Unit-4

• 4.1 Concepts of Cyber Security:

• 4.1.1 Types of Threats
• 4.1.2 Advantages of Cyber Security
• 4.2 Basic Terminologies:
• 4.2.1 IP Address, MAC Address
• 4.2.2 Domain name Server(DNS)
• 4.2.3 DHCP, Router, Bots
• 4.3 Common Types of Attacks:
• 4.3.1 Distributed Denial of Service
• 4.3.2 Man in the Middle, Email Attack
• 4.3.2 Password Attack, Malware
• 4.4 Hackers:
• 4.4.1 Various Vulnerabilities:
• 4.4.1.1 Injection attacks, Changes in security settings
• 4.4.1.2 Expouser of Sensitive Data
• 4.4.1.3 Breach in authentication protocol
• 4.4.2 Types of Hackers: White hat and Black hat
Cyber security

• Cyber security is the body of technologies, processes, and practices

designed to protect networks, computers, programs and data from
attack, damage or unauthorized access.
• The term cyber security refers to techniques and practices designed to protect
digital data.

• The data that is stored, transmitted or used on an information system.

• Cyber security is the protection of Internet-connected systems,
including hardware, software, and data from cyber attacks.

• It is made up of two words one is cyber and other is security.

• Cyber is related to the technology which contains systems, network and programs
or data.
• Whereas security related to the protection which includes systems security,
network security and application and information security.
Importance of cyber security

• Cyber attacks can be extremely expensive for businesses to endure.

• In addition to financial damage suffered by the business, a data breach

can also inflict untold reputational damage.

• Cyber-attacks these days are becoming progressively destructive.

Cybercriminals are using more sophisticated ways to initiate cyber
attacks.
Cont..

• Regulations such as General Data Protection Regulation (GDPR) are

forcing organizations into taking better care of the personal data they
hold
IP address
• An IP (Internet Protocol) address is a unique number that identifies a device
connected to the internet:

• Function
o IP addresses identify devices on the internet and allow them to communicate with each
other.

• Example

• An IP address might look like

Types of IP address

o There are several types of IP addresses, including

o Public

o Private

o static, and

o dynamic.
Versions of IP address
• The two most common versions of IP addresses are IPv4 and IPv6.

• IPv4, or Internet Protocol version 4, is the original addressing system of the Internet,

introduced in 1983.

• It uses a 32-bit address scheme, which theoretically allows for over 4 billion unique addresses

(2^32).

• IPv4 addresses are typically displayed in decimal format, divided into four octets separated by

dots.

• For example, 192.168.1.1 is a common IPv4 address you might find in a home network.
IPV6
• The well-known IPv6 protocol is being used and deployed more often,
especially in mobile phone markets.
• It is better than IPv4 in terms of complexity and efficiency.
• IPv6 is written as a group of 8 hexadecimal numbers separated by colon
(:).
• It can be written as 128 bits of 0s and 1s.
MAC address
• MAC Address stands for Media Access Control Address or is hardware address.

• it is the 48 bits unique identifier address of a device.

• It is assigned to NIC (Network Interface Controller) device

• Every device has a unique physical address which identifies it between whole network
devices.

• Your PC, your smart phone, your tablet or any other devices that we use in networking has a
unique physical address.

• These addresses are assigned to the devices by the manufacturer vendors.

Parts of MAC
• The total length of a MAC address is 48 bits (6 bytes). Physical addresses
consist of 6 groups. Each group has two hexadecimal numbers. Each number
is defined with 4 bits and these two numbers are total 8 bits. In other words,
every group is 8 bits long
• Beside these bits, a Physical address has two common parts.
• OUI
• NIC
OUI(Organization Unique Identifier)

• The first half of a MAC address is vendor specific, OUI part

• This is the vendor specific part which is assigned to that vendor from
IEEE.

• This part is same on all the devices of that manufacturer.

• One manufacture has one more OUI assigned by IEEE.

NIC (Network Interface Controller.)

• The second part of the Media Access Control Address is device specific
part NIC part.

• Some of the resources define this part as UAA (Unique Address

Assigned).

• This part identifies different devices of the vendor.

• Each devices has a unique NIC part.

DNS

• DNS stands for Domain Name System.

• It's a system that translates human-readable domain names (like

www.example.com) into machine-readable IP addresses (like 192.168.1.1).

