Cyber Security Seminar

“It Will Never Happen to Me”

What is Cyber Crime

Webopedia Definition

• Cyber crime encompasses any criminal act dealing with computers and networks(called hacking) 

• Additionally, cyber crime also includes traditional crimes conducted through the internet

• For example; hate crimes, telemarketing and Internet fraud, identity theft,

• Credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.

Cyber Crime Statistics

*Crime rate in England and Wales soars as cybercrime is included for first time

• The sharp rise in the headline figures is due to the inclusion of an estimated 5.1m online fraud incidents and 2.5m cybercrime offences for the first time

• The detailed figures for online fraud show 14% of victims lost less than £20, 27% lost less than £100 and a further 37% lost less than £500. One per cent lost more than £5,000.

• The virus or malware, known as Dridex netted criminals £20m in funds from UK Banks in 1 heist

• Report also stated is was reported to have netted over $100m worldwide

What is Ransomware

• Ransomware is a strain of malware (malicious software) that encrypts or locks all of the files on your computer or server, and then demands a payment (or ransom) to unlock your files.

• It takes many forms, including its most infamous incarnation, Cryptolocker.

• Other strains include Locky, Teslacrypt, and Cryptowall.

• In some instances, ransomware’s presence can be betrayed by a .EXE file extension - but cyber criminals are getting more and more sophisticated, so this often isn’t the case.

How Does Ransomware Spread ?

• Like many viruses, the most common source of infection is from emails, when a user opens contaminated attachments or clicks a malicious link. However, there are many other sources, like rogue USB sticks, or even joining free WiFi networks.

How can I Remove it ?

• Unfortunately, there’s no sure-fire way to remove Ransomware.

• Even paying up doesn’t always work; criminals have been known to ask for higher and higher sums, or claim to have lost the ‘key’.

• The best approach is to access your backups.

What can I do to avoid Ransomware?

• There are three major forms of protection:

• Preventative measures,

• Anti-virus & backup.

• Preventative measures are the first lines of defence against Ransomware: education can ensure that staff are aware of the risks and know what to look out for, and changing system permissions can lower the risk of infection.

• Anti-virus is a must for all businesses, and can detect and deflect a high percentage of attacks.

What can I do to avoid Ransomware? Cont’d

• However, due to the ever-changing nature of Ransomware, these steps aren’t 100% effective. That’s when you need a backup and business continuity solution. This allows you to roll back to a point prior to infection.

Who would want to hack us ?

• What have we got that can't be found elsewhere more easily

• Credit/Debit Card Details

• Online Account Details such as Pay Pal

• Scanning of passports or credit cards

Who would want to hack us ?

• There are basic kinds of phishing

• Blanket

• Spear Phishing

• Whaling

Types of attacks?

Example of Social Engineering

Example of Blanket Attack

Example of Blanket Attack

Example of Blanket Attack

Example of Blanket Attack

Example of Blanket Attack

• They will ring you up to inform you , “you have an issue with Internet Traffic from your connection “ you may have spyware

• Call reference you Credit Card being used

• Scammers who pretend to be tech support from Microsoft

Tech Support Scammers

• Crypto Locker , CryptoDefense and CryptoWall

• 5 Stages of Crypto Ransomware

1. Installation2. Contacting Headquarters3. Hand Shake and Keys4. Encryption5. Extortion

Most Commonly known attack !

• You don’t get calls from your Bank about the Balance in your account

• You don’t get phone calls from Microsoft Technical Support or other support

agents

• You don’t get emails from HMRC “ You are owed credit and to contact them”

• You probably don’t have a long lost Relative in the Congo who has Millions that

they need you to hold for them just short term

• Passwords should be changed regularly and not use common ones

How Do we Protect OurselvesEducating our users on the Do’s and Don'ts is a Major factor in reducing he impact to your Business