Why Cyber Security is necessary for 2021
This is an important topic because when it comes to data privacy and security, Cyber Security has an important role. It prevents leaking data on Social Media or anywhere on the internet without user permission. Cyber Security helps organizations to protect their data from theft and damage from Cyber Criminals. There are many security breaches, frauds, malicious attacks, etc happening around right now. It is necessary to keep the internet well ordered and safe for users and this is possible with the help of Cyber Security.
Entering The World Of Cyber Security
Now, what is Cyber Security?
Cyber Security is a practice of protecting Cyber-Technologies and threats. It protects from Cyber Criminals, hackers, Carders, and anybody who wants to harm you or engage you in online data theft. Cyber Security helps all government or non-government organizations to secure their data from data breaches.
What are Cyber-Technologies?
Cyber Technologies are things that require hardware and software to run. So in order for any piece of cyber technology to function, you would require it to have hardware and software. Some examples of Cyber-Technologies are – Smartphones, Computers, Gaming Consoles, etc. Mainly any device you use to access the internet is related to Cyber-Technologies because the internet plays such an important role in our daily lives today so it’s easy to understand what are Cyber-Technologies.
What are Cyber Threats?
Basically, there are many threats to Cyber Security that can cause serious damage to the organization. Cyber threats are also known as Cyber Attacks which are used to gain unauthorized access or causing damage to a particular system, computer network, or to the organization to steal a piece of confidential information.
Some Cyber Threats are:-
- Network Security
- Application Security
- Information Security
- Operational Security
- Risk Minimization
- Human Error
1. Network Security
The network is usually considered as the first point of penetration of the target system. The network is a favorite infiltration point for the hacker since they can maintain their anonymity better. This is because access to the network grants hackers the whole range of attack possibilities, plus network penetration can usually be done remotely. Thus the hacker has a higher chance to maintain his anonymity from a security standpoint.
2. Application Security
Application security is no less important since contemporary software is usually complex. The contemporary software is usually complex, this means that there is more room for security loopholes. Applications Security specialists deal with security flaws of software. Cyber Criminals are specialized to find and exploit vulnerabilities in applications to steal data and sensitive information. Application Security helps to protect the applications (such as smartphones, desktop, web) from any kind of malicious attacks from hackers.
3. Information Security
Another field of the enterprise of Cyber Security specialists from this field deal with Confidentiality, Integrity, and Availability ( CIA ) of information.
Basically, the point is that information needs to be complete and trustworthy. At the same time, it needs to have restricted access for people who are not authorized to view it. However, it should be open to people who have authorization.
- Confidentiality – Confidentiality means the data cannot be accessed by an unauthorized user and the data cannot be shared only with the authorized person or the user who is given in charge to take care of the data within the organization. The user in charge has a right to block any attempt done by the unauthorized person and can identify the one who is trying to get unauthorized access. Passwords, encryption, authentication, and defense against penetration attacks are all techniques designed to ensure confidentiality.
- Integrity – Integrity means arranging the data into a correct state preventing it from an improper modification from accidentally or maliciously. Confidentiality and Integrity work together to ensure that the data is completely safe and arranged properly. There are a lot of applications that use checksums to verify the data integrity that helps the user to keep all the confidential information private and safe that is why all the applications( Pc, Android, iPhone) have a new feature to automatically backup the user’s data and keep it completely private.
- Availability – Availability is also an important term of the CIA, it’s a mirror image of Confidentiality that makes sure the data cannot be accessed by an unauthorized user and those who have proper permissions can only have access to it. The data Availability also matches all the necessary resources for a safe backup for a recovery process whenever needed by the user.
4. Operational Security(OPSEC)
To put it simply, it is a process of efficient decision-making regarding the management of security. Basically, this means the protection of data assets of the individual or a company and management of the access permissions. You can view this as a set of effective regulations and procedures to keep an individual or a company safe from cyber threats. OPSEC also monitors the behavior of the users on social media sites preventing them from sharing critical or discouraging information.
The OPSEC process includes the following five steps:
- Identification of Critical Information
- Identify the Threat
- Analysis of Vulnerabilities
- Analyze the Risk
- Develop and Apply Countermeasures.
Identification of Critical Information
Critical information is the private data of the organization’s intentions, activities, capabilities that are used for organization success. The OPSEC process identifies critical information and determines when that information may cease to be critical in the life cycle of an operation, program, or activity.
