Course Name

Module Cyber Security

Session No. I

Version 1.0
 Cyber Security

Material from the published or unpublished work of others which is referred to in the Class
Notes is credited to the author in question in the text. The Class Notes prepared is of 7,203
words in length. Research ethics issues have been considered and handled appropriately
within the Globsyn Business School guidelines and procedures.

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Table of Contents
1. Introduction ............................................................................. 7
1.1. Types of Cyber Attacks ................................................................................................. 8

1.1.1. Malware .................................................................................................................... 8

1.1.2. Phishing .................................................................................................................... 9

1.1.3. Denial of Service ......................................................................................................10

1.1.4. Man in the Middle .....................................................................................................11

1.1.5. Crypto Jacking .........................................................................................................11

1.1.6. SQL Injection ...........................................................................................................12

1.1.7. Zero-Day Exploits.....................................................................................................13

2. Threats and Attacks in Cyber Security ............................... 14

2.1. Infection Methods .........................................................................................................14

2.1.1. Virus.........................................................................................................................14

2.1.2. Worms .....................................................................................................................15

2.1.3. Trojan.......................................................................................................................16

2.1.4. Bots..........................................................................................................................16

2.2. Malware on the Basis of Action ...................................................................................17

2.2.1. Adware .....................................................................................................................17

2.2.2. Spyware ...................................................................................................................18

2.2.3. Ransomware ............................................................................................................19

2.2.4. Scareware ................................................................................................................20

2.2.5. Rootkits ....................................................................................................................21

2.2.5. Zombies ...................................................................................................................21

3. Other Form of Cyber Attacks ............................................... 22

3.1. Social Engineering Attacks..........................................................................................22

3.1.1. Urgent Ask for Help ..................................................................................................23

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

3.1.2. Use Phishing Attempts with a Legitimate Seeming Background ...............................24

3.1.3. Asking for Donation from Charitable Institutions .......................................................24
3.1.4. Looking Like Legitimate Link ....................................................................................24
3.1.5. Announcement the User as Winner ..........................................................................24
3.1.6. Pose as a Boss or Co-Worker ..................................................................................25
3.1.7. Delete Irrelevant Mails..............................................................................................25
3.1.8. Set Spam Filters.......................................................................................................26
3.1.9. Securing Computer Device ......................................................................................26
3.2. Crypto Currency and Crypto Jacking..........................................................................27

3.2.1. Loading Crypto Mining Code ....................................................................................29

3.2.2. Spreading Advertisement or Scripts .........................................................................30

4. Phishing ................................................................................. 31
4.1. Spear Phishing .............................................................................................................32

4.2. Clone Phishing .............................................................................................................33

4.3. 419/Nigerian Scams ......................................................................................................34

4.4. Phone Phishing ............................................................................................................35

4.5. Phisher Attack in Biometrics .......................................................................................36

5. Securing Data from Threats ................................................. 36

5.1. Bolster Access Control ................................................................................................37

5.2. Updating Software ........................................................................................................37

5.3. Standardise Software ...................................................................................................38

5.4. Use Network Protection Measures ..............................................................................38

5.5. Employee Training .......................................................................................................39

5.6. CIA Triad .......................................................................................................................40

5.6.1. Confidentiality ..........................................................................................................40

5.6.2. Integrity ....................................................................................................................41

5.6.3. Availability ................................................................................................................41

References ................................................................................. 42

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

List of Figures
Figure 1: Skimming Machine ...................................................................................................... 7
Figure 2: Malware Attack ........................................................................................................... 9
Figure 3: Phishing .....................................................................................................................10
Figure 4: Phisher Attack on Traffic ............................................................................................10
Figure 5: Fake Message through Phisher..................................................................................11
Figure 6: Crypto jacking ............................................................................................................12
Figure 7:SQL Injection ..............................................................................................................13
Figure 8: Zero Day Vulnerability Timeline..................................................................................14
Figure 9: Virus Attack in Computers ..........................................................................................15
Figure 10: Win32-Worm ............................................................................................................15
Figure 11: Trojan Attack ............................................................................................................16
Figure 12: Bots Attack – Advanced Worm Attack ......................................................................17
Figure 13: Adware Attack in Computers ....................................................................................18
Figure 14: Spyware Attack ........................................................................................................19
Figure 15 : Ransomware Attack ................................................................................................20
Figure 16: Scareware Attack .....................................................................................................20
Figure 17:Rootkit attack ............................................................................................................21
Figure 18: Zombies Attack ........................................................................................................22
Figure 19: Influenced by Attacker ..............................................................................................23
Figure 20: Legitimate Seeming Background – Phisher Attack ...................................................24
Figure 21: False Lottery Winning Email .....................................................................................25
Figure 22: Computer Upgradation .............................................................................................27
Figure 23: Various Crypto Currencies .......................................................................................28
Figure 24: Crypto Jacking .........................................................................................................29
Figure 25: Crypto Mining Hidden Coding...................................................................................30
Figure 26: Crypto Currency Mining Tricks .................................................................................31
Figure 27: Phishing Email .........................................................................................................32
Figure 28: Spear Phishing .........................................................................................................33
Figure 29: Clone Phishing .........................................................................................................34
Figure 30: Nigerian Phishing .....................................................................................................35
Figure 31:Phone Phishing .........................................................................................................35
Figure 32: Phishing-Biometrics .................................................................................................36

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 33: Bolster Access Control .............................................................................................37

Figure 34: Protection Measures ................................................................................................39
Figure 35: Employee Training for Security Purpose ..................................................................39
Figure 36: CIA Triad ..................................................................................................................40

