GOVERNMENT POLYTECHNIC, JINTUR

MICRO PROJECT
Academic year: 2022-23

TITLE OF PROJECT
Need of Cyber security

Programme: Computer Engineering

Course: ETI
Course code: 22618

Name of the Students: Rokade krushna Diliprao

RudrawarVinayak Rajkumar
Bodhle Shivam Vaibhav
Patil Kunal Anil

Guided By : Zahed Ansari

sir
 MAHARASHTRA STATE BOARD OF
TECHNICAL EDUCATION
Certificate

This is to certify that Mr.Krushna Rokade CO347

Mr.Vinayak Rudrawar CO332
Mr.Shivam Bodhale CO331
Mr.Kunal Patil CO330

of SIXTH Semester of Diploma Computer Engineering of Institute, Govt.

Polytechnic, Jintur (0094) has completed the Micro Project
satisfactorily in Subject – Emerging Trends in India (ETI) for the
academic year 2022-23 as prescribed in the curriculum.

Place: Jintur Enrollment No:

Date: ……………………… Exam. Seat No:

Subject Teacher Head of the Department Principal

Seal of
Institution
 Group Details

Roll Name of group member Enrollment Signature of

N0 no student

247 Rokade Krushna Diliprao 2100940152

232 Rudrawar Vinayak Rajkumar 2000940079
231 Bodhle Shivam Vaibhav 2000940078
230 Patil Kunal Anil 2000940075
 Annexure-I

A MICRO PROJECT ON "Need of Cyber security "

A micro-project proposal
1.0 Aims/Benefits of the micro project

Advancements and applications of Computer Engineering and Information Technology are ever-changing.
Emerging trends aim at creating awareness about major trends that will define technological disruption in the
upcoming years in the field of Computer Engineering and Information Technology. These are some
emerging areas expected to generate revenue, increase demand for IT professionals, and open avenues for
entrepreneurship.

2.0 Course outcome addressed.

Detect Network, Operating systems, and application vulnerabilities.

3.0 Proposed methodology

In this project, we know about the need for cyber security.

4.0 Action Plan

Name of
Plan start Plan finish
Sr. No. Detail of activity responsible team
date date
members

arrange meetings with team

1
members

collect information from the

2
textbook

3 collect information from the internet

4 arrange all information in ms word

5 discuss with the project guide

6 print micro project

5.0 Resources used

Name of resource
Sr. no. Specifications Quantity
material

1 computer windows 11 8GB RAM 1

2 internet Wikipedia/YouTube

Emerging Trends In Computer And

3 textbook 1
Information Technology (22618)

Annexure-II
Micro-Project Report
 Need of Cyber security

1.0 Brief Description:-

The term cyber security is utilized to refer to the security offered through online services to guard your
online information. Cyber Security and Information Security differ only in their response and
Reduction/Prevention. Cyber security encompasses all aspects of security viz., Physical, Technical,
Environmental, Regulations, and Compliance including Third Parties involved in delivering an objective
With an increasing quantity of people getting connected to the Internet, the security threats that generate
massive harm are growing also.

Why Cybersecurity Is Important?

Our world today is headed by technology and we can't do without it at all. From booking our flight tickets to
catching up with an old friend, technology plays a crucial role in it. However, the same technology may expose
you when it's vulnerable and could lead to the loss of essential data. Cyber security, alongside physical
commercial security, has thus, slowly and steadily, become one of the most essential topics in the business
industry to be talked about Cyber security is essential since it aids in securing data from threats such as data
theft or misuse, also safeguards your system from viruses.

Cyber security becomes necessary as Businesses are being carried out now on a Network of Networks.
Computer networks have always been the target of criminals, and it is likely that the danger of cyber security
breaking will only rise in the future as these networks grow, but there are reasonable precautions that
organizations can take to minimize losses from those who desire to do harm.

Cyber Security Objectives

Confidentiality
the property that information is not created available or revealed to unauthorized individuals, entities, or
processes Confidentiality refers to guarding information against being accessed by unauthorized parties. In
other words, only the people who are authorized to do so can achieve access to sensitive data. A failure to
maintain confidentiality means that someone who shouldn't have access has managed to get it, through
intentional behavior or by accident. Such a failure of confidentiality is commonly known as a breach.

