Skip to main content

Understanding The Cyber Security

What is The Role of Cyber Security in today's Digital world?

CYBER SECURITY – REDUCING FRAUDS AND INCREASING AWARENESS:

Introduction :- If the ancestors of human beings were to wake up today after their long sleep of centuries, they would be amazed to see the revolutionized and digitalized world of contemporary times. The advent of digitalization has affected every sphere of human lives to a considerable extent. However, information technology use has been proving to be a double-edged sword as cyber crime and threats have increased dramatically. As India is moving towards more and more digitalization in all spheres,cyberspace has become a serious concern for national economy as well as as national security.

Cyber Security is the technique of protecting computers,networks, programs and data from unauthorized access or attacks that are aimed for exploitation of cyber-physical systems and critical information infrastructure. Cyber-physical systems integrate sensing, computation, control and networking into physical objects and infrastructure, connecting them to the Internet and to each other.

Examples: Industrial control systems, water systems, robotics systems, smart grid etc.

Cyber-Security is much more than a matter of IT” – Stephane Nappo

Critical Information Infrastructure:-  The Information TechnologyAct of 2000 defines Critical Information Infrastructure as a computer resource, the incapacitation or destruction of which shall have debilitating impact on national security, economy, public health or safety.

Cyber-Threats: -  Malware,Viruses, Trojans, Spywares, Backdoors,which allow remote access.Nowadays you would have encountered new terms like Cyber-Terrorism Cyber-Crime and Cyber-War.

Cyber-Terrorism: Cyber-terrorism is the convergence of cyberspace and terrorism. It refers to unlawful attacks and threats of attacks against computers, networks and the information stored therein when done to intimidate or coerce a government or its people in furtherance of political or social objectives.

Cyber-Crimes: -  Cybercrime is unlawful acts wherein the computer is either a tool or a target or both. Cybercrimes can involve criminal activities that are traditional in nature such as theft, fraud, forgery, defamation and mischief etc.

Cyber-Wars: Cyber war is an organized effort by a nation state to Conduct operations in cyberspace against foreign nations. Included in this category is the Internet's use for intelligence gathering purposes and for propaganda as we have seen recently in ongoing Russia-Ukraine war.

The ways of Cyber-attacks:

Malware: -  Malware is a form of application that performs nefarious activities. Some types of malware are designed to create access to networks, some to spy on credentials while others are simply used to cause disruption Malwares can be used for extortion as well. An example of it can be found in Ransomware attacks of 2017 where a program was designed to encrypt the victim’s files and then ask them to pay a ransom in order to get the decryption key.

Phishing :In Phishing, an attacker tricks an unsuspecting target into handing over valuable information, such as passwords, credit card details, etc.

An example of this is a message regarding One-Time Passwords(OTP). A hacker using a phishing method will send a clickable link where a user can submit their OTPs. Once the link is clicked a hacker will have access to the users personal information.Phishing is the common form of cyber-attack due to its effectiveness and simplistic execution pattern.

Man-in-the-middle attack (MITM) : A man-in-the-middle attack(MITM) consists of a message interception between two parties in an attempt to spy on the targets.

Due to the advent of end-to-end encryption, MITM attacks have taken a dip in frequency of attacks. Such encryptions prevent third parties in intercepting or tampering data transmitted in the network. Whether the network is secure or not is hardly a factor.

Distributed Denial-of-Service (DDoS) attack : In a DDoS attack, an attacker floods a target server with traffic that will disrupt it.

Since most servers cannot handle it, it may lead to services slowing down on the website and if it eventually crashes.

Unlike standard denial-of-service attacks, DDoS uses multiple compromised devices to bombard the target server, which sophisticated firewalls cannot respond to or are unable to.

SQL Injection : This type of cyber- attack targets specific SQL databases. These databases use SQL statements for data query.

In case permissions are not set properly, a hacker can manipulate SQL queries into changing the data if not deleting them altogether.

Zero-day Exploit : When cyber-criminals learn of a vulnerability in a frequently used software application they target users and

institutions using the software to exploit it until a fix is available. This is called a Zero-day exploit.

DNS Tunnelling : A DNS Tunnelling provides attackers with a  stable and consistent line of communication to the given target.The malware used will gather information as long as the DNS tunnelling is active. Chances are that firewalls won’t be able detect such an attack.