• The DNS is essential for the functioning of the internet, as it allows users to
access websites using easy-to-remember names instead of complex numerical
IP addresses.
How DNS works

1. User Requests a Website: When you type a website URL (like

www.example.com) into your browser, your computer sends a DNS
query to a DNS server to find out the corresponding IP address.

2. DNS Resolver: The DNS server (called a "resolver") looks up the IP

address in its database. If it has the information, it returns the IP
address to your browser.
Cont..

1. Name Servers: If the resolver doesn't have the IP address, it sends a

request to other DNS servers, potentially going up a chain from local
DNS servers to authoritative DNS servers.

2. Response: Once the IP address is found, it's sent back to your browser,
allowing it to connect to the website's server and load the content.
DHCP (Dynamic Host Configuration
Protocol)
• DHCP (Dynamic Host Configuration Protocol) is a network
management protocol used to dynamically assign an IP address to any
device, or node, on a network so it can communicate using IP.

• DHCP automates and centrally manages these configurations rather than

requiring network administrators to manually assign IP addresses to all
network devices.
Functions

• IP Address Allocation: Automatically assigns unique IP addresses to

devices on a network.

• Configuration Details: Provides additional network settings like:

o Subnet mask

o Default gateway

o DNS server addresses

o Lease duration (the time a device can use the assigned IP before it needs renewal)
Working
Client systems uses a process called a lease to request an IP address configuration from
a DHCP server. The lease generation process consists of four steps:

1. Discover: The client broadcasts a query to find a DHCP server

2. Offer: The DHCP server offers an IP address to the client

3. Request: The client requests the use of the offered IP address

4. Acknowledge: The DHCP server acknowledges the request and marks the IP
address as leased in its database
Router

• A Router is a networking device that forwards data packets between

computer networks.

• A router determines a packet’s future path by examining the destination

IP address of the header and comparing it to the routing database.
Function of router

• Packet Routing:Determines the best path for data packets to travel

between devices and networks.Uses routing tables and protocols to make
routing decisions.

• Network Segmentation:Connects different networks, such as a local area

network (LAN) to a wide area network (WAN), or two LANs.
Cont..
• IP Address Management:Assigns private IP addresses to devices in a network using
technologies like DHCP.Performs NAT (Network Address Translation) to allow
multiple devices on a private network to share a single public IP address.

• Firewall and Security:Blocks unauthorized access using built-in firewalls and filtering
rules.Can support Virtual Private Networks (VPNs) for secure remote access.

• Wireless Connectivity (in Wi-Fi routers):Provides wireless access to the network

using Wi-Fi technology.
Types of router

• Home Routers:Used in households to connect devices to the

internet.Often combine routing and wireless access point functionality.

• Enterprise Routers:Designed for businesses, offering advanced features

like high-speed connections, extensive configuration options, and
enhanced security.
• Core Routers:High-performance routers used by ISPs or large
organizations to route data within the backbone of a network.

• Edge Routers:Positioned at the boundary of a network, connecting

internal networks to external ones, such as the internet.
Bots (Robots)

• Bots are software programs designed to automate tasks, often by

simulating human behavior.

• They are used in various applications, from customer service to

cybersecurity, and can operate independently or in collaboration with
users or other systems.
Types and application

• Web Crawlers (Search Engine Bots):Used by search engines like Google

to index web pages.Automatically scan and organize content from
websites.

• Chatbots:Interact with users through text or voice in messaging apps,

websites, or call centers.Applications include customer support, virtual
assistants (like Alexa, Siri), and FAQ handling.
• Social Media Bots:Automate social media activities like posting,
commenting, and liking.Can promote content, but malicious versions
spread spam or misinformation.

• Gaming Bots:Play video games autonomously or assist players with

repetitive tasks.Used both recreationally and for competitive advantages.
• Trading Bots:Operate in financial markets to buy or sell stocks,
cryptocurrencies, or other assets.Follow pre-defined rules or algorithms
to optimize trading strategies.

• Monitoring and Security Bots:Monitor systems, websites, or servers for

performance, security threats, or downtime.Examples: bots that detect
vulnerabilities or block malicious activities.
• Shopping Bots:Help users find the best deals, compare prices, or
complete purchases quickly.Examples include bots that buy limited-
edition items like sneakers or event tickets.

