Chapter 2

Download as pdf or txt
Download as pdf or txt
You are on page 1of 78

Cyber Security 3IT81

Priyank Bhojak
Assistant professor
IT Department
BVM Engineering College
 Cyber: The cyber has some interesting Synonyms:
fake, replicated, pretend, virtual, computer generated.
Cyber means combining forms relating to Information
Technology, the internet and Virtual reality.

 Cyber-safety is a common term used to describe a set


of practices, measures and/or actions you can take to
protect personal information and your computer
from attacks
 Cyber security is the body of technologies, processes
and practices designed to protect networks,
computers, programs and data from attack,
damage or unauthorized access. In a computing
context, the term security implies cyber security.

 Cyber security involves protecting that information by


preventing, detecting, and responding to attacks.
1. Install OS/Software Updates

2. Run Anti-virus Software

3. Prevent Identity Theft

4. Turn on Personal Firewalls

5. Avoid Spyware/Adware

6. Protect Passwords

7. Back up Important Files


4
DEFINITION OF CYBERCRIME

Cybercrimes can be defined as: “Offences that are committed against


individuals or groups of individuals with a criminal motive to
intentionally harm the reputation of the victim or mental harm, or
loss, to the victim directly or indirectly, using modern
telecommunication networks such as Internet (networks including
chat rooms and emails) and mobile phones (Bluetooth/SMS/MMS)”.

5
COMPARE TRADITIONAL CRIME AND CYBER CRIME

S. Traditional Crime Cyber Crime


No
1. Required weapon like knife, gun, Required Internet/Mobile/Computer as a source or
Iron rod and so on for execution target for execution of crime.
of crime.
2. The victim chance to know the The victim is no chance to know the cyber criminals.
criminals
3. Here police, Forensic Analyst and Here Police, Internet Service Provider(ISP),
Court are involved. Cyberforensic Analyst and Court are involved.
4. Maximum physical injury here Here physical injury not possible. Instead Repudiation
possible. spoiling, Internet Black mailing and so on.

5. Victims come to know about their Victims come to know about their
losses immediately losses long after the actual commission of crimes
after the actual commission of
crimes

6
 Organization and user’s assets include connected computing devices,
personnel, infrastructure, applications, services, telecommunications
systems, and the totality of transmitted and/or stored information in the
cyber environment.

 Cyber security strives to ensure the attainment and maintenance of the


security properties of the organization and user’s assets against relevant
security risks in the cyber environment. The general security objectives
comprise the following:

 Availability
 Integrity, which may include authenticity and non-repudiation
 Confidentiality
Security - Elements

 Three main elements which are confidentiality, integrity,


and availability and the recently added authenticity and utility.
Confidentiality

 Confidentiality is the concealment of information or


resources. Also, there is a need to keep information secret
from other third parties that want to have access to it, so just
the right people can access it.
 Example in real life − Let’s say there are two people
communicating via an encrypted email they know the
decryption keys of each other and they read the email by
entering these keys into the email program. If someone
else can read these decryption keys when they are
entered into the program, then the confidentiality of that
email is compromised.
Integrity

 Integrity is the honesty of data in the systems or resources by


the point of view of preventing unauthorized and improper
changes. Generally, Integrity is composed of two sub-
elements – data-integrity, which it has to do with the content
of the data and authentication which has to do with the origin
of the data as such information has values only if it is correct.
 Example in real life − Let’s say you are doing an online
payment of 5 USD, but your information is tampered without
your knowledge in a way by sending to the seller 500 USD,
this would cost you too much.
Availability

 Availability refers to the ability to access data of a resource when it


is needed, as such the information has value only if the authorized
people can access at right time.
 Denying access to data now a days has become a common attack.
Imagine a downtime of a live server how costly it can be.

 Example in real life − Let’s say a hacker has compromised a

webserver of a bank and put it down. You as an authenticated


user want to do an e-banking transfer but it is impossible to
access it, the undone transfer is a money lost for the bank.
 In the world today it seems that everything relies on
computers and the internet now — communication (email,
cell phones), entertainment (digital cable, mp3s),
transportation (car engine systems, airplane navigation),
shopping (online stores, credit cards), medicine
(equipment, medical records), and the list goes on. Some
important questions have to asked to assess the impact of
technology such as:
 How much of your daily life relies on computers, both
personal and work related?

