Cyber Security -
Cyber security protects the data and integrity of computing assets belonging to or connecting to an organization's network. Or we can say that is the state or process of protecting and recovering networks, devices, and programs from any type of cyber attack. Its purpose is to defend those assets all threat actors throughout the entire life cycle of a cyber attack. Cyber attacks are an evolving danger to organizations, employees and consumers. They may be designed to access or destroy sensitive data or extort money. They can, in effect, destroy businesses and damage people's financial and personal lives.
Why Cyber Security is Important ? -
Cyber security is important because it encompasses everything that pertains to protecting our personal information, intellectual property, data, and govermental and industry information systems from theft and damage attempted by criminals and adversaries.
Cyber security doesn't involve just businesses and goverment. Your computer, tablet and cellphone probably contain information that hackers and other criminals would love to have, like other people's email addresses, names and birthdates. Suppose, for example, a hacker had access to your contact information. He could then send an email or text message to everyone you know, using your name, encouraging them to click on a link containing malware, like "Hey Manish, I thought you'd love this! Click here".
Cyber Security Goals -
The Primary Goal of Cybersecurity is to protect information from being stolen, compromised or attacked. Cyber security can be measured by at least one of three goals -
1. Protect the confidentiality of data.
2. Preserve the integrity of data.
3. Promote the availability of data for authorized users.
Here we will discuss about cyber security goals in detail -
a) Confidentiality :
Confidentiality is roughly equivalent to privacy and avoids the unauthorized disclosure of information. It involves the protection of data, providing access for those who are allowed to see it while disallowing others from learning anything about its content.
b) Integrity :
Integrity refers to the methods for ensuring that data is real, accurate and safeguarded from unauthorized user modification. It is the property that information has not be altered in an unauthorized way, and that source of the information is genuine.
c) Availability :
Availability is the property in which all systems, services and information must be accessible when required by the business or its clients.
Cyber Crime -
Cyber crime is criminal activity that uses a computer. Cyber crimes are any crimes that involve a computer and a network. In some cases, the computer may have been used in order to commit the crime and in other cases, the computer may have been target of the crime.
The IT Act 2000, the cyber law of India, gives the legal framework so that information is not denied legal effect, validity or enforceability, solely on the ground that it is the form of electronic records.
Cyber crimes are broadly categorized into three catefories, namely crime against.
1. Individual -
2. Property -
3. Goverment -
Types of Cyber Crimes -
Hacking -
This is a type of crime where in a person's computer is broken into so that his personal or sensitive information can be accessed. Hacking is classified as a felony and punishable as such.
Theft -
This crime occurs when a person violates copyrights and downloads music, movies, games and software. There are even peer sharing websites which encourage software piracy. Today, the justice system is addressing this cyber crime and there are laws that prevent people from illegal downloading.
Cyber Stalking -
This is a kind of online harassment wherein the victim is subjected to a barrage of online messages and emails. Typically, these stalkers know their victims and instead of resorting to offline stalking, they use the internet to stalk..
Identity Theft -
This has become a major problem with people using the Internet for cash transactions and banking services. In this cyber crime, a criminal accesses data about a person's bank account, credit cards, Social Security, debt card and other sensitive information to siphon money or to buy things online in the victim's name.
Malicious Software -
These are Internet-based software or programs that are used to disrupt a network. The software is used to gain access to a system to steal sensitive information or data causing damage to software present in the system.
Denial of Service Attack -
This is an act by the criminal, who floods the band width of the victim's network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide.
Credit Card Fraud -
You simply have to type credit card number into www page off the vendor for online transaction if electronic transactions are not secured the credit card numbers can be stolen by the hackers who can misuse this card by impersonating the credit card owner.
Phishing -
It is technique of pulling out confidential information from the bank/financial institutional account holders by deceptive means.
Salami Attack -
In such crime criminal makes insignficant changes in such a manner that such changes would go unnoticed. Criminal makes such program that deducts small amount like 2.50 per month from the account of all the customer of the Bank and deposit the same in his account. In this case no account holder will approach the bank for such small amount but criminal gains huge amount.
Mode and Manner of Commiting Cyber Crime -
There are various modes or methods by which cyber crime can be commited such as email bombing, salami attacks, denial of service attack, Torjan attack, Thefting, virus attacks, data daddling, web jacking and internet time thefts.
1. Email Bombing : This kind of activity refers to sending large numbers of mail to the victim, which may be an indivisual or a company or even mail servers there by ultimately resulting into crashing.
2. Salami Attacks : This kind of crime is normally prevalent in the financial institutions or for the purpose of committing financial crimes. An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed.
3. Torjan Attacks : This term has its origin in the word "Torjan hourse". In software field this means an authorized program, which passively gains control over another's computer by representing itself as an authorized program. The most common form of installing a Torjan is through e-mail.
4. Thefting information : This includes information stored in computer hard disk, removable storage media etc. Theft may be either by appropriating the data physically or by tempering them through the virtual medium.
