Cybercrimes and Security

 

 

vineet1

Vineet Kumar

Computer Science Teacher

United Indian School, Kuwait

Internet is expanding day by day and everyone knows the advantages of the Internet. It has become the part and parcel of everyone’s life but at the cost of the privacy of the people. Cyber Crimes are increasing day by day causing our sensitive data to be used without our knowledge. The Government is trying their level best to secure our networks but still, there are loopholes. Cybersecurity is to provide prevention against the Cybercrimes, while Cybercrimes are that group of activities made by the people by creating disturbance in-network, stealing others important and private data, documents, hack bank details and accounts and transferring money to their own. The various cybercrimes are:-

1.Hacking:

Hacking is an act committed by an intruder by accessing our computer system without our permission. Hackers (the people doing the hacking) are computer programmers, who have an advanced understanding of computers and commonly misuse this knowledge for devious reasons. There are many types of hackers:-

  • Script Kiddie:- copy some kind of coded script and use it as a virus or use predefined software like maltego, hydra, Metasploit etc for penetration.
  • White Hat Hackers:- White hat hackers are known as Ethical Hacker or Legal Hackers. These type of hackers help organizations to make their system secure or they help victim company to prevent the viruses and attacks
  • Grey Hat Hackers:- They are nor Ethical Hackers neither Unethical Hackers. They don't harm people with their hacking nor steal anything, like money or personal information but sometimes they try to penetrate a system.
  • Black Hat Hackers:- Black hat hackers are famous as "Crackers".They find companies, organizations, especially bank that have a weak and small security system and when they find it they steal the money, credit card information etc
  • Green Hat Hackers:- Green Hat Hackers are types of hackers that love hacking and care about it. They are unlike script-kiddies and they work hard and strive and struggle to become a legendary hacker.
  • Red Hat Hackers:- Red Hat Hackers are the wanted criminals of the world. They steal money, steal data, harm the computer system, sometimes leaks the information to the outer world. It may include terrorists.

2. Internet Fraud:

Whenever one tries to purchase a product from the internet, he/she is on a great risk of being victimized by internet fraud. So, a person needs to research and study the sources from which he/she is purchasing the product. The e-commerce environment is stuffed with fake companies and organizations who distribute worst quality products to the customers and are greatly involved in stealing customers bank account data.

3. Cyberbullying.

Cyberbullying is done through digital devices for example Cell Phones, Computers, Tablets, iPhone, Ipads etc. Mentally torturing, harassment, Humiliation is cyberbullying. It includes sending, posting or sharing taunting, offending and sexual contents "publicly" or sending it to a specific person. The content could be personal data like pictures, email, chats etc. Platforms for cyberbullying are

  • Social Media such as Facebook, Twitter, Snapchat, Instagram.
  • Mobile Messaging.

80% of teenagers use cell phones and some other related devices and 20% of them are bullied on daily basis.

4.Denial-of-Service attack

A Denial-of-Service (DoS) attack is an explicit attempt by attackers to deny service to intended users of that service. It involves flooding a computer resource with more requests than it can handle consuming its available bandwidth which results in server overload.

5.Phishing :

This is an attempt to gather users password and sensitive information by generating and disguising a fake webpage of an authentic website. When a user comes across this kind of fake webpage he inputs his data in the sign in or sign up form resulting in misuse of data.

6. Bombing and spamming:-

Email bombing is characterized by an abuser sending huge volumes of email to a target address resulting in a victims email account or mail servers crashing.

7.Jacking

Web jacking derives its name from hijacking. Here, the hacker takes control of a web site fraudulently. He may change the content of the original site or even redirect the user to another fake similar looking page controlled by him.

8. Data Diddling

Data Diddling is an unauthorized altering of data before or during entry into a computer system, and then changing it back after processing is done.

9.Cyberstalking

Cyberstalking is a new form of internet crime in our society when a person is pursued or followed online by unauthorized users

10. Software Piracy

Internet piracy is an integral part of our lives which knowingly or unknowingly we all contribute to.

CYBERSECURITY

The term cybersecurity refers to protecting information from various cyber-attacks discussed above. It additionally refers to the skills and approaches designed to secure computer systems, computer networks and information from illegal access, vulnerabilities and attacks delivered through the internet. Cybersecurity is a comprehensive domain of information technology it encompasses the entire set of security-related technologies. Security is important during application development also. Actions to be taken to secure applications are called countermeasures. The various security measures are:-

1. Firewalls

The most basic software for countermeasure is an application firewall that secures files or the handling of data by specific installed programs. Firewalls function much like gates that can be used to secure the borders between your network and the internet. Firewalls are used to manage network traffic, allowing authorized traffic while blocking access to non-authorized traffic.

2.Intrusion Detection systems:-

Intrusion prevention systems (also called intrusion detection) constantly scan and analyze network traffic/packets, so that different types of attacks can be identified and responded quickly. These systems often keep a database of known attack methods, to be able to identify threats immediately.

3.Anti-Virus software:-
Malware, in the form of viruses, trojans, worms, keyloggers, spyware, etc. are designed to spread through computer systems and infect networks. Anti-malware tools are a kind of network security software designed to identify dangerous programs and avert them from spreading. Anti-malware and antivirus software may also be able to help resolve malware infections, reducing the damage to the network.

4. Anomaly detection
It can be difficult to identify anomalies in your network without a baseline understanding of how that network should be operating. Network anomaly detection engines (ADE) allow you to analyze the network so that when breaches occur, they are alerted to the users.

5. Data loss prevention (DLP)
The weakest link in network security is the human element. DLP technologies and policies help protect staff and other users from misusing and possibly compromising sensitive data or letting said data out of the network.

6.Email security
As with DLP, email security is focused on shoring up human-related security weaknesses. Through phishing strategies (which are often very complex and convincing), attackers persuade email recipients to share sensitive information via desktop or mobile device or accidentally download malware into the targeted network. Email security helps find dangerous emails and can also be used to block attacks and prevent the sharing of vital data.

7. Endpoint security:-
The business world is becoming increasingly bring your device (BYOD), to the point where the distinction between personal and business computing devices is almost nonexistent. Unfortunately, sometimes the personal devices become targets when users rely on them to access business networks. Endpoint security adds a layer of defence between remote devices and business networks.

8. Virtual private network (VPN)
VPN tools are used to validate communication between secure networks and an endpoint device. Remote-access VPNs generally use IPsec or Secure Sockets Layer (SSL) for authentication, creating an encrypted line to block other parties from eavesdropping.

9.Web Security
Web security is an extensive-term to describe network security measures. The businesses take to confirm safe web use when connected to a network. This helps avert web-based threats from using browsers as access points to get into the network.

10.Wireless security
Generally speaking, wireless networks are less secure than traditional networks. Thus, strict wireless security measures are essential to ensure that risk actors aren’t gaining access.

Well, beyond the definition, the tools and the tactics, network security is the power to protect our business and our customers. That means understanding the threats and the solutions and knowing how to use that information to build a vigorous and complete network security strategy.

==========================================================================

 

 
 
 

ICSK 1

 
 
 
IFL 2021 Republic Day Special