Ransomware

In this article, we will be learning about Ransomware and best practises to get rid of it!

Ransomware is a type of malware attack which is carried out and doesn't let or locks users out and denies them to access their essential or private data.

Img source:Google

Files are encrypted and once the files are encrypted we can not access those files until they are unencrypted.

How Does Ransomware Attack Happen?

Ransomware creators target their victims through spam emails and unsafe websites. The attacks are carried out through phishing scams. This involves broadcasting con emails to trick people into opening an attachment that comes with the email. These attachments contain malicious codes, and opening it means you have compromised, and that gives rise to ransomware.

How does an antivirus program find out if a program or file is vulnerable?

On their server/database live updates run and running time is predefined for example 3-5 mins so that if there are any new signatures or hash values found they update it on their live updates and push it through their servers for all client machines.

When a new virus is developed their signatures and hash values or not stored on any antivirus software database so for that a new first definition should be released which can be done only after knowing the new signatures and hash value by the time any software recognizes new values and signatures our systems are breached.

No antivirus companies can protect you 100% it's because every day new viruses are developed and antivirus companies can't have signatures and values of all viruses which are recently developed.

Best Practises:

• Get an active antivirus and ensure you keep it updated
• Update your operating system and all applications
• Set strong passwords and avoid using easy to guessed passwords like your name, date of birth, phone number, etc.
• Do not use public Wi-Fi , hackers can steal your information through this means
• After using a public computer, ensure you log out
• Get an advanced security system

Thanks for reading!

Why do organization and Universities use firewalls in their environment?

 Hello friends, in this article we will be learning about the usage of security devices in Organizations and colleges/universities.

The reason they use a firewall is to protect their data and to keep an eye on the traffic of their network.

Image source: Google 

Uses of firewall

• a firewall is used for authentication purpose
• a firewall is used for application blocker/sites or URL blocker 
• a firewall is used for blocking  port numbers
• a firewall is used for monitoring incoming and outgoing network traffic.

Authentication Purpose 

You might have come across this while you were in your college or while working, to gain internet access you first have to log-in with the credentials provided to you after successfully logging in you would get internet access.

Image source: Google 

Application blocker 

In your working area/network, you might have noticed some of the application is blocked and you cannot use them until or unless connected through a proxy, this is because IT admins have blocked the particular program on the firewall.

Image source: Google

Site/URL Blocker 

This is a feature which allows us to block a website/URL, this feature is also found in antivirus software where we can block a specific URL (example- Facebook, porn sites)

Image source: Google

Port blocker
 

This is the feature using which we can block specific port numbers or protocols, if we don't block unwanted ports there's a chance that our computer gets hacked. Hackers attack our computer with the help of ports, so to prevent our system/network IT admins block ports.

Image source: Google

Monitoring Network Traffic

In an organization, this feature is used to find what kind of traffic is consuming more bandwidth on the network and who are trying to connect to an internal/private network.

Image source: Google

Thanks for reading :)

Types of Attacks in Network Security

Attacks: Attacks are nothing but gaining unauthorized access to a system or data.

Types of attacks:

• Passive attacks
• Active attacks

Passive Attacks:

                               A passive attack is an attack where the data is not modified, it is only accessed. It can be also known as Eavesdropping (where data or packets are just accessed nor destroyed or modified). For example, the sender is sending data to a receiver and the receiver receives it but in meanwhile the hacker or unauthorized person comes into the scenario and access the data.

                             Traffic Analysis is also a part of passive attacks here the unauthorized person monitors the traffic and access the data according to the traffic results

Image source: google

Active attacks:

                           An active attack is an attack where the data or packets are modified and sent with the name of the sender.

There are four types of Active attacks

• Masquerade: the sender sends the data to the receiver before the packet reaches to the receiver it reaches to an unauthorized person and then he/she modifies the data and send the packet with the name of the sender. sometimes the sender doesn't even send the data the unauthorized person sends the data with the name of the sender

• Replay attack: the sender sends the data to the receiver the packet reaches the receiver and at the same time even unauthorized users send the same data with the modification and now the receiver has no idea about the legitimate data or real data.

Data modification: the sender sends data to the receiver but the unauthorized person modifies the data and sends the data back to the receiver in the name of the sender.

     

Denial of service: the unauthorized person interrupts the services which are given by the server to the sender.

The attacker makes the server resources unavailable for genuine users.

Images source: google 

Thanks for reading :)

Show some love if you learned something new!