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

1. Introduction
Have you heard the recent ATM scam held in Kolkata of India? Two skimming machines were
fitted in two ATMs. These two skimming machines stored the data of transactions set in these
ATMs. Later such skimming machines were removed from the machines by an Indian and sold
the data to a certain Romanian above the normal price. A normal price is a price which is set in
the market during the time of auction related to data transferring. The process of stealing was
later disclosed by police. A skimming machine was used by the stealer to store the information
of the users. A small device was used to such stealing known as a skimmer. It took the
information from the magnetic strip fixed over ATM cards. This scam is related to Cyber
security.
Figure 1: Skimming Machine

(Siciliano, 2019)

Nowadays it is feasible that almost every citizen has access over the internet. There are many
options for its use like mobile, Tab, laptop etc. You are also one of such a user who deals most
of your communications through mail on a daily basis. Here you receive your class notes, bank
transaction details, other important information on a regular basis. Somehow, one day if you
discover that you can’t log on your system and whenever you put your password in the
password section your system denies the password. You become helpless at that moment.
Suddenly, you have the realisation that your password has been hacked and your email ID
becomes useless. You realise that you have lost many important documents stored over there
and there is no possibility to retrieve that records anymore. Very shocking situation! Imagine if it
really happens with you what you feel at that moment when it is hacked by an intruder with a

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

criminal intention. Here comes the importance of cyber-security. Cyber-security is the process
and technique which is used to protect sensitive data, computer systems, networks and
software applications from cyber-attack. Cyber-attack refers to an attack that can be originated
from one or more computers called sources. This sort of attack is done either to deactivate the
functions of target computers or networks or to snatch the data from the target computers or to
gain administrative privileges on it (Siciliano, 2019).

1.1. Types of Cyber Attacks

The cybercriminals deploy many methods to achieve the targets that include gaining access
over the computers and disabling operations. The most common proliferating techniques often
used by these criminals are laid down below:

1.1.1. Malware
Malware is known as malicious software. It is a sort of harmful program which damages the
computer system. It affects the files or folders in a system. There are different types of malware
found in the system which keep on malfunctioning and affect the system badly. These are
viruses, worms, Trojan horses and spyware. These harmful programs affect the computer badly
by performing the following functions – stealing; encrypting; deleting sensitive data; alerting or
hijacking core computing functions and controlling user’s computer activity without their
permission. The malicious software can be spread in the following process like when a USB
drive is plugged on a computer malware may be spread to the system if such USB drive is
affected by such malware (Malware Fox, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 2: Malware Attack

(Norton, 2019)

1.1.2. Phishing
Sometimes cybercriminals craft emails for the target users for doing some harmful incidents.
When any user gets attracted to these emails and starts to download the sent documents the
malware starts its functions and spread over the system and take valuable information from the
user. The form of such decisive emails may contain fake links and when a user clicks on the link
a fake website appears on the screen demanding valuable information from the user like bank
ATM password etc. When such sensitive information is passed the worst moment starts to
happen with the user as he gets fooled and victimised by passing the valuable information to the
criminal (Imperva, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 3: Phishing

(Imperva, 2019)

1.1.3. Denial of Service

To disrupt normal traffic, the targeted server might be attacked with flood of internet traffic and
creates traffic jam. This traffic jam cannot be prevented simply by blocking a single IP address.
Additionally, it is a difficult task to distinguish legitimate user traffic from attack traffic when such
attack traffic is spread over different points in the system. The huge volume of elements called
packets is sent in the process of traffic flooding by which legitimate requests get lost. This type
of attack is called denial service attack which is used to stop the normal functioning of the online
proceedings. In the data base the attackers may send n numbers of traffics which outperforms
the normal ability of the system and making them unavailable to anybody (Force Point, 2019).

Figure 4: Phisher Attack on Traffic

(Force Point, 2019)

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

1.1.4. Man in the Middle

It is a sort of secret method where the attackers secretly imposed themselves between the user
and the web service. The object of such a function is to harvest the information that the user
sends to a fake network. Such a fake network is developed by the attackers which is a mimic of
the targeted network having a log in facility. The login screen appears in the fake set up to trap
the targeted user to collect information. This process enables the attackers to collect bank
password from the target victim (Imperva, 2019).

Figure 5: Fake Message through Phisher

(Imperva, 2019)

1.1.5. Crypto Jacking

It is a dangerous attack that affects the computer of a third party to do the work of generating
cryptocurrency in favour of a client. The execution of such a process includes injecting malware
on the victims’ computer to perform the useful calculations. Else, code is written through
JavaScript which is installed on the computer that executes in the victim’s browser (CSO India,
2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 6: Crypto jacking

(CSO India, 2019)

1.1.6. SQL Injection

If any type of security flaw occurs in the database system, the unethical researchers or the
unethical attackers may exploit such software vulnerability by injecting certain code to take
control of such database. Sometimes the database is framed in a certain way following the
command written in the structured query language called SQL. Sometimes it is observed that
information is collected from the users in order to transmit the same to the SQL data base. This
collected information stored in the SQL data base is used to exploit the vulnerability to capture
the data base of the user. Sometimes SQL command is written into a web form seeking basic
information from the internet user. In such circumstances, if such SQL command overpowers
the programmed data base the unethical attackers may control such a programmed database
and exploit the software vulnerability (Portswigger, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 7:SQL Injection

(Portswigger, 2019)

1.1.7. Zero-Day Exploits

Some possibility of weakness may be discovered in running software. Such weakness may be
exploited by the attackers before such weakness is fixed by the user. It is happened on the
same day when such weakness occurs. Such type of incident is known as Zero-day exploits. A
user can discover some sort of risk that arises in the system program. He then feels to inform it
about the software company. The software company may develop a security patch to remove
the risk. The same user may spread the warning to other users thorough the internet. Such
spread of news through the internet can be utilised by hackers and they start to exploit such a
flaw before the flaw is eradicated by the programmer. When this happens, there is little
protection against an attack because the software flaw is so new. In such circumstances the
transmitted data can be prevented by using virtual local networks (LANs) or by using a firewall
or secured Wi-Fi system. These preventive systems enable the user to resist malware attacks.
Additionally, the operating system can be kept at bay from the harmful effect of the malware by
using the latest software version or by using websites having security socket layers. These
types of websites are powerful enough to rescue the computers from the attack of unethical
attackers (Singh, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 8: Zero Day Vulnerability Timeline

