

Vishing is an activity in which an intruder obtained the sensitive information of a user via
sending SMS on mobiles. These SMS and Call appears to be from a reliable source, but in
real they are fake. The main objective of vishing and phishing is to get the customer's PIN,
account details, and passwords.

Online Transaction

Online transaction can be made by the customer to do shopping and pay their bills over the
internet. It is as easy as for the customer, also easy for the customer to hack into our
system and steal our sensitive information. Some important ways to steal our confidential
information during an online transaction are-

o By downloading software which scans our keystroke and steals our password and
card details.
o By redirecting a customer to a fake website which looks like original and steals our
sensitive information.
o By using public Wi-Fi

POS Theft

It is commonly done at merchant stores at the time of POS transaction. In this, the
salesperson takes the customer card for processing payment and illegally copies the card
details for later use.

Security Policies

Security policies are a formal set of rules which is issued by an organization to ensure that
the user who are authorized to access company technology and information assets comply
with rules and guidelines related to the security of information. It is a written document in
the organization which is responsible for how to protect the organizations from threats and
how to handles them when they will occur. A security policy also considered to be a "living
document" which means that the document is never finished, but it is continuously updated
as requirements of the technology and employee changes.

Need of Security policies-

1) It increases efficiency.

The best thing about having a policy is being able to increase the level of consistency which
saves time, money and resources. The policy should inform the employees about their
individual duties, and telling them what they can do and what they cannot do with the
organization sensitive information.

2) It upholds discipline and accountability

When any human mistake will occur, and system security is compromised, then the security
policy of the organization will back up any disciplinary action and also supporting a case in a
court of law. The organization policies act as a contract which proves that an organization
has taken steps to protect its intellectual property, as well as its customers and clients.

3) It can make or break a business deal

It is not necessary for companies to provide a copy of their information security policy to
other vendors during a business deal that involves the transference of their sensitive
information. It is true in a case of bigger businesses which ensures their own security
interests are protected when dealing with smaller businesses which have less high-end
security systems in place.

4) It helps to educate employees on security literacy

A well-written security policy can also be seen as an educational document which informs
the readers about their importance of responsibility in protecting the organization sensitive
data. It involves on choosing the right passwords, to providing guidelines for file transfers
and data storage which increases employee's overall awareness of security and how it can
be strengthened.

We use security policies to manage our network security. Most types of security policies are
automatically created during the installation. We can also customize policies to suit our
specific environment. There are some important cybersecurity policies recommendations
describe below-

1. Virus and Spyware Protection policy

This policy provides the following protection:

o It helps to detect, removes, and repairs the side effects of viruses and security risks
by using signatures.
o It helps to detect the threats in the files which the users try to download by using
reputation data from Download Insight.
o It helps to detect the applications that exhibit suspicious behaviour by using SONAR
heuristics and reputation data.

2. Firewall Policy
This policy provides the following protection:

o It blocks the unauthorized users from accessing the systems and networks that
connect to the Internet.
o It detects the attacks by cybercriminals.
o It removes the unwanted sources of network traffic.

3. Intrusion Prevention policy

This policy automatically detects and blocks the network attacks and browser attacks. It
also protects applications from vulnerabilities. It checks the contents of one or more data
packages and detects malware which is coming through legal ways.

4. LiveUpdate policy

This policy can be categorized into two types one is LiveUpdate Content policy, and another
is LiveUpdate Setting Policy. The LiveUpdate policy contains the setting which determines
when and how client computers download the content updates from LiveUpdate. We can
define the computer that clients contact to check for updates and schedule when and how
often clients computer check for updates.

5. Application and Device Control

This policy protects a system's resources from applications and manages the peripheral
devices that can attach to a system. The device control policy applies to both Windows and
Mac computers whereas application control policy can be applied only to Windows clients.

Dimensions of Ecommerce Security to Ensure Customer Trust

When you look into the ecommerce world, everything is a transmission of data

between two or more parties online. However, on the other hand, the internet is nowadays

undergoing security threats and cyber-attacks. 

Recent research indicates that cybercrime is on the rise for some major companies

like Equifax, Yahoo, Facebook, etc, who find themselves as a victim of cyber-

attacks. 

