Cyber

Security
RCC Institute of Information Technology

Presented By-Group D
MCA (2021-2023)
1ST Semester
MCAN-190
Soft Skills And Interpersonal Communication
INTRODUCTIO
N
INTRODUCTION : our text
here
 Computer security, or information technology security (IT security) is the protection
of computer systems and networks from information disclosure, theft of or damage
to their hardware, software, or electronic data, as well as from
the disruption or misdirection of the services they provide.

 Cybersecurity is also one of the significant challenges in the contemporary world,

due to its complexity, both in terms of political usage and technology. Its primary
goal is to ensure the system's dependability, integrity, and data privacy.
Content 01 Vulnerabilities and attacks

02 Systems at risk

03 Impact of security breaches

04 Prevention from cyber attacks

Vulnerabilities
and attacks
Vulnerabilities and attacks :
 Backdoor :
A backdoor in a computer system, a cryptosystem or an algorithm, is any secret
method of bypassing normal authentication or security controls. They may exist
for many reasons, including by original design or from poor configuration.
 Denial-of-service attack :
Denial of service attacks (DoS) are designed to make a machine or network
resource unavailable to its intended users. Attackers can deny service to
individual victims, such as by deliberately entering a wrong password enough
consecutive times to cause the victim's account to be locked, or they may
overload the capabilities of a machine or network and block all users at once.
Vulnerabilities and attacks :
 Direct-access attacks :
An unauthorized user gaining physical access to a computer is most likely able
to directly copy data from it. They may also compromise security by making
operating system modifications, installing software worms, keyloggers, covert
listening devices or using wireless microphone.
 Spoofing:
Spoofing is an act of masquerading as a valid entity through falsification of data
(such as an IP address or username), in order to gain access to information or
resources that one is otherwise unauthorized.
 IP address spoofing
 MAC spoofing
 Email spoofing
 Biometric spoofing
Vulnerabilities and attacks :
 Reverse engineering:
Reverse engineering is the process by which a man-made object is
deconstructed to reveal its designs, code, architecture, or to extract knowledge
from the object; similar to scientific research, the only difference being that
scientific research is about a natural phenomenon.
 Social engineering:
Social engineering, in the context of computer security, aims to convince a user
to disclose secrets such as passwords, card numbers, etc.
Vulnerabilities and attacks :
 Eavesdropping
Eavesdropping is the act of listening to a private computer “conversation”
typically between host on a network.
 Multi-vector, polymorphic attacks
Surfacing in 2017,a new class of multi-vector polymorphic cyber
threats combined several types of attacks and changed from avoid
cybersecurity controls as they spread.
Vulnerabilities and attacks :
 Privilege escalation
Privilege escalation is the act of exploiting a bug, a design flaw, or a
configuration oversight in an operating system or software application to gain elevated
access to resources that are normally protected from an application or user.
 Tampering

Tampering describes a malicious modification or alteration of data.

Systems at risk
The growth in the number of computer systems and the
increasing reliance upon them by individuals,
businesses, industries, and governments means that
there is an increasing number of systems at risk.
Systems at risk :
 Aviation :
The aviation industry is very reliant on a series of complex systems which could
be attacked . A simple power outage at one airport can cause repercussions
worldwide, much of the system relies on radio transmissions which could be
disrupted. There is also potential for attack from within an aircraft.

 Utilities and industrial equipment :

Computers control functions at many utilities, including coordination of
telecommunications, the power grid, nuclear power plants, and valve
opening and closing in water and gas networks.
Systems at risk :
 Financial systems :
The computer systems of financial regulators and financial institutions
like the U.S. Securities and Exchange Commission, SWIFT, investment
banks, and commercial banks are prominent hacking targets for
cybercriminals interested in manipulating markets and making illicit
gains.
 Consumer devices :
Desktop computers and laptops are commonly targeted to gather
passwords or financial account information, or to construct a botnet to attack
another target.
Systems at risk :
 Large corporations :
Large corporations are common targets. In many cases attacks are aimed at
financial gain through identity theft and involve data breaches.
 Automobiles :
Vehicles are increasingly computerized, with engine timing, cruise control, anti-
lock brakes, seat belt tensioners, door locks, airbags and advanced driver-
assistance systems on many models. Additionally, connected cars may use WiFi
and Bluetooth to communicate with onboard consumer devices and the cell
phone network. Self-driving cars are expected to be even more complex. All of
these systems carry some security risk, and such issues have gained wide
attention.
Systems at risk :
 Government :
Government and military computer systems are commonly attacked by activists
and foreign powers. Local and regional government infrastructure such as
traffic light controls, police and intelligence agency communications, personnel
records, student records, and financial systems are also potential targets as they
are now all largely computerized. Passports and government ID cards that
control access to facilities which use RFID can be vulnerable to cloning.
Systems at risk :
 Internet of things and physical vulnerabilities
 Medical systems
 Energy sector
Impact of security
breaches
Impact of security breaches :
Serious financial damage has been caused by security breaches, but because there is no
standard model for estimating the cost of an incident, the only data available is that
which is made public by the organizations involved. "Several computer security
consulting firms produce estimates of total worldwide losses attributable to virus and
worm attacks and to hostile digital acts in general. The 2003 loss estimates by
these firms range from $13 billion (worms and viruses only) to $226 billion
(for all forms of covert attacks).
Prevention from
cyber attacks
In computer security, a countermeasure is an
action, device, procedure or technique that
reduces a threat, a vulnerability, or an attack
by eliminating or preventing it, by minimizing
the harm it can cause, or by discovering and
reporting it so that corrective action can be
taken.
Prevention from cyber attacks :
 Individuals and organization can take simple steps to
prevent data breaches and keep their information
secure:
• For individuals: The necessary steps in maintaining cybersecurity is to create
passwords for each account, keeping up with software update, social media users
should set their account to private using VPN, teach children about proper internet
usage.
• For organization: It helps us to protect business data.
Prevention from cyber attacks :
 Security by design :
Security by design, or alternately secure by design, means that the software has
been designed from the ground up to be secure. In this case, security is
considered as a main feature.
 The principle of least privilege, where each part of the system has only the
privileges that are needed for its function. That way, even if an attacker
gains access to that part, they only have limited access to the whole
system.
Acknowledgement:
First and foremost, We would like to thank our teacher Prof: Sadhan Kumar Dey
who guided us in doing this project. He provided us invaluable advice and helped us
in difficult periods. His motivation and help, contributed tremendously to the
successful completion of the project. Besides, we would like to thank all the teachers
who helped us by giving advice and providing the equipment which we had needed.
Also we would like to thank our friends for their support. Without that support we
couldn’t have succeeded in completing this project. At last but not in least, we would
like to thank everyone who helped and motivated us to work on this project.
References:
 www.wikipedia.org .com
 www.av-test.org
 www.digit forum.org
 www.antivirus.com
 Our Team
Payel Shaonly Sayan
Susmita Debjit Moumita
Bhattacharyy Sadhukha
Hazra Adak a Ghosh
n
Maity

211170571010017 21117057101001 21117057101001

211170571010022 211170571010023 211170571010047
6 9

11771021023 11771021022 11771021032 11771021034 11771021035 11771021001

THANK YOU