Friday 11 March 2022

How cyber security can be improved

Computing is playing a vital role in each aspect of life. With the internet taking over the world as of today and it being such an important commodity as a large bunch of people, depend on the Internet for various reasons may it be in the field of banking, cloud, data analysis, simulations, data interpretations and the likes which help day to day living lean towards a progressive upwards curve and meanwhile also making life easier.

There are various ways the internet can be misused to various extents like stealing money using one’s information by hacking, data theft etc. Moreover, to put an end to such ongoing activities, there is a strong need for cyber security.  Thus, it is important to understand the cyber security and how cyber security works.

Cyber security is an important aspect of the cyber, which we cannot ignore because protecting the data online and the network infrastructure is very vital for function or different organisations and governments. Breach or damage of data or information may cause serious effects on the day-to-day business and may lead to financial losses.

What do you mean by Cyber?

Cyber means your online presence on the Internet like [Facebook, Twitter, WhatsApp, Gmail, Email, YouTube, Pinterest, Instagram] etc. and security is about securing your CODE.

How does Cyber Security help?

We as a whole live in a world that is networked together, from web banking to government foundation, where information is put away on PCs and different gadgets. A bit of that information can be sensitive data, regardless of whether that be intellectual property, money related information, individual data, or different sorts of information for which unapproved access or exposure could have negative results.

Cyber security helps to protect not only the individual but business, inspire customer confidence, stop one’s website from crashing, protection of data of customers and clients.

In general, cyber security is the technology and process that is designed to protect networks and devices from attack, damage or unauthorized access.  It comprises advances, procedures and controls intended to ensure frameworks, networks, programs, gadgets and information from cyber threats or attacks.


Elements of Security

There are three types of elements. Namely physical, system and process elements

Physical Elements

System Elements

Process Elements

  • Security Guard
  • CCTV Camera
  • R Zone
  • Downloading
  • Access Rights

  • Anti-Virus
  • Malicious Software
  • Detection Solution
  • Disable Security Ports
  •  

  • Authorised User
  • Access Control
  • Log Entry

The pertinent question is why cyber security?  It comprises CIA i.e. Confidentiality, Integrity and Availability.

Confidentiality: Only data is accessed by authorized parties, data is not compromised by any other person.

Integrity: Data should not be modified by anybody who is a non-authorized user, modification can be done at bit, byte or data level.

Availability: System functions and data must be available on-demand according to agreed parameters to authorized users.

Types of Web

  1. Surface Web
  2. Deep Web
  3. Dark Web
  4. Marina Web [appears to get its name from the deepest part of the ocean, Mariana’s Trench]

Cyber Attacks

Cyber-attacks are presently a worldwide concern and has given numerous worries that hacks and other security assaults could imperil the worldwide economy.

The threat of cyber-attacks is very real and ever- growing.  The danger of cyber-attacks could vary from a small fraud to compromising an entire nation’s security installation and its economy. As technology is evolving every day, so are these hackers finding new ways to target people

HACKER

H – Hide IP

A – Aim Victim

C – Crack Encrypt

K – Kill Firewall

E- Enter into Database

R – Return Anonymous

Types of Hackers

Black Hat: Malicious Hacker [penetrate systems without permission to exploit]

White Hat: Ethical Hacker [penetrate system with the owner’s permission and mitigate cyberattacks]

Grey Hat: Not malicious but not always ethical [Draw attention to vulnerabilities and offer a solution to patch them by charging fees]

Green Hat: New, unskilled Hacker [Newbie hackers who are learning to hack]

Blue Hat: Vengeful Hacker [Hackers who seek to take personal revenge]

Red Hat: Vigilant Hacker [Hackers who use cyberattacks to attack black hat hackers]

Other types of hackers

Suicide hacker [Individuals who aim to bring down critical infrastructure for a cause and are not worried about facing jail or any other punishment by law are known as suicide hackers]

Script Kiddie [An unskilled hacker who compromises systems by running scripts, tools and software developed by real hackers.

Cyber Terrorist [Text Box: 2 / 1 / 2 0 X XIndividuals with  a        wide range of skills motivated by religious or political beliefs to create fear by large scale disruption of computer networks.