An ecommerce website must protect its assets from unauthorized access, use, alteration, or

destruction. It requires a reliable infrastructure and framework to enable a secure and

successful ecommerce business. The most common security breach

for the ecommerce website is concerned with Integrity, Availability, Confidentiality, Non-

repudiation, Authenticity, and Privacy. 

Six Dimensions of Ecommerce Security 

1. Integrity 

Integrity can ensure that information on the internet has not been altered in any way

by an unauthorized party. It maintains the consistency, accuracy, and trustworthiness of the

information over its entire life cycle. 

Example: The most common threat will be “would any unauthorized person will intercept

and redirect payment into a different account” since ecommerce sites prefer online transfer

mostly. 

2. Non-repudiation 

Good business depends on both buyers and sellers. They must not deny any facts or rules

once they accept that there should not be any repudiation. 

Non-repudiation confirms whether the information sent between the two parties

was received or not. It ensures that the purchase cannot be denied by the person who

completed the transaction. In other words, it’s an assurance that anyone cannot

deny the validity of transaction.  

Mostly non-repudiation uses a digital signature for online transactions because no one

can deny the authenticity of their signature on a document. 

Example: When a merchant doesn’t have enough proof of customers who have ordered

with them during a credit card payment transaction, it will not be processed further to the

merchant. 

3. Authenticity 

In ecommerce, since both the customer and seller need to trust each other, they must

remain as who they are in real. Both the seller and buyer must provide proof of their

original identity so that the ecommerce transaction can happen securely

between them.  

Every ecommerce site uses authenticity as a tool to ensure the identity of the person over

the internet. In ecommerce, fraudulent identity and authentication are also possible, which

makes identity a difficult process. Some common ways to ensure a person's identity are

customer log in using a password. 

Example: Some users can use a fake email address to access any of the ecommerce

services. 

4. Confidentiality 

Confidentiality refers to protecting information from being accessed by an unauthorized

person on the internet. In other words, only the people who are authorized can gain access

to view or modify or use the sensitive data of any customer or merchants. 

Example: Ecommerce uses a user name and password to login to their account. Let’s

consider this case for resetting the password, where an ecommerce site sends a one-time

password to their customer in email or phone number if someone else reads it. 
5. Privacy 

Where confidentiality is a concern about the information present during

communication, privacy is concerned with personal details. In general, privacy is used to

control the usage of information by the customers that they have given to the merchant. 

Privacy is a major threat to any online transaction or internet user since personal

information has been revealed and there is no way back to disclose them. 

Example: If a hacker breaks into the ecommerce site, they can gain access to the

customer credit card details or any other customer information. This also violates

information confidentiality and personal privacy. 

6. Availability 

Continuous availability of the data is the key to provide a better customer experience in

ecommerce. The continuous availability of the ecommerce website increases online

visibility, search engine rankings, and site traffic. Data which is present on the website must

be secured and available 24x7x 365 for the customer without downtime. If it is not, it will

be difficult to gain a competitive edge and survive in the digital world. 

Example: An ecommerce website can be flooded with useless traffic that causes to shut

down your site, making impossible for the user to access the site. 

Cyber Security Protocols

According to the recent research on cyber security, a significant amount of security

breaches happens due to human error. Here, we took a closer look at cyber security
protocols that can help you eliminate the human error and keep your organization safe.

What is a cyber security protocol?

Cyber security protocols are plans, protocols, actions and measures that aim to keep your
organization safe from malicious attacks, data breaches and other security incidents.
In order to make sure that your organization is protected, you need to employ various
protocols and software that work well together. Since there are multiple ways through which
an attacker can gain access to your networks, systems and sensitive data, you need to
employ more than one security measure. Moreover, you must review and update these
measures regularly.

Why are cyber security protocols necessary?

Most of us think that protecting an organization is costly, involved or unnecessary. Yet

bearing in mind that in today’s business environment, the data is one of the most important
assets an organization has. Considering that developments in technology allows us to
conduct our business in cyber environments, it is easy to see that a valuable asset of an
organization, data, is open to threats. That is why it is essential that you take necessary
measures to make sure that your organization’s valuable data and hard-earned reputation is
safe.