(Singh, 2019)

2. Threats and Attacks in Cyber Security

There are various types of threats present into information security. These are – software
attacks, theft of intellectual property, identity theft, theft of information or items related to
computers, sabotage, and information extortion. Threats breach the security system and draw
the situation in its own favour. It is responsible to alter, erase, harm object and makes any kind
of vulnerability on the computers. On the other hand, when the system is attacked by viruses,
worms, Trojan horses it means that attack is made on software. There is varied malicious
software found in the software. All such software is different in nature but all of them put the
attempt to hamper the function of the computer. The nature of threats can be malware. Two
things are present in this term. One is malicious and the other term refers to software. When the
nature of software is malicious it is called malware which is made up of an object to perform
malicious operations on the system. Malware can be classified into two sections. These two
sections are described below:

2.1. Infection Methods

On the basis of infection, the malware can be categorised into the following manner.

2.1.1. Virus
It is a dangerous malware that enter the program like songs, videos of the host computer and
has the ability to imitate the programs and interrupt the normal functions of such programs.

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

They are able to wander all over the internet. File virus, Macro virus, boot sector virus are the
viruses which hook into the program and break its normal function (The Economic Times, 2019).

Figure 9: Virus Attack in Computers

(The Economic Times, 2019)

2.1.2. Worms
When the speed of the computer gets slowing down it represents the presence of another type
of malware into the computer system known as worms. The nature of such malware is self-
replicating however, like a virus it does not hook on the program of the host. The worm merely
moves one computer to another when a network is available. The purpose of such movement is
to rest on the part of the machine and occupy hard disk space. The entrance of the worm in the
hard disk decrease the speed of the computer (Search Security, 2019).

Figure 10: Win32-Worm

(Search Security, 2019)

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

2.1.3. Trojan
In one word Trojan is a stealer. In Greek mythology, a story of Trojan horses is very popular.
The narration of the story is – when the Greeks wanted to capture the city of Troy they applied
one stealing technique known as Trojan horse. This technique iterates that the Trojans were
very fond of horses. Greek soldiers were hidden in a big wooden horse and later such horse
was gifted to the Trojans. The Trojans accepted the gift blindly and the soldiers inside the Horse
emerged and attacked the city. Likewise, Trojan stays inside the software. This affected
software looks normal but when such software is executed Trojan, which is concealed, starts its
operations by stealing all the information from the system or any particular information
commanded to the Trojan for stealing (Kaspersky, 2019). Trojans often provide a back door
gateway for malicious programs for the purpose of entering into the system and take the
valuable data secretly. There are various types of Trojans found in the software. These are –
FTP Trojans, Proxy Trojans, Remote access Trojans etc.

Figure 11: Trojan Attack

(Kaspersky, 2019)

2.1.4. Bots
Bots are regarded as the advanced form of a worm. For injecting the malware inside the
program human interaction is not necessary. This is because the installation of such advanced
worms inside the program is an automated process. These worms can be good or bad.
Malicious bot affects one host and connects backs to the central server. This central server
transmits the command to all infected hosts connected with the network called Botnet. Botnets
were initially framed to carry out a specific task within a group. Some of the botnet attacks
include:
 Distributed denial of service.

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

 Spreading spam email

 Stealing of confidential data.

Generally, the large scale business is affected by this malware. It is so because this malware
has the ability to deal with ample numbers of data which is found in the operational process of
the large scale organisation. This malware enables the cybercriminals to get hold a large
number of devices and control it by providing instructions that cannot be deviated until such
malware is removed from the system (Panda, 2019).

Figure 12: Bots Attack – Advanced Worm Attack

(Panda, 2019)

2.2. Malware on the Basis of Action

On the basis of action, the malware can be categorised in the following manner.

2.2.1. Adware
It is a kind of malware whose malicious effect destroys the privacy of the users. When a user
surfs the net generally adware enters into the system. For example, when people download
important information from the internet such downloaded data may bear adware. When such an
affected program is loaded some advertisements start to appear on a particular section on the
screen. Afterward such program files start tracking cookies, key loggers in order to spread the

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

adware therein. Such programs are also used to perform intrusive hard disk scans. The scary
thing is that if such affected things are not scrutinised, all the important and essential
information may pass on to the unscrupulous persons who seek the secret information of the
user. However, it is noticed that adware can be entered into the computer with the consent from
the user. It is always seen on the internet that some sites display advertisements into a specific
portion of the webpage. The provider of such an advertisement aims to earn revenues through
this advertisement. However, some advertisement bears dangerous adware which starts
malfunctioning whenever such an advertisement is clicked by the user (eSeT, 2019).

Figure 13: Adware Attack in Computers

(eSeT, 2019)

2.2.2. Spyware
It is a sort of malicious operation which monitors the activities of the user when he is connected
with computers. The collected information afterward sends to the interested parties. The Trojan
malware and Worms are the carriers of spyware. When this malware is entered into the system
the system gets affected by spyware which starts installing itself. Once it is installed it starts to

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

monitors the system. The example of spyware is Key logger (Anandsafi, 2019). The basic job of
a key logger is to store user keystrokes with a time stamp. The spyware is liable to take up
some important information like username, password, credit card, and debit card details etc.