Business Email Compromise (BEC)

In a BEC attack, hackers target employees who have specific  authority to finalize business transactions. They trick them into transferring money into an account belonging to the hacker.BEC attacks are the most common, if not one of the most damaging attacks for a business firm.

Crypto-jacking : - Crypto-jacking is used to target a computer in order to mine crypto currencies such as bitcoin. The hackers will be able to get all the crypto currency they can instead of the original owners. Crypto-jacking is not so widely known but its severity cannot be underestimated.

Drive-by Attack:-  A website is loaded with a malware, and when a visitor happens to come across such a website their device is infected with the malware. The malware will steal valuable data or crash the system.

Steps taken by the Government:- 

Indian National Security  Council: - To shape the ecosystem related to cyber policy.

National Cyber Security Strategy:- To focus on security in the early stages of design in all digitisation initiatives.

Computer Emergency Response Team (CERT-In):- For alerts regarding cybersecurity breaches and issues.

Indian Cyber Crime Coordination Centre (I4C):- To handle several issues regarding cybercrime in a comprehensive and coordinated manner.

Cyber Swachhta Kendra: - To create a secure cyberspace by detecting botnet infections in India.

Centre-State Nexus Towards Secure Cyberspace:-  With police and public order being in the State List, the primary objective to check crime and create the necessary cyberinfrastructure lies with States.

Legislative Provisions :- Information Technology Act has been enacted in 2000 to provide legal recognition to the electronic commerce transactions and electronic exchange of information.

The important sections of the act are – Section 66- Punishes for unauthorized access to computer source and electronic media.

Section 69 :- Allow electronic surveillance of any computer source in national intrest. Chines apps are banned by the Government under section 69A.

Section 79 :- Safeguard available to microblogging site like twitter, facebook and whats up etc. Under this the Government can ban these sites if they are not in compliance with the law of the land.

Conclusion:- It is finally the human resource behind every act, so everyone need to be aware, alert as cyber security is everybody responsibility.


Comments

Popular posts from this blog

Alternatives to China's Belt and Road Initiative

Alternatives to china's belt and road initiative China's BRI is not sustainable project as it doesn't uphold the principles of international standards such as sovereignty, transperancy and multilateralism. So the like minded countries have come up with the following alternatives: The Indo-Pacific Strategy : Initiated by United States, the Indo-Pacific Strategy aims to enhance infrastructure development, connectivity, and economic cooperation among countries in the Indo-Pacific region. It emphasizes principles such as transparency, rule of law, and respect for sovereignty. Japan's Partnership for Quality Infrastructure (PQI) : Japan's PQI aimed at promoting high-quality infrastructure projects that comply with  principles such as transparency, economic efficiency, and debt sustainability. Build Back Better World (B3W)  : This initiative is undertaken by the G7 countries. It was launched in 2021, it would provide an alternative to China's Belt and Road Initiative ...

India's Historic and Cultural Ties Vs China's Economic Power.

  India's Historic and Cultural Ties Vs China's Economic Power. How China's economic power is winning over India's historic and cultural relations in its neighbourhood. In today's Geopolitical world relations are changing as fast as technology. Very recently we have observed that china is advancing in India's neighbourhood very rapidly, especially in Indian Ocean. Here we are going to analyse how and why China advancing in India's neighbourhood. There are two important aspects of this. One is India's historic and cultural ties with the neighbours and second is China's economic advantage over India.  India always talk about its strong historic and cultural relations with the neighbours. But, is this enough or is it always a positive point? In today's world where economy rules the world, historic and cultural ties has less significance. See, India's relations with Nepal are said like 'Roti- Beti relations'. If this is so then,why Nepal ...

The Real Geopolitics Behind China's Belt And Road Initiative

What is the Real Geopolitics Behind China's belt and road initiative ? China's Belt and Road Initiative (BRI) remains an important point in recent geopolitics. The initiative was launched in 2013. It's announced aims are to enhance connectivity and infrastructure development across Asia, Africa, and Europe, through trade routes, infrastructure projects, and economic partnerships. But here we will analyse the real nature of the initiative. Let's first understand what is the meaning of Belt and Road in BRI: Belt is short for the "Silk Road Economic Belt", referring to the proposed overland routes for road and rail transportation through landlocked Central Asia along the historical trade routes. whereas "road" is short for the "21st Century Maritime Silk Road", referring to the maritime trade route as Indo-Pacific sea routes through Southeast Asia to Indian Ocean to reach middle East and Africa. Now, let's understand the hidden motive of C...