SLIET

NAME: Ravi Shankar, Suryansh

TRADE: GIN
REGISTRATION NO: 1940227,194034
SUBJECT: HSMC-401

TOPIC:
REPORT ON CYBER THREAT AND PRIVACY
CONTENT
What is cyber threat?
Type of cyber security threat
Sources of Cyber security threat

Best practice for cyber defense

Statistics Of cyber threat

Protection from cyber threat

Conclusion
What are Cyber Threats?
In the 1950s, the word “cyber” used to refer to cybernetics –
the science of understanding the control and movement of
machines and animals. This was followed by “cyber” standing
for “computerized.”
The 1990s brought around a new cyber-related term. The
word “cyberspace” emerged to define an invented physical
space that some people wanted to believe existed behind the
electronic activities of computing devices.

Cyber threats in the modern day

Today, the term is almost exclusively used to describe
information security matters. Because it’s hard to visualize
how digital signals traveling across a wire can represent an
attack, we’ve taken to visualizing the digital phenomenon as a
physical one.
A cyber attack is an attack that is mounted against us
(meaning our digital devices) by means of cyberspace.
Cyberspace, a virtual space that doesn’t exist, has become the
metaphor to help us understand digital weaponry that intends
to harm us.
What is real, however, is the intent of the attacker as well as
the potential impact. While many cyber attacks are merely
nuisances, some are quite serious, even potentially threatening
human lives.

Why is it necessary to protect from cyber

threats?
Cyber threats are a big deal. Cyber attacks can cause electrical
blackouts, failure of military equipment and breaches of
national security secrets. They can result in the theft of
valuable, sensitive data like medical records. They can disrupt
phone and computer networks or paralyze systems, making
data unavailable. It’s not an exaggeration to say that cyber
threats may affect the functioning of life as we know it.
The threats are growing more serious, too. Gartner explains,
“Cybersecurity risks pervade every organization and aren’t
always under IT’s direct control. Business leaders are forging
ahead with their digital business initiatives, and those leaders
are making technology-related risk choices every day.
Increased cyber risk is real — but so are the data security
solutions.”
The US government is taking cyber threats seriously but
appears to be moving too slowly to mitigate them. The White
House’s Office of Management and Budget revealed that, of
96 federal agencies it assessed, 74 percent were either “At
 Risk” or “High Risk” for cyber attacks. They needed
immediate security improvements.
The US government has experienced numerous crippling data
breaches in the last few years. Examples include the massive
breach of the Federal Office of Personnel Management and
the theft of secret US Naval codes. Both attacks have been
attributed to Chinese state intelligence agencies.

Types of Cyber security Threats

Cyber security threats come in three broad categories of
intent. Attackers are after financial gain or disruption
espionage (including corporate espionage – the theft of
patents or state espionage).
Virtually every cyber threat falls into one of these three
modes. In terms of attack techniques, malicious actors have an
abundance of options.
There are ten common types of cyber threats:
 Malware. Software that performs a malicious task on a
target device or network, e.g. corrupting data or taking over
a system.
 Phishing. An email-borne attack that involves tricking
the email recipient into disclosing confidential information
or downloading malware by clicking on a hyperlink in the
message.
 Spear Phishing. A more sophisticated form of phishing
where the attacker learns about the victim and impersonates
someone he or she knows and trusts.
 “Man in the Middle” (MitM) attack. Where an
attacker establishes a position between the sender and
recipient of electronic messages and intercepts them,
 perhaps changing them in transit. The sender and recipient
believe they are communicating directly with one another. A
MitM attack might be used in the military to confuse an
enemy.
 Trojans. Named after the Trojan Horse of ancient
Greek history, the Trojan is a type of malware that enters a
target system looking like one thing, e.g. a standard piece of
software, but then lets out the malicious code once inside the
host system.
 Ransomware. An attack that involves encrypting data
on the target system and demanding a ransom in exchange
for letting the user have access to the data again. These
attacks range from low-level nuisances to serious incidents
like the locking down of the entire city of Atlanta’s
municipal government data in 2018.
 Denial of Service attack or Distributed Denial of
Service Attack (DDoS). Where an attacker takes over many
(perhaps thousands) of devices and uses them to invoke the
functions of a target system, e.g. a website, causing it to
crash from an overload of demand.
 Attacks on IoT Devices. IoT devices like industrial
sensors are vulnerable to multiple types of cyber threats.
These include hackers taking over the device to make it part
of a DDoS attack and unauthorized access to data being
collected by the device. Given their numbers, geographic
distribution and frequently out-of-date operating systems,
IoT devices are a prime target for malicious actors.
 Data Breaches. A data breach is a theft of data by a
malicious actor. Motives for data breaches include crime
(i.e. identity theft), a desire to embarrass an institution (e.g.
Edward Snowden or the DNC hack) and espionage.
 Malware on Mobile Apps. Mobile devices are
vulnerable to malware attacks just like other computing
 hardware. Attackers may embed malware in app downloads,
mobile websites or phishing emails and text messages. Once
compromised, a mobile device can give the malicious actor
access to personal information, location data, financial
accounts and more.