Figure 14: Spyware Attack

(Anandsafi, 2019)

2.2.3. Ransomware
When the information that we see on a computer is converted into code it creates lots of
difficulties for the user. The user cannot understand these codes and unable to find out the
meaning of these codes. Such conversion of the content that a user eager to go through is
called encrypted content. The malware which is responsible for making such conversion and
bringing plenty of problem to the user is called Ransomware. The mechanism behind the
development of such malware is a creation of a unique robust encryption algorithm the
application of which converts the text into code and makes it encrypted. To crack the encrypted
file, the programmer sends the decryption code to the affected area and rewinds the system to
the previous state. Unless and until the system gets back the state prior to encryption the
function of the system gets affected. It remains inaccessible either partially or entirely. Money
seeking is a common symptom found in the affected computer as the attackers seek money to
remove the malfunctioning from the machine (Webopedia, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 15 : Ransomware Attack

(Webopedia, 2019)

2.2.4. Scareware
It is a pretention instrument which is fixed in a system and affects the software when the
software is run by the user. It has the capability to damage the system entirely. Until the
software is not in action no harm will happen. Once it starts operating the execution of this
malware gets started. The software frightens the user by displaying a message on the computer
seeking money regarding the removal of this malware (Malware Fox, 2019).

Figure 16: Scareware Attack

(Malware Fox, 2019)

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

2.2.5. Rootkits
It is a type of malware that attacks the root of the system. This malware is designed in such a
way so that it gets the root access and possesses the administrative privileges in the user
system. When the attacker gets the root access it enables them to steal private data from the
affected system (Comodo, 2019).

Figure 17:Rootkit attack

(Comodo, 2019)

2.2.5. Zombies
Sometimes the botnets are leased by cybercriminals to other attackers to send spam, scams,
phishing to legitimate websites or networks. Sometimes the hackers wait for doing some
harmful attack until it gets the signal through command to steal the information from the
legitimate computers (Webroot, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 18: Zombies Attack

(Webroot, 2019)

3. Other Form of Cyber Attacks

Apart from several malwares that affect the system in different ways. There exist other
contemporary ways that are also equally harmful to the system. These are laid down below:

3.1. Social Engineering Attacks

The sensitive information of the user can be leaked out to the online criminals through social
engineering attacks. It is an art of manipulating user so that they can pass the personal
information to the attackers. The attacker may target an individual user. He influences the
individual in such a way through online which binds the user in giving all the important personal
information like email id, password, bank information to the attacker and gets ruined.
Sometimes the attacker secretly installs the malicious program in the user’s system and control
over it. This kind of capture tends to snatch all the necessary personal information from the
user. The tricks influence the user to put trust in the attackers. These attackers are well aware
of the weakness of the users. They understand a person’s natural tendency and convert their
inclination to trust and capture their personal information. This is a sort of discovery which leads
to hacking the system of the user. As far as cyber security is concerned the security here refers
to showing a sense of responsibility in dealing with computers particularly during the time of

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

online. It is required to gauge whom to trust and reject others whatever tricks they want to apply
over users. The same is true in the case of online transactions. Blindly never falls in prey of any
lucrative advertisement which can destroy the user entirely in terms of money or relationship or
related to any other sensitive issues. Some links are dangerous for the machine and some
downloading materials are also very harmful. Once a user is hacked it is pertinent to know what
can happen with the victim in the post hacking stage. Once the system is hacked for example
suppose the email id password is hacked in such a case the attackers have the mobility to get
access to other important websites of the user (Bisson, 2019). It is because the user generally
uses a common password on all such websites. Once the criminal starts to control the email
account it leads to giving him access over several other websites. This controlling ability gives
them the direction to send an enormous number of emails or messages to the acquaintances of
this user. Few such recipients might be influenced by such mail or message and fulfil the
requirement of the message.

Figure 19: Influenced by Attacker

(Bisson, 2019)

The following stories are sent by the attackers to the users once the machine is hacked and the
hacker completely controls the email. These are:

3.1.1. Urgent Ask for Help

The story may be related to the accident. Since instant money is required after an accident so
this story can influence the recipients to trust over the message and accordingly the recipient
may send money from such a story.

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

3.1.2. Use Phishing Attempts with a Legitimate Seeming Background

A mail can be considered as a legitimate mail sent by the phisher asking for help. Phisher may
send the email which may come to the recipient either from either bank, or institutions or any
reputed organisations (Imperva, 2019).

Figure 20: Legitimate Seeming Background – Phisher Attack

(Imperva, 2019)

3.1.3. Asking for Donation from Charitable Institutions

Praying the kindness and generosity are two sensitive tools used by the criminals to convince
the recipients for donations.

3.1.4. Looking Like Legitimate Link

Sometimes the criminals deceive the users by sending a deceptive link which looks like the
original. The link may be fabricated with the right logos and content that looks legitimate. The
user overlooks this phishing scam and clicks on such a link which opens the door for
transmitting all the important information to the hackers.

3.1.5. Announcement the User as Winner

The criminals may send an email containing the news of lottery or any philanthropy help or any
news of dead relative. These are made to sensitise the mind of the recipients so that they get
influenced by this mail and spread their hand for help (Kaspersky, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 21: False Lottery Winning Email

(Kaspersky, 2019)

3.1.6. Pose as a Boss or Co-Worker

This kind of mail is related to the office. A mail can be sent by the criminals to office email
seeking any secret plan of the business. Any project on which the business carries out can be
asked for. Once the information is passed out the business gets hacked. It can be done when
an important email is hacked by the hackers which are deeply connected with the office email.

