7 Types of Hackers You Should Know

.      1. White Hat: Also known as ethical hackers, White Hat hackers are the good guys of the hacker world. They'll help you remove a virus or PenTest a company. Most White Hat hackers hold a college degree in IT security or computer science and must be [certified to pursue a career in ethical hacking](https://www.cybrary.it/course/ethical-hacking/). The most popular certification is the CEH (Certified Ethical Hacker) from the EC-Council.

SOURCE: GOOGLE

    2. Black Hat: Also known as crackers, these are the men and women you hear about in the news. They find banks or other companies with weak security and steal money or credit card information. The surprising truth about their methods of attack is that they often use common hacking practices they learned early on.

SOURCE: GOOGLE

   3. Gray Hat: Nothing is ever just black or white; the same is true in the world of hacking. Gray Hat hackers don't steal money or information (although, sometimes they deface a website or two), yet they don't help people for good (but, they could if they wanted to). These hackers comprise most of the hacking world, even though Black Hat hackers garner most (if not all) of the media's attention.

SOURCE: GOOGLE

  4.Green Hat: These are the hacker "n00bz," but unlike Script Kiddies, they care about hacking and strive to become full-blown hackers. They're often flamed by the hacker community for asking many basic questions. When their questions are answered, they'll listen with the intent and curiosity of a child listening to family stories. 

SOURCE: GOOGLE

  

   5 .Red Hat: These are the vigilantes of the hacker world. They're like White Hats in that they halt Black Hats, but these folks are downright SCARY to those who have ever tried so much as PenTest. Instead of reporting the malicious hacker, they shut him/her down by uploading viruses, DoSing and accessing his/her computer to destroy it from the inside out. They leverage multiple aggressive methods that might force a cracker to need a new computer.

SOURCE: GOOGLE

9     6 .Blue Hat: If a Script Kiddie took revenge, he/she might become a Blue Hat. Blue Hat hackers will seek vengeance on those who've them angry. Most Blue Hats are n00bz, but like the Script Kiddies, they have no desire to learn.

SOURCE: GOOGLE

7.Script Kiddie: Script Kiddies normally don't care about hacking (if they did, they'd be Green Hats. See below.). They copy code and use it for a virus or an SQLi or something else. Script Kiddies will never hack for themselves; they'll just download overused software (LOIC or Metasploit, for example) and watch a YouTube video on how to use it. A common Script Kiddie attack is DoSing or DDoSing (Denial of Service and Distributed Denial of Service), in which they flood an IP with so much information it collapses under the strain. This attack is frequently used by the "hacker" which doesn't help anyone's reputation

SOURCE: GOOGLE

Top 10 personal security tips and tricks

   

1. Keep Your Software Up to Date

One of the most important cyber security tips to mitigate ransomware is patching outdated software, both operating system, and applications. This helps remove critical vulnerabilities that hackers use to access your devices. Here are a few quick tips to get you started:

·         Turn on automatic system updates for your device

·         Make sure your desktop web browser uses automatic security updates

·         Keep your web browser plugins like Flash, Java, etc. updated

 Check out our blog on patch management best pratices.

SOURCE :GOOGLE

2. Use Anti-Virus Protection & Firewall

Anti-virus (AV) protection software has been the most prevalent solution to fight malicious attacks. AV software blocks malware and other malicious viruses from entering your device and compromising your data. Use anti-virus software from trusted vendors and only run one AV tool on your device.

Using a firewall is also important when defending your data against malicious attacks. A firewall helps screen out hackers, viruses, and other malicious activity that occurs over the Internet and determines what traffic is allowed to enter your device. Windows and Mac OS X comes with their respective firewalls, aptly named Windows Firewall and Mac Firewall. Your router should also have a firewall built in to prevent attacks on your network. 