Below are some simple and cost efficient cyber security protocols that will protect your
business from malicious attacks and hackers.

1. Firewalls:-

 As simple as they sound, firewalls are one of the most efficient tools in
battling with cyber criminals and malicious attackers. An efficient and up-to-date
firewall keeps various threats away, such as malware, viruses and spam.

2. Encryption:-

 According to the 2016 report of Verizon on Data Breach Investigation, a

whooping 63% percent of all data breaches happen because of sub-par, stolen and
lost passwords. That is why employing password encryption is one of the best things
you can do for your organization. Moreover, encrypting your sensitive data can save
you from severe damage in the event of a data breach. It provides an additional
layer of security and makes it much more difficult for intruders to make use of the
stolen data.

3. Planning an incident response protocol:-

Regardless of how many barriers you set around your sensitive data,
someone will try to intrude. Having a proper incident response protocol allows your
security professionals to take immediate action and keep intruders away.
 4. Education:-

In order to make sure that your organization is safe, you must also consider
the human factor. To do so, you must educate your employees on topical issues
like phishing along with the security measures your organization takes.

Steganography

The word Steganography is derived from two Greek words- ‘stegos’ meaning ‘to cover’ and
‘grayfia’, meaning ‘writing’, thus translating to ‘covered writing’, or ‘hidden
writing’. Steganography is a method of hiding secret data, by embedding it into an audio,
video, image or text file. It is one of the methods employed to protect secret or sensitive
data from malicious attacks.

 “Steganography is the art and science of embedding secret messages in a cover message
in such a way that no one, apart from the sender and intended recipient, suspects the
existence of the message.” 

The diagram below depicts a basic steganographic model.

As the image depicts, both cover file(X) and secret message(M) are fed into steganographic
encoder as input. Steganographic Encoder function, f(X,M,K) embeds the secret message
into a cover file. Resulting Stego Object looks very similar to your cover file, with no visible
changes. This completes encoding. To retrieve the secret message, Stego Object is fed into
Steganographic Decoder.

Steganography : Historical Background

Steganography is the practice of concealing a secret message behind a normal message. It
stems from two Greek words, which are steganos, means covered and graphia, means
writing. Steganography is an ancient practice, being practiced in various forms for
thousands of years to keep communications private. For Example:
  The first use of steganography can be traced back to 440 BC when ancient Greece,
people wrote messages on wood and covered it with wax, that acted as a covering
medium
 Romans used various forms of Invisible Inks, to decipher those hidden messages
light or heat were used
 During World War II the Germans introduced microdots, which were complete
documents, pictures, and plans reduced in size to the size of a dot and were
attached to normal paperwork
 Null Ciphers were also used to hide unencrypted secret messages in an innocent
looking normal message

Now, we have a lot of modern steganographic techniques and tools to make sure that
knows our data remains secret. Now you might be wondering if steganography is same as
cryptography. No, they are two different concepts and this steganography tutorial presents
you the main differences between them.

How is Steganography different from Cryptography?

At their core, both of them have almost the same goal, which is protecting a message or
information from the third parties. However, they use a totally different mechanism to
protect the information. 

Cryptography changes the information to ciphertext which cannot be understood without a

decryption key. So, if someone were to intercept this encrypted message, they could easily
see that some form of encryption had been applied. On the other hand, steganography does
not change the format of the information but it conceals the existence of the message. 

STEGANOGRAPHY CRYPTOGRAPHY

It is a technique to hide the existence of It’s a technique to convert data into an

Definition
communication incomprehensible form

Purpose Keep communication secure Provide data protection

Data
Never Always
Visibility

Data
Doesn’t alter the overall structure of data Alters the overall structure of data
Structure

Key Optional, but offers more security if used Necessary requirement

Failure Once the presence of a secret message is If you possess the decryption key, then
 you can figure out original message from
discovered, anyone can use the secret data
the ciphertext

So, in other words, steganography is more discreet than cryptography when we want to
send confidential information. The downside being, the hidden message is easier to extract
if the presence of secret is discovered. For the remainder of this steganography tutorial, we
will learn about different steganography techniques and tools.