In order to avoid these hazardous attack, the following things should be maintained by the user.
These are:

3.1.7. Delete Irrelevant Mails

In the mail inbox, many irrelevant emails are stored. Among these emails, many mails are fake.
The main objective of these emails is to take out the money from the user. For this purpose, the
mailer applies a different kind of tricks. These tricks are basically different types of fake stories
like charitable help, donations for any noble purpose, help require for any massive accident,
winning lotteries etc. The attackers seek to persuade the user that financial assistance is very
much required to help those persons who are in great financial distress. On the other hand, they
also seek some amount from the user against winning a big amount of lottery. They want to
convince the user that a small payment is required to pay for discharging the big amount. For
this purpose, they insist on the user that whenever the user will pay the small amount the

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

winning amount will be released by the authority and the user will get the entire lottery amount
(Business Insider, 2019).

3.1.8. Set Spam Filters

In the email inbox, there is one section called spam filters which filters the spam mails. If the
user enters to the setting option and set the filter high, it can help the user to trap the
unnecessary mails. However, it is also possible that legitimate mails can also be trapped from
such a setting. Therefore, it is required to check this section on a regular intervals and retrieve
the legitimate mails if trapped by such high settings related to spam-filtering.

3.1.9. Securing Computer Device

To secure the device from the heinous attack of the cyber hackers the principal weapon is to
input antivirus into the system. There is umpteen number of antivirus are found in the market.
Other than antivirus there are also some other things available in the system for its protection.
Firewalls, email filters are two other options that are used to guard the system against attackers.
All the users are required to set the operating system into an automatic mode so that automatic
updates might happen with the system. Such automatic up-gradation ensures the user to
protect the system from security vulnerabilities. An automatic update is a great tool in refreshing
the operating system. However, it can also be a great danger if it is used incorrectly. In the
process of automatic update, the update tools apply patches to the operating system to fix
newly discovered security or performance bug. Additionally, the applications are also updated
although these applications are not a part of the operating system. Though automatic update is
a useful tool however, this type of update process also has downsides. This update process has
a shortfall as it cannot update all the software run in the system. Some other update tools are
there which are also essential to update the software where an automatic update tool remains
insignificant. Therefore, if a user only depends upon an automatic update tool he may suffer at
any point in time as an automatic update tool is not enough to provide complete protection of
the user’s computer (Heimdal, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 22: Computer Upgradation

(Heimdal, 2019)

3.2. Crypto Currency and Crypto Jacking

The financial transactions can be carried out through virtual currencies between parties who
exercise such transactions over the internet and are identified as Cryptocurrency. It is a secure
online transaction that is unregulated. When online goods and services are exchanged this form
of payment can be used. Nowadays many companies issue their own token, known as a token
system for payment, which is used to pay the parties engaged in providing goods or services to
the company. The technology which is used to run the process of cryptocurrency is known as
block chain. Block chain is a decentralised technology connected with many computers which
are used to manage and record transactions. Several reasons are responsible to make this
mode of transaction popular. Bitcoin is one of the most popular cryptocurrencies. The
supporters of this currency feel that the value of this currency will be skyrocketing within a few

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

years. Therefore, they are now in the process of collecting these currencies as much as
possible so that when the value will increase in the future to a great degree they will encash that
situation. The popularity of this currency is increasing because there exist some believers who
think that the controlling power of central bank over money supply will decrease as this bank is
responsible to lessen the value of money by controlling the money supply in the market. Since
this kind of control creates inflation in the market so the believers think that cryptocurrency is an
alternative way that not only keep up the money supply in the market consistently but also
removes inflation in the market. There are some other believers in the market who believe that
cryptocurrency will overpower traditional currencies as the decentralised technology like block
chain is used behind cryptocurrency transactions (Blockgeeks, 2019).

Figure 23: Various Crypto Currencies

(Blockgeeks, 2019)

Already it is stated that cryptocurrency transaction is an unregulated online mode of transaction.

Therefore, whoever is interested in cryptocurrency transactions he can get involved with it.
Since it is an online transaction therefore, some fear or apprehension should be there as online
criminals become active to deceive the parties who are engaged in the cryptocurrency
transactions. The hijackers try to take the possession of such currencies from the transaction
holders and for this purpose they inject malicious elements to the system used by these
transaction holders. When the victim clicks on a malicious link sent by the hijacker the system
gets affected as crypto-mining code is embedded on the link that auto executes once such link
is clicked. Instead of crypto mining code an infected website or infected advertisement creates
the same kind of trouble to the user. Once the crypto mining is injected into the system it starts

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

its operation secretly (Hackernoon, 2019). It acts like an unsuspecting element however, a user
may perceive that something is going wrong with the system as the computer starts to run
slowly and lags in execution. Crypto jacking can be done in several processes.

Figure 24: Crypto Jacking

(Hackernoon, 2019)

3.2.1. Loading Crypto Mining Code

It is a process where a hacker loads crypto mining code onto the computers. However, loading
is not an easy process. It requires the application of tricks on the users. These tricks influence
the users to obey the instructions sent them by the attackers. When action taken by the user is
in accordance with the instructions of the attackers the system gets infected by the malicious
threats and the vulnerable exploitation starts to happen with the system. The question is what
kind of technique the hackers apply over the users. Generally, Phishing like tactics is applied by
hackers. Due to this strategy the user gets an email that looks similar to legitimate mail. Such
duplicate mail contains any attractive content which influences the user to click on the link. The
link runs code that places the crypto mining script on the computer. The back ground script
starts functioning when the victim works (C net, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 25: Crypto Mining Hidden Coding

(C net, 2019)

3.2.2. Spreading Advertisement or Scripts

It is a process where a script is given on a website. Side by side advertisements may also be
distributed to numerous websites. Both the script and advertisement contains malicious threats.
When a user uses any of these means the system gets infected. In the latter case, the
advertisement pops up in the browser. In both cases, the computer does not bear any kind of
code of the attackers. When any of these two methods are used afterward a complex
mathematical code enters the system and starts processing accordingly. The system gets
hacked and it is then controlled by the hackers through their server where the data of the
infected computer is stored. The difference between these two processes is that in the first case
crypto mining code is sent to the user after convincing him through tricks. In the second
instance, the user gets lured on an advertisement or any interesting website. Once they click
any of these things the system gets infected. On practical grounds the attackers adopt both
these processes. Two processes are run simultaneously. In terms of a number of victims, it is
observed that 10 percent might be generating income from code whereas 90% income comes
through web browsers. The crypto related malware does not damage either system or data. It

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

consumes CPU processing resources and as a result, this type of stealing lessens the life span
of the machine (CISA, 2019).

