Cyber_Security 2024-25

Department of Robotics and Automation Engineering

A SEMINAR REPORT

ON

RECENT TRENDS AND DEVELOPMENT

IN CYBER SECURITY

SUBMITTED BY
SUJAY SUBHASH ANKALGI
(SEAT NO. T1902107928)

UNDER THE GUIDANCE OF

Mr Y. R. CHANDWADE

(YEAR 2024-25)

i
Cyber_Security 2024-25

Department of Robotics and Automation Engineering

CERTIFICATE

This is to certify that the Seminar Report entitled

RECENT TRENDS AND DEVELOPMENT

IN CYBER SECURITY
Submitted by

MR. SUJAY SUBHASH ANKALGI SEAT NO. T1902107928

is a bonafide work carried out under the supervision and guidance of Mr Y.R Chandwade and it is
approved for the partial fulfillment of the requirements of University of Pune, Pune for the award of the
Degree of Bachelor of Robotics and Automation Engineering.

Mr Y.R Chandwade (Mr V. D. Dholle)

Guide, Head,
Robotics and Automation Engineering Robotics and Automation Engineering

Place: Pune
Date:

ii
Cyber_Security 2024-25

ACKNOWLEDGEMENT

I am deeply indebted to my seminar guide, Mr Y.R Chandwade, for his valuable suggestions,
scholarly guidance, constructive criticism and constant encouragement at every step of the seminar.

I also, would like to express our deepest gratitude to Mr V D Dholle, Head of Production
Engineering Department and Dr D S Bormane, Principal, AISSMS College of Engineering for all support
extended.

I wish to thank Mr Subhash Ankalgi (DGM BSNL) and Mr M. P. Bauskar (Professor) for for
constant guidance, co-operation, inspiration and practical approach, which provided me the much needed
impetus to work hard. I also thank all other persons who directly and indirectly contributed in successful
completion of seminar.

Mr SUJAY SUBHASH ANKALGI

EMAIL ID:
ankalgi.sujay2004@gmail.com

MOBILE NO. : 9766104920

iii
Cyber_Security 2024-25

List of Figures

Title Page No

Fig 2.1 Literature Review 03

Fig 3.1 CIA Triad 05

Fig 3.2 Cybersecurity Framework 07

Fig 3.3 Threat Detection and Response Tools 09

Fig 4.1 Cyberattacks targeted Indian sectors in first half of 2024 11

Fig 4.2 Month-wise distribution of cyberattacks in India 12

Fig 4.3 State-wise chart of cyberattacks in India 12

Fig 4.4 Rise Of Cyber Crime in India 13

Fig 6.1 Pager Explosions 18

Fig 6.2 Pager Blast 18

Fig 6.3 Third-Party Payment Processors 19

iv
Cyber_Security 2024-25

List of Tables

Title Page No

Table 4.1 India’s Alarming Cyber Fraud Surge 13

Table 4.2 I4C wing reports 14

v
Cyber_Security 2024-25

List of Symbols, Abbreviations and Nomenclature

Title
APTS Advanced Persistent Threats
MFA Multi-Factor Authentication
CIA Triad Confidentiality, Integrity, And Availability
IDS Intrusion Detection Systems
SIEM Security Information And Event Management
GDPR General Data Protection Regulation
HIPAA Health Insurance Portability And Accountability Act
PCI DSS Payment Card Industry Data Security Standard
NSIT National Institute Of Standards And Technology
IoT Internet Of Things
CCPA California Consumer Privacy Act
ISO International Organization For Standardization
IPS Intrusion Prevention Systems
EDR Endpoint Detection And Response
NGFW Next-Generation Firewalls
DLP Data Loss Prevention
IAM Identity And Access Management
RBAC Role-Based Access Control
SOCs Security Operations Centers
EHR Electronic Health Records Systems
ICS Industrial Control Systems

vi
Cyber_Security 2024-25

ABSTRACT

This project is dedicated to enhancing cybersecurity measures aimed at protecting digital

infrastructure from increasingly sophisticated and evolving threats. It provides a
comprehensive analysis of existing vulnerabilities within networks and systems, while
investigating advanced threat detection methods and prevention techniques.