 How much of your personal information is stored either


on your computer or on someone else’s system?
Malicious code -

 Malicious code, sometimes called malware, is a broad


category that includes any code that could be used to attack
your computer. Malicious code can have the following
characteristics:

 It might require you to actually do something before it infects


your computer. This action could be opening an email
attachment or going to a particular web page.
 Some forms propagate without user intervention and
typically start by exploiting software vulnerability. Once
the victim computer has been infected, the malicious code
will attempt to find and infect other computers. This code
can also propagate via email, websites, or network-based
software.

 Some malicious code claims to be one thing while in fact


doing something different behind the scenes. For example,
a program that claims it will speed up your computer may
actually be sending confidential information to a remote
intruder.
 Cyberspace: In terms of computer science, “Cyberspace” is a
worldwide network of computer networks that uses the
transmission control protocol/ Internet protocol (TCP/IP) for
communication to facilitate transmission and exchange of
data.

 Cyber terrorism: cyberterrorism is the premediated,


politically motivated attack against information, computer
systems, computer programs and data which result in violence
a against non combatants targets by sub national groups or
clandestine agents.
 Cybercrime: A crime conducted in which a computer
was directly and significantly instrumental. Other
alternative definition of computer crime:

Any illegal act where a special knowledge of computer


technology is essential for its perpetration, investigation
or prosecution.

Any financial dishonesty that takes place in computer


environment.

Any threats to computer itself, such as theft of hardware or


software.
Malware
 Malware is shorthand for malicious software. It is
software developed by cyber attackers with the
intention of gaining access or causing damage to a
computer or network, often while the victim remains
oblivious to the fact there's been a compromise. A
common alternative description of malware is
'computer virus' -- although are big differences
between these types malicious programs.
Though varied in type and capabilities, malware usually has one
of the following objectives:

 Provide remote control for an attacker to use an infected


machine.
 Send spam from the infected machine to unsuspecting targets.
 Investigate the infected user’s local network.
 Steal sensitive data.
 The origin of the first computer virus is hotly debated: For
some, the first instance of a computer virus -- software that
moves from host to host without the input from an active user
-- was Creeper, which first appeared in the early 1970s, 10
years before the actual term 'computer virus' was coined by
American computer scientist Professor Leonard M. Adleman.

 Brain The boot sector of an infected floppy


 Brain is the industry standard name for a computer virus that
was released in its first form in January 1986, and is
considered to be the first computer virus for MS-DOS.
Case Study : Cosmos Bank
Cosmos Bank's server hacked; Rs 94 crore siphoned off in 2 days
 Includes different types of programs designed to be harmful or
malicious
 Spam

 Adware and spyware

 Viruses

 Worms
 Trojan horses

 Rootkits

 Remote Administration Tools

 Botnets
Spam

 Spam refers to the use of electronic messaging


systems to send out unrequested or unwanted
messages in bulk.
 The difficulty with stopping spam is that the economics
of it are so compelling. While most would agree that
spamming is unethical, the cost of delivering a message
via spam is next to nothing.
 If even a tiny percentage of targets respond, a spam
campaign can be successful economically.
 The most common form of spam is email spam, but the term
also applies to any message sent electronically that is in bulk.
 This includes: instant message spam, search engine spam,
blog spam, Usenet newsgroup spam, wiki spam, classified ads
spam, Internet forum spam, social media spam, junk fax
spam, and so on.
Adware and spyware
 Spyware is considered a malicious program and is similar to a Trojan
Horse in that users unknowingly install the product when they install
something else. ... Spyware works like adware but is usually a separate
program that is installed unknowingly when you install another freeware
type program or application.

 Spyware secretly monitors your computer and internet use. Some of the
worst examples of spyware include keyloggers who record keystrokes or
screenshots, sending them to remote attackers who hope to glean user
IDs, passwords, credit card numbers, and other sensitive information.
 Adware (short for advertising-supported software) is a type of
malware that automatically delivers advertisements.
Common examples of adware include pop-up ads on websites and
advertisements that are displayed by software

 Some adware may hijack your browser start or search pages,


redirecting you to sites other than intended.
How do I prevent spyware and adware from entering my
system?

 Always read all the install screens when installing software,


especially freeware and shareware. This also means reading
the end-user license agreement carefully, as some will
actually tell you that if you install the app in question,
you've also decided to install some spyware with the
software.
 As a PC user, you should have the control to decide whether a
program or service should be accessing the internet. To achieve
this task, you will need to install a firewall on your system. With a
good firewall installed on your system, you will have the ability
to deny or allow access to the internet for specific programs such
as spyware.

