 |
| Photo by cottonbro from Pexels |
Basics of Cyber Security
We all live in a internet era. From booking travelling tickets to ordering food , everything in man's life is going online. Internet plays a major role in the life of a modern man. But if it is not used properly it can make your life hell as well. As many online frauds are happening now a days. So , to protect yourselves from online fraud's, you should be aware of cyber security basics.
So, in this blog i will be sharing some basics of cyber security which are following -
Things you will learn about cyber security are following -
- What is cyber security ?
- Why we need cyber security?
- What is CIA Triad ?
- Vulnerability , Threat & Risk
1.What is Cyber Security ?
Cyber Security is the protection of internet-connected systems, including hardware, software and data from cyber attacks. To protect yourself from all sorts of cyber attacks , there is a way to protect from cyber attacks and that is called Cyber Security. In a computing context security comprises of cyber security and simple security. Both are used by enterprises to protect against unauthorized access to data centers and other computerized systems information security, which is designed to maintain the confidentiality, integrity and availability of data is a subset of cyber security. The use of cyber security can help prevent against cyber attacks, data breaches ,identity theft.
Cyber Security protect against what ?
- Unauthorized Access.
- Unauthorized Deletion.
- Unauthorized Modification
As we are living in a digital era whether it be booking a hotel room, ordering food or booking a cab, we are constantly using the internet and inherently constantly generating data this data is generally stored on the cloud , which is basically a data server or data center that you can access online. Also , we use an array of devices to access this data, now for a hacker it's a golden age with so many access points, public ip addresses and constant traffic and tons of data to exploit, black hat hackers are having tons of data to exploit, black hat hackers are having one hell of a time exploiting vulnerabilities and creating malicious software for the same above that cyber attacks are evolving, by the day hackers are becoming smarter and creative and how they bypass virus scans and firewalls still confuses so many people . Below is list of cyber threats-
 |
| Types of Cyber threats |
Malware -
Malware is an all-encompassing term for a variety of cyber threats including trojans, viruses and worms. Malware is simply defined as code with malicious content that typically steals data or destroy something on the computer.
Phishing-Often posing as a request for data from a trusted third party phishing attacks are sent via email and ask users to click on a link users to click on the link and enter the personal data . Phishing emails have gotten much more sophisticated in recent years making it difficult for some people to discern a legitimate request for information from a false one phishing emails often fall into the same category as spam but are more harmful that a simple advertisement.
Password Attacks-
A password attack is exactly what it sounds like , a third party trying to gain across to your system by tracking a user's password.
It stands for Distributed Denial-Of-Service. This Attacks focuses on disrupting the service of a network a darker send high volumes of data or traffic through the network that is making a lot of connection requests until the network becomes overloaded and can no longer function.
Main in the Middle Attacks-
By impersonating the endpoint in an online information exchange, that is the connection from your smartphone to a website to a website.This Attack can obtain information from the end users and entity he or she is communicating.
Example - If you are banking online the man in the middle would communicate with you by impersonating your bank and communicate with the bank by impersonating you the man in the middle would then receive all the information transferred between both the parties which could include sensitive data such as bank accounts and personal information .
Drive-By Downloads-
Through malware on a legitimate website a program is downloaded to a user system just by visiting the site. It doesn't require any type of action by the user to download it actually.
Mal-advertising-It is a way to compromise your computer with malicious code that is downloaded to your system when you click on an affected ad.
Rogue Software-Recent cyber attacks
- Capitol One breach.
- The Weather Channel ransomware.
- U.S. Customs and Border Protection/Perceptics.
- Citrix breach.
- Texas ransomware attacks.
- WannaCry.
- NotPetya.
- Ethereum.
3.The CIA Triad -
The CIA triad is commonly referred as a three pillars of security and more security policies of bigger organizations.And even smaller companies are based on these three principles.In C.I.A Triad, C stands for Confidentiality, I stands for Integrity and A stands for Availability.
Types of attacks on CIA are shown below -
|
Confidentiality |
Integrity |
Availability |
|
Cracking encrypted data |
Web penetration for
malware insertion |
Dos/Ddos Attacks |
|
Data leakage or unauthorized copying of
sensitive data |
Maliciously accessing
servers and forging records |
Ransomware Attacks-forced encryption of important data |
|
Installing
spyware/malware on a server |
Unauthorized database
scans |
Flooding a server with
too many requests |
Steps to fix a cyber crime-
Vulnerability-
In context of cyber world, vulnerability refers to a bug/error in software or hardware which remains to be fixed is prone to be exploited to cause a damage to CIA triad.
Threat-
Risk-
Risk refers to the potential for loss or damage when a threat exploits a vulnerability.Risk Management is key to Cyber Security. Risk =Threat * Vulnerability.
I hope you will find these blog helpful. Thanks for reading, Have a good day ahead.
Useful blog, keep sharing with us.
ReplyDeletePrinciples of Cyber Security
Fundamentals of Cyber Security