Sources of Cybersecurity Threat

Cyber threats come from a variety of places, people and contexts.
Malicious actors include:

 Individuals that create attack vectors using their own software

tools
 Criminal organizations that are run like corporations, with large
numbers of employees developing attack vectors and executing
attacks
 Nation states
 Terrorists
 Industrial spies
 Organized crime groups
 Unhappy insiders
 Hackers
 Business competitors

Nation states are the sources of many of the most serious attacks.
There are several different versions of nation-state cyber threats.
Some are basic espionage— trying to learn another country’s national
secrets. Others are aimed at disruption.

For example, Chris Painter of the U.S. Department of State

commented in a Brookings Institution article that China and North
Korea “have frequently exercised their cyber power to achieve their
strategic goals around the globe.”
He noted, though, “Their motivations and objectives differ: While
North Korea primarily aims to develop capabilities for revenue
generation and destructive capabilities for potential conflicts outside
North Korea, China mainly utilizes its cyber means for espionage and
intellectual property theft. “Naming and shaming” has been an
effective tool against China because of its government’s concerns on
the potential blowback on its soft power.”

These are the so-called “cyber weapons” that might be used to shut
off electricity in enemy territory during a war. In some countries, the
boundaries between criminal organizations and national intelligence
are blurred, with the criminals doing the actual work of cyber
espionage.

Many cyber threats are bought and sold on the “dark web,” a
disorganized but widespread criminal segment of the Internet. In this
online bazaar, aspiring hackers can buy ransomware, malware,
credentials for breached systems and more. The dark web serves as a
multiplier for threats, with one hacker being able to sell his or her
creation over and over.

Best Practices for Cyber Defense and

Protection
It’s easy to get frustrated over the severity of the threat environment.
However, it is possible to protect your business from cyber threats.
Consumers can also defend themselves.
Cyber Defense for Businesses

Enterprise best practices for defense from cyber defense include basic
but extremely important countermeasures like patching systems.
When a tech vendor discovers (or is informed of) a security flaw in
their product, they typically write code that fixes or “patches” the
problem.

For example, if Microsoft finds that a hacker can gain root access to
Windows Server through a code exploit, the company will issue a
patch and distribute it to all owners of Windows Server licenses.
They, among many others, do this at least once a month. Many attacks
would fail if IT departments applied all security patches on a timely
basis.