 Install and run a spyware blocking software program on your


system such as any Anti-Virus

 Beware of peer-to-peer file-sharing services. Many of the most


popular applications include spyware in their installation
procedure.
⏵ Keylogger is a piece of code that logs keystrokes.
⏵ Keylogger captures the keystrokes typed on your
keyboard and saves these keystrokes in a file,
including the details like the usernames and
passwords you entered, credit card details,
websites you have visited, the applications you
opened, and so on.
⏵ The file may stores locally or periodically send it
over the network to the owner of the program.
keylogger is quicker and easier way of capturing and monitoring victims’ keyboard activities
Types of Keyloggers

⏵ It can be classified as software keyloggers and


hardware keyloggers.
⏵ Software keyloggers are programs installed in the
computer which usually are located between the OS
and the keyboard. Or it may at the kernel level so
receives data directly from the input device
⏵ The software keyloggers are installed on computer
system by Trojan or Viruses without the knowledge of
the user.
⏵ Hardware keyloggers are small hardware devices
connected to the PC or keyboard.
⏵ It save every keystork into a file or in the memory of
the hardware device.
 Antikeylogger is a tool that can detect the keylogger
installed on the computer and remove it.
 Never login to your bank account or do some very
important work from cyber cafe or someone else computer.
 Use on-screen or virtual keyboard while typing the login
credential.
 Use latest anti-virus software and keep them updated.
 AntiViruses do not provide 100% security from keyloggers.
An antivirus works on the basis of known signatures, and
so if the new keylogger signature is unknown, the antivirus
will not report it.
Viruses
 The two most common types of network attacks are the virus
and the worm. A virus is a program used to infect a
computer. It is usually buried inside another program—known
as a Trojan—or distributed as a stand-alone executable.
 Not all viruses are malicious; in fact, very few cause
extensive damage to systems. Most viruses are simply
practical jokes, designed to make it appear, or scare recipients
into thinking, that something is wrong with Windows.
Unfortunately, the viruses that are destructive are often
extremely destructive. A well-designed virus can disable an
entire network in a matter of minutes.
 Worms are often confused with viruses, but they are very different

types of code. A worm is self-replicating code that spreads itself


from system to system.

 A traditional virus requires manual intervention to propagate

itself, by copying it unknowingly to a floppy, unwittingly


embedding it in an attachment, or some other method.
 Worms do not require assistance to spread; instead, a worm can

automatically e-mail itself to other users, copy itself through the


network, or even scan other hosts for vulnerabilities—and then
attack those hosts.
 A computer worm is a standalone malware computer program

that replicates itself in order to spread to other computers.


Often, it uses a computer network to spread itself, relying
on security failures on the target computer to access it.
 A rootkit is software used by a hacker to gain constant

administrator-level access to a computer or network. A rootkit is


typically installed through a stolen password or by exploiting a
system vulnerabilities without the victim's consent or knowledge.
 Rootkits primarily aim at user-mode applications, but they also

focus on a computer’s hypervisor, the kernel, or even firmware.


Rootkits can completely deactivate or destroy the anti-malware
software installed in an infected computer, thus making a rootkit
attack difficult to track and eliminate.
 When done well, the intrusion can be carefully concealed so that

even system administrators are unaware of it.


 You can guess a rootkit’s definition from the two component words,

“root” and “kit” are Linux/UNIX terms, where “root” is the


equivalent of the Windows Administrator, while “kits” are software
designed to take root/administrator control of a PC, without
informing the user.
 Once a rootkit installs itself on your computer, it will boot up at the

same time as your PC. On top of that, by having administrator


access, it can track everything you do on the device, scan your
traffic, install programs without your consent, hijacker your
computer’s resources
Remote Administration Tool
 A RAT stands for a remote administration tool that when it is

installad on a computer allows a remote computer to take control of


it. Hackers and malware sometimes install these types of software
on a computer in order to take control of them remotely.

