Cyber security Introduction

In our modern world, most people are using cyberspace for many things like shopping, social media, playing games, watching movies, even paying today's bills, which has many potential traps. In this tutorial, we are going to learn about the internet and the security measures for using the internet safely and the need for the security of the internet. 

What is Cyber Security?

Security means protecting something from unauthorized or malicious attacks. Here also in the same definition, the term cyber security means protecting the systems such as computers, mobile, or any other devices or the data that is connected to the internet or inside the internet from malicious attacks.
Simply the term “cyber security” is formed by joining two words, which is “cyber” that means the internet that includes all the devices like computers, phones, routers, switches, and the data related to the internet and “security” means protecting them from the hackers or criminals who attack in cyberspace.
Therefore, as a definition, we can say “cyber security refers to a collection of principles or procedures which help to protect our information and the devices from all types of threats on the internet”.

What is the need for cyber security?

Now we think about why I should be concerned about such types of threats and security, which is related to the internet? it is only for someone who is a software professional or someone who is working in cyberspace. 

The answer is no. Every one of us is using the internet and the services that use the internet in all our day-to-day activities like social media, online transactions, online shopping, online bill payments, and more that we can’t explain. Most of our phones are always connected to the internet and we all are a part of cyberspace so we all need to know how to use this internet without having any threats.

The internet is becoming a dangerous place for all including organizations and persons. There are a lot of people and machines accessing the internet and all the systems connected to the internet are mutually connected, so we need to protect our valuable data from vulnerable attacks. 

Why is the internet becoming a dangerous place for all? 

There are many reasons for that like 

  • Many criminal-minded people are now computer masters and can operate from anywhere.
  • A large number of hacking tools are readily available on the internet and dark web
  • Technology and the processing speed and bandwidth is increasing tremendously
  • Many hacking books and tips and tricks are available 

With all these methods, anyone who is able to use a system can learn these tricks and attack anyone who is illiterate about the internet. 

What we can do to avoid such problems on the internet is to increase our knowledge about the internet or cyberspace. Making all the parts of the internet is not possible so we have to protect our networks and operating systems so that we can protect ourselves up to an extent. Now, cyber-attacks and hacking is one of the most important economic problems with international concern.

You can understand the current scenario from a simple graph given below.

Cyber Security Introduction

What are the types of cyber security threats?

In cyberspace, there is a wide range of threats or attacks that involve the loss of confidential data, corrupting the data, financial loss, loss of control of a network, loss of accounts, and much more. 
In general, cyber threats can be defined as malicious activity that is done by an individual or a group that results in loss or disrupts another person’s life or property. 

Cyber Security Introduction

1.    Malware: 

It is the most common threat or cyber-attack tool in cyberspace. It is a malicious program that is able to be installed in our system or the browser and cause damage to our system. We all have encountered malware attacks but were blocked by antivirus or some defender.  Some of the common type of malware attacks are
1.    Virus
2.    Worms
3.    Trojans
4.    Spywares
5.    Adware
6.    Botnets
7.    Ransomware


2.    Phishing:

It is a type of cybercrime we all have encountered in our daily life in the form of emails, messages, or even phone calls. In this method, the sender seems to be from an authorized company like some financial institutions, call centers, PayPal, or other shopping sites, etc. Here they will send us some E-mails or messages with some links or pictures. If we click these links or pictures, that will direct us to their fraud websites, which are programmed to take our sensitive and secret data or even install some malware in our device. Once the hackers got our data or the malware installed they even can remote login to our device and can control it.

3.    Distributed Denial of Services (DDOS)

This is a kind of cyber-attack, which is not targeting the end-users. This cyber-attack will disrupt the working of a server and its functions. We know how the internet works like when a user requests some data from a server, the server sends the response with the data. 

In a DDOS attack, the hackers are sending junk requests in large quantities to a server and making the server bandwidth filled, and making the server down temporarily. Finally, the server cannot able to handle a genuine request and we get a response as the server is down.

4.    Man in the middle (MITM) attack

It is a type of cybercrime in which the hacker or a cybercriminal does an eavesdropping attack as the hacker intercepts the messages between the two persons and starts to involve in the conversations pretending to be a genuine user. Once they reach the middle of the conversations, they can get access to sensitive business data.

5.    Brute Force Attack

This a also called a trial and error method which is a cryptographic method mostly to extract the password or pin or other sensitive information. In this method, the hacker will try all the possible combinations for a password until the real one is obtained.

6.    Domain Name System (DNS) Attack

DNS is related to the website and its address; we are typing the address of a website to reach that website all the part of DNS. In this attack method, the hacker identifies some websites, which have some errors in their DNS and uses that website to divert the users to another malicious website to extract the information from the users.
There are much more attacks that will be detailed in the coming tutorials.

What are the goals of Cyber Security?

The main objective of cyber security is to provide security to the confidential and sensitive data and the devices, which are accessing cyberspace. In general, we can rely on three principles, which are needed to assure the security of the internet.

These three principles are called the CIA triad. This model is helpful to provide an organization with some rules or guidelines to protect their data and the resources in the internet. Let us discuss each of these principles in detail

  1. Confidentiality
  2. Integrity
  3. Availability
Cyber Security Introduction

Confidentiality

Confidentiality refers to the level of privacy for data. Confidential data means highly important data that needs to have high privacy which means we have to secure the data from unauthorized access. We need to block unauthorized access to the data. Data encryption is one of the methods used to make sure confidentiality.

Integrity

Integrity means protecting the data and the sensitive content from unauthorized modifications. It is important to keep the data secure without giving a chance to modify the data purposefully or accidentally. We also have to keep some measures to revert the original data if some modification occurs to keep the data genuine.

Availability

We said the data must be secure and genuine but the important thing is to make the data available for authorized or genuine users. That is done in availability that keeps the authorized users are not being blocked by malfunction or accidental.

Types of Cyber security

Cyber security is a vast area and each company or an organization has different areas and data and different combinations of data and systems to protect from the cyber criminals. Therefore, we have different types of cyber security as below

  1. Network security
  2. Application security
  3. Information security
  4. Identity management
  5. Operational security
  6. Mobile security
  7. Cloud security

Etc and we detail each of them in coming tutorials

Advantages of Cyber security

  1. Protects the data and devices from cyber-attacks and data breach
  2. Helps in protecting data and network
  3. All types of unauthorized access will be blocked
  4. Help to recover fast if data breach happens
  5. End to end protection for user devices and data
  6. Safely continuing the operations
  7. Helps to increase the company or organization’s trust
  8. Encrypt the data which cannot get to wrong hands
  9. Helps servers from DDOS attacks
  10. Block each and every cyber-attacks