• Malicious Bots:Used for harmful purposes like spreading malware,

conducting Distributed Denial of Service (DDoS) attacks, or scraping
data.Examples: spam bots, credential-stuffing bots, or botnets.
Key Features of Bots:

• Automation: Perform repetitive tasks with minimal human intervention.

• Speed: Operate faster than humans in processing or responding.

• Interactivity: Some bots, like chatbots, interact naturally with users.

• Scalability: Can manage large-scale operations, such as monitoring

thousands of websites.
Advantages of Bots

• Improve efficiency by automating repetitive tasks.

• Enhance user experience (e.g., 24/7 customer support).

• Enable scalability in operations.

Types of Cyber Attacks

• A cyber-attack is an exploitation of computer systems and networks. It

uses malicious code to alter computer code, logic or data and lead to
cybercrimes, such as information and identity theft.

• Cyber-attacks can be classified into the following categories:

1) Web-based attacks

2) System-based attacks
Web-based attacks

• These are the attacks which occur on a website or web applications. Some of
the important web-based attacks are as follows

• 1. Injection attacks

• It is the attack in which some data will be injected into a web application to
manipulate the application and fetch the required information.

• Example- SQL Injection, code Injection, log Injection, XML Injection etc.
• 2. DNS Spoofing

• DNS Spoofing is a type of computer security hacking. Whereby a data is

introduced into a DNS resolver's cache causing the name server to return an
incorrect IP address, diverting traffic to the attackers computer or any other
computer. The DNS spoofing attacks can go on for a long period of time
without being detected and can cause serious security issues
• 3. Session Hijacking
• It is a security attack on a user session over a protected network. Web applications
create cookies to store the state and user sessions. By stealing the cookies, an attacker
can have access to all of the user data.
• 4. Phishing
• Phishing is a type of attack which attempts to steal sensitive information like user
login credentials and credit card number. It occurs when an attacker is masquerading
as a trustworthy entity in electronic communication.
• 5. Brute force It is a type of attack which uses a trial and error method.
This attack generates a large number of guesses and validates them to
obtain actual data like user password and personal identification number.
This attack may be used by criminals to crack encrypted data, or by
security, analysts to test an organization's network security
• 6. Denial of Service It is an attack which meant to make a server or
network resource unavailable to the users. It accomplishes this by
flooding the target with traffic or sending it information that triggers a
crash. It uses the single system and single internet connection to attack a
server.
System-based attacks

• These are the attacks which are intended to compromise a computer or a

computer network.

• Some of the important system-based attacks are as follows

Virus and worms
 What is a computer virus?

 A computer virus is a type of malicious software program that, when

executed, replicates itself by modifying other computer programs and
inserting its own code.
 Some viruses begin replicating as soon as they infect the host, while
other viruses will lie dormant until a specific trigger causes malicious
code to be executed by the device or system.
 Actions taken by Viruses

 Display a message to prompt an action into which viruses enter

 Scramble data on hard disk
 Delete files inside the system
 Cause erratic screen behavior
 Halt the PC
 Replicate themselves
 How virus spread?

 Through the internet,

 Through a stand-alone computer system and
 Through local networks.
 Working of virus

 A virus can be spread by opening an email attachment, clicking on

an executable file, visiting an infected website or viewing an infected
website advertisement.
 It can also be spread through infected removable storage devices,
such USB drives.
 Once a virus has infected the host, it can infect other system software or
resources, modify or disable core functions or applications, as well as
copy, delete or encrypt data.
Categorized based on attacks on various element of the system
Types of virus

Boot Sector

Trojan Logic Bomb

Virus
Polymorp-
Macro
hic

Adware &
Stealth
Malware
 Boot sector Virus

 A Boot Sector is the part of our PC's hard drive that loads our computer's
operating system. When a system has booted the code in a boot sector will
always run first.

 A Boot Sector(also known as Boot infector or MBR virus) infects the Master
Boot Record(MBR), so the virus loads on the computer memory during
startup.