 Best Android RAT


 DROIDJACK
 ANDRORAT
 SPYNOTE
 A RAT or remote administration tool, is software that gives a

person full control a tech device, remotely. The RAT gives


the user access to your system, just as if they had physical
access to your device. With this access, the person can
access your files, use your camera, and even turn on/off your
device.
 RATs can be used legitimately. For example, when you have

a technical problem on your work computer, sometimes your


corporate IT guys will use a RAT to access your computer
and fix the issue.
Trojan horse
 A Trojan horse or Trojan is a type of malware that is often disguised as

legitimate software. Trojans can be employed by cyber-thieves and


hackers trying to gain access to users' systems. Users are typically
tricked by some form of social engineering into loading and executing
Trojans on their systems. Once activated, Trojans can enable cyber-
criminals to spy on you, steal your sensitive data, and gain backdoor
access to your system. These actions can include:

 Deleting data
 Blocking data
 Modifying data
 Copying data
 Disrupting the performance of computers or computer networks
Botnets
 A botnet is a collection of internet-connected devices, which

may include PCs, servers, mobile devices and internet of


things devices that are infected and controlled by a common
type of malware. Users are often unaware of a botnet infecting
their system.
 The term botnet is derived from the words robot and network.

A bot in this case is a device infected by malware, which then


becomes part of a network, or net, of infected devices
controlled by a single attacker or attack group.
 The botnet malware typically looks for vulnerable devices across

the internet, rather than targeting specific individuals, companies or


industries.
 The objective for creating a botnet is to infect as many connected

devices as possible, and to use the computing power and resources


of those devices for automated tasks that generally remain hidden to
the users of the devices.
Ransomware

 Ransomware is a type of malware that prevents or limits

users from accessing their system, either by locking the


system's screen or by locking the users' files unless a
ransom is paid.
 More modern ransomware families, collectively
categorized as crypto-ransomware, encrypt certain file
types on infected systems and forces users to pay the
ransom through certain online payment methods to get a
decrypt key.
 Ransom Prices and Payment
 Ransom prices vary depending on the ransomware variant and the

price or exchange rates of digital currencies. Thanks to the


perceived anonymity offered by crypto currencies, ransomware
operators commonly specify ransom payments in bitcoins.
 Recent ransomware variants have also listed alternative payment

options such as iTunes and Amazon gift cards.


 It should be noted, however, that paying the ransom does not

guarantee that users will get the decryption key or unlock tool
required to regain access to the infected system or hostaged files.
 Ransomware Infection and Behavior

 Users may encounter this threat through a variety of


means. Ransomware can be downloaded onto systems when
unwitting users visit malicious or compromised websites. It can also
arrive as a payload either dropped or downloaded by other malware.
Some ransomware are known to be delivered as attachments from
spammed email, downloaded from malicious pages through
advisements, or dropped by exploit kits onto vulnerable systems.
 Once executed in the system, ransomware can either lock the

computer screen, or, in the case of crypto-ransomware, encrypt


predetermined files.
 In the first scenario, a full-screen image or notification is displayed

on the infected system's screen, which prevents victims from using


their system. This also shows the instructions on how users can pay
for the ransom.
 The second type of ransomware prevents access to files to

potentially critical or valuable files like documents and


spreadsheets.
Phishing
 Phishing is a type of social engineering attack often used to steal user data,

including login credentials and credit card numbers. It occurs when an


attacker, masked as a trusted entity, dupes a victim into opening an email,
instant message, or text message.
 When cybercriminals try to get sensitive information from you, like

credit card numbers and passwords. Some specific techniques


include spear phishing (targets specific people or departments), whale
phishing (targets important people like CEOs),
and SMSpiShing (phishing via text messages) and vishing (voice
phishing that takes place over the phone, usually through
impersonation).
 The following illustrates a common phishing scam attempt:

 A spoofed email from myuniversity.edu is mass-distributed to as

many faculty members as possible.


 The email claims that the user’s password is about to expire.

Instructions are given to go to myuniversity.edu/renewal to renew


their password within 24 hours.
PHISHING PROTECTION
 Two-factor authentication (2FA) is the most effective method for countering

phishing attacks, as it adds an extra verification layer when logging in to


sensitive applications. 2FA relies on users having two things: something they
know, such as a password and user name, and something they have, such as
their smart phones.
 In addition to using 2FA, organizations should enforce strict password

managment policies. For example, employees should be required to frequently


change their passwords and to not be allowed to reuse password for multiple
applications.
 Educational campaigns can also help diminish the threat of phishing attacks by

enforcing secure practices, such as not clicking on external email links.