Key approaches explored include the deployment of firewalls, encryption mechanisms, and
AI-based anomaly detection models, which are critical in identifying and mitigating
potential cyber threats.

In addition to preventive measures, the project evaluates real-time monitoring systems that
provide continuous surveillance of network activities, as well as incident response strategies
designed to quickly address breaches and minimize damage. To validate the effectiveness
of these security enhancements, a case study was conducted that simulated various
cyberattacks. The results showed a notable improvement in threat detection capabilities, as
well as significantly faster response times to incidents.

This report not only highlights the successful implementation of advanced cybersecurity
protocols but also identifies best practices for organizations to adopt in order to strengthen
their overall cybersecurity posture. The findings underscore the importance of integrating
proactive and reactive security measures, paving the way for more resilient digital
infrastructures in the face of escalating cyber risks.

vii
Cyber_Security 2024-25

CONTENTS

SR. NO. PAGE

TITLE
NO.
Title sheet i
College Certificate ii

Acknowledgement iii

List of Figures iv

List of Tables v

List of Symbols, Abbreviations and Nomenclature vi

Abstract vii
1. INTRODUCTION 01
RECENT TRENDS AND DEVELOPMENT
1.1 01
IN CYBER SECURITY
1.2 PURPOSE OF CYBER SECURITY 01
2. LITERATURE REVIEW 03
3. METHODOLOGY
3.1 FUNDAMENTALS OF CYBERSECURITY 05
3.2 INSIGHTS OF CYBERSECURITY 08
3.3 CYBERSECURITY TOOLS AND TECHNOLOGIES 09
4. RECENT REPORTS ON CYBERSECURITY 11
5. PROS AND CONS
5.1 PROS OF CYBER SECURITY 15
5.2 CONS OF CYBER SECURITY 15
5.3 APPLICATIONS OF RECENT TRENDS IN CYBER SECURITY 16
6. CASE STUDY
6.1 2024 LEBANON PAGER EXPLOSIONS 18
FAKE PRODUCT LISTINGS ON REAL SHOPPING SITES
6.2 19
LEAD TO STOLEN PAYMENT INFORMATION
7. CONCLUSION 20
8. REFERENCES 21

viii
Cyber_Security 2024-25

1.INTRODUCTION

1.1 RECENT TRENDS AND DEVELOPMENT OF CYBER SECURITY :-

In today's increasingly digital world, cybersecurity has become a critical concern for
organizations and individuals alike. The rapid evolution of technology, coupled with
the growing sophistication of cyberattacks, has exposed significant vulnerabilities
in digital infrastructure. Cybercriminals are continually developing new methods to
breach systems, compromise sensitive data, and disrupt operations, making it
essential for organizations to adopt robust cybersecurity measures.

It focuses on identifying common vulnerabilities, improving threat detection

through techniques such as firewalls, encryption, and AI-based anomaly detection,
and implementing real-time monitoring and incident response strategies to minimize
the impact of cyberattacks.

The case study results provide valuable insights into the strengths and limitations of
current cybersecurity practices, offering recommendations for organizations to
further strengthen their defenses .

1.2 Purpose of Cyber Security:-

1. Safeguard Data Integrity and Confidentiality: Prevent unauthorized access,

manipulation, or theft of sensitive information through encryption and access
controls.

2. Ensure Network Security: Implement firewalls, intrusion detection systems, and

real-time monitoring to detect and block malicious activities within networks.

3. Mitigate Cyber Threats: Identify vulnerabilities and deploy preventive measures

such as AI-based anomaly detection and threat modeling to reduce the likelihood of
successful attacks.

1|Page
Cyber_Security 2024-25

4. Minimize Incident Impact: Develop effective incident response strategies that

enable organizations to quickly address breaches, mitigate damage, and restore
operations with minimal downtime.

In essence, cybersecurity serves as the foundation for securing digital ecosystems,

ensuring the continuity of operations, and maintaining trust in the integrity of digital
infrastructure.
The project’s purpose aligns with these goals, aiming to enhance the overall security
posture of organizations in the face of escalating cyber risks.

