Security

The first meeting of the Cybercrime  Division Nepal  Expert Group brought together cyber experts from around Nepal to review current cybersecurity programs and provide advice for future activities. The cyber threat in Nepal has always been a prominent problem since the country doesn’t possess sophisticated infrastructures for proper security. The meeting was centralized over creating an expert platform on cybersecurity to cover all cyber threats told Dr. RamhariSubedi.

Bijay Limbu claims malware responsible for a computer virus that was able to shut down networks of local electrical grids; he told during discussions with security expert team of Nepal. The primary objective for these discussions is to create an expert platform on cybersecurity to cover all cyber threats held in Nepalese society.

Most of the infrastructures in Nepal use pirated software. Even the most delicate departments that are responsible for databases of so many users use the software that is highly prone to malware. This software develops the tendency to be significantly affected by viruses and being controlled by a remote user, hence allowing them to act as per their will. The cybersecurity of Nepal has been an issue for a long time and the only possible way to solve it by creating a highly secure platform that can look after all the potential attacks on the networks connecting various departments.

This meeting for forming an Expert group of cyber experts present in Nepal so that they can collectively figure out the current problems that exist in cybersecurity is an excellent start to provide a secure working environment online.

Pyramid Cyber Security & Forensic (P) Limited is an ISO 9001-2008 and ISO 27001-2005 certified boutique Digital Forensic and specialized Information Security Solutions & Services Company.

Digital Crime and Fraud Investigation
Digital Forensic Acquisition & Analysis
Incident Response
email Investigation
e-discovery Services
Managed Information Rights Management (IRM)
Managed Security Information Event Management (SIEM)

Digital Forensic Solutions:-
Setting up Digital Forensic Laboratories & High Technology Crime Investigation Centres
First Responder Investigation Kit(FRIK)
Computer Forensics
Digital Forensic Analysis
Mobile Forensics
Steganography
Password Recovery
Voice Biometrics
Crime Pattern Visualisation & Link Analysis
Wireless Forensics
Packet Interception & Monitoring

Information Security Solutions:-
Security Information Event Management(SIEM)
Information Rights Management (IRM)
Location Based Systems (LBS)
Total Integrated Security & Surveillance Systems

You are testing physical security measures as part of a pen test team. Upon entering the lobby of the building, you see the entrance has a guard posted at the lone entry. A door leads into a smaller room with a second door leading into the interior of the building.

If you took a test on college football history, you know it would contain questions about Alabama. If you made one on trumpet players, there’d be one about Dizzy Gillespie. And if took one on trumpet players, there’d be one about Dizzy Gillespie. And if you take a test on physical security measures for Certified Ethical Hacker, you are going to be asked about the man trap. They love it that much.

A mantrap is nothing more than a locked space you can hold someone in a while verifying their right to proceed into the secured area. It’s usually a glass-walled room that locks the exterior door as soon as you enter.

Then, there are some authentication mechanisms such as a smart card with a PIN or a biometric system. Assuming the authentication is successful, the second door leading to the interior of the building will unlock, and the person is allowed to proceed. If it’s not successful, the doors open and the person is allowed to continue. If it’s not successful, the doors will remain locked until the guards can check things out. As an aside, in addition to authentication, some a man trap is also referred to in some definition as an airlock.

A security contravention is an event that leads to unauthorized access of data, files, services, or the device itself. The nature of the incident or the level of the breach can be anything from low-risk to highly critical.

A hacker with a malicious intent whois attempting a security breach and trying to gain unauthorized access to a target inside a business will first try to bypass or disable any underlying security mechanism protecting the target. After trying several methods when the hacker gets frustrated, he/she will start a denial of service attack against the server attached to the goal (data /file/device/ network, etc).

Availability: Denial of Service attacks against the availability of the system. This type of attack prevents legitimate or authorized users from access the system/service. Regardless of whatever else the hacker has tried to accomplish against the machine, a successful DoS attack removes the availability of that machine. Remember, availability refers to the communications systems and data being ready for use when legitimate users need them.