Steganography Techniques

Depending on the nature of the cover object(actual object in which secret data is
embedded), steganography can be divided into five types:

1. Text Steganography
2. Image Steganography
3. Video Steganography
4. Audio Steganography
5. Network Steganography

Computer forensics:-

Computer forensics (also referred to as Computer forensic science) is a branch of digital

forensic science regarding proof found in computers and digital storage media. The aim
of computer forensics is to look at digital media in a very forensically sound manner with
the aim of distinctive, preserving, recovering, analyzing and presenting facts and
opinions concerning the digital info.
The computer forensics plays a significant role in a corporation because our
dependency on computing devices and internet is increasing day-by-day. in step with a
survey conducted by the University of California, 93% of all the information generated
throughout 1999 was generated in digital type, on computers, only 7% of the remaining
info was generated using different sources like paper etc. It not forever straight forward
to gather pieces of evidence because the knowledge is also tempered, deleted, hidden or
encrypted.
In massive organizations, as presently as cybercrime is detected by the incident handling
team, that is liable for observance and detection of security events on a computer or
network, initial incident management processes are followed. this is often an associate
degree in-house method. It follows the following steps:
1. Preparation: The organization prepares tips for incident response and assigns roles
and therefore the responsibilities of every member of the incident response team. Most
of the large organizations earn a name within the market and any negative sentiment
might negatively have an effect on the emotions of the shareholders. Therefore,
efficient communication is needed to declare the incident. Hence, distribution of the
roles supported the skill-set of a member is vital.
2. Identification: Supported the traits the incident response team verifies whether or
not an occasion had truly occurred. one amongst the foremost common procedures to
verify the event is
examining the logs. Once the prevalence of the event is verified, the impact of the
attack is to be assessed.
 3. Containment: Supported the feedback from the assessment team, the longer term
course of action to retort to the incident is planned during this step.
4. Eradication: During this step, the strategy for the wipeout or mitigate of the reason
behind the threat is planned and dead.
5. Recovery: It’s the method of returning to the conventional operational state when
eradication of the matter.
6. Lesson Learned: If a replacement form of the incident is an encounter, it’s
documented in order that this knowledge is often wont to handle such things in the
future.
The second step within the method is computer forensic investigation is doled out to search
out the proof of the crime, which is usually performed by third-party corporations. the
computer forensic investigation involves the following steps:
1. Establish incident and evidence: this is often the primary step performed by the
system administrator wherever he tries to collect the maximum amount of info as
attainable concerning the incident. supported this info the scope and severity of the
attack are assessed. Once the proof of the attack is discovered, the backup of the
identical is taken for the investigation purpose. The rhetorical investigation is rarely
performed on the first machine however on the information that’s remodeled from the
backup.
2. Collect and preserve evidence: varied tools like Helix, WinHex, FKT Imager, etc. are
wont to capture the information. Once the backup of the information is obtained, the
custody of the proof and therefore the backup is taken. MD5(message digest) hash of
the backup is calculated and matched with the first one to test the integrity of the
information. Other important sources of knowledge like system log, network info, logs
generated by Intrusion Detection Systems(IDS), port and method info also are
captured.
3. Investigate: The image of the disk is remodeled from the backup and therefore the
investigation is performed by reviewing the logs, system files, deleted and updates
files, processor uses and process logs, temporary files, secret protected and encrypted
files, images, videos and knowledge files for attainable steganographic message, etc.
4. Summarize and Presentation: The summary of the incident is given in chronological
order. supported the investigation, conclusions are drawn and the attainable cause is
explained.
While finishing up the digital forensic investigation, rules and procedures should be applied.
Especially whereas capturing the proof. It ought to be ensured that the actions that are
taken for capturing the information don’t amendment the proof. The integrity of the
information ought to be maintained. It should be ensured that the devices used for
capturing the backup are free from contamination. Moreover, all the activities associated
with seizure, access, storage or transfer of digital proof must be absolutely documented,
preserved and obtainable for the review. prevention is usually higher than the cure. it’s
forever counseled to fine tune your intrusion detection system like firewall occasionally
perform penetration tests on your network to avoid pray to the hacker. however last but not
the least, report the crime.