Identify the Threat
Threat identification is an important process to check the critical information of the organization is safe or leaked via malicious attacks caused by hackers or cybercriminals. It is necessary to secure the data of the organization by identifying the threats caused by the cybercriminals.
Analysis of Vulnerabilities
Analysis of Vulnerabilities is a systematic process or a technique to identify the weaknesses and fixing them by safeguarding the level of security systems to protect specific targets from specific adversaries and their acts. It is also necessary for organizations to always update and increase the level of security layers to prevent unwanted attacks from cybercriminals.
Analyze the Risk
Risk Assessment is the process of determining the likelihood (probability) of an adversary successfully exploiting a vulnerability and the resulting degree of damage or impact on an asset. Analyzing the risk is a great responsibility to check the threats and fixing without any losing information also double-check the data whether is secured or not.
Develop and Apply Countermeasures
In the final step, countermeasures are developed to protect the activity. Ideally, the chosen countermeasures eliminate the adversary threat, the vulnerabilities that can be exploited by the adversary, or the utility of the information. In assessing countermeasures, the impact of the loss of critical information on organizational effectiveness must be balanced against the cost of implementing corrective measures. Possible countermeasures should include alternatives that may vary in terms of feasibility, cost, and effectiveness. Based on the probability of collection, the cost-effectiveness of various alternatives and the criticality of the activity countermeasures are selected by the program manager.
5. Risk Minimization
Risk Minimization is a principle to decreasing the risk as small as possible. Minimization improves security by reducing the number of things that can go wrong, the number of points open to attack, the duration of high-risk exposure, the value of the assets you have to protect, and the consequences of failures. Even though it’s often tempting to add more security when faced with a problem, the drawbacks of that added security can prove more damaging than doing nothing at all, and the better option still would be to further minimize what you already have.
6. Human Error
Whereas specialized arrangements like spam channels and portable gadget administration systems are vital for ensuring end-users, with the number of threats and the huge number of systems and communications through which staff performs work, the one binding together chance figure that must be tended to progress on a very basic level, security is the part of human mistake. A human error can show in a large number of ways: from falling flat to introduce program security overhauls in time to having weak passwords and giving up delicate data to phishing emails.
Types Of Cyber Attacks
First of all, let’s see What is a Cyber Attack?
Cyber Attack is a violation or an assault caused by cybercriminals on computer systems or networks by using malicious code to alter computer code, logic, or data and lead to cybercrimes, such as information and identity theft. Cybercriminals use a variety of methods to launch a cyber-attack, including malware, phishing, ransomware, denial of service, among other methods.
Cyber-attacks can be classified into the following categories:
1. Injection Attack – An attack in which some codes are injected into a web application to fetch personal information by manipulating the application. This type of cyber-attack used to take control of and steal data from a database. Example- SQL Injection, Code Injection, log Injection, XML Injection, etc.
2. Malware – Malware, also known as Malicious Software gets activated when a user clicks on a malicious link or attachment, which leads to installing dangerous software. Once the user clicks on the malicious link, the Malware can perform the following actions:
- Block access to key network components.
- Install additional harmful software.
- Covertly obtain information by transmitting data from the hard drive.
- Disrupt individual parts, making the system inoperable.
3. Phishing – Phishing is a type of attack which attempts to steal sensitive information like user login credentials and credit card number. Phishing attacks use fake communication, such as an email, to trick the receiver into opening it and carrying out the instructions inside, such as providing a credit card number.
4. Distributive Denial of Service(DDoS) – A distributed denial of service (DDoS) attack is when an attacker attempt to make it impossible for a service to be delivered. A distributive DoS (DDoS) attack originates from a computer network. Cyber attackers often use a flood attack to disrupt the “handshake” process and carry out a DoS. It uses a single system and single internet connection to attack a server.ts goal is to saturate the bandwidth of the attacked site and is measured in bit per second. It consumes actual server resources and is measured in a packet.
5. Emotet – The Cybersecurity and Infrastructure Security Agency (CISA) describes Emotet as “an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans. Emotet continues to be among the most costly and destructive malware.”
6. Man in the Middle – MITM is an attack that intercepts the network between the server and the client. Attackers insert themselves between the visitor and the network and then use malware to install software and use data maliciously. The goal of this attack is to steal personal information, such as login credentials, account details, and credit card numbers.