2|Page
Cyber_Security 2024-25

2. LITERATURE REVIEW

Cybersecurity has become vital in the modern digital age, as organizations increasingly
rely on technology for business operations, data storage, and critical processes. The rise
in both the frequency and sophistication of cyberattacks has led to substantial research into
effective cybersecurity measures and frameworks. This literature examines vulnerabilities,
advanced threat detection methods, preventive techniques, and incident response
strategies to mitigate risks and strengthen security.

Vulnerabilities in digital infrastructure are a primary concern, as attackers exploit

weaknesses such as software bugs, misconfigurations, and zero-day exploits. Research
highlights that many breaches result from social engineering and poor security practices.
As IoT and cloud services expand, vulnerabilities in interconnected systems grow more
significant, requiring constant monitoring and updates to ensure network security.

Advances in threat detection methods, particularly AI and machine learning-based

techniques, have transformed the field. Traditional signature-based detection struggles
against modern threats like advanced persistent threats (APTs) and zero-day attacks. AI-
driven anomaly detection, which monitors network behavior for unusual patterns, offers a
more adaptive and effective solution for identifying emerging threats that older methods
may miss.

Preventive techniques, such as encryption, firewalls, and multi-factor authentication

(MFA), remain essential in securing data and systems. Encryption protects sensitive
information, while firewalls control network traffic.

Fig 2.1 : Literature Review

3|Page
Cyber_Security 2024-25

The role of AI and machine learning in cybersecurity has become increasingly significant.
These technologies enable automated threat detection and response, improving the ability
to manage vast amounts of data and detect complex attacks. Machine learning models
continuously evolve, becoming more adept at identifying and responding to new threats,
making them invaluable tools in modern cybersecurity strategies.

Case studies demonstrate the practical application of these measures across various
industries. Financial institutions using AI-driven threat detection systems have seen
reductions in fraud, while healthcare organizations targeted by ransomware have
successfully adopted multi-layered defenses like encryption, real-time monitoring, and
incident response. These examples highlight the effectiveness of comprehensive
cybersecurity strategies.

In conclusion, the literature underscores the importance of integrating advanced threat

detection, preventive measures, and incident response strategies to protect organizations
from increasingly complex cyber threats. These insights provide a foundation for this
project’s exploration of enhanced cybersecurity solutions aimed at safeguarding digital
infrastructure from both existing and emerging risks.

4|Page
Cyber_Security 2024-25

3. METHODOLOGY
3.1 Fundamentals of Cybersecurity:-

Cybersecurity is a critical field focused on protecting computer systems, networks, and data
from cyber threats, including unauthorized access, theft, damage, and disruption.
Understanding the fundamentals of cybersecurity is essential for organizations and
individuals to safeguard their digital assets effectively. Here are some key concepts:

1. Confidentiality, Integrity, and Availability (CIA Triad)

• Confidentiality: Ensuring that sensitive information is accessed only by authorized
individuals. Techniques include encryption, access controls, and authentication
mechanisms.
• Integrity: Maintaining the accuracy and trustworthiness of data. Measures to ensure
integrity include hashing, checksums, and data validation processes.
• Availability: Ensuring that information and resources are accessible to authorized users
when needed. This includes implementing redundancy, failover systems, and regular
maintenance.

Fig 3.1: CIA Triad

2. Threats and Vulnerabilities

• Threats: Any potential danger that could exploit a vulnerability to cause harm. Common
threats include malware, phishing attacks, ransomware, and insider threats.
• Vulnerabilities: Weaknesses in a system that can be exploited by threats. These can arise
from software bugs, misconfigurations, or insufficient security measures.

5|Page
Cyber_Security 2024-25

3. Types of Cybersecurity Attack

• Malware: Malicious software designed to harm, exploit, or otherwise compromise
computer systems (e.g., viruses, worms, Trojans).
• Phishing: Deceptive attempts to trick users into providing sensitive information, typically
via email or fraudulent websites.
• DDoS Attacks: Distributed Denial of Service attacks aim to overwhelm a target’s
resources, rendering them unavailable to legitimate users.
• SQL Injection: A code injection technique that exploits vulnerabilities in an application’s
software to manipulate databases.

4. Security Controls and Measures

• Preventive Controls: Measures taken to prevent attacks, such as firewalls, encryption, and

secure coding practices.