Integrity

the property of safeguarding the precision and completeness of assets Integrity refers to assuring the
authenticity of information—that information is not altered, and that the origin of the information is authentic.
Imagine that you have a website and you sell products on that site. Now imagine that an attacker can shop on
your website and maliciously alter the prices of your products so that they can buy anything for whatever price
they decide. That would be a failure of integrity because your data, in this case, the price of a product has
been changed and you didn't authorize this alteration.

Availability

The property of being obtainable and usable upon request by an authorized entity Availability means that data is
accessible by authorized users. Information and other necessary assets are accessible to customers and the
business when required. Note, that information is unavailable not only when it is lost or destroyed, but also when
access to the information is rejected or delayed.
Each day, there is an enlargement in the number of threats against our nation's critical infrastructures. These hazards
come in the form of computer intrusion (hacking), denial of service attacks, and virus deployment. In India DEITY-
Dept., of Electronics & Information Technology operating under MCIT-Ministry of Communication & Information
Technology is accountable for Cyberspace security other than delivering Govt., services online and promoting the IT
Sector. The National Information Board (NIB) a policy-making body for cyber security works independently and is
chaired by National Security Advisor (NSA), CERT-In performs emergency cyber security functions and releases
annual reports on security incidents.

Cyberattack

A malicious attempt, using digital technologies, to cause personal or property loss or damage, and/or steal or
alter confidential personal or organizational data
Major security problems
• Virus
• Hacker
• Malware
• Trojan horses
• Password cracking

1. Viruses and worms

• Virus - malware linked to a carrier such as an email message or a word processing document
• A Virus is a "program that is crowded onto your a computer without your understanding and runs
against your desires
• Worm - malware can autonomously circulate itself without a carrier, using information about connected
computers.

Solution
• Install a security suite that protects the computer against threats such as viruses and worms.

2. Hackers

• In common a hacker is an individual who violates computers, usually by gaining access to administrative
controls.

Types of Hackers

• White Hat Hacker

• Grey Hat Hacker
• Black Hat Hacker

a. White Hat Hackers

• The term "white hat" in Internet slang refers to an ethical computer hacker, or a computer security
professional, who specializes in penetration testing and in other testing methodologies to ensure the security
of an organization's information systems.

b. Grey Hat Hackers

• The term "grey hat", "grey hat" or "gray hat" refers to a computer hacker or computer security specialist
who may sometimes break laws or typical ethical standards, but does not have the malicious intent typical of
a black hat hacker.

c. Black Hat Hackers

• A black hat hacker (or black-hat hacker) is a hacker who "violates computer shield for little cause beyond
maliciousness or for personal gain".

How To prevent hacking

• It may be impossible to prevent computer hacking, however influential security controls including strong
passwords, and the use of firewalls can aid.

1. Malware

The word "malware" comes from the term "MALicious softWARE." Software that has some negative intent
and which is installed on a user's computer without that user's permission. Key loggers - Software installed on
a computer that catches keystrokes and sends these to a remote system. Accustomed to trying and getting
personal data to achieve access to sites such as banks.
Ransomware- software that operates on a user's computer and orders that the user pays some other
organization. If they don't, the information on their computer will be ruined. Malware can usually circulate
itself from one computer to another either as a virus or as a worm.

related post:PWP 22616 Programming With Python MSBTE MicroProject

To Stop Malware
• Download an anti-malware program that also helps stop infections.
• Do not download from anonymous sources
• Activate Network Threat Protection,

2. Trojan Horses

• Trojan horses are email viruses that can reproduce themselves, steal information, or harm the computer
system. These viruses are the heaviest threats to computers

How to Avoid Trojans

• Security suites, such as Avast Internet Security, will prevent you from downloading Trojan Horses.
• Do not click unknown links.

3. Password Cracking

• Password attacks are attacks by hackers that are capable to determine passwords or find passwords to
different secure electronic areas and social network sites.

Securing Password

• Use always a Strong password.

•Never use the exact password for two different sites.