SOURCE :GOOGLE

3. Use Strong Passwords & Use a Password Management Tool

You’ve probably heard that strong passwords are critical to online security. The truth is passwords are important in keeping hackers out of your data! According to the National Institute of Standards and Technology’s (NIST) 2017 new password policy framework, you should consider:

·         Dropping the crazy, complex mixture of upper case letters, symbols, and numbers. Instead, opt for something more user-friendly but with at least eight characters and a maximum length of 64 characters.

·         Don’t use the same password twice.

·         The password should contain at least one lowercase letter, one uppercase letter, one number, and four symbols but not the following &%#@_.

·         Choose something that is easy to remember and never leave a password hint out in the open or make it publicly available for hackers to see

·         Reset your password when you forget it. But, change it once per year as a general refresh. 

SOURCE :GOOGLE

4. Use Two-Factor or Multi-Factor Authentication

Two-factor or multi-factor authentication is a service that adds additional layers of security to the standard password method of online identification. Without two-factor authentication, you would normally enter a username and password. But, with two-factor, you would be prompted to enter one additional authentication method such as a Personal Identification Code, another password or even fingerprint. With multi-factor authentication, you would be prompted to enter more than two additional authentication methods after entering your username and password.

SOURCE :GOOGLE

5. Learn about Phishing Scams – be very suspicious of emails, phone calls, and flyers

We recently blogged that phishing scams are nastier than ever this year. In a phishing scheme attempt, the attacker poses as someone or something the sender is not to trick the recipient into divulging credentials, clicking a malicious link, or opening an attachment that infects the user’s system with malware, trojan, or zero-day vulnerability exploit. This often leads to a ransomware attack. In fact, 90% of ransomware attacks originate from phishing attempts.

A few important cyber security tips to remember about phishing schemes include:

1.      Bottom line – Don’t open email from people you don’t know

2.      Know which links are safe and which are not – hover over a link to discover where it directs to

3.      Be suspicious of the emails sent to you in general – look and see where it came from and if there are grammatical errors

4.      Malicious links can come from friends who have been infected too. So, be extra careful!

SOURCE :GOOGLE

6. Connect Securely

Cyber security tips about this have been dished out by nearly every tech expert under the sun, but many still don’t follow this advice. You might be tempted to connect your device to an unsecured connection, but when you weigh the consequences, it’s not worth it. Only connect to private networks when possible, especially when handling sensitive information.

SOURCE :GOOGLE

5 Biggest Cyber-attacks in India

5 Biggest Cyber-attacks in India

Do you know that India has been ranked 2nd amongst the countries affected by cyber-attacks between 2016-2018? According to a source there was a 22% rise in cyber-attack in India on IoT deployments. India has faced the most number of attacks in the IT department this year. In fact, India has been consecutively facing cyber-attacks, the second time in the row! In a recent study, it was revealed that out of 15 Indian cities, Mumbai, New Delhi, and Bengaluru have faced the maximum number of cyber-attacks. In the Annual Cyber Security Report by CISCO, 53% of cyber-attacks caused more than $500K of financial loss to organizations in 2018

The following are the top 5 cyber attact that india has ever faced

1. Cosmos Bank Cyber-Attack in Pune 

A recent cyber-attack in India 2018 was deployed on Cosmos Bank in Pune. This daring attack shook the whole banking sector of India when hackers siphoned off Rs.94.42 crore from Cosmos Cooperative Bank Ltd. in Pune. Hackers hacked into the bank’s ATM server and took details of many visas and rupee debit cardholders. Money was wiped off while hacker gangs from around 28 countries immediately withdrew the amount as soon as they were informed. 

SOURCE :GOOGLE 

2. ATM System Hacked 

Around mid-2018, Canara bank ATM servers were targeted in a cyber-attack. Almost 20 lakh rupees were wiped off from various bank accounts. Count of 50 victims was estimated and according to the sources, cyber attackers held ATM details of more than 300 users. Hackers used skimming devices to steal information of debit cardholders. Transactions made from stolen details amounted from Rs.10,000 to the maximum amount of Rs.40,000. 