• Detective Controls: Systems and processes designed to identify and respond to incidents,
such as intrusion detection systems (IDS) and security information and event management
(SIEM) solutions.
• Corrective Controls: Actions taken to rectify issues after a security incident has occurred,
such as restoring data from backups or applying patches to fix vulnerabilities.

5. Risk Management
Cybersecurity involves assessing and managing risks to digital assets. This includes
identifying assets, evaluating potential threats, and implementing controls to mitigate risks.
A risk management framework often includes the following steps:
• Risk Assessment: Identifying and analyzing risks to determine their potential impact.
• Risk Mitigation: Implementing controls to reduce the likelihood and impact of identified
risks.
• Risk Monitoring: Continuously monitoring the risk environment and adjusting controls as

necessary.

6. Incident Response
An effective incident response plan is crucial for minimizing the impact of cyber incidents.
The typical stages include:
• Preparation: Establishing an incident response team and developing response plans.
• Detection and Analysis: Identifying and assessing incidents as they occur.

6|Page
Cyber_Security 2024-25

• Containment, Eradication, and Recovery: Taking steps to limit damage, remove the
threat, and restore systems to normal operation.
• Post-Incident Review: Analyzing the incident to improve future responses and strengthen
security measures.

7. Compliance and Regulations

Organizations must adhere to various laws, regulations, and standards related to
cybersecurity. These may include:
• General Data Protection Regulation (GDPR): European regulation governing data
protection and privacy.
• Health Insurance Portability and Accountability Act (HIPAA): U.S. legislation that
provides data privacy and security provisions for safeguarding medical information.
• Payment Card Industry Data Security Standard (PCI DSS): A set of security standards
designed to ensure that companies handling credit card information maintain a secure
environment.

8. Cybersecurity Frameworks
Several established frameworks provide guidelines and best practices for managing
cybersecurity risks. Notable frameworks include:
• NIST Cybersecurity Framework: A voluntary framework that provides a structured
approach to managing cybersecurity risk.

Fig 3.2: Cybersecurity Framework

7|Page
Cyber_Security 2024-25

3.2 Insights of Cybersecurity

1. Current Trends in Cybersecurity
• Increased Adoption of AI and Machine Learning: Explore how organizations are
leveraging AI and ML for threat detection, incident response, and vulnerability
management.
• Zero Trust Security Model: Discuss the shift toward a zero-trust approach, which
assumes that no user or device should be trusted by default, even those inside the
network perimeter.
• Remote Work and Security Challenges: Address the cybersecurity implications of
remote work, including the rise of personal device usage and home networks.

2. Emerging Threats
• Ransomware Evolution: Analyze the growing sophistication of ransomware attacks and
the emergence of double extortion tactics, where attackers threaten to release stolen data
if ransom is not paid.
• Supply Chain Attacks: Examine the increasing prevalence of attacks targeting third-
party vendors and suppliers, as seen in incidents like the SolarWinds breach.
• IoT Vulnerabilities: Discuss the security risks associated with the proliferation of Internet

of Things (IoT) devices and the challenges of securing these interconnected systems.

3. Regulatory Changes and Compliance

• New Regulations and Standards: Outline recent updates in cybersecurity regulations
that impact organizations, such as GDPR, CCPA (California Consumer Privacy Act), or
sector-specific regulations.
• Impact of Compliance on Cybersecurity Strategies: Discuss how compliance
requirements influence cybersecurity practices and the importance of aligning security
measures with regulatory standards.

4. Best Practices for Cybersecurity

• Implementing Security Frameworks: Provide guidance on adopting established
cybersecurity frameworks, such as the NIST Cybersecurity Framework or ISO 27001, to
enhance security posture.

8|Page
 Cyber_Security 2024-25

• Continuous Education and Training: Emphasize the importance of regular training and

awareness programs for employees to reduce human error and improve overall security
awareness.

3.3 Cybersecurity Tools and Technologies:-

1. Threat Detection and Response Tools

• Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS): Discuss
their roles in monitoring network traffic for suspicious activities and preventing
unauthorized access.
• Security Information and Event Management (SIEM): Explain how SIEM solutions
aggregate and analyze security data from across the organization, providing real-time
insights and alerts.
• Endpoint Detection and Response (EDR): Describe the importance of EDR tools in
monitoring endpoint devices for malicious activity and providing automated responses.