Many methods are used for availability, depending on whether the discussion is about a system, network resource, or the data itself. However, they all attempt to ensure one thing: when the system or data is needed, it can’t be accessed by the appropriate personnel. Attacks against availability always fall into the denial of service realm.

Some of the ways a DoS attack can take place are:

1. Disrupting a connection between the machines, or a service to a specific system or user
2. Flooding the network with excessive messages/requests to disrupt legitimate network traffic.

Russian Hacker made a killer pen drive, which changes TV and Computer into ashes.

Its name only is kept as gadget killer. Because this surely can change all your computer and TV into ashes. One Russian hacker has developed such type of pen drive with which, it can fry any gadget at the same time.

UAB Killer V 2 named this pen drive will generate 220 volts current right after it is entered in any kind of gadget. Because of which from laptop to television, right after this pen drive is opened to any device will be blasted. This is a hazardous type of pen drive. It can be fitted in all kinds of gadgets.

They also were Russian Security researchers, and they were renowned as Dark Purple, those hackers have made one video and had also publicized it to prove the power of that pen drive. In that very video, you can see that right after that pen drive is entered in that laptop, that laptop has been blasted.

He has warned every people around the world that because of this pen drive, every device having USB port is inverse of danger. Almost all of the smartphone supports USB mode, and likewise, Television, Computer, router, and modem all can be made phlegmatic by this pen drive as said by those hackers.

Right after the news of this type of lousy pen drive has been introduced, technology security brains have suggested all the people in the world not to enter any pen drive other than authorized to you into your devices.

Before this, that same hacker had made 110 Volt generating killer pen drive and he has said that he got no such intention to use or sell that type of pen drive which he has introduced: this is so like an atom bomb, when it is kept, we feel excited but cannot be used.

Computer Forensics refers to information collected from and about computer systems that are admissible in a court of law. Because computer data is intangible, can be easily modified and is a critical part of an organization’s day to day operations, computer crime investigations have the following characteristics.

Because the Internet and World Wide Web are global, computer crime can be committed from extremely diverse geographic locations. A perpetrator in Russia may be committing fraud in the U.S. using the internet. The prosecution is impeded because of differences in laws, attitudes toward computer crimes, definitions of computer crimes as well as difficulty in obtaining search warrants.

A plan should be prepared beforehand on how to handle reports of suspected computer crimes.

Investigators and prosecutors have a compressed time frame for the investigation.

A computer crime investigation will involve an organization’s computers. As a result, the inquiry might interfere with the organization’s business activities. In some cases, computers may be seized.

In a corporate environment, an investigation will involve management, corporate security, human resources, the legal department, and other appropriate staff members.

The act of investigation may also affect critical operations.

Investigating may prompt a suspect to commit retaliatory acts that could compromise data, result in a Denial of Service (DoS) attack, generate negative publicity or open individual privacy issues.

A committee of appropriate personnel should be set up to address investigative issues in advance.

To accommodate the prosecution of computer crimes, many jurisdictions have expanded the definition of property to include electronic information.

Smartphone, an ancient but good friend, is the thing that we always keep on carrying. Wherever we go, with whomever we go in any new or old destination we always bring our smartphone so that we can capture the various moments we spend with people around. The smartphone is all in one phone. Not just memories but also we save different kinds of personal information and data in our smartphone which are much more important and so they can be safe with wherever you go.

But, in the world, millions of smartphones that come from various smartphone manufacturers has always been a target for the hackers as shown by one of the research. The smartphone is an intelligent thing, so hackers’ main target has always been a smartphone. According to the research done by Britain’s Cambridge University’s research team, in the world, among the various phones, we use have different types of software, 87.7% of smartphones are inverse of vulnerability from being hacked.

The researchers, by doing analysis, they have concluded that in the smartphone and the software that are there in those smartphones, among 87.7% of the used smartphones, there are 11 types of danger and among those 11 dangers they have found one danger was found out.

