Tuesday, June 4, 2019

Email Security

Your organization security is at substantial risk if you have not implemented email security policy. Daily we all receive emails which contains malware, Trojans or malicious website links for the purpose of data theft or to intrude into the organization and spam emails number is also very high. At times firewalls are not effective to control inbound email threats, phishing emails, spear phishing emails and it becomes difficult to prevent sensitive and secure information from going out into the hands of cyber criminals. Therefore Email Security is of utmost importance and each organization must adopt latest email security as safeguard. As per research, more than 90% of cyber-attacks starts with emails. Because we don’t use spam email filters therefore so large number of man hours go waste into email filtering, deleting spam emails. Deletion of spam emails may seem two minutes task but look at bigger picture and what if any spam email is left in the folder and attached document is opened by someone in mistake. A slight mistake can lead to very heavy losses. Some organizations uses standard spam filters wherein IT administrator has to define customized spam parameters. There are spam email filters that provides multiple layers of email protection to stop phishing emails, spam emails, DoS (Denial of Service) attacks, viruses and malware etc. If cyber-attacks are not stopped from time to time, then it can cause severe consequences resulting into compromising computers and other devices, data loss, reputation loss and penalty also. Nature of email attack is highly sophisticated because cyber criminals use social engineering, impersonation techniques to target the people or organization. They draft emails in such a way that people feel that email has come from their known person or organization. Even at times cyber criminals impersonates very cleverly and send emails by creating fake email ids on the name of government department like income tax, service tax etc. These type of email attacks are called as social engineering attacks and their success rate is very high and these social engineering attacks are very difficult to detect.  

Email Security- Do and Don’t
 
  1. Educate and Train your employees because cyber criminals target them by sending phishing emails, spam emails etc. and they are best people to protect the organization.
  2. Clean Email inbox, drafts, archives, email trash folders time to time.
  3. Beware of malware attachments, malicious links in the emails. Scan those with licensed antivirus program.
  4. Use strong passwords and separate passwords for different accounts having alpha numeric combination, though passwords can be stolen from your service provider or from your own devices.
  5. To safeguard your password, use Two-factor authentication (Define and link) for all email accounts or at least on all important email ids to safeguard your data. If cyber criminals have access to your password they will not be able to use because of two way authentication.
  6. Mimecast can be implemented as a safeguard.
  7. Don’t give your email address on the websites as it can easily be spammed.

Tuesday, April 30, 2019

Cyber Saftey Tips for School going children's Parents and Teachers

Large number of people specially parents and  teachers ask questions on cyber security and cyber crime; moreover they are keen in knowing how can they safegaurd their children and students. So, I am writing few Cyber Safety Tips for school going children parents and students.
One of the major cyber security problem faced by school students is Cyber Bullying. 
Cyber Bullying is not something new, it used to happen earlier also that time it was only bullying. Because now we live in digital world and can not imagine to sustain without mobile devices like cell phones, iPad, Tabs, Laptops etc so bullying is replaced by cyber bullying. 

Cyber bullying meaning can be in form of MMS, SMS, email and it becomes very harmful and threatening when done on social media like Facebook, Twitter, Instagram etc.


Be careful -

If your child behave is changing, he or she is more aggressive now.
If all of sudden your child stops talking with you or friends.
If he/she stops using digital devices or is scared.


Tips for Cyber bullying-

  1. Talk to your children and students, spend time with them.
  2. Make aware your children that cyber bullying is a punishable crime so that neither they themselves don't indulge into any cyber bullying activities nor allow anyone to tease them.
  3. Let your children and students know speaking negatively about anyone or abusing on social media is offensive and it can be reported to police.
  4. Even if they know about any third person who is victim of cyber bullying, they should help the victim. Report the matter to parents or teaches immediately.
  5. Tell them not to delete offensive messages as it will help police in investigation.
  6. In India, there is online platform to report any cyber crime including cyber bullying. 

Subscribe the blog to get updates

 https://cybersecurityaudits.blogspot.in

 or write at cyberpathshala@gmail.com 

 

Disclaimer: Kindly do not post any defamatory, infringing, obscene, indecent, discriminatory or unlawful material or information. 

Thursday, June 21, 2018

BlockChain Technology

BlockChain- BlockChain fundamentally is ever expanding database similar to bank ledger. Rather modifying existing entry, new entry is made and then made public. BlockChain database is dependent  on encryption thus making it safe.

BlockChain can revolutionize the IT industry, most people think that BlockChain is a technology that powers crypto currency like Bitcoin. Yes, initially blockchain’s first version was used for crypto currency but its role has expanded a lot now and can be applied to bigger industries to prevent manipulation, bring transparency and will built trust in the data. It will not only expedite the process but will reduce the cost as well, depending upon the way it is implemented. BlockChain can act as monitoring mechanism and boost quality control.

BlockChain- BlockChain stores information in batches called as block and these blocks are linked together in a chronological fashion forming a chain, thus called as BlockChain.

BlockChain is-

  • Digital Ledger
  • Distributed Database
  • Decentralized 
  • Chronologically Linked and Time Stamped
  • A peer to peer network that revokes the need of intermediaries.


There are three versions of BlockChain.

BlockChain 1.0-  
The implementation of Distribution Ledger Technology led to first application ie crypto currency. Crypto currency transactions are based on BlockChain Technology and Bitcoin is the perfect example .
BlockChain 2.0- 
It led to Smart Contracts application. Smart contracts are computer programs or applications based on BlockChain Technology. These applications execute automatically, and check predefined conditions like verification and enforcement. Smart Contracts can be used to replace for traditional business contracts.

BlockChain 3.0-
It has decentralization concept and applications have their backend code on decentralized peer to peer network.