Fig 3.3: Threat Detection and Response Tools

2. Vulnerability Management Tools

• Vulnerability Scanners: Discuss tools like Nessus and Qualys that help identify security

weaknesses in systems and applications.

• Patch Management Solutions: Explain the role of patch management in keeping
software up to date and mitigating vulnerabilities.

3. Network Security Technologies

• Firewalls: Explore the function of firewalls in controlling incoming and outgoing network
traffic based on predetermined security rules.

9|Page
Cyber_Security 2024-25

• Next-Generation Firewalls (NGFW): Discuss advancements in firewall technology,

including features like deep packet inspection and integrated intrusion prevention.

4. Data Protection Technologies

• Encryption Tools: Explain the significance of encryption for data at rest and in transit,
including popular encryption protocols and tools.
• Data Loss Prevention (DLP): Describe DLP solutions that help organizations monitor
and protect sensitive data from unauthorized access or leaks.

5. Identity and Access Management (IAM)

• Authentication Solutions: Discuss multi-factor authentication (MFA) and single sign-on

(SSO) solutions that enhance user authentication security.

• Role-Based Access Control (RBAC): Explain how RBAC can help organizations
enforce least privilege access to sensitive resources.

6. Incident Response and Forensics Tools

• Incident Response Platforms: Introduce tools designed to streamline incident response
processes, including workflow automation and reporting capabilities.
• Digital Forensics Tools: Discuss the tools used for investigating cyber incidents,
collecting evidence, and analyzing security breaches.

10 | P a g e
Cyber_Security 2024-25

4. RECENT REPORTS ON CYBER SECURITY:

India experienced a high number of cyberattacks in the first six months of 2024 with key fields
like education, defence and research among the "victims." Various government branches and
the technology sector were also among the primary targets while healthcare, banking,
manufacturing, and consumer services were also hit.

The six-month period witnessed 388 data breaches, 107 data leaks, 39 ransomware activities,
and 59 cases of access sales or leaks. The Telegram app was a hotbed for data breaches and
scams. A hub of hackers, Telegram is used as the platform to coordinate attacks and share
information.

The findings were released by the 'India Breach Report' by FalconFeeds, a product of
cybersecurity firm Technisanct. Government and public sector entities were disproportionately
affected, with the Centre bearing the brunt of the attacks, it claimed.

Fig 4.1 : Cyberattacks targeted Indian sectors in first half of 2024

According to the report, March and April witnessed an increase in cyber incidents. It peaked
in May before dropping significantly in July. Notably, a surge in incidents of cyberattacks
coincided with the Lok Sabha Elections 2024 which was held from April 19 to June 1.

11 | P a g e
Cyber_Security 2024-25

Fig 4.2 : Month-wise distribution of cyberattacks in India

Data breaches being the most common form of cyber attack in India means leading
organisations lack robust data protection measures. Sensitive information belonging to these
institutions remains "highly vulnerable" to exposure, FalconFeeds warns in the report.

The report identified as many as "71 victims" of cyber attacks in the public and government
sectors between January and June. Even military, defence, law enforcement sectors were hit
along with several departments headed by state governments, it said. The states of Bihar,
Kerala, Haryana, New Delhi, Karnataka and Andhra Pradesh were among the most hit in the
list released by the cybersecurity firm.

Fig 4.3 : State-wise chart of cyberattacks in India

12 | P a g e
Cyber_Security 2024-25

Fig 4.4 : Rise Of Cyber Crime in India

Since January 1, 2024, India has been witnessing a staggering 7,000 complaints of cyber fraud
per day. The growth over the past few years is concerning:

Year No of complaints of cyber of cyber fraud

2019 26,049

2020 2,55,777

2021 4,52,414

2022 9,56,790

2023 15,56,215

2024(Jan-Apr) 7,40,957
Table 4.1 : India’s Alarming Cyber Fraud Surge

13 | P a g e
Cyber_Security 2024-25

The Indian Cybercrime Coordination Centre (I4C) wing of the Ministry of Home Affairs
(MHA) reports on cybercrime in India:

No of scams Title Total Amount

4,599 Digital fraud Rs 1,203.06 crore

20,043 Trading scams Rs 14,204.83 crore

62,687 Investment scams Rs 2,225.82 crore

1,725 Dating scams Rs 132.31 crore

Table 4.2 : I4C wing reports

This year’s major culprits are:

• Fake trading apps

• Loan apps

• Gaming apps

• Dating apps

• Algorithm manipulation

In response, I4C has taken significant actions:

Frozen 325,000 bank accounts

Blocked 530,000 SIM cards

Frozen 3,401 social media accounts, including WhatsApp groups

14 | P a g e
 Cyber_Security 2024-25

5. PROS AND CONS

5.1PROS OF CYBER SECURITY

1. Enhanced Threat Detection with AI and ML: AI-powered solutions can identify
patterns and detect threats more accurately and quickly, helping prevent breaches in real-
time.

2. Increased Security through Zero-Trust Models: Zero-trust architecture strengthens

security by requiring verification at every access point, reducing the risk of internal threats.

3. Improved Cloud Security: Advances in cloud security tools help address vulnerabilities
in multi-cloud and hybrid environments, supporting secure, scalable cloud adoption.

4. Focused IoT Security: The push toward securing IoT devices mitigates risks associated
with interconnected systems, making it safer to deploy IoT in smart cities, healthcare, and
other critical sectors.

5. Quantum-Resistant Cryptography: Preparations for quantum computing secure

sensitive data from potential quantum-based attacks, future-proofing data protection.

6. Stronger Compliance and Data Privacy: New regulations and compliance frameworks
ensure better data protection, safeguarding user privacy and fostering public trust.

5.2 CONS OF CYBER SECURITY

1. Increased Complexity in Security Management: Integrating AI, zero-trust, and cloud

security tools into existing systems can be complex, requiring specialized skills and
resources.

2. High Implementation Costs: Advanced cybersecurity technologies and frameworks like

zero-trust or AI-based solutions are often costly, posing a barrier for small to medium-
sized enterprises (SMEs).

15 | P a g e
Cyber_Security 2024-25

3. Scalability Challenges with IoT Security: Securing millions of IoT devices is

challenging, especially as they lack uniform standards, increasing the risk of
vulnerabilities.

4. Ethical and Privacy Concerns: AI in cybersecurity may infringe on privacy, and misuse
of data in threat detection raises ethical issues regarding user information.

5. Potential Quantum Threats: As quantum computing evolves, existing cryptographic

protocols may become vulnerable, necessitating swift adaptation to quantum-resistant
encryption.

6. Constant Regulatory Changes: Evolving compliance requirements may strain

companies, as they must continuously adapt to new standards and legislation, increasing
operational overhead.

5.3 Applications of Recent Trends in Cybersecurity

1. AI-Powered Threat Detection : Real-time analysis and anomaly detection in security

operations centers (SOCs). Financial institutions leverage AI to detect unusual
transactions that may indicate fraud or insider threats.

2. Zero-Trust Architecture : Network security across industries, ensuring every user and
device is verified and continuously monitored. Healthcare systems implement zero-
trust models to protect sensitive patient data and limit access within electronic health
records (EHR) systems.

3. Advanced Cloud Security Solutions : Safeguarding data and applications hosted in

cloud environments. E-commerce platforms use cloud security to protect customer
payment information and personal data while ensuring compliance with data privacy
regulations.

4. IoT Security : Securing interconnected devices, especially in critical infrastructure and

industrial control systems (ICS). Manufacturing sectors employ IoT security protocols
to safeguard industrial machinery and systems from cyber threats, minimizing
downtime and preventing sabotage.

16 | P a g e
Cyber_Security 2024-25

5. Quantum-Resistant Cryptography : Long-term protection of sensitive data in sectors

anticipating quantum advancements. Government agencies and financial institutions
begin using quantum-resistant encryption to protect national security data and sensitive
financial transactions from future quantum threats.

6. Automated Regulatory Compliance : Monitoring and enforcing compliance with

data protection and privacy standards. Companies in regulated industries, like
healthcare and finance, use automated compliance tools to ensure adherence to GDPR,
HIPAA, and other laws, reducing the risk of data breaches and legal penalties.