In terms of research, with the help of available device analyzer in the Google App Store, data has been collected. As said by the researchers Daniel Thomas and Alcester Beresford, the main reason and the guilty person behind the Android smartphones being hacked are their manufacturers.

In order of the study done by researchers, they had collected the facts from more than 20 thousand mobile phone users.

For demolishing virus sally or hacking, Google in its operating system Android has been trying hard. Still, phone manufacturers haven’t made the provision of a security update to their customers, and because of this reason, it has been concluded that security has become more vulnerable a said by researchers.

Other than Android’s other smartphone LG, Motorola and Google Nexus brand’s smartphone is safer, and smartphone manufacturer has been providing the security update time to time, said researchers.

For saving your smartphone from being hacked and keep it safe, you must only download official apps from the google play store as suggested by researchers.

According to the researchers, among the top 10 smartphones which are not inverse of vulnerability in terms of security, Google Nexus lies in the 1^st position. And in that list, LG lies in the second position, and Motorola lies in 3^rd position. From the vision of smartphone security, Samsung lies in the 4^th position. Sony, HTC, ASUS, APLUS, Symphony, and Walton lies in 5^th, 6^th, 7^th, 8^th, 9^th and 10^th position respectively.

You can also buy the smartphones in terms of this security stages. Always, keep your smartphone safe from being hacked.

Organizations should be prepared to detect and respond to incidents before they occur. This plan should be embodied in an accident response policy. For example, The Carnegie Mellon University CERT Coordination Center (CERT/CC) recommends the following incident response practices. Prepare the establish policies and procedure for responding to intrusions. Prepare to return to interventions.

Analyze all available information to characterize an intrusion. Communication with all parties that need to be made aware of an intervention and its progress collect and protect information associated with interference. Apply short term solutions to contain an invasion. Eliminate all means of intruder access — return systems to normal operation. For the followup, To identify and implement security lessons learned. The original guidance on incident handling is provided by the Internet Engineering Task Force (IETF) RFC 2196.

These are the approaches; Preparing and Planning (What are the goals and objectives in handling an incident ?), Notification (Who should be contacted in the case of an event?) by the help of Local managers and personnel, Law enforcement and investigative agencies, Computer security incidents handling teams, Affected and involved sites, Internal Communications, Public relations and press releases. Identifying an episode (Is it an incident and if so, how serious is it ?).

Handling (what should be done when an incident occurs?). Notification (What should be done when an event occurs?): Notification (Who should be notified about the incident ?), Protecting evidence and activity logs (What records should be kept from before, during and after the event?),. Containment (How can the damage be limited?). Eradication (How can you eliminate the reasons for the incident?),. Recovery (How do you reestablish service and systems?). Follow up (What actions should be taken after the event?). Aftermath (What are the implications of past incidents ?)

Administrative response to incidents. Responding to events efficiently and effectively is extremely important. The following critical issues are involved. They are protecting the assets that could be compromised — protecting resources that could be utilized more profitably if an incident didn’t require their services.

Complying with (government or other) regulations. Preventing the use of your system in attacks against other systems (which could cause you to incur legal liability) and Minimizing the potential for harmful exposure.

A wide variety of countermeasures are needed to protect an organization from the assortment of threats. The counter measure’s used to defend Internet-based threats are not much different from those protecting similar risks in some countries.

Network and computer-related security countermeasure are discussed elsewhere on the internet would often apply when network, system or application is opened to the Internet. The Internet represents the worst case security scenario for any system or application, as this exposes it to the most potent threats that exist.

Firewalls: Firewall is devices that control the flow of messages between networks. Placed at the boundary between the Internet and an organization’s internal network, firewalls enforce a security policy by prohibiting all inbound traffic except for the specific few types of traffic that are permitted to a select few systems. For example

Permit incoming email to be sent only to the organization’s email server.

Permit incoming HTTP requests to be sent only to the organization’s Internet facing web server.

