CYBERSECURITY – AN OVERVIEW

WHAT IS CYBERSECURITY? 

Cyber Security is defined as the measures taken to safeguard the connected networks and the data related to them from any attack, damage, or unauthorized access. Every organization like educational, medical, or financial organizations store a large number of user data or many confidential data which needs to be protected from outside access. These data if not protected keeps the company’s reputation at stake. The company needs to cover up data just like we hide our personal information in our online life. Healthcare organizations have their patients’ medical reports along with some personal info. Educational institutions will have the students’ and teacher’s personal as well as academic details. Corporate companies save their employee’s private details including their pay structure and banking details. 

Nowadays, we have highly privileged data such as intellectual property, patents, copyrights, etc… which have to be maintained as a secret from other competitive organizations. Losing this kind of information will affect the organization’s future on a large scale. With the advent Internet of Things (IoT), we have a lot more data to be managed and secured as we have widened the storage services through cloud and virtualization. This has given rise to a new stream called Big Data, which covers large volumes of data related to business and technology. 

WHY IT IS NEEDED?

All these details are confidential and need to be covered up from the external world so that no one could take easy advantage of them. Whenever we engage in any websites that have access to our data like name, age, or photos, the information will also be saved in the website’s server which allows the hackers to access the data. When the hackers see something beneficial in you, they use this data to threaten you to get something like ransom in return. Some steal this info to use your identity faking as their own. This may harm an individual or a whole company very badly. This summarizes the need for cybersecurity and the increase in scope for the field.

CIA TRIAD

  • CONFIDENTIALITY – Also known as privacy, this deals with restricting unknown access by using authentication encryption. Various methods used here are data encryption, two-factor authentication, biometrics and Username, ID, and password. 
  • INTEGRITY – This ensures accuracy and consistency even after unauthorized access. It is done by bringing in file permissions, version history, and backups. Checksum uses hashing algorithms to compare the hash value before and after any changes in data. If the data remains the same, the hash value returned is also the same. But even if a minute change is done in the data, the hash value returned will not be the same. By comparing the hash values, we can ensure integrity. 
  • AVAILABILITY – Making the data available only to the authorized users and performing hardware repairs, software updates, and backups on a timely basis. Avoiding attacks by using security software that doesn’t allow malicious attacks.

TYPES OF ATTACKERS

  • AMATEURS – Sometimes called script kiddies, these people are the ones with zero or low knowledge of hacking. They just follow the instructions found on the internet out of curiosity or just try their skills out. Still the results can be highly serious.
  • HACKERS – This group of people tries to get access to computer networks. They are further classified into three.
    • WHITE HAT HACKERS – These people break into computers to find out the flaws and fix them with the prior permission of the organization.
    • BLACK HAT HACKERS – These people break into computers with malicious intent and without permission. They try to take advantage of the company’s weaknesses.
    • GREY HAT HACKERS – These people fall somewhere between white and black hat hackers. They engage in unethical things but not with the intention of harmful attacks like the black hat hackers.
  • ORGANIZED HACKERS  This category includes cybercriminals, hacktivists, terrorists, and state-sponsored attackers.

CONSEQUENCES OF HACKING

The seriousness of the consequences differs with the scenario. But on the whole, the company or the victim is the one who faces the aftermath. For example, the attacker might use phishing techniques to hack your details. There might be some attachments in the mail that seems to be genuine and on clicking that it may look legitimate and ask for your details but actually, it might be a trap of the hackers which may cost you. Another example may be Denial of Service (DoS). We often come across website traffic because a lot of users try to access it. But the overloading may be done by the attackers to shut the website down. Again, this leads to unimaginable consequences. There are many more techniques and examples to cite. 

AWARENESS

Awareness leads to prevention. We can be more cautious when we give our private information like DOB, Banking details, ID proofs on any site. We should also be aware that all our picture uploads and other things are stored in the servers which might cause some problems similar to those we come across in our day-to-day life. It is always suggested to stay intact and stealthy when it comes to our social-media life.