SOURCE :GOOGLE 

3. UIDAI Aadhaar Software Hacked

2018 started with a massive data breach of personal records of 1.1 Billion Indian Aadhaar cardholders. UIDAI revealed that around 210 Indian Government websites had leaked  Aadhaar details of people online. Data leaked included Aadhaar, PAN and mobile numbers, bank account numbers, IFSC codes and mostly every personal information of all individual cardholders. If it wasn’t enough shocking, anonymous sellers were selling Aadhaar information of any person for Rs.500 over Whatsapp. Also, one could get any person’s Aadhaar car printout by paying an extra amount of Rs.300.

SOURCE :GOOGLE

4. Hack Attack on Indian Healthcare Websites 

Indian-based healthcare websites became a victim of cyber-attack recently in 2019. As stated by US-based cyber-security firms, hackers broke in and invaded a leading India-based healthcare website. The hacker stole 68 lakh records of patients as well as doctors. 

SOURCE :GOOGLE 

 5. SIM Swap Scam 

Two hackers from Navi Mumbai were arrested for transferring 4 crore rupees from numerous bank accounts in August 2018. The illegally transferred money from bank accounts of many individuals. By fraudulently gaining SIM card information, both attackers blocked individuals’ SIM cards and by the help of fake document posts, they carried out transactions via online banking. They also tried to hack accounts of various targeted companies.  

Aforesaid stats and events of the latest cyber-attacks in India is a wake-up call for all those individuals and companies who are still vulnerable to cyber threats. There is a popular phrase “Prevention is better than cure”, and it is high time to implement it in real life. Investing in cyber-security solutions to prevent future cyber risks is nothing but a smart move!

SOURCE :GOOGLE 

DIFFERENT TYPES OF CYBER CRIMES IN INDIA .

In our previous blogs we havetalked about condition of cyber security in India and some of the polices that government has designed to decrease the rate of cyber crime in India.

In this blog we will be discussion about different types  of  cyber crime which are most  common in India.

Cyber Crimes can be categorized in two ways:

1. The crimes in which the computer is the target. Examples of such crimes are hacking, virus attacks, DOS attack etc.

2. The crime sin which the computer is used as a weapon. These types of crimes include cyber terrorism, IPR violations, credit card frauds, EFT frauds, pornography etc. 

DIFFERENT KINDS OF CYBER CRIMES ARE FOLLOWING

1.Unauthorized Access and Hacking:

Unauthorized access means any kind of access without the permission of either of the rightful or person in charge of the computer, computer system or computer network. Hacking means an illegal intrusion into a computer system and/or network. Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction. Some hackers hack for personal monetary gains, such as to stealing the credit card information, transferring money from various bank accounts to their own account followed by withdrawal of money. Government websites are the most targeted sites for the hackers.

SOURCE: GOOGLE

2. Web Hijacking:

Web hijacking means taking forceful control of another person’s website. In this case the owner of the website loses control over his website and its content.

SOURCE: GOOGLE

3.Pornography: 

Pornography means showing sexual acts in order to cause sexual excitement. The definition of pornography also includes pornographic websites, pornographic magazines produced using computer and the internet pornography delivered over mobile phones.

SOURCE: GOOGLE

4. Child Pornography:

The Internet is being highly used as a medium to sexually abuse children. The children are viable victim to the cyber crime. Computers and internet having become a necessity of every household, the children have got an easy access to the internet. There is an easy access to the pornographic contents on the internet. Pedophiles lure the children by distributing pornographic material and then they try to meet them for sex or to take their nude photographs including their engagement in sexual positions. Sometimes Pedophiles contact children in the chat rooms posing as teenagers or a child of similar age and then they start becoming friendlier with them and win their confidence. Then slowly pedophiles start sexual chat to help children shed their inhibitions about sex and then call them out for personal interaction. Then starts actual exploitation of the children by offering them some money or falsely promising them good opportunities in life. The pedophiles then sexually exploit the children either by using them as sexual objects or by taking their pornographic pictures in order to sell those over the internet.