Spoofing

 When cybercriminals try to get into your computer by masked as a


trusted source. Examples include email spoofing, IP spoofing and
address bar spoofing.
 Spoofing can take place on the Internet in several different ways. One

common method is through e-mail. E-mail spoofing involves sending


messages from a bogus e-mail address or faking the e-mail address of
another user. Fortunately, most e-mail servers have security features that
prevent unauthorized users from sending messages.
 Another way spoofing takes place on the Internet is via IP spoofing. This

involves masking the IP address of a certain computer system. By hiding or


faking a computer's IP address, it is difficult for other systems to determine
where the computer is transmitting data from.
 Keylogger: Spyware (or hardware) that tracks and records
keystrokes, particularly passwords and credit card information.

 Hijackware: Malware that changes your browser settings to direct


you to malicious sites or show you ads. Also known as browser
hijacker.

 Backdoor: Opens a backdoor into your computer to provide a


connection for other malware, viruses, SPAM or hackers.

 logic bomb : is a piece of code intentionally inserted into


a software system that will set off a malicious function when
specified conditions are met.
 Salami attacks: Salami attacks are a series of minor data
security attacks that together result in a larger attack. For
example, deducting a very small amount or money from a bank
account which is not noticeable. But when the deduct very small
amounts from large number of accounts, it become a huge
amount.

 Data diddling attacks: Data diddling is an illegal or


unauthorized data alteration. Changing data before or as it is
input into a computer or output. Example: Account executives
can change the employee time sheet information of employees
before entering to the HR payroll application.

 Man-in-the-middle attacks: A man-in-the-middle attack is a


type of network attack where the attacker sits between two
devices that are communicating to manipulate the data as it
moves between them
Security Patche
 You may have heard the tech term “patches” thrown around the

office or mentioned in news segments, but if you’re not already


familiar, you should be.
 A patch is a small piece of software that a company issues

whenever a security flaw is uncovered.


 Patches are perhaps one of the single-most important cyber security

tools that the everyday tech user needs, right up there with things
like anti-virus software and scanning filters.
 A number of holes have been exploited with severe consequences before

their developers’ could create a patch, including the Heartbleed virus in


2014 and the recent WannaCry ransomware attack that struck in
2014-15.
 Some of the hardest hit networks were hospitals, as their systems

were locked up by the attack. This resulted in the loss of patient


care, and some facilities even had to turn away patients due to the
inability to access any of their computers.
 The only way to unlock the computer and remove the ransomware

was to pay the fine in bitcoin to the hackers, at least until the
block was discovered.
 Microsoft had already issued a patch only a matter of weeks ago for the

particular hole that led to WannaCry, but many users had either not installed it
or did not have automatic updates activated on their systems.

 Unfortunately, this kind of secrecy—while necessary to keep hackers

from launching new malware attacks—also means that if the developer


themselves discovered the hole and patched it in the next regularly
scheduled update, you may never know about it.

 That’s why it’s very important to keep all of your software and

handheld devices up-to-date; depending on your comfort level with


your own tech you might choose to set your computer to automatically
install any new updates from the developer.
Denial-of-Service
 A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or

network, making it inaccessible to its intended users.


 DoS attacks accomplish this by flooding the target with traffic, or sending it

information that triggers a crash. In both instances, the DoS attack deprives
legitimate users (i.e. employees, members, or account holders) of the service or
resource they expected.

 A DoS attack is an attempt to make computer resources unavailable and


deny to give service to its legitimate users.
 In this attack, the attacker floods the bandwidth of the victims’ network by
sending constant multiple request to the victims’ server and make it busy for
giving response of the multiple request
 It is the actual reason for preventing access to a service to the genuine
users.
 DoS attacks often last for days, weeks and even months at a time,
making them extremely destructive to any online organization.
 They can cause loss of revenues, consumer trust, force businesses to
suffer long-term reputation damage.
 Victims of DoS attacks often target web servers of high-profile

organizations such as banking, commerce, and media companies, or


government and trade organizations.
 Though DoS attacks do not typically result in the theft or loss of

significant information or other assets, they can cost the victim a great
deal of time and money to handle.
 There are two general methods of DoS attacks: flooding services or

crashing services. Flood attacks occur when the system receives too
much traffic for the server to buffer, causing them to slow down and
eventually stop
DDoS (Distributed Denial-of-
Service) Attacks
 A DDoS attack means Distributed DoS attack, DoS
attacks from multiple computer for the same victim is
Distributed DoS attack.
 A large numbers of zombie systems are synchronized to
attack a particular system. The zombies are infected by
the attackers and it is also victims in the DDoS attack.
 The zombie systems are called “Secondary Victims”
and the main target is called “Primary Victim”.
 Malware carries the DDoS attack mechanisms.
 Botnet is the popular medium to lunch DDoS
attack
Basic Fundamental
IP Address