 This virus is attached with our system files i.e. ".exe", ".com" or
".dll"(Dynamic link libraries) files. When the user uses these files, the virus
performs destructive operations and destroy all data files.
 Program virus

 Gets Activated when program file(usually with extensions .bin, .com,

.exe) is executed
 Makes copy of itself
 Macro Virus

 Macro is a set of recorded keystrokes, Mouse movements and so on that

are designed to make your life easier, reduce repetitive typing and so
on.
 A Macro Virus is a type of Computer virus that hides within the macros
used in a program(like as MS Word, MS Excel,etc.).Macro is an
executable program thus it can be infected by viruses just like other
executable programs.
 What's unique about a Micro Virus is user typically don't suspect that a
document will contain a virus. Whenever the user opens such files The
Micro Virus perform pre-define destructive functions. These viruses
may change or erase all the data of any document.
 Multipartite Virus

 Hybrid of a boot sector and program viruses

 Multipartite Virus increases their chance of spreading within the
computer by combining feature from both the File Virus and the Boot-
Sector Virus thus these viruses easily infect both files and boot sectors
simultaneously allowing them to act quickly and spread rapidly,
Because of this, the chance of spreading the virus is increased.
 Malware and Adware

 Malware: it is a malicious software designed to damage a computer

system without the owner’s informed consent. Viruses and worms are
the examples of malware.
 Adware: it is an advertising supported software which automatically
plays, displays or downloads advertisements to a computer after the
software is installed on it or while the application is being used. Few
spywares are classified as adware
 Stealth Virus

 A stealth virus is a hidden computer virus that attacks operating system

processes and avoid typical anti-virus or anti-malware scans.
 Stealth viruses hide in files, partitions and boot sectors and are adept at
deliberately avoiding detection.
 Stealth virus eradication requires advanced anti-virus software or a
clean system reboot.
 Stealth viruses

 In order to avoid detection, stealth viruses also self-modify in the

following ways:

 Code Modification: The stealth virus changes the code and virus
signature of each infected file.
 Encryption: The stealth virus encrypts data via simple encryption and
uses a different encryption key for each infected file.
 Brain, the first stealth virus, spread internationally during
the mid-1980s.
 Polymorphic viruses

 Like “chameleon” that changes its virus signature (i.e., binary pattern)
every time it spread through the system (i.e., multiplies & infect a new
file)
 Polymorphic generators are routines that can be linked with the
existing viruses
 Generators are not viruses but purpose to hide actual viruses under the
cloak of polymorphism
 WORMS

 Computer worms are similar to viruses in that they replicate functional

copies of themselves and can cause the same type of damage.
 In contrast to viruses, which require the spreading of an infected host
file, worms are standalone software and do not require a host program
or human help to propagate.
 To spread, worms either exploit a vulnerability on the target system or
use some kind of social engineering to trick users into executing them.
 Cont…

 A worm enters a computer through a vulnerability in the system and

takes advantage of file-transport or information-transport features on
the system, allowing it to travel unaided.
 More advanced worms leverage encryption, wipers, and ransomware
technologies to harm their targets.
 The term “worm” is sometimes used to mean self-replicating “malware”
(Malicious softWARE).
Sr. Feature Virus worm
no
1 Different Stealth virus, self-modified E-Mail worms, instant messaging
types virus, encryption with worms, Internet worms, IRC
variable key virus, worms, file-sharing networks
polymorphic code virus, worms
metamorphic code virus
2 Spread mode Needs a host program to Self, without user intervention
spread
3 What is it? A computer virus is a A computer worm is a software
software program that can program, self-replicating in nature,
copy itself and infect the data which spreads through a network.
or information, without the It can send copies through the
users' knowledge. However, network with or without user
to spread to another intervention
computer, it needs a host
program that carries the virus
Sr. Feature virus worm
no.
4 Inception The creeper virus was The name worm originated from The
considered as the first known Shockwave Rider, a science fiction
(foundation)
virus. It was spread through novel published in 1975 by John
ARPANET in the early 1970s. It Brunner. Later researchers John F
spreads through the TENEX OS Shock and Jon A Hupp at Xerox PARC
and uses connected modem to published a paper in 1982. The
dial out to a remote computer Worm Programs and after that the
and infect it. name was adopted

5 Prevalence Over 100,000 known computer Prevalence for virus is very high as
viruses have been there against moderate prevalence for a
(popularity)
though not all have attacked worm.
computers (till 2005)
 Trojan