SOURCE: TNS WORLD

5.Cyber Stalking:

In general terms, stalking can be termed as the repeated acts of harassment targeting the victim such as following the victim, making harassing phone calls, killing the victims pet, vandalizing victims property, leaving written messages or objects. Stalking may be followed by serious violent acts such as physical harm to the victim. Cyber Stalking means repeated acts of harassment or threatening behavior of the cyber criminal towards the victim by using internet services. Both kind of Stalkers i.e., Online & Offline – have desire to control the victims life.

SOURCE :GOOGLE

6. Denial of service Attack:

This is an attack in which the criminal floods the bandwidth of the victim’s network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide. This kind of attack is designed to bring the network to crash by flooding it with useless traffic. Another variation to a typical denial of service attack is known as a Distributed Denial of Service (DDoS) attack wherein the perpetrators are many and are geographically widespread. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCp/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like Virus, new DoS attacks are constantly being dreamed up by Hacker.

SOURCE :GOOGLE 

5 CYBER SECURITY POLICIES & INITIATIVES BY INDIAN GOVT IN 2019

Do you know Indian government has come up  with various policies and initiatives to overcome cyber security threats in India.

In my this blog I attempt to throw light on the progress India has made in cyber security and the initiatives taken bythe government in drafting it's cyber security strategy in 2020

Source : Kaspersky

1.CERT-In

The advancement in The Indian Computer Emergency Response Team (CERT-In), which operates as the national agency for tackling the country’s cyber security, has helped in lowering the rate of cyber attacks on government networks. The implementation of anti-phishing and cyber security awareness training across India’s government agencies has assisted government employees in fighting against cyber crimes. Apart from spreading awareness of the dangers posed by phishing attacks to the public, CERT-In also issues alerts and advisories regarding the latest cyber vulnerabilities and countermeasures to tackle them.

Source : Google

2.Cyber Surakshit Bharat 

Aiming at strengthening the cybersecurity ecosystem in India — in line with the government’s vision for a ‘Digital India’, The Ministry of Electronics and Information Technology (MeitY) has launched Cyber Surakshit Bharat initiative. This program was in association with the National e-Governance Division (NeGD).

Digitisation has rapidly transformed the governance system, and therefore the requirement of good governance is crucial. With such initiative, there would be a rise of awareness about cybercrime and building capacity for securing the CISOs and the frontline IT staff across all government departments. Apart from awareness, this first public-private partnership also includes a series of workshops to make people cognizant about the best practices, and help the officials with cyber security health tool kits to tackle cyber threats.

Source : GILB.in

 3.National Critical Information Infrastructure Protection Centre

NCIIPC is a central government establishment, formed to protect critical information of our country, which has an enormous impact on national security, economic growth, or public healthcare. This was amended as per the provisions of section 70A of the Information Technology (IT) Act, 2000. This organisation readily conducts cybersecurity exercises to keep a check of the cyber security posture and preparedness of the Government and the critical sectors. 

NCIIPC has broadly identified the following as ‘Critical Sectors’:-

●        Power & Energy

●        Banking, Financial Services & Insurance

●        Telecom

●        Transport

●        Government

Source :Wiki2

4.Website Audit

Amid the increasing number of government website hacking, email phishing, data theft, and privacy breach cases, the Indian government has planned to conduct an audit on all the government websites and applications. Under this initiative, approximately 90 security auditing organisations have been empanelled by the government for auditing the best practices of information security.

Source: Google

5.Appointment of Chief Information Security Officers

With the rapid digitalisation of the world, the requirement for adopting stringent measures is becoming the need of the hour. Even the smallest breach in the governmental system can cause severe wreckage, which in turn can bring down the Government to a standstill. It is therefore imperative, that every government organisation is headed by a skilled security leader, also known as Chief Information Security Officers (CISOs) — who can identify and document the security requirements that arise with each technical innovation. The government of India has also recently issued a written guideline for the CISOs of government organisation, highlighting the best practices for securing applications, infrastructure, and compliance.

Source :Google