Permit incoming file transfer requests to be sent only to the organization’s file transfer gateway.

Permit outbound email to originate only from the organizations’ file.

Permit outbound email to originate only from the organizations’ email server.

The firewalls control not only what comes into an organizations network but also what leaves an organizations network. This last control, permitting outbound mail to originate only from the email server, prevents malware from arising its email messages, thereby slowing down the spread and impact of some types of malware.

Screening routers

These simpler firewalls are designed to examine each packet and compare it to access control (ACL) to determine if, based on its source and destination IP addresses and ports, whether it should be permitted to pass through the firewall.

Stateful Inspection Firewalls

This type of firewall is designed to record incoming packets and keep track of TCP /IP sessions external and internal hosts. In the TCP protocol, an incoming packet is answered with an outgoing packet, a stateful inspection firewall will examine an outgoing packet and make a go /no-go decision based on whether it believes that the outgoing packet is a part of an active session. Stateful inspection firewalls are more complex and capable of more effectively protecting an organization’s network.

10 Steps to Defeat Hacking Attacks (And What to Do after You’ve Been Hacked)

Through this article, I’m going to tell you the first steps that you need to take to defeat hacking attacks and after you have been hacked. These days, getting phished, hacked or becoming a victim of some malware attack is not uncommon either.

As we always have been listening to news that data has been hacked, the bank account has been cut and many more. The data breaches are on the rise and each day numerous types of malware are being discovered in the world. And we are supposed to be aware of such malware.

If you’ve realized that you’ve been hacked or you’re vulnerable to hacking attacks what the next step should you take? What to do after you’ve been cut? How to defeat those hacking attacks?

Here are some simple steps:

1. Calm down. It happens. But it’s time to act.

If you’ve found that you are a victim of some data breach, most of the time it’s not even a threat. However, you need to ask yourself some questions. You need to introspect and revisit the security measures you have been taking to secure your online life.

2. Now reset all your passwords and defeat hacking attacks

The first and foremost step after you come to know that you have been hacked is to reset all your passwords of all the accounts that you are related to. Use new and powerful passwords which can be a combination of uppercase and lowercase letters, digits, and symbols as well.

You must also avoid reusing a password as it is something that we do unconsciously and make our account more vulnerable. Another thing that you must keep in mind while creating strong passwords is never to create a password which includes your personal information.

3. Check your account statements and make specific changes

Thoroughly review financial account statements related to the affected accounts for some unusual activity. Look for other new payment methods, new reports linked, or new shipping addresses. Hackers were targeting your online accounts with one apparent reason related to money.

You need to check your credit card reports for suspicious activities and if you find anything fishy, cancel that card and book a new one.

4. Connected accounts too can do the damage

It’s evident that one online account is linked with other reports. The compromised email account could be the one you’re used to verifying some separate email account. Same applies to your online banking & e-commerce accounts. So, it’s a safe practice to perform security checked for all accounts and update the passwords right after you know that your account has been hacked.

5. De-authorize all connected apps

All the apps that you have been using on your phone are connected to some email account or your Facebook account. So, it would be an obvious decision to de-authorize all these apps. This could be a pain to re-authorize all the apps, but it’s the right to do at that time.

6. Use two-factor authentication to defeat hacking attacks

While setting up the new accounts, enable the option of two-factor authentication. This method adds an extra layer of security to your accounts. Don’t skip it; it makes your account 4-5 times more secure.

7. Recover your accounts

All the primary services like Facebook, Microsoft, Twitter, Google, Yahoo, and Apple provide a detailed guide to get back your mind after you lose your control to it. Just search for account recovery for your service and follow the steps.

8. Update your PC and phone

A very high percentage of hackers target to use the vulnerabilities in your PC and phone operating systems. If you are running older versions, there is a possibility that your device isn’t getting regular security updates.

Go to system settings and find the update system to perform the update. Make this a regular habit to protect yourself from being hacked.

