Posts

CIS608 - Week10 - Summary and theme of the blog

I love blogging. I do maintain my own blog for the technical solutions I find at my work on various issues that we come across in my daily life. Here is my own blog:  http://chandramatta.blogspot.com/ Blogging helps me in various ways -  1. Creating a simplified solution or creating a small POC to the issue that came across 2. It is the place to save my old work and can quickly be used as a reference.  3. Easy to share my ideas with others 4. It helps others to headstart for a solution So I'm pro for the blogging as an assignment. It helped me finding new trends in cybersecurity. My primary concentration for the blog is - Data breaches, cybersecurity,  and a few emerging trends in the Finance world. In a couple of blogs, I discussed about security measures to be taken care against malware and other cyber threats. In one of my post, I discussed about using Artificial Intelligence in cybersecurity area. This may help in analyzing the traffic patterns quic

CIS608 - Week9 - WannaCry - Ransomeware

WannaCry - Ransomware On May 12, 2017, IT world witnessed new ransomware called WannaCry and it impacted 300,000 immediately. This ransomware exploits the vulnerabilities in the Windows file-sharing protocol. The infiltration of this threat is through and point devices such as Windows devices that allowed inbound SMB communications on firewall ports 139 or 445 and had not been updated with the latest Microsoft security patch. Once a device had been exploited, the malware would scan for other vulnerable devices and spread over. The way Ransomware works is - once it infects, it encrypts, scrambles the data and then it demands to payout in cryptocurrency. The clients will always think whether to pay out for removing the ransom or replacing the system affected depending on the value of the data being attacked and replacement costs. It is not always true that the hijacked data can be retrieved, reinstalled and never be exported when payments are made. Depending on the variant of the

CIS608 - Week8 - IDS Vs IPS Vs Firewall

Image
Intrusion Detection System (IDS) vs Intrusion Prevention System (IPS) vs Firewall IDS, IPS, and Firewall talk about providing security to network and are described as principal components of a Network especially Data Center Network.  Firewall : Firewall is a network security device that filters incoming and outgoing network traffic based on pre-determined security rules. Main working nature of firewall is it filters traffic based on IP address and port numbers. It is configured in layer3 mode or transparent mode. It would be placed inline at the perimeter of the network. Traffic patterns of Firewall are not analyzed. Firewall blocks the detected unauthorized traffic on the network. In brief, Firewall is a device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected. Intrusion Detection System (IDS) – It is a softwar

CIS608 - Week7 - Crypto currency, and keeping it safe

Cryptocurrency A cryptocurrency is a digital currency in which encryption techniques (cryptography) are used to regulate the generation of units of currency and verify the transfer of funds, operating independently of a central bank. The first cryptocurrency created was Bitcoin back in 2009. Today, there are hundreds of cryptocurrencies, often referred to as Altcoins. The popularity of cryptocurrency has also increased the rise in the number of crypto exchanges in the market lately. Undoubtedly, there’s a great opportunity in this area to make a profit on crypto trades. At the same time, being a naïve and unregulated market for cryptocurrencies, it has become prey for hackers. A report in the Wall Street Journal  shows more than $US800 million worth of cryptocurrency has been stolen by hackers this year. The figures are based on an investigation by Autonomous Research, an independent research provider for the finance industry. We cannot recover stolen cryptocurrency fund

CIS608 - Week6 - Common threats to Computer Network

Network Security:             A group of computers connected together to form to be a Network.  All of those interconnected devices communicate with each other to perform the tasks assigned to them. These networks form the hubs and the life for many of the software giants as they deal with the accessing of the corporate information and the confidential data. Authentication is the procedure in which the user is asked to provide the details like his username and the password. After he tries to login with those details he is then allowed to access a certain part of the database or the system only if his authentication is successful. This normal and simple form of the authentication is called one-time authentication. There are also several other forms of authentication like two-factor authentication in which the user also has something to use like his card or swipe cards to obtain permissions in addition to his login details also there is another three-factor authentication in which it

CIS608 - Week5 - Enhancing Cyber Security with Artificial Intelligence

Cyber attackers are using more and more sophisticated technologies and automated tools to launch their attacks on the targets. As soon as they find a vulnerability in network, application, or simply anywhere, within minutes to hours, they intrude, compromise and steal the data. With this scenario, responding to attacks and time to remediation is essential for the organizations. This kind of quick response may not be possible with traditional methods. It may take several days for the IT/Security teams to collate the data, analyze traffic trends and to establish the type of data breach context.  According to a research conducted in IT industry, suggests it take 146 days for them to react to any Cybersecurity threats. For this reason, to address this time-critical challenge, IT industry is exploring Artificial Intelligence option. Using AI may be the best bet for organizations, especially for the companies deal with consumer data to protect their networks from Cyber attacks. AI and ma

CIS608 - Week4 - New trends in Financial Services

Image
Mobile and computer literacy is on the rise continuously. Smartphones play a vital role in everyone's daily life.  Mobile applications are trending topic among consumers, especially in youth,  daily. Consumers are able to get their services and goods with a push of a button via mobile phones. Mobile phones are shaping up all the industries one way or the other. Financial services are no exception. It has a strong influence of mobile phone on it. Banks are striving more to make the mobile banking services more frictionless, enhanced services and biometric validated applications services. In that context, a Canadian based startup called - Zoompass has developed a mobile phone-based platform that enables consumers can obtain financial services on the mobile phone. Zoompass mainly focuses on e-Payments. It has a strong partnership with Banks and other credit card institutions such as Visa and MasterCard. Along with these, it has the Candian government agency - First Global Data