17 | P a g e
Cyber_Security 2024-25

5. CASE STUDY:-

6.1 : 2024 Lebanon pager explosions

The 2024 Lebanon pager explosions were part of a covert cyber-physical sabotage
operation targeting Hezbollah, reportedly carried out by Israel’s Unit 8200, an elite cyber-
intelligence division.

The operation involved embedding explosives into pagers used by Hezbollah operatives.
These pagers, an older communication technology, were selected by Hezbollah to evade
modern surveillance and electronic warfare techniques, as they generate less metadata
compared to smartphones.

The operation was aimed at disrupting Hezbollah's capabilities by targeting their

communication networks and potentially sabotaging their infrastructure

Fig 6.1 : Pager Explosions

Fig 6.2 : Pager Blast

18 | P a g e
Cyber_Security 2024-25

6.2 Fake product listings on real shopping sites lead to stolen payment information

More than 1,000 legitimate shopping sites have been compromised to promote fake
product listings in a credit card phishing scheme dubbed “Phish ‘n’ Ships,”
HUMAN’s Satori Threat Intelligence and Research team revealed Thursday.

Researchers believe that the scheme, which has been ongoing since 2019, has affected
hundreds of thousands of online shoppers and raked in tens of millions of dollars in
stolen funds.

The threat actors behind Phish ‘n’ Ships have built 121 fake online stores that receive
traffic through both search engines and listings on compromised sites, and have
abused four different third-party payment processors in the scam campaign.

Fig 6.3 : Third-Party Payment Processors

19 | P a g e
Cyber_Security 2024-25

7. CONCLUSION

In today's increasingly digital world, cybersecurity has become a paramount concern for
individuals and organizations alike. As cyber threats continue to evolve in complexity and
frequency, the need for robust cybersecurity measures has never been more critical. This
report highlights the fundamental principles of cybersecurity, the current trends and
emerging threats, and the essential tools and technologies that can be employed to
safeguard digital assets.

The advantages of implementing comprehensive cybersecurity strategies are significant,

offering data protection, business continuity, and regulatory compliance, while also
enhancing organizational reputation. However, these benefits must be weighed against the
challenges, including implementation costs, complexity, and the need for continuous
adaptation to the ever-changing threat landscape.

As we move forward, organizations must adopt a proactive approach to cybersecurity,

prioritizing risk management, employee training, and the integration of advanced
technologies such as artificial intelligence and machine learning. Collaboration across
sectors and adherence to best practices will be crucial in creating a resilient cybersecurity
posture.

In conclusion, while the threat of cyberattacks remains a persistent challenge, a well-

rounded cybersecurity strategy can significantly reduce risks and protect sensitive
information. Organizations that invest in effective cybersecurity measures will not only
safeguard their assets but also foster trust and confidence among their customers, partners,
and stakeholders. The journey toward comprehensive cybersecurity is ongoing, and
continuous vigilance is essential for navigating the complexities of the digital age.

20 | P a g e
Cyber_Security 2024-25

8. REFERENCES

Reference to a book:
Introduction to Cyber Security: Author Dr. Jeetendra Pande, Assistant Professor School of
CS & IT, Uttarakhand Open University, Haldwani

Reference to web sites:

1) : https://www.nist.gov/cyberframework
2) : https://en.wikipedia.org/wiki/2024_Lebanon_pager_explosions
3) : https://www.linkedin.com/pulse/common-cybersecurity-terminologies-habeeb-
adebisi/
4) :https://timesofindia.indiatimes.com/world/middle-east/pager-attack-in-lebanon-
why-washezbollah-using-outdated-pagers-in-2024/articleshow/113442551.cms
5) : https://www.accountingtimes.com.au/technology/ai-aiding-cybercrime-bdo-
research-warns
6) : https://insaaf99.com/blog/cyber-crime-report-and-online-vigilance/
7) :http://timesofindia.indiatimes.com/articleshow/113529820.cms?utm_source=content
ofinterest&utmmedium=text&utm_campaign=cppst
8) : https://primeinfoserv.com/indias-alarming-cyber-fraud-surge-in-2024/

21 | P a g e