Figure 26: Crypto Currency Mining Tricks

(CISA, 2019)

4. Phishing
The simplest kind of ill-functioning cyber-attack is known as Phishing. The user is deceived by
sharing sensitive information like passwords and credit numbers when the most dangerous and
effective malware is applied. The most common type of phisher is malspam. In this process, a
user receives a certain text message. This text message either imitates a person or organisation
user trust. This imitated message is called spoofs. The classic version of this scam is a certain
process when a user receives a mail tailored to look like a message from a major bank. This
type of message is circulated to numerous email accounts. The object of this circulation is to
capture a certain number of users who definitely belong to the account holder of the bank. It is
so because people become interested to have an account of a reputed bank. Owing to such a
possibility the hackers send the spoofs to the large volume of email id. Whenever such spoofs
are activated the message demands the victim to fill up the requirements of the legitimate
websites. Although such a site is not original. The users are asked to put their user id and
password. After complying the instructions when the users press the ok button all the

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

information loaded on the website is transmitted to the hacker’s server. This process enables
the hackers to receive all the important credentials of the users like identities, bank accounts,
personal information etc. Phishing is regarded as the simplest way of spreading malware in the
system (Webroot, 2019). Nowadays most of the equipment like a laptop, tab, mobile, and other
digital gadgets are comprehensively reeled in with fine-tuning security systems. Attackers are
clever and they are aware of this security system. They formulate the easiest way to gullible the
user. The trick is - sending the fake but interesting and essential type of email to numerous
email id as many recipients do not justify their trust before clicking the mails where such mail
comes from. There are different types of a phishing attacks. These are laid down below:

Figure 27: Phishing Email

(Webroot, 2019)

4.1. Spear Phishing

In most cases, Phishing campaign is applied to numerous users. However, when phishing is
done on the basis of target such type of phishing is called spear phishing. A tailor-made content
is circulated among specific users who are reel in with the subject matter of the content like job
oriented email. Those who are job seekers the particular content reaches to these target
audiences. The phisher is set in such a way so that it looks believable to these target

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

audiences. To make it believable the attackers input some relevant and valuable information in
the content like name of the company, employee name, professional relationship between the
company and its peers etc. Another example of spear phishing is – when an employee of a
particular department is served a believable fake mail that demands a major payment that is
required to be made within a short period of time otherwise, the company will be a defaulter.
Such type of mail frightens the staff member. If he does not scrutinise the authenticity of this
mail and executes the instruction, he will be in great trouble (Trend Micro, 2019).

Figure 28: Spear Phishing

(Trend Micro, 2019)

4.2. Clone Phishing

Sometimes the hacker imitates the earlier legitimate mail that contains either a link or an
attachment. These legitimate files or attachment are replaced by unauthentic malicious
substitutions which looks like a real one. This type of deception is known as clone phishing.
These dubious files are sent to the relevant users who get attracted to this mail - fall in prey and
get cheated. The phisher steals the important information of the users and puts him into the
state of loss (Phishing Box, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 29: Clone Phishing

(Phishing Box, 2019)

4.3. 419/Nigerian Scams

This is one of the oldest forms of the phisher. The oldest running scam was expressed from the
Malwarebytes lab of Nigeria. A stranger claimed himself as a member of a royal family and top
official of Nigerian Government urged financial help regarding the transfer of millions of dollars
out of Nigeria and for this purpose he requested all the recipients to provide their bank account
number for safekeeping the funds. Such an email mentioned two words. These are urgent and
private. This person claimed himself as a project manager of astronautics for Nigeria’s National
Space Research and Development Agency urged the recipients that his relative had been
stranded in the space station for many years. The space station belonged to Russia. In order to
rescue his relative only $ 3 million was required. He requested every recipient for financial help.
Such financial help was related to sparing the sum of $600000 as a number of fees. Many
recipients responded to the request and sent their bank information to the sender. Through this
phisher plenty of money was hacked. The number “419” was associated with the scam.
Incidentally, this number was also related to the section Nigerian Criminal Code that dealt with
fraud, charges, and penalties for offenders (Phishing Box, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 30: Nigerian Phishing

(Phishing Box, 2019)

4.4. Phone Phishing

When phishing is made by using phone calls it is termed as phone phishing. Here the receivers
of the call receive scary information from the caller. The caller insists the receiver send their
bank related information recognised him as a representative of police or local bank etc. The
caller generally urges the receiver to pay with a wire transfer or make the payment through a
prepaid card (Phishing Box, 2019).
Figure 31:Phone Phishing

(Phishing Box, 2019)

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

4.5. Phisher Attack in Biometrics

A Biometric machine extracts information from a person. This information is based on the
biological and behavioural pattern of such a person. When a person uses this machine the
machine can identify him as the required data is already stored in its system. However, such a
system can be maligned and it may perform inappropriately if the malicious attack is made on
such a machine. When such a machine is attacked either by spoof, noisy sensor data, interclass
variation etc. such types of attack bears security concern (Phishing Box, 2019). Moreover, the
speed of the machine decreases due to this attack. The relevant phisher attack on the system
causes the problem like fake face masks, false figure print, alteration of the given information,
spoofing of data, template tampering, overriding yes/no response etc.