STATICTICS OF CYBER THREAT

Cyber threat are happening every countries in our world.
For our privacy Indian government banned 59 chinese app,
As it rumor Chinese app hacked our data
In 2018 , 267million user facebook data is leaked.
Cyber crime is increasing every day. There are many groups
which hacked our data.
This graph shows the cyber crime revenues.
Some of hacker group are
 Anonymous
 Lizard squad
 Choas Computer Club
 Homebrew Computer club
How to Protects from cyber threat

How to protect yourself against cybercrime

Anyone using the internet should exercise some basic
precautions. Here are 11 tips you can use
to help protect yourself against the range of cyber crimes
out there.
1. Use a full-service internet security suite
For instance, Norton Security provides real-time protection
against existing and emerging malware including
ransomware and viruses, and helps protect your private and
financial information when you go online.
2. Use strong passwords
Don’t repeat your passwords on different sites and change
your passwords regularly. Make them complex. That means
using a combination of at least 10 letters, numbers, and
symbols. A password management application can help you
to keep your passwords locked down.
3. Keep your software updated
This is especially important with your operating systems and
internet security software.
Cybercriminals frequently use known exploits, or flaws, in
your software to gain access to your system. Patching those
exploits and flaws can make it less likely that you’ll become a
cyber crime target.
4. Manage your social media settings
Keep your personal and private information locked down.
Social engineering cybercriminals can often get your personal
information with just a few data points, so the less you share
publicly, the better. For instance, if you post your pet’s name
or reveal your mother’s maiden name, you might expose the
answers to two common security questions.
5. Strengthen your home network
It’s a good idea to start with a strong encryption password as
well as a virtual private network. A VPN will encrypt all traffic
leaving your devices until it arrives at its destination. If
cybercriminals do manage to hack your communication line,
they won’t intercept anything but encrypted data.
It’s a good idea to use a VPN whenever you a public Wi-Fi
network, whether it’s in a library, café hotel, or airport.
6. Talk to your children about the internet
You can teach your kids about acceptable use of the internet
without shutting down communication channels. Make sure
they know
that they can come to you if they’re experiencing
any kind of online harassment, stalking, or
bullying.
7. Keep up to date on major security breaches
If you do business with a merchant or have an
account on a website that’s been impacted by a
security breach, find out what information
hackers accessed and change your password
immediately.
8. Take measures to help protect yourself
against identity theft
Identity theft occurs when someone wrongfully
obtains your personal data in a way that involves
fraud or deception, typically for economic gain.
How? You might be tricked into giving personal
information over the internet, for instance, or a
thief might steal your mail to access account
information. That’s why it’s important to guard
your personal data. A VPN — short for virtual
private network — can also help to protect the
data you send and receive online, especially
when accessing the internet on public Wi-Fi.
9. Know that identity theft can happen anywhere
It’s smart to know how to protect your identity
even when traveling. There are a lot of things you
can do to help keep criminals from getting your
private information on the road. These include
keeping your travel plans off social media and
being using a VPN when accessing the internet
over your hotel’s Wi-Fi network.
10. Keep an eye on the kids
Just like you’ll want to talk to your kids about the
internet, you’ll also want to help protect them
against identity theft. Identity thieves often target
children because their Social Security number
and credit histories frequently represent a clean
slate. You can help guard against identity theft by
being careful when sharing your child’s personal
information. It’s also smart to know what to look
for that might suggest your child’s identity has
been compromised.
11. Know what to do if you become a victim
If you believe that you’ve become a victim of a
cybercrime, you need to alert the local police and,
in some cases, the FBI and the Federal Trade
Commission. This is important even if the crime
seems minor. Your report may assist authorities
in their investigations or may help to thwart
criminals from taking advantage of other people
in the future. If you think cybercriminals have
stolen your identity. These are among the steps
you should consider.
Contact the companies and banks where you
know fraud occurred.
Place fraud alerts and get your credit reports.
Report identity theft to the FTC.

Conclusion
Cyber crime are increasing very rapidly. It is not possible to
eliminate cyber crime from the cyber space. It is quite
impossible.
We should do some protection to protect from cyber threat
 Beware of what you do while using public wi-fi
 We should not share OTP, CVV, password to anyone.
 Make sure your social networking profile are set to
private. check security setting regularly.
 Make often than not, we leave our mobile unattended.
By activating the built-in security features you can avoid
any access to personal details.
 Use encryption for most sensitive file such as tax returns
or finanicial records