What is Cyber Security

The meaning of the term cyber security has evolved in recent years. Cyber security is a collection of technologies, processes & practices designed to protect networks, computers, programs & data from attack, damage or unauthorized access. In other words, Cyber security is security applied to computer devices such as computer & smartphones as well as computer networks such as private & public networks including whole internet.

Traditionally, computer facilities have been physically protected for three reasons:

  • To prevent theft of or damage to the hardware.
  • To prevent theft of or damage to the information.
  • To End-User Education: prevent disruption of service.

Types of Cyber Security

Cyber security can be divided into the following types:

Network Security:

It is the practice of securing a computer network from intruders. It consists of the policies, processes, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. It involves the authorization of access to data in a network, which is controlled by the network administrator.

Application Security:

It focuses on keeping software and devices free of threats. A compromised application could provide access to the data, it is designed to protect in the first place. Successfully security begins in the design stage, well before a program or device is even deployed.

Information Security:

It protects information from unauthorized access to avoid identity theft & to protect privacy. Major techniques used to cover this are: Identification, Authentication & Authorization of user & Cryptography.

Operational Security:

In includes the processes & decisions for handling & protecting data assets. The permissions users have when accessing a network & the procedures that determine how & where data may be stored or shared, all fall under this.

Disaster Recovery Planning:

It is process that includes performing risk assessment, establishing priorities, developing recovery strategies in case of a disaster. Any business should have a concrete plan for disaster recovery to resume normal business operations as quickly as possible after a disaster.

End-User Education:

It addresses the most unpredictable cyber security factor: Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices. Teaching users to delete suspicious e-mail attachments, not plug in unidentified USB drivers & various other important lessons, is vital for the security of any organization.

Learn About Important Terms on Cyber Security

Some important terms used in cyber security are:

Vulnerability:

It is a weakness which allow an attacker to reduce a system’s information assurance. It is the intersection of three elements:

  • A flaw in the system.
  • Access to the flaw by an attacker.
  • The attacker’s capability to exploit the flaw.

To exploit vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness.

Backdoors:

It is a method of bypassing normal authentication, securing remote access to a computer or obtaining access to plain text, while attempting to remain undetected. It may take the form of an installed program or could be a modification to an existing program or hardware device. It may also system’s fake information about disk & memory usage.

Denial-of-Service Attacks:

Unlike other exploit, Denial-of-service attacks are not used to gain unauthorized access or control of system. A denial of service is a attack, it meant to shut down a machine or network, making it inaccessible to its intended users.

Direct-Access Attacks:

An unauthorized user, gaining physical access to a compute, can perform many functions, Install different types of devices to compromise security, including operating system modification, software worms, keyloggers & listening devices. The attacker can also easily download large quantities of data onto backup media, for instance a hard disk, DVD or portable devices such as pen-drives.

Exploits:

An exploit is a piece of software, a chunk of data, or sequence of commands that takes advantage of a software “bug” or “glitch”, in order to cause unintended or unanticipated behavior on computer software, hardware or something electronic. The terms exploit generally refers to small programs designed to take advantage of a software flaw, that has been discovered, either remotely or locally.

Indirect Attacks:

It is an attack launched by a third-party computer. By using someone else’ computer to launch an attack, it becomes far more difficult to track down the actual attacker.

Learn About Cyber Crime & its Categories

The term cyber crime can be defined as criminal activity directly related to the use of computers, specifically illegal trespass into the computer system or database of another, manipulation or theft of stored or online data & data. It can also be defined as any crime with the help of computer and telecommunication technology with the purpose of influencing the functioning of a computer or computer system. In general, cyber crime refers to any crime that involves a computer and a network.

Fig-Cyber crime

 

Categories of Cyber Crime

The various acts that come under the categories of cyber crime are:

Hacking

It is the gaining of access(wanted or unwanted) to a computer & viewing ,copying or creating the data without the intention of destroying the data or maliciously harming the computer.

E-mail spoofing

It is the creation of e-mail message with a forged sender address.  Distributors of spam often use spoofing in an attempt to get recipients to open & possible even respond to, their solicitations.

SMS Spoofing

it is a relatively new technology which uses the short message service, available on most mobile phones & personal digital assistants, to set who the message appears to come from by replacing the originating mobile number(Sender ID) with alphanumeric text.

Phishing

It schemes are one of the chief ways in which people end up with their identity stolen & a computer full of viruses. A phishing scheme starts when we receive an e-mail from a website claiming to be our bank or credit card company. Many times, when we visit these sites, spyware, adware & viruses are automatically installed on our computer.

Identity Theft

It happens when fraudsters access enough information about someone’s identity such as name, date of birth, current or previous addresses to commit identity fraud. It can take plan whether the fraud victim is alive or dead.

Cyber Bullying

The use of electronic communication to bully a person, typically by sending message of an intimidating or threatening nature, is an activity that is on the the rise among urban areas & common among students & fellow employees.

Spam

It is irrelevant or unsolicited mail sent over the internet, typically to large numbers of users. for the purpose of advertising, phishing, spreading malware etc. It is also known as a junk mail.

Cyber Terrorism

It is the act of internet terrorism in terrorist activities, including acts of deliberate, large-scale disruption of computer networks, especially of personal computer attached to the internet by the means of tools such as computer viruses.

Learn About for Cyber Crime Law, Prevention & Reporting A Cyber Crime

It also called IT Law, is the law regarding Information-technology including computers and Internet. Cyber Law is related to legal informatics & supervises the digital circulation of information, software, information security & E-commerce.

When the emphasis was on the need for cyber law, then it was imperative to implement an IT law in India. Thus,the IT Act,2000 or also known as the Indian Cyber Act or the Internet Law came to force in India.

The Objective of information technology laws in India is as follow:

  • To provide legal recognition for all E-transactions.
  • To give legal recognition to digital signatures as a valid signature to accept agreement online.
  • To give legal recognition to keeping accounting books in electronic form by bankers as well as other organizations.
  • Protection of online privacy & stopping cyber crimes.

Prevention of Cyber Crimes

The following points are effective in preventing cyber crimes:

  • Use Different User ID/Password combinations for different accounts & avoid writing them down and make the password more complicated.
  • Secure the computer from virus attacks, unauthorized access & spyware attacks.
  • Secure the social networking profiles such Facebook, Twitter, YouTube etc. & are set to private.
  • Be aware that our mobile device is vulnerable & hackers.
  • Download the application from trusted source only.
  • Install the latest operating system updates.
  • Use Encryption for most sensitive files such as tax returns or financial records.
  • Make regular backups of all the important data & store it in different locations.
  • Always think before click on a link or file of unknown origin & check the source of Message.
  • Never reply to e-mails that ask to verify the information or confirm our user id/password.
  • Report any activity, to the concerned authorities that think may lead to a cyber crimes.

Reporting a Cyber crimes

If any cyber crimes happens, one must first report it to parents, school authorities & ten to police.

To report a cyber crime:

  • The local police can be approached for filling a complaint just as the cyber crime cell specially designated with the jurisdiction to register complaint.
  • Provisions have now been made for filling of “E-FIR” in most of the states.
  • The Ministry of Home Affairs is also launching a website for registering crimes against women & children online ,including cyber crimes.

Link is Here: https://cybercrime.gov.in/

Leave a Reply