Cyber Crimes

Most   of  the  cybercrimes  are carried  out  to generate  money  for  the  cyber criminals.  They are carried out against computers or devises directly to damage or disable them, spread malware and steal secret information.

Computer as a target crimes Criminal activities focused  on  systems,  servers,  networks   and data  stored in the system. India stands 1t 19th position in cybercrime.

History of Cyber Crime

  • Pentagon & IBM data were hacked
  • Cybercriminals launched attacks against eBay, Yahoo, CNN, Amazon, and others
  • 758 million malicious attacks occurred according to Kaspersky

Types of Cyber Crime

  • Email Hacking
  • Fake Profile on social media
  • Data Theft
  • Phishing
  • Credit Card Fraud
  • Software piracy
  • Copyright infringement, trademark violations
  • Threatening or defamatory emails (Demanding ransom or damaging reputation of the target)
  • Pornography
  • Homography attack
  • Identity theft (using someone’s identity for transactions)

A bit of caution

If a company you have an    account with has suffered a data breach it is possible  your email  may have been  pwned, which means your email and password for that site's account has been exposed to cybercriminals. haveibeenpwned.com is a website that checks if an account has been compromised.

What to do

  1. Never read an unknown message
  2. Never respond to an unknown message
  3. When a text message is APK bine then it extracts and installs your information which in turn you compromise with your security
  4. Doubly secured your email and Phone
  5. Never share OTP with anyone
  6. Do not click on any website

Mobile Hacking

There are two ways to hack a mobile phone.

  1. Manual Installation
  2. SMS Installation

With your permission application can be installed manually  and  then  they can     access your entire phone.

Installation by sending SMS, Generally APK file is installed through which hackers  can see  your entire phone.

Difference of Passive versus Active Attackers

Passive

Active Attacker

Read the message sent by X to Y they observe and do not modify

They are opposite to Passive attackers.  They try to corrupt data, documents, systems.

Purpose is spying

Purpose is crime

Threat to confidentiality

Threat to all

Does not affect the system

Affect the system

Remember

Plain text/original text, which is understandable, the readable format is sent by Mr X to Mr Y if it is not encrypted then there are chances of active attacks by an intruder who can capture the control of your data system.

Most common attack in Cyber Security

  • Malware attack
  • Password attack
  • Phishing
  • Man in the middle
  • Birthday attack
  • Cross-site scripting attack

It is important to note that there are cyber security experts who look after the data and find ways how to safeguard it.

Who is a Cyber Security Expert?

A cyber security expert is an individual employed by an organization to protect their data, they do with the help of techniques like finding weaknesses, monitoring systems, network breaches.  After finding the weakness they repair and then strengthen the areas where an attack may have occurred.

Domains in Cyber Security

  • Asset Security 
  • Security architecture & engineering 
  • Communication & Network Security 
  • Identity and access management 
  • Security Operations 
  • Software development security 
  • Security Assessment & Testing 
  • Security & Risk Management

What is the solution?

The solution is to Prioritize, Authorize and Educate.

Prioritize

Authorize

Educate

Secure Password

Way Authentication

Make sure to educate your family members for safe usage of social media and the internet

Anti-Virus & Regular Updates

Security DNS (Domain

Name System)

Do not share your computer or mobile with any strangers

 

Installing Firewall in a system

 

Encryption

 

Conclusion

Nowadays there are numerous Business firms, industries and organizations which are completely dependent on the information systems to manage their operations and carry out their daily activities, stay connected and communicate with the customers and suppliers and to gather all the required information and get the idea of the day-to-day market. 

Whilst the scale of Internet-connected systems has increased considerably, these systems are being exposed to cyber-attacks more than ever. The complexity and dynamics of cyber-attacks require protecting mechanisms to be responsive, adaptive, and scalable.

Given the persistent nature of the threat, there is a need to establish a strong digital frontier to tackle this dangerous menace.


- No comments:
Labels:
Location: United States
Subscribe to: Posts (Atom)

Empowering women and girl to end child labour

The term “child labour” is often defined as work that deprives children of their childhood, their potential and their dignity, and that is ...