Introduction to Cyber Security
Contents:
2. Different types of Cyber Attacks
3. How to Prevent Cyber Attacks
4. Where can you learn to be a cyber security specialist
Nowadays most of the movies are showing a group or an individual who sits in one place with a lot of monitors in front and he/she typing random keys with a very serious look on their face. Depicting a hacker or a cyber professional who is working. In some scenarios they will be helping a country and in some they will be destroying one.
Let us begin here by knowing what is actually happening,
What is Cyber Security?
Cyber Security is a process/practice of protecting systems, networks and the devices from various types of attacks. Cyber Security revolves around the implementation of effective measures to protect a device from its various challenges to protect a device. In this growing digital world, each and everyone holds a device and every device has its confidential data which a hacker wants to steal and sell it in the open world. The most concerning factor here is that our private data can be exploited, and can be used in various malicious activities.
Key principles of cyber security are called as The CIA Triad, i.e. Confidentiality, Integrity & Availability
Confidentiality: Confidentiality means that the data which is taken must be kept as a closed or encrypted manner where no one other than the authorized party can access it. Confidential data are not supposed to be disclosed to people who are not authorized and if done so then it is called as a breach of confidentiality. Breach of confidentiality may occur through different means, for example through hacking or social engineering.
Integrity: Data integrity refers to data that is being kept safe after submission of it, and np breach has taken place. It is the say that the data has not been a subject of breach or unauthorized modification.
Availability: Availability refers to that information which is available to the authorized user who can access it when required. For someone to demonstrate availability, they must have proper functioning of computing systems, security controls and communication channels.
Different types of Cyber Attacks
There are a lot of cyber attacks that happen in this world as mentioned above they might help in saving the world or might destroy,
Let us look at some of the Cyber Attacks:
· Phishing
1. Denial of Service, or DOS
In this type of attack the hacker consumes all the data from the server’s resources, leaving nothing for an authorized user to access. A Denial-of-Service Attack is a significant threat to companies. The target of the attacker is to gain access of systems, servers, or networks and flood them with traffic to exhaust their resources and bandwidth. When this is done the incoming requests becomes overloaded resulting the websites to either shut down or slow down.
This attack is also known as DDoS (Distributed Denial-of-Service) attack when attackers use multiple compromised systems to launch this attack.
2. Malware
In this type of attack the victims are hit with a virus that makes their devices useless. Malware refers to malicious software viruses which include ransomware, adware, spyware, worms, and trojans.
Ransomware is when the attacker blocks access of the user’s network key components, which makes it difficult for the user to use his device.
Adware is a software the displays advertisements in the user’s system.
Spyware is software that is capable of stealing all your confidential data without your knowledge.
The trojan virus disguises itself as legitimate software to enter the user’s system and then to access all its confidential data.
These attacks mostly occur when a user clicks a dangerous link, and through that link it downloads an email attachment through which the virus is transmitted or when an infected pen drive is used in a device.
3. Man in the Middle
In this attack a hacker puts himself between a victim’s system and a router to sniff data packets. A Man-in-the-Middle Attack (MITM) is also known as eavesdropping attack. An attacker comes in between two-party communication, i.e., the attacker hijacks the session between a client and host. By doing this the hacker will be able to steal the data and manipulate it to his wishes.
4. Phishing
In this attack a hacker sends fake but original looking email to a user to fill in some personal details. Phishing attacks are one of the most prominent attacks in the list of other cyber security attacks. The attacker impersonates himself as being someone else and then gather information about the user. Most of the people who don’t know this will fall for such acts and end up giving the details, or click on the links given by the hacker.
5. Sword Attack
It is a form of attack where a hacker cracks your password with various tools such as Aircrack, Cain, Abel, John the Ripper, Hashcat, etc. These attacks are also called as brute force attacks, dictionary attacks, and keylogger attacks.
6. SQL Injection Attack
A Structured Query Language (SQL) injection attack occurs when a hacker manipulates a code on the system and injects it into a database driven websites where he can manipulate the data. This will let the attacker to view, edit, and delete tables in the databases.
These listed are few of the very vast types of attacks, some other types of cyberattacks include cross-site scripting attacks, watering hole attack and birthday attacks based on algorithm functions.
Prevention of Cyber Attacks
Preventing these cyber attacks is all about how careful and how you react to the problems that you face. Here are some of the very simple steps to consider when you might undergo any of the about mentioned attacks.
To prevent a DoS/DDoS attack:
Run analysis which determines if there is any malicious traffic.
Understanding warning such as network slowdown, intermittent website shutdowns, etc.
Outsourcing DDoS prevention to cloud-based service providers.
Having a checklist so that it will help in a situation when there is actually attack happening
To prevent a Malware attack:
Having a antivirus software in the system, as it helps to identify any of the attacks that will happen.
Use of firewalls.
Avoid clicking on links which you are not sure is whether it is legitimate or not.
Update your system and applications regularly.
To prevent a MITM Attack:
Always check whether the website you are browsing is secure, you can check for the lock sign on the URL tab.
Avoid using public Wi-Fi or any open Wi-Fi networks.
To prevent a Phishing attack
Always check the email which you get and be careful if you have to open any link present in it.
Make use of an anti-phishing toolbar.
Update your passwords regularly.
To prevent password attacks:
Use strong alphanumeric passwords having special characters.
Do not use the same password for all the websites.
Having a longer password makes it difficult to crack it.
Do not have any password hints in the open.
To prevent a SQL injection attack:
Use any Intrusion detection system available, as they help in detecting any unknown or unauthorized access to a network.
If any unauthorized access is detected have a check list to know what are the after measures to be taken.
Where can you learn to be a cyber security specialist
As you saw what really happen in this world and how the hacker tries to take your personal data from you without you guessing that something is happening. This can stop if we educate ourselves on how and what is going on in this digital world.
Here are some of the online courses that you can take up which is free to upgrade your knowledge about the cyber world.
https://www.mygreatlearning.com/academy/learn-for-free/courses/introduction-to-cyber-security
https://www.simplilearn.com/learn-cyber-security-basics-skillup
If you want to try your hand in some of the things that is done by a cyber personal, then have a look at some of these websites,
1. Hack the Box
2. Try Hack Me