Figure 32: Phishing-Biometrics

(Phishing Box, 2019)

5. Securing Data from Threats

Nowadays any useful data, information and any type of knowledge can be available via internet.
The user can access any type of information from it. Therefore, the invention of the internet is a
revolutionary process that has increased the connectivity and binds the people staying in

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

different parts of the globe. However, this convenient medium also brings various types of
threats to the user (Jungle works, 2019). For this reason, security is an important aspect of any
user. As it is already stated that the system gets attacked by different means like malware,
viruses, spyware, adware, worms, Trojan horses etc. Therefore, protecting a system is a must.
These infectious items entirely spoil the system and bring great concern to the user. There are
many ways that can be used to protect the system. Few of these ways are narrated below:

5.1. Bolster Access Control

Access control is considered as an important security system. If such a control system is not
adequately strong it provides an opportunity to the unauthorised intruders to take entry into the
system and blur the activity of the system. Access control must be protected by a strong
password. The use of both uppercase and lowercase letters, numbers, and special characters
must be used in the right way so that it makes the controlling system more stringer. The
password must be changed frequently. The policy of access control should have to be altered
from time to time considering the situation by making a full proof research program on the
hackers’ activities (Jungle works, 2019).

Figure 33: Bolster Access Control

(Jungle works, 2019)

5.2. Updating Software

To overcome the predicament situation of being attacked by the hackers it is essential to
upgrade the software from time to time. From anti-virus software to computer operating system

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

it is required to check that all such important operating system is upgraded. The new version is
generally developed by fixing security vulnerabilities. Using this latest version enables the user
keeping at bay from the threats. In this connection, it should be kept in mind that instead of
using manual software updates a user should adopt automatic software updates (Comodo
Antivirus, 2019).

5.3. Standardise Software

Standardising software is required to use as a protective measure. While using such software it
is also essential to achieve the approval of this software. The user must be aware of the
software he is using. Incompliance with such an activity may lead to bringing security
vulnerability. The manager of the IT section should ensure that all the computers use the same
types of things like operating systems, browsers, media players, plugins, etc.

5.4. Use Network Protection Measures

Protection of a system is a crucial factor. It is required to keep the network as well as traffic
under control. It can be done by employing:

 Install a firewall
 Ensure proper access controls
 Use IDS/IPS to track potential packet floods
 Use a virtual private network
 Conduct proper maintenance

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Figure 34: Protection Measures

(Comodo Antivirus, 2019)

5.5. Employee Training

Employees are required to be properly trained in expertly handling the computer. The weakest
link in the system can be arisen by improper use of the employees if they are not enough
educated in dealing with the system. The employee must be well versed network security. They
should understand the threats and when any type of threat occurs they should know how to deal
with such a threat. They should know whom to address in the matter of dealing with any
external threats to avoid a security breaches. They should be given proper training throughout
the year as there are several security risks likely to be held on the system (Barnatt, 2019).

Figure 35: Employee Training for Security Purpose

(Barnatt, 2019)

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

5.6. CIA Triad

The cyber security has been established based on three Pillars. The fundamental concept of
these three pillars is known as CIA Triad. CIA Triad consists of confidentiality, integrity, and
availability (Force Point, 2019). This model acts as a guide for the organisation. It shows the
way how an organisation should maintain cyber security in the realm of Information security.
The three traits of cyber security are given below:

5.6.1. Confidentiality
In securing the information stored in the computer it is required to draw restrictions in its use.
Confidentiality take on the measures to restrict sensitive information. This restriction helps to
protect the computers from the attack of hackers. Most of the organisations maintain hierarchy
in all departments. The lower tier is not allowed to access the information beyond the allowable
limit. In the matter of sharing information and securing the account necessary training is given to
all levels. The training includes a guideline about preparing a strong password and other
important things related to a security issues. There exists various process which can ensure the
security of the computer system. These are two-factor authentication, Data encryption, data
classification, biometric verification, and security tokens (Force Point, 2019).

Figure 36: CIA Triad

(Force Point, 2019)

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

5.6.2. Integrity
It refers to unchanged data during the course of transit whenever such data is accessed in the
system. Data should not be changed in any form nor such data would be deleted, altered
whenever it is accessed. Data safeguard is a process where two measurements are taken into
consideration. One such controlling tool is file permissions and another is user access control.
These two measures are used to control the data breach. The integrity of data can be verified
by using several instruments. These are the checksum checking system or cryptographic
checksum. Backup is a system where all the data is stored which helps the user to produce the
information if such information is deleted or lost in any manner in the organisation (Force Point,
2019).

5.6.3. Availability
The smooth functioning of data can be possible when all the components like hardware,
software, networks etc are maintained properly. When upgraded components are used it
reduces the possibility of any disruption in terms of performance of the machine. The term
availability also involves opting for extra security equipment in case of any disaster or
bottlenecks. The Dos attack can be prevented by employing several useful defensive
mechanisms like firewalls, disaster recovery plans, proxy servers, and a proper backup solution
(Force Point, 2019).