7. URL Interpretation – It is a type of attack where we can change certain parts of a URL, and one can make a web server to deliver web pages for which he is not authorized to browse.
8. Dictionary attacks – This type of attack stored the list of commonly used passwords and validated them to get the original password.
9. Brute force – It is a type of attack which uses a trial and error method. This attack generates a large number of guesses and validates them to obtain actual data like user passwords and personal identification numbers. These attacks are done by ‘brute force’ meaning they use excessive forceful attempts to try and ‘force’ their way into your private accounts.
10. File Inclusion attacks – It is a type of attack that allows an attacker to access unauthorized or essential files which is available on the webserver or to execute malicious files on the webserver by making use of the included functionality.
Let’s learn about Computer Viruses
What is a Computer Virus?
A Computer Virus is a Malicious computer program or code written to alter the way a computer operates and is designed to spread from one computer to another. A virus operates by inserting or attaching itself to a legitimate program or document that supports macros in order to execute its code. In the process, a virus has the potential to cause unexpected or damaging effects, such as harming the system software by corrupting or destroying data.
Once a virus has successfully attached to a program, file, or document, the virus will lie dormant until circumstances cause the computer or device to execute its code. In order for a virus to infect your computer, you have to run the infected program, which in turn causes the virus code to be executed. Across the world, Computer viruses are a great issue of concern as they can cause billions of dollars worth of harm to the economy each year.
The Top 10 dangerous computer virus are given below:
1. CodeRed – The Code Red worm was discovered by two eEye Digital Security employees Marc Maiffret and Ryan Permeh. They named it “Code Red” because they were drinking Code Red Mountain Dew. The Code Red surfaced in 2001 and the work targeted computers with Microsoft IIS web server installed by exploiting a buffer overflow problem in the system.
Once the computer is infected, it will proceed to make a hundred copies of itself but due to a bug in the programming, it will duplicate even more and ends up eating a lot of the system’s resources. It will then launch a denial of service attack on several IP addresses, famous among them was the attack on the White House website. It also allows backdoor access to the server, allowing for remote access to the machine.
2. Boot sector virus – This type of virus can take control when you start — or boot — your computer. One way it can spread is by plugging an infected USB drive into your computer.
3. Zeus Gameover – Zeus Virus is part of the “Zeus” family of malware and viruses and it was first discovered in 2011. This virus is a form of malicious software that targets Microsoft Windows. Spam messages and drive-by downloads are two main methods of infection.
The main purpose of the Zeus virus is to access the victim’s sensitive bank account details and steal all of the victim’s funds. The virus can bypass centralized servers and create independent servers to send sensitive information and a victim cannot even trace his/her stolen data. Also in some cases, Zeus can download ransomware that encrypts your files and demand money in exchange for unlocking them.
4. Trojan horse – It is a malicious program that occurs unexpected changes to computer settings and unusual activity, even when the computer should be idle. It misleads the user of its true intent. It appears to be a normal application but when opened/executed some malicious code will run in the background.
5. CryptoLocker – CryptoLocker Ransomware was released in September 2013 and it spread through email attachments and encrypted the user’s files so that they couldn’t access them. This virus is a dangerous form of ransomware that encrypts files on the computer. A Victim has to pay a certain amount through bitcoin in exchange for being able to access the file or documents. To decrypt the file, a person/victim should have a private key to decrypt the file. Once the files are infected, the files are effectively lost forever.
6. Nimda – Nimda first appeared on September 18, 2001, and it spread through the Internet rapidly. In fact, it only took 22 minutes from the moment Nimda hit the Internet to reach the top of the list of reported attacks. The main purpose of the Nimda virus was to bring Internet traffic to a crawl. By creating a backdoor in the victim’s operating system, it gives access to the attacker to the same level of functions. Also, if the victim was the administrator for the machine, the attacker would have full control.
7. Spyware – A program that secretly records what a user does, so that cybercriminals can make use of this information. For example, spyware could capture credit card details.
8. Resident Virus – A virus that saves itself in the memory of the computer and then infects other files and programs when its originating program is no longer working. This virus can easily infect other files because it is hidden in the memory and is hard to be removed from the system.
9. Browser hijacker – This type of virus “hijacks” certain web browser functions, and you may be automatically directed to an unintended website.
10. Macro virus – Macro viruses are written in the same macro language used for software applications. Such viruses spread when you open an infected document, often through email attachments.
For any queries email us at [email protected]