5. Virus/Worm Attacks : Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on the computer's memory.
6. Data Diddling : This kind of an attack involves altering raw data just before a computer processes it and then changing it back after the processing is completed. The electricity board faced similar problem of data diddling while the department was being computerized.
7. Logic Bombs : These are event dependent programs. This implies that these programs are created to do something only when a certain event occurs. Even some viruses may be termed logic bombs because dormant all through the year and become active only on a particular date.
8. Internet Time Theft : Normally in these kind of thefts the internet surfing hours of the victim are used up by another person. This is done by gaining access to the login ID and the password.
9. Web Jacking : This term is derived from the term hi jacking. In these kinds of offences the hacker gains access and control over the website of another. He may even manipulate or change the information of the website. This may be done for fulfilling political objectives or for money.
Need of Cyber Security -
There are many types of cyber threats that can attack your devices and networks, but they generally fall into three categories. The categories are attacks on confidentiality, integrity and availability.
• Attacks on confidentiality : These include stealing your personal identifying information and your bank account or credit card information. Many attackers will take your information an sell it on the dark web for others to purchase and use.
• Attacks on intergrity : These attacks consist of personal or enterprise sabotage and are often called leaks. A cybercriminal will access and release sensitive information for the purpose of exposing the data and influencing the public to lose trust in that organization.
• Attacks on availability : The aim of this type of cyber attack is to block users from accessing their own data until they pay a fee or ransom. Typically, a cybercriminal will infiltrate your network and block you from accessing important data, demanding that you pay a ransom. Companies sometimes pay the ransom and fix the cyber vulnerability afterward so that they can avoid halting business activities.
Prevention of Cyber Crime -
- Protect your e-identity : Be cautious when giving out personal information such as your name, address, phone number or financial information on the internet. Make sure that websites are secure or that you've enabled privacy settings.
- Protect your Data : Use encryption for your most sensitive files such as tax returns or financial records, make regular back-ups of all your important data and store it in another location.
- Avoid being scammed : Always think before you click on a link or file of unknown origin. Don't feel pressured by ny emails. Check the source of the message. When in doubt, verify the source. Never reply to emails that ask you to verify your information or confirm your user ID or password.
- Secure your Mobile Devices : Be aware that your mobile devices is vulnerable to viruses and hackers. Download applications from trusted sources.
- Call the right person for help : Don't panic! If you are a victim, if you encounter illegel Internet content or if you suspect a computer crime, identity theft or a commercial scam, report this to your local police.
- Install the latest operating system updates : Keep your applications and operating system current with the latest system updates. Turn on automatic updates to prevent potential attacks on older software.
- Password : Use different user ID/passwords more complicated by combining letters, numbers, special characters (minimum 10 characters in total) and change them on a regular basis.
- Be Social-Media Savvy : Make sure your special networking profiles are set to private. Check your security settings. Be careful what information you past online. Once it is on the internet, it is there forever!
- Firewall : Firewalls are the first line of cyber defense; they block connections to unknown or bogus sites and will keep out some types of viruses and hackers.
- Secure your wireless network : Wi-Fi networks at home are vulnerable to intrusion if they are not properly secured. Review and modify default settings. Public Wi-Fi, "Hot Spots", is also vulnerable. Avoid conducting financial or corporate transactions on these networks.
Malwares and Malware Types -
Malware is a category of computer infection. Viruses are the most familiar infection. This infection type is what its name implies, spying on you and your computer activity. Adware is fed by Spyware. Spyware sends messages back to developer and then Adware is sent to your computer, creating popup. Worms are familiar to some as a form of infection also. This type eats your data until the drive is empty. There is an infection called a bot which even though it has small name, its affect is deadly. This type of malware communicates with the source developer of the bot and sends information from computer. The information being sent could be your email address or your ID's and passwords.
Adware - The least dangerous and most lucrative Malware. Adware displays ads on your computer.
Spyware - Spyware is software that spies on you, tracking your internet activities in order to send advertising back to your system.
Virus - A virus is a contagious program or code that attaches itself to another piece of software and then reproduces itself when that software is run. Most often this is spread by sharing software or files between computers.
Worms - A program that replicates itself and destroys data and files on the computer. Worms work to "eat" the system operating files and data files until the drive is empty.
Backdoors - Backdoors are much the same as Trojans or worms, except that they open a "backdoor" in a computer, providing a network connection for hackers or other Malware to enter or for viruses or SPAM to be sent.
Keyloggers - Records everything you type on your PC in order to glean your log-in names, passwords and other sensitive information, and send it on to the source of the keylogging program. Many times keyloggers are used by corporations and parents to acquire computer usage information.
Rouge security software - This one deceives or misleads users. It pretend to be a good program to remove Malware infections, but all the Malware. Often it will turn off the real Anti-Virus software.
Thank you.
0 Comments
If you have any problem, then please contact us.