9. Scan your devices for malware

Using a reliable anti-malware tool is another important step. Download some good antivirus and don’t hesitate to pay for it. Here’s a list of the best antivirus solutions for Windows.  If you choose to go for free products, you can check out this top free antivirus list.

Don’t forget to update your product as no matter how solid your antivirus product is; it’s useless if its virus database definitions are outdated.

10. Tell your friends and family. Spread awareness to defeat hacking attacks

Well, after fixing all the loopholes, it’s time to go to your friends and family members. As for them, about the necessary steps, they are taking to keep themselves secure and tell them where they are lacking.

Educate people to defeat hacking attacks. If this happened to you, it could happen to anybody. So, be aware of being hacked.

According to the cybersecurity records 2014 back and half of 2015 was projecting 2019 for the forthcoming years. The job about cyber security which is, so top and the responsibility for cybersecurity software engineer whose average annual salary is $ 233333 which represent the recent report from the situation from the job board dice and the top wage for CSO is $225000 which relatively compares the salary, and manually this report shows that the salaries of software engineer are highly referred than CSO.

Cyber Security labor Market

There is a shortage of workforce even though there is a shortage of workforce and expertise which expected demand is 6 million until 2019 and they have the projected shortfall of 1.5 million. “The demand for the cyber security workforce is expected to be rise to 6 million by 2019 with a projected shortfall of 1.5 million “ Michael Brown, CEO at Symantec the world largest security software vendors and this is by CISCO annual  Security report.

 There is a shortage of information security professional is at 1 million openings as cybersecurity attacks. This makes the data increases.

Shortage of Security pros worsens

It mainly expands the talents of security pro’s worsens.

Why a cybersecurity software engineer earns more than CSO?

According to 451 Research and study, It response more than 1000 it professional in NA and EMEA which makes the obstacles in implementing and have the security projects. It lacks staff expertise via 34.5% which is inadequate staffing, i.e., 26.4%

24% of enterprises have 24 multiple of 7 monitoring in place using internal sources.

Why is info security considered one of the best jobs?

This security job is regarding significant and high demand for the next seven years. US news and world report ranked a carrier information security analysis on the list of 100 best jobs for 2015.

Its viable future at 36.5% theory of 2022 and there are some engineers who are earning more than they do so. This is IDC prediction which is by 2018, 75% of CSO chief security officer and CISOs chief security information officers will report directly of CEO not to CIO.

It pushes the position higher up into the salary stratosphere. The candidate offering or facing the complete offers from multiple companies and their salary increase by 30%. This is certain for employers and retains their talents. There are 209000 cybersecurity job is unfilled. The total position offers past five years was 74% which is by peninsula press which is the Bureau of statistics. The demand for information security professional is expected to grow by 53% by 2018.

There is a shortage of workforce, and they have healthy salaries for experienced cyber security people, and these declining figures maintain the balance sometimes where there is a shortage of labor.

Social engineering is a non-technical method of intrusion hackers which relies heavily on human interaction and often involves tracing people and breaking standard security procedure. It is one of the significant threat for the user, and mainly social engineers encounter the networking enterprises.

Uses of Social Engineering

Virus writer

Virus writer mainly used malware-laden and email attachment. This is protective, and the phishers use a social engineer to developed sensitive which scares the vendor did.

Scareware

Scareware is used by the fighter people into running software, and they will directly hit the running software and make them protective and protect their asses and dangerous at worst.

Social engineers run a device called con game which is naturally helpful and take the quick action and have the immediate network access.

Types of Social Engineering

1. Baiting

Baiting helps to leave malware from the external device such as USB flash drive and CD ROM.

2. Phishing

It’s mainly legitimate email which often purporting the malware.

3. Pro texting

Protesting helps to gain free data.

4. Quid pro Quo

Its mainly request personal information and to give the identity to be shown by the recipient.

5. Spam

Spam means unsolicited junk email.

6. Spear phishing

Spear phishing means phis es tailored for a spy organization.

7. Tailgating

Tailgating is an unauthorized follow authorized party which steal valuable property.