 An Internet Protocol address (IP address) is a numerical label assigned


to each device (e.g., computer, printer) participating in a computer
network that uses the Internet Protocol for communication.
 An IP address serves two principal functions: host or network interface
identification and location addressing.
 Two Version of IP address:
 IPv4
 IPv6

 IPv4 uses 32-bit for address. Example: 192.168.1.1


 IPv6 uses 128-bit for address. Example:
2001:0db8:85a3:0000:0000:8a2e:0370:7334
 IP addresses are usually written and displayed in human-readable
notations.
MAC Address

 A media access control address (MAC address) is a unique


identifier assigned to network interfaces for
communications on the physical network segment.
 MAC addresses are used as a network address for most
IEEE 802 network technologies, including Ethernet, Wi-Fi
& Bluetooth.
 It is also known as physical address or hardware address.
 The MAC address is a string of usually six sets of two-
digits or characters, separated by colons.
 For example, consider a network adapter with the MAC
address 01:0a:95:9d:58:36.
DNS
 DNS stand for “domain name system”.
 It converting human-readable website name
into computer-readable numerical IP
addresses.
 For example:
 If you want to visit Google, then open
www.google.com into your web browser‘s
address bar instead of IP address. However,
your computer does not understand where
www.google.com is located.
 Behind the scenes, the internet
and other networkuse
numerical IP addresses.
www.google.com is located at the IP address
73.194.39.78 on the internet
Zero-day vulnerability
 Zero-day vulnerability refers to a hole in software
that is unknown to the vendor.
 This security hole is then exploited by hackers
before the vendor becomes aware and hurries to
fix it- this exploit is called a zero day attack.
 Zero-day vulnerabilities are particular dangerous
because they represent a gap in knowledge
between the attacker and defender.
Access Control
 Access Control is a method of limiting access to a system
or resources. Access control refers to the process of
determining who has access to what resources within a
network and under what conditions.
 It is a fundamental concept in security that reduces risk to
the business or organization.
 Access control systems perform identification,
authentication, and authorization of users and entities by
evaluating required login credentials that may include
passwords, pins, bio-metric scans, or other authentication
factors. Multi-factor authentication requires two or more
authentication factors, which is often an important part of
the layered defense to protect access control systems.
Components of Access Control

 Authentication: is the process of verifying the identity of a user. User


authentication is the process of verifying the identity of a user when that
user logs in to a computer system.
 Authorization: Authorization determines the extent of access to the
network and what type of services and resources are accessible by the
authenticated user. Authorization is the method of enforcing policies.
 Access: After the successful authentication and authorization, their
identity becomes verified, This allows them to access the resource to
which they are attempting to log in.
 Manage: Organizations can manage their access control system by
adding and removing authentication and authorization for users and
systems. Managing these systems can be difficult in modern IT setups
that combine cloud services and physical systems.
 Audit: The access control audit method enables organizations to follow
the principle. This allows them to collect data about user activities and
analyze it to identify possible access violations.
Digital Signature
 A digital signature is a mathematical technique used to
validate the authenticity and integrity of a digital document,
message or software.
 It's the digital equivalent of a handwritten signature or
stamped seal, but it offers far more inherent security. A
digital signature is intended to solve the problem of
tampering and impersonation in digital communications.
 Digital signatures can provide evidence of origin, identity
and status of electronic documents, transactions and digital
messages.
 Signers can also use them to acknowledge informed
consent. In many countries, including the U.S., digital
signatures are considered legally binding in the same way
as traditional handwritten document signatures.
 Digital signatures are based on public key
cryptography, also known as asymmetric cryptography.
Using a public key algorithm, such as Rivest-Shamir-
Adleman, or RSA, two keys are generated, creating a
mathematically linked pair of keys: one private and
one public.
 Digital signature technology requires all parties to trust
that the person who creates the signature image has
kept the private key secret. If someone else has access
to the private signing key, that party could create
fraudulent digital signatures in the name of the private
key holder.

You might also like