Insider attacks

Attacks on an organization are carried out by individual who is inside that organization either by themselves
or with the connivance of an outsider. Difficult to oppose using technical processes as the insider may have
proper credentials to access the system.

External attacks

Attacks on an organization carried out by an external agent Need either accurate credentials or the
exploitation of some vulnerability to gain access to the systems.

Malicious and accidental damage

Cybersecurity is most concerned with Cyberattacks and Cyber accidents - Accidental events
that can generate loss or damage to a person, business, or public body. Many of the same technologies
utilized to protect against external attacks also protect against cyber accidents. However, sometimes
protecting against cyber-attacks raises the probability of cyber accidents.

Latest Trends - Information Security Threats

Hack Hacktivism
Hack + Activism = Hacktivism is the usage of legal and/or illegal digital tools in pursuit of a political/
personal objective

Tools and Attacks are utilized for

 website defacements

Hacking and altering the website of a company's website

 Redirects

 Denial of Service Attacks

Attempt to create a machine or network resource unavailable to its intended users typically target sites or
services hosted on high-profile web servers such as banks, credit card payment gateways, and even root
nameservers.

 Identity Theft

Stealing someone's identity in which someone pretends to be someone else by assuming that person's identity

 E-mail Bombing

 Web-Site Mirroring

 Doxing

Process of Gathering and discharging Personally Identifiable information To gather information using sources
on the internet

Key Techniques Used

Phishing - attempt to obtain sensitive information, like bank account information or an account password, by
posing as an honest entity in an electronic communication

You get an email that looks like it comes from your bank, credit card company, etc. Asking you to "update
their records" may be due to potential scams, or other reasons Provides a hyperlink to a web page where you
enter your personal information The link takes you to a thief's website that is disguised to look like the
company's.

Most common security mistakes

• Poor password managing

• Not locking the computer while unattended
• Opening email attachments from strange addressees
• Not running anti-virus programs
• Sharing information (and machines)
• Not reporting security violations
• Unattended Paper Documents
• Unprotected Electronic Data (while at rest and in motion). E.g: Emails, USBs, CDs, etc.
• Improper Information Handling.
• Passing data over the Phone.

Information Security Responsibilities

• Employ Information Security teams to support the line of business, enabling secure solutions for new
techniques and technology
• Work with Information Security teams RISO, RISI to the driveline of business-specific information security
metrics reporting
• Support Regional Information Security teams in mitigating security threats from Internal Audit report
discoveries
• Follow business continuity plans given by the bank, in case of any disaster/ emergency.
• Report Security Breaches and security incidents
• Stick to Bank's Information Security Policy and guidelines
• Maintain and update the Asset register of your office/dept
• Extend support to RISO during Risk Assessment and Business Impact Analysis of your office/dept.
• Execute and act in accordance with the organization's information security policies and procedures
•Protect assets from unauthorized access, disclosure, modification, destruction, or interference
• Execute defined security processes or activities
•Report security events, potential events, or other security risks by following approved processes
•Do not use systems or access information without authorization
• Adheres to controls put in place to protect assets.

Standards & Regulations

 ISO 27001 (Information Security Management System)

 ISO 22301 (Business Continuity Management System)

 PCI- DSS (Payment Card Industry - Data Security Standard)

 IT Act 2000 & ITAA 2008 (Information Technology Act, India)

 RBI Guidelines (Reserve Bank of India),

2.0 Actual Resources Use

 Name of
Plan start Plan finish
Sr. No. Detail of activity responsible team
date date
members

arrange team meeting with the project

1
guide

2 collect information from the textbook

3 discover information on the internet

4 arrange all information in ms word

collect some more information from the

5
textbooks

6 print micro project

3.0 Outputs of the Micro-Project

in this micro project, we know about the need for cyber security.

4.0 Skill Developed / Learning outcomes of this Micro-Project

a.Develop group discussion skills.

b.Communication skills improved.
c. MS WORD skills developed.
d. basic cyber security prevention skills.

Conclusion
Cybersecurity is crucial because it defends all categories of data from theft and damage. This contains
sensitive data, personally identifiable data (PII), protected health information (PHI), personal information,
intellectual property, data, and governmental and industry information systems.