1.

Introduction: Cyber Security threats

A cyber threat or cybersecurity threat is defined as a malicious attempt deliberated to gain

unauthorized access to a network, steal confidential information, alter or corrupt data, disrupt the
digital wellbeing and stability of an organization. Some of the cyber threats are data breaches,
malware, social engineering, man in the middle (MitM) attacks, denial of service (DoS),
phishing and injection attacks. Cyber threats can arise from a wide range of sources, including
hostile nation states and terrorist groups, individual hackers, and trusted persons such as
employees or contractors who abuse their authority to commit harmful activities. Cyber security
refers to a set of principles and practises for safeguarding our computing resources and online
data against attackers. In this chapter you will learn how it all began and how it has continued to
expand significantly. Also, have a thorough understanding of the history of cyber security and
how it all started with the growth of cybercriminals.

1.1 History of Cyber Security

Since the first computers went online and began connecting with one another,
cybersecurity has evolved gradually. Although the amount of risk is substantially higher today
than it was then, these concerns appear to have always alarmed computer users, and with good
cause. As technology gets better, cyber threats potentially evolve as well. Criminals in the
industry are always coming up with new techniques to penetrate and steal data. The history of
the cyber security has explained in the following.

The 1950’s
In the 1950s, the word “cyber” referred to cybernetics – the science of understanding the
control and movement of machines and animals. This was followed by “cyber” standing for
“computerized.”

The 1960’s - Password protection

In 1960, organizations began to take sensible precautions with their computers. Because
there was no internet or network to worry about, security only focused on physical components
and denying access to persons who do not have authority to access the system. The system now
has a password and many levels of security. To ensure that the data stored in the system was
safe, security precautions were implemented.
The 1970’s - Creeper vs Reaper
The first computer virus created was entirely an innocent mistake. Engineer Bob Thomas
created a code in 1970 with the goal of moving programmes across ARPANET-connected
systems. The code showed a hilarious message, "I'm the Creeper: Catch me if you can!" with no
intention of causing any harm. In return Ray Tomlinson, a friend of Bob's, created a more
advanced version of the software that copies itself multiple times on the computer system.
Reaper is a coding software that deletes Bob Thomas' original programme code and repeats itself
on it. The clash between the Creeper and the Reaper was a historic event in cyber security.

The 1980’s - The rise of powerful hackers

In 1980, computer viruses became highly advanced, and security mechanisms were no
longer capable of protecting systems from new hacking techniques. Marcus Hess, a German
computer hacker, stole US military secrets in 1986. He hacked around 400 systems at the
Pentagon, including mainframes, and offered to trade their codes to the KGB.
In 1988, Morris Worm created one of the major turning points in the history of
information security. The use of the internet began to quickly increase. Security procedures have
grown too expensive, resulting in the emergence of a new virus. It was given the name Robert
Morris after its creator. The worm spreads across networks and duplicates itself. Its goal was to
identify vulnerabilities in a network interruption blocking system. The worm replicates itself so
quickly that it affects the system and reduces internet speed.

The 1990’s - Firewalls came into an Existence

In 1990, more number of people became aware of the internet. They began to share their
personal information on the internet. The attackers discovered a profitable source of funds and
began stealing personal information from government officials and internet users. Netwrok
security threats security evolved rapidly. Firewall and anti-virus software were mass-produced in
large quantities, and the researchers developed a virtual firewall that was formed on the physical
body to prevent disasters from spreading within structures. Antivirus software was developed to
reduce the risk of attacks. But the computer viruses and worms became powerful and fast, so
hackers had more gain at that time.
In 2000 - Punishment decided in the eye of the law
Hacking was declared as a crime by the government in 2000, and the criminals were
subjected to harsh punishments. It was the first time that a punishment for hackers had been
decided. As the number of internet users and their usage increased, so did the number of viruses.
Hackers have become more powerful and they started to build harmful viruses that infect entire
towns, states, countries, even continents.

1.2 Types of Cyber Security

The assets of every company are made up of a collection of different systems. These
systems have a strong cybersecurity posture, which necessitates coordinated actions across the
board. As a result, cybersecurity may be divided into the following sub-domains:

Every organization's assets are the combinations of a variety of different systems. These
systems have a strong cybersecurity posture that requires coordinated efforts across all of its
systems. Therefore, we can categorize cybersecurity in the following sub-domains:
Network Security: It involves implementing the hardware and software to secure a
computer network from unauthorized access, intruders, attacks, disruption, and misuse. This
security helps an organization to protect its assets against external and internal threats.
Application Security: It involves protecting the software and devices from unwanted
threats. This protection can be done by constantly updating the apps to ensure they are secure
from attacks. Successful security begins in the design stage, writing source code, validation,
threat modeling, etc., before a program or device is deployed.
Information or Data Security: It involves implementing a strong data storage
mechanism to maintain the integrity and privacy of data, both in storage and in transit.
Identity management: It deals with the procedure for determining the level of access that
each individual has within an organization.
Operational Security: It involves processing and making decisions on handling and
securing data assets.
Mobile Security: It involves securing the organizational and personal data stored on
mobile devices such as cell phones, computers, tablets, and other similar devices against various
malicious threats. These threats are unauthorized access, device loss or theft, malware, etc.
 Cloud Security: It involves in protecting the information stored in the digital
environment or cloud architectures for the organization. It uses various cloud service providers
such as AWS, Azure, Google, etc., to ensure security against multiple threats.
Disaster Recovery and Business Continuity Planning: It deals with the processes, monitoring,
alerts, and plans to how an organization responds when any malicious activity is causing the loss
of operations or data. Its policies dictate resuming the lost operations after any disaster happens
to the same operating capacity as before the event.
User Education: It deals with the processes, monitoring, alerts, and plans to how an
organization responds when any malicious activity is causing the loss of operations or data. Its
policies dictate resuming the lost operations after any disaster happens to the same operating
capacity as before the event.

1.3 Implementation of Cyber Security

There are several procedures for actually implementing cybersecurity, but when it comes to
fixing security-related issues genuinely, there are three primary steps involved.

 Identify the Problem

The first step is to identify the problem that is causing the security issue, for example, we
have to recognize whether there is a denial of service attack or a man in the middle
attack.

 Analyse and Evaluate

The next step is to evaluate and analyze the issue. Make sure that isolate all the data and
information that may have been compromised in the attack.

 Treat

Finally, after evaluating and analyzing the problem, the last step is to develop a patch that
actually solves the problem and brings back the organization to a running state.
Three principles are kept in mind for various computations while identifying, analysing, and
treating a cyber assault. They are as follows:

 Vulnerability
 Threat
 Risk