 “Trojan horses” are different from viruses in their manner of

propagation.
 They mask(cover up) as a legitimate file, such as an email attachment
from a supposed friend with a very believable name, and don’t
disseminate themselves.
 The user can unknowingly install a Trojan-infected program via drive-
by downloads when visiting a website, playing online games or using
internet-driven applications.
 A Trojan horse can: steal information or hamper/disrupt the
functioning of computer systems.
 Logic bomb/time bomb

 A logic bomb is a piece of code inserted into an operating

system or software application that is triggered by a response to an
event, such as launching an application or when a specific date/time is
reached.
 Logic bombs are often used with viruses, worms, and trojan horses to
time them to do maximum damage before being noticed. They perform
actions like corrupting or altering data, reformatting a hard drive, and
deleting important files.
 SQL Injection

 SQL injection is a code injection technique that exploits a security

vulnerability occurring in the database layer of an application.
 The vulnerability is present when
 user input is either filtered incorrectly for string literal escape characters
embedded in SQL statements
 user input is not strongly typed and thereby unexpectedly executed.

 SQL injection attacks are also known as SQL insertion attacks

 What is Cyber Law?

 Cyber Law is the law governing cyber space. Cyber space is a very wide
term and includes computers, networks, software, data storage devices
(such as hard disks, USB disks etc), the Internet, websites, emails and
even electronic devices such as cell phones, ATM machines etc.
 Cyber law encompasses laws relating to:
1. Cyber Crimes
2. Electronic and Digital Signatures
3. Intellectual Property
4. Data Protection and Privacy
Man-in-the-Middle (MITM) Attack
• A Man-in-the-Middle (MITM) Attack is a cyberattack where an attacker
secretly intercepts and possibly alters the communication between two
parties who believe they are directly communicating with each other.
• The attacker positions themselves between the victim and the intended
destination, enabling them to eavesdrop, manipulate data, or steal
sensitive information.
Common Targets of MITM
• Online banking and financial transactions.
• E-commerce websites.
• Email communications.
• Corporate networks.
• Public Wi-Fi users.
Working of MITM
• Interception:
• The attacker gains access to the communication channel between two
parties.
• Common methods include:
• Spoofing Wi-Fi Networks: Creating fake Wi-Fi hotspots.
• ARP Spoofing: Sending false ARP (Address Resolution Protocol) messages on a
LAN to link the attacker’s MAC address to the victim's IP address.
• DNS Spoofing: Redirecting users to malicious websites by altering DNS records.
Cont…
• Data Manipulation:
• The attacker reads, modifies, or injects malicious content into the
intercepted data.
• Victims are often unaware of the interference.
Types of MITM Attacks:
1.Eavesdropping:
Intercepting sensitive information like login credentials, credit card numbers, or personal data.
2.Session Hijacking:
Stealing session cookies to impersonate a user and gain unauthorized access to their accounts.
3.SSL Stripping:
Downgrading a secure HTTPS connection to an insecure HTTP connection, exposing sensitive
data.
4.Email Hijacking:
Intercepting and manipulating email communications to impersonate one of the participants.
5.Wi-Fi Eavesdropping:
Using rogue access points to capture data transmitted over public or unsecured Wi-Fi networks.
Signs of a MITM Attack:
• Frequent SSL/TLS certificate warnings.
• Suspicious redirects to unknown websites.
• Unexpected login attempts or account lockouts.
• Poor performance or unusual behavior on networks or devices.
Hackers
• Hackers are individuals or groups who use their knowledge of computer
systems, programming, and networks to gain unauthorized access to
systems, manipulate data, or exploit vulnerabilities. The term "hacker"
can have both positive and negative connotations, depending on their
intent and the impact of their actions.
Types of Hackers
1.White Hat Hackers (Ethical Hackers):
1. Work with organizations to identify and fix vulnerabilities in their systems.
2. Often employed in cybersecurity roles, including penetration testing and security
audits.
3. Operate legally and ethically to improve security.
2.Black Hat Hackers (Malicious Hackers):
1. Exploit vulnerabilities for personal gain or malicious purposes, such as stealing
data, spreading malware, or causing disruption.
2. Operate outside the law and can cause significant harm to individuals, businesses,
and governments.
Types of Hackers(cont.)
3. Gray Hat Hackers:
1. Operate between ethical and unethical boundaries.
2. May exploit vulnerabilities without permission but often report them to the
affected party afterward, sometimes expecting a reward.
4.Script Kiddies:
1. Inexperienced hackers who use pre-written tools or scripts to conduct attacks.
2. Often lack a deep understanding of hacking techniques.
Types of Hackers(cont)
5. Hacktivists:
1. Use hacking as a form of protest to promote political, social, or ideological
causes.
2. May deface websites, leak sensitive information, or disrupt services.
6. State-Sponsored Hackers:
1. Employed by governments to conduct cyber espionage, sabotage, or warfare.
2. Target other nations, organizations, or individuals for political, economic, or
military advantage.
Types of Hackers(cont)
7. Cybercriminal Groups:
1. Organized groups that engage in illegal activities for financial gain.
2. Operate on a larger scale, often using ransomware, phishing, or other advanced
methods.
8. Insider Threats:
1. Employees or contractors who exploit their access to systems for malicious
purposes.
2. Often motivated by personal grievances, financial gain, or coercion.
Common Hacking Techniques:
1.Phishing: Deceiving users into revealing sensitive information via fake emails or
websites.
2.Malware: Deploying malicious software to infiltrate systems or steal data.
3.Social Engineering: Manipulating people to gain access to confidential information.
4.Exploiting Vulnerabilities: Taking advantage of unpatched software or
misconfigurations.
5.Denial-of-Service (DoS) Attacks: Overloading a system or network to make it
unavailable.
6.Man-in-the-Middle (MITM) Attacks: Intercepting and altering communications
between two parties.
7.Credential Stuffing: Using stolen login credentials to gain unauthorized access to
accounts
Vulnerabilities
• Cybersecurity vulnerabilities are flaws in software, hardware, or network
systems that cybercriminals exploit to gain unauthorized access, disrupt
services, or steal sensitive information.
• These vulnerabilities can stem from different sources, including errors in
code, misconfigurations, outdated software, or even human error.
Types of vulnerabilities
• network vulnerabilities
• operating system vulnerabilities
• process (or procedural) vulnerabilities, and
• human vulnerabilities.
Types of vulnerabilities(cont.)