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

References
Anandsafi, 2019. How Spyware infects your computer.. [Online]
Available at: https://anandsafi.wordpress.com/viruseshacksecurity/how-spyware-infects-your-
computer/
[Accessed 12 12 2019].
Barnatt, C., 2019. Computing Security. [Online]
Available at: https://www.explainingcomputers.com/security.html
[Accessed 13 12 2019].
Bisson, D., 2019. 5 Social Engineering Attacks to Watch Out For. [Online]
Available at: https://www.tripwire.com/state-of-security/security-awareness/5-social-engineering-
attacks-to-watch-out-for/
[Accessed 12 12 2019].
Blockgeeks, 2019. What is Cryptocurrency? [Everything You Need To Know!]. [Online]
Available at: https://blockgeeks.com/guides/what-is-cryptocurrency/
[Accessed 13 12 2019].
Business Insider, 2019. How To Automatically Delete Unwanted Email From Gmail. [Online]
Available at: https://www.businessinsider.in/thelife/how-to-automatically-delete-unwanted-email-
from-gmail/articleshow/28687178.cms
[Accessed 13 12 2019].
C net, 2019. Are your favorite websites mining Bitcoin? Here's how to find out. [Online]
Available at: https://www.cnet.com/how-to/find-out-if-websites-are-mining-bitcoin-
cryptocurrency/
[Accessed 13 12 2019].
CISA, 2019. Illicit Cryptocurrency Mining Activity. [Online]
Available at: https://www.us-cert.gov/ncas/tips/ST18-002
[Accessed 13 12 2019].
Comodo Antivirus, 2019. Easy 5 Steps to Protect Your PC from Hackers- 2019. [Online]
Available at: https://antivirus.comodo.com/blog/computer-safety/5-simple-steps-protect-pc/
[Accessed 13 12 2019].
Comodo, 2019. Rootkit Definition. [Online]
Available at: https://enterprise.comodo.com/rootkit-definition/
[Accessed 12 12 2019].
CSO India, 2019. What is cryptojacking? How to prevent, detect, and recover from it. [Online]
Available at: https://www.csoonline.com/article/3253572/what-is-cryptojacking-how-to-prevent-
detect-and-recover-from-it.html
[Accessed 12 12 2019].
eSeT, 2019. Adware. [Online]
Available at: https://www.eset.com/uk/types-of-cyber-threats/adware/
[Accessed 12 12 2019].

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Force Point, 2019. What is Phishing?. [Online]

Available at: https://www.forcepoint.com/cyber-edu/phishing-attack
[Accessed 12 12 2019].
Force Point, 2019. What is the CIA Triad?. [Online]
Available at: https://www.forcepoint.com/cyber-edu/cia-triad
[Accessed 13 12 2019].
Hackernoon, 2019. Cryptojacking in 2019 is not dead — it’s evolving!. [Online]
Available at: https://hackernoon.com/cryptojacking-in-2019-is-not-dead-its-evolving-
984b97346d16
[Accessed 13 12 2019].
Heimdal, 2019. Software updater for Windows PCs. [Online]
Available at: https://heimdalsecurity.com/en/products/thor-free-software-updater
[Accessed 12 12 2019].
Imperva, 2019. Phishing Attacks. [Online]
Available at: https://www.imperva.com/learn/application-security/phishing-attack-scam/
[Accessed 12 12 2019].
Jungle works, 2019. Bolster your System’s Security and Flexibility with Tookan ACL. [Online]
Available at: https://jungleworks.com/bolster-your-systems-security-and-flexibility-with-tookan-
acl/
[Accessed 13 12 2019].
Kaspersky, 2019. What is a Trojan Virus?. [Online]
Available at: https://www.kaspersky.co.in/resource-center/threats/trojans
[Accessed 12 12 2019].
Malware Fox, 2019. What is Scareware?. [Online]
Available at: https://www.malwarefox.com/scareware/
[Accessed 12 12 2019].
Norton, 2019. Malware attacks: What you need to know. [Online]
Available at: https://us.norton.com/internetsecurity-malware-malware-101-how-do-i-get-
malware-complex-attacks.html
[Accessed 12 12 2019].
Panda, 2019. What is a botnet?. [Online]
Available at: https://www.pandasecurity.com/mediacenter/security/what-is-a-botnet/
[Accessed 12 12 2019].
Phishing Box, 2019. Types Of Phishing Defined. [Online]
Available at: https://www.phishingbox.com/news/phishing-news/types-of-phishing-defined
[Accessed 13 12 2019].
Portswigger, 2019. SQL injection. [Online]
Available at: https://portswigger.net/web-security/sql-injection
[Accessed 12 12 2019].

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Search Security, 2019. computer worm. [Online]

Available at: https://searchsecurity.techtarget.com/definition/worm
[Accessed 12 12 2019].
Siciliano, R., 2019. ATM Skimming and How to Protect Yourself. [Online]
Available at: https://www.thebalance.com/what-is-atm-skimming-1947475
[Accessed 12 12 2019].
Singh, U., 2019. An Enhanced Framework for Identification and Risks Assessment of Zero-Day
Vulnerabilities. [Online]
Available at: https://www.researchgate.net/figure/Timeline-of-zero-day-attack_fig1_327281432
[Accessed 12 12 2019].
The Economic Times, 2019. Definition of 'Computer Virus. [Online]
Available at: https://economictimes.indiatimes.com/definition/computer-virus
[Accessed 12 12 2019].
Trend Micro, 2019. Spear phishing. [Online]
Available at: https://www.trendmicro.com/vinfo/us/security/definition/spear-phishing/
[Accessed 13 12 2019].
Webopedia, 2019. ransomware. [Online]
Available at: https://www.webopedia.com/TERM/R/ransomware.html
[Accessed 12 12 2019].
Webroot, 2019. What are Bots, Botnets and Zombies?. [Online]
Available at: https://www.webroot.com/us/en/resources/tips-articles/what-are-bots-botnets-and-
zombies
[Accessed 12 12 2019].
Webroot, 2019. What is a Phishing Email and How Do I Spot the Scam?. [Online]
Available at: https://www.webroot.com/gb/en/resources/tips-articles/what-is-phishing
[Accessed 13 12 2019].

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I

 Cyber Security

Industry4.0/M9SI/v1.0/121219 Cyber Security | Session No.: I