Project Work

Information Security
Cyber security Threats

• A cybersecurity threat is a harmful activity

committed with the intent of destroying,
stealing, or disrupting data, critical
systems and digital life in general.

Hacking is the act of identifying and then

exploiting weaknesses in a computer system
Hacking Techniques

. Clickjacking
Clickjacking is a common hacking
technique that works by tricking the
user into clicking a malicious link.

The user believes they are clicking

an authentic element, but in reality,
another function takes place giving
the hacker control of their device.
Keylogger/ Keylogging

. Keylogger
A keylogger attack is a type of hacking
method through which hackers may
record sensitive data from a small
business. This hacking technique
works by recording every keystroke in
the compromised device.

The keylogger captures each

keystroke on the keyboard, giving the
hacker access to sensitive information.
Keylogging is often what hackers do to
find out someone’s password, credit
card info, or personal identifying
information.
 Virus

Trojans and viruses are a type

of hacking method that can be
installed into the information
technology system of small
businesses.

This dangerous software

remains in the database and
continues to send sensitive
information to the hacker.

Trojans and viruses are

notorious for locking files and
spreading across entire IT
networks.
Bait and Switch

The bait and switch hacking

technique obtains system data by
hijacking an authentic paid
advertising space.

Through bait and switch, users

believe they are clicking an authentic
ad, but the ad has been purchased
by attackers and actually leads the
user to a bad link.

When users land on this malicious

website, malware is downloaded into
their system and the hacker gains
access to their sensitive data.
Theft Of Cookies

Every system maintains cookies in its

web browsers to store personal data.

Data such as usernames, passwords,

and browsing history is saved
through cookies.
If the user browses a website that
does not have a Secure Socket Layer
(SSL) certificate, then it is possible
for hackers to send malicious
software programs to their system
and carry out session hijacking.
Fake Wireless Access Points(WAPs)

Hackers can also access a device or

system by impersonating a wireless
access point (W.A.P).
In this method, hackers create a
false W.A.P and give it a trustworthy
names so users are tricked into
believing it is an authentic access
point.
Once the user mistakenly connects
to the W.A.P, the hacker gains
access to their personal
information.
Phishing
Phishing”
refers to an attempt to steal sensitive
information, typically in the form of usernames,
passwords, credit card numbers, bank account
information or other important data in order to
utilize or sell the stolen information.

For instance, they may:

Urge the user to update their username and
password because their account is compromised
Send links through personal contacts
Claim there is an issue with payment
Send a fake invoice
Offer free items
Ask for the confirmation of sensitive information
Any of these methods will give the hacker access
to sensitive information.
Denial Of Service (DOS) Attack

The denial of service or DoS

hacking technique requires the
taking down of a site by
overwhelming the server with data
requests.

Hackers achieve this by flooding

the website with a significant
amount of fake traffic so the server
cannot process all the requests, and
it essentially Leading to a
significant loss of business.
Structured Query Language(SQL)
Injections

Structured Query Language (SQL) is

used across systems to perform
essential data operations.
Hackers can use SQL injections to
manipulate the SQL code.

By adding malicious code into the

database, they can gain
unauthorized access to otherwise
protected personal information.
Watering Hole Attacks

A watering hole attack is another

method hackers use to infect an
organized targeted system so
they can gain access to the
network.

The hacker first identifies a

common but weak website used
by the target.

The low-security website is then

infected with a malicious code
which triggers a chain reaction
when the victim visits the
website.