What are THREATS?
Threats are potential dangers waiting to happen at any time. Here are some threats we are going to know about: 
Insider Threats
An employee who is inside the organization accidentally or intentionally shares a confidential report via personal email.
Why it matters: Insiders know the system best and even innocent mistakes can cost millions. Unsecured Wi-Fi Networks
You connect to “Free WIFI” at a public place and unknowingly share your login details with a hacker sitting nearby. Public networks often host keyloggers ready to steal your passwords.
Fix: Always use VPNs on public Wi-Fi. Install antivirus systems that prevent users from disabling protection.
Lost or Stolen Devices
Anyone losing their devices which contain their personal details may cause personal data licking.
Fix: Enable remote wipe and password protection on all devices.
Weak Passwords
Using a weak password can give the hacker an opportunity if he knows your personal details like birth year/date, full name, parents name.
Fix: Use complex passwords or a password manager. Never Use your name or family name as a password.
Lack of Software Updates
Updating your Operating system is a Must. If you delay Windows update it will include a critical patch.
Fix: Always update software — it’s your digital vaccine.
Social Engineering
A “tech support agent” calls asking for your password or any OTP number or gives you a link to tap and you trust them and give it away.
“NEVER TRUST THESE SCAMS”.
Fix: Never share credentials unless you’re 100% sure.
Phishing Emails
One click on a bad link = total compromise.
If you ever get an email saying, “Your Amazon order failed – click here.” You click on the link. Fix: Think before you click. Hover over links to check the real URL.
Web Server Compromise
Poorly coded websites are vulnerable to SQL injection attacks
Solution: Regularly audit your web apps for secure input validation.
Cyber Attacks
What is Cyber Attack ?
Actual Action taken to harm or Steal in the cyber world.
Phishing Attack
In this attack a person gets a link to a bank statement or a fake email asking to “verify your account.” You enter your password and it’s stolen.
Real Case: In 2016, a phishing scam fooled John Podesta, Hillary Clinton’s campaign chair. Brute Force Attack
In this attack hackers use software to guess your password millions of times until they get it right. Attackers use scripts or specialized software or Bot to continuously break through your password. Fix: Use long and random passwords.
Ransomware
In this attack the hacker encrypts all your files and demands payment to unlock them. Real Case: The 2017 WannaCry attack hit hospitals and companies worldwide.
Man-in-the-Middle Attack
When a malicious actor intercepts, relays, or modifies the communication between two parties that think they are speaking with each other directly, it is known as a Man-in-the-Middle (MITM).Any institution or banks information can be achieved by the man in the middle person who is using any network devices to access the data.
Real Case: Super fish, an adware program that pre-installed on some Lenovo computers, served as an MITM proxy.
DNS Spoofing
You think you’re logging into Facebook, but the website was hijacked to steal your password. Fix: Always check the URL and use DNS security tools.
As The Threats and cyber attacks are increasing in an alarming rate therefore some steps need to be implemented to ensure the security of your personal device :
- Firewalls
By Monitoring and filtering the traffic from the websites. Use packet-filtering or proxy firewalls for different layers of protection.
- Antivirus Systems
The software needs to be updated frequently and some encrypted or zipped files may not be identified in the scanning process . So use Behavior based scanning too.
- Systems for detecting intrusions (IDS)
These keep an eye on traffic for indications of signature-based or anomaly-based intrusion detection systems. For better coverage, use both host-based and network-based intrusion detection systems.
- Encryption
Use symmetric or asymmetric encryption to secure sensitive communication and storage.
- Cryptography Techniques
Secure sensitive data storage and communication by using symmetric or asymmetric encryption.
Figure: The Survival Guide(generated from ChatGPT)
Don’t wait for an attack. Stay alert. Stay protected.
References
1)Khan, R., & Hasan, M. (2017). NETWORK THREATS, ATTACKS AND SECURITY MEASURES: A REVIEW. International Journal of Advanced Research in Computer Science, 8(8).
2) Fortinet Cyber Glossary: What Is a Brute Force Attack?
Written by Romona Magdalene Sarkar
Instructor, Computer Science Department
Daffodil Institute of Engineering & Technology