• Network vulnerabilities are weaknesses within an organization’s hardware

or software infrastructure that allow cyberattackers to gain access and
cause harm.

• These areas of exposure can range from poorly-protected wireless access

all the way to misconfigured firewalls that don’t guard the network at
large.
Types of vulnerabilities(cont.)
• Operating system (OS) vulnerabilities are exposures within an OS that allow
cyberattackers to cause damage on any device where the OS is installed.

• An example of an attack that takes advantage of OS vulnerabilities is a Denial of

Service (DoS) attack, where repeated fake requests clog a system so it becomes
overloaded.

• Unpatched and outdated software also creates OS vulnerabilities, because the system
running the application is exposed, sometimes endangering the entire network.
Types of vulnerabilities(cont.)

• Process vulnerabilities are created when procedures that are supposed to

act as security measures are insufficient.

• One of the most common process vulnerabilities is an authentication

weakness, where users, and even IT administrators, use weak passwords.
Types of vulnerabilities(cont.)

• Human vulnerabilities are created by user errors that can expose networks,
hardware, and sensitive data to malicious actors.

• They arguably pose the most significant threat, particularly because of the
increase in remote and mobile workers.

• Examples of human vulnerability in security are opening an email attachment

infected with malware, or not installing software updates on mobile devices.
SQL Injection
• SQLi or SQL Injection is a web page vulnerability that lets an attacker
make queries with the database.
• Attackers take advantage of web application vulnerability and inject an
SQL command via the input from users to the application.
• Attackers uses SQL queries like SELECT to retrieve confidential
information which otherwise wouldn’t be visible.
• SQL injection also lets the attacker to perform a denial-of-service (DoS)
attacks by overloading the server requests.
breach in an authentication protocol
• A breach in an authentication protocol, also known as a broken
authentication attack, occurs when an attacker is able to access a user's
account information and assume their identity.
• This can happen when an attacker compromises a user's password, keys,
session tokens, or other details.
Types of breach in authentication
• Brute force attacks
• Attackers systematically try all possible password combinations until they
find the correct one. This can happen when passwords are weak, such as
common passwords or short passwords.
• Phishing attacks
• Attackers trick users into giving away sensitive information by posing as a
trustworthy entity.
• Credential stuffing
• Attackers use stolen usernames and passwords from one platform to
access multiple accounts on other websites.