Thursday, December 14, 2017

Discarding a Boarding Pass without tearing it off can be Dangerous


A boarding pass is a document provided by an airline during checkin, giving a passenger permission to enter the restricted area of an airport and to board the airplane for a particular flight. At a minimum, it identifies the passenger, the flight number, and the date and scheduled time for departure. In some cases, flyers can check in online and print the boarding passes themselves. A boarding pass may be required for a passenger to enter a secure area of an airport. Most airports and airlines have automatic readers that will verify the validity of the boarding pass at the boarding gate. This also automatically updates the airline's database that shows the passenger has boarded and the seat is used, and that the checked baggage for that passenger may stay aboard. This speeds up the paperwork process at the gate, but requires passengers with paper tickets to check in, surrender the ticket, and receive the digitized boarding pass. Source- https://en.wikipedia.org/wiki/Boarding_pass

According to “Krebs on Security” there is personal information encrypted on your boarding pass. After someone took a screen shot of the bar code on the ticket, you will be amazed of how much personal information that person can get about you: home address, banking info, email address, phone number. Source-  https://krebsonsecurity.com/2015/10/whats-in-a-boarding-pass-barcode-a-lot/

QR Code:
QR code or Quick Response code is a matrix bar code which can be read by an imaging device   for example camera and then processed to read its data. The QR code is simply an array of bits to be identified by a scanner. Bits are reserved for the scanner to be able to identify and orient the image, as well as for version and format information. QR codes are really useful and help us to complete tasks faster in smartphones. You can quickly open a website just by scanning a QR code and you do not need to manually type the URL in your smartphone.

QR code has been successfully implemented in the global payments industry, as well. Because it is easy to generate a QR code, the system offers convenience to businesses and consumers, alike. It can be printed on business cards, points of sale, and product labels which customers can simply scan to pay for a product or service.

With the increase in usage of QR codes in the general public, it is necessary to ensure that the data conveyed through the QR code is not harmful to the user. There are currently two major attack vectors for potential vulnerabilities: attacks on human interactions and automated attacks. 


Attacks on human interactions:

Attacks on human interactions rely on the fact that humans by themselves are unable to interpret what information is encoded in QR codes, and thus rely on QR code readers to decode the information. Since the information in the QR code is completely obfuscated, it is possible to trick and attack users via phishing, pharming, and other social engineering attacks by putting up fake QR codes. It is also possible to attack users by manipulating and exploiting existing QR code readers that users use via command injection or buffer overflows.

Phishing:

Phishing is the main security issue involved with QR codes. It is also described as QRishing. QR codes are generally scanned by a smartphone camera to visit a website. Now, many website advertisements put QR code along with a URL so users can quickly scan QR code to visit the website.
Hackers or scammers try to change the QR code added in the poster. They can also print the similar kind of fake posters and put in public places.
Innocent customers will scan these fake QR codes to visit the websites but they will be redirected to phishing websites. In mobile devices, it is hard to check the full address in the browsers. Due to limited space, browsers do not show the full address in the URL field. And most people never try to check the full address, which makes users more vulnerable. When they use this phishing page to login, their passwords are compromised.

In the same way, attackers can use QR codes to point to malicious websites to distribute malware via drive by download attack. Drive by download attacks are attacks in which a website forcefully downloads software in your device when you visit the website.

Automated attacks:

Automated attacks often result from the assumption that the encoded information in QR codes is sanitized. However, it is known that QR codes themselves can easily be manipulated in order to change encoded information, potentially producing attacks on backend software. Without QR code input sanitation, it is possible to produce attacks such as SQL injection, command injection, and fraud.

Best practices for Users:

QRishing & Drive by download attacks can be prevented by following the below mentioned best practices.

Observe before Use:

If you find a QR code in any banner advertisement in a public place, look at it closely. Most of the times, hackers stick their fake QR code above the legitimate QR code in a legitimate poster. So try to see if it is real or not. One can check by touching the poster. If it does not look like its actually printed on the poster, do not use it. If you are not sure, never scan that QR code.


Never provide personal or login information:

Always be suspicious of the page you land on via QR code. Never share your personal information on these pages. Only do this if the QR code is from a very trusted source and you trust the website. For login, always enter the URL manually on the browsers address bar.

Look at URL before Clicking:

Looking at the QR code does not confirm whether it is malicious or not.
Some QR Code readers let you see the URL and ask to confirm whether you want to visit the URL before it links you to the destination. You can use these QR code scanners to know what URL the QR code will send you. Just remember that many QR Codes use shortened URLs so this strategy won't always work.

Best practices for Merchants

  • Include signage telling the user what the code does. Otherwise the user has no way of knowing if the code should point to a URL, phone number, or SMS.
  • Print the URL near to the code. This way if the code is hijacked and pointed to evil website the user can see they're not visiting the correct site.
  • Include https in the URL. Get users used to checking for https before they interact with you.
  • Every time you put out a QR code in a public area, you should know where it is. If a code is on a billboard, on a storefront, or anywhere else it can be accessed by the public, it could be at risk. You will know your code is working correctly when you see "normal" traffic through it. If the traffic suddenly stops, ensure that the code is still there and hasn't been tampered with.
  • Distinctive, branded QR codes with special colours or other design features are far more likely to get attention, and it will help people to know that they are dealing with a legitimate link to your brand and not a counterfeit code. It will be much more difficult for a hacker to simulate a highly designed and colourful code than a plain one.

Source-

https://courses.csail.mit.edu/6.857/2014/files/12-peng-sanabria-wu-zhu-qr-codes.pdf


 

Email Security

Your organization security is at substantial risk if you have not implemented email security policy. Daily we all receive emails which con...