Course Title: Cyber Security

Course Co-Ordinator: Dr Padmavathi

Ganapathi Professor-Department of
Computer Science Avinashilingam Institute
for Home Science and Higher Education for
Women
(Deemed-to-be-University),
Coimbatore
padmavathi.avinashilingam@gmail

.com 9486772744

Content Reviewer : Dr V Rhymend Uthariaraj

Professor, Department of Information
Technology Madras Institute of Technology
Campus,
Anna University, Chennai-600
044. [email protected]
+919444150081

CYBER SECURITY Week-1 E-Text

 Week 1: Introduction to Cyber Security-Fundamentals of Cyber Space-
Information systems-Security Principles - Why Cyber Security is important?-
Cyber security Challenges.
e-text
Objectives
The objectives of the first week of the course are to:
 Introduce the users the fundamentals of cyber security
 Present about cyberspace
 Highlight the importance of cyber security, security principles, and
Cyber Security Challenges.
Learning outcomes
After studying this week, students will be able to:
i. Define and explain the concepts of Cyberspace
ii. Delineate the components of Cyberspace
iii. Compare Cyberspace with Internet
iv. Realize the importance of Information Systems in current technology
world
v. Appreciate the importance of security in information systems
vi. Define Cyber Security
vii. Derive the important terminologies and differentiate between certain
terms.
viii. Summarize the security rudiments through the incidents happened
both at National and International Level.
ix. Comprehend the cyber security challenges.
Brief outline and Structure
S.No Topic
1.1 What is Cyberspace? : An Introduction
1.2 The Origin of Cyberspace
1.3 Levels of Cyberspace
1.4 Components of Cyberspace
1.5 Cyber Domain Characteristics

CYBER SECURITY Week-1 E-Text

 1.6 Driving forces of Cyberspace
1.7 Advantages and Shortcomings of Cyberspace
1.8 What is Internet?
1.9 Comparing and Contrasting Internet with Cyberspace
1.10 Introduction to Cyber Security – What is Cyber Security?
1.11 Importance of Cyber Security
1.12 Common tools of Cyber Security
1.13 Key Elements of Cyber Security
1.14 Information Systems-an Introduction
1.15 Security of Information Systems
1.16 Factors Contributing to Insecure Information Systems
1.17 Protection of Information Systems and their Data
1.18 Issues in Information Systems
1.19 Security Requirements for Information Systems
1.20 Security Principles
1.21 Security Measures
1.22 Why Cyber Security is important?
1.23 Who are Hackers? What do they do generally?
1.24 Common ways of how a computer can become infected
1.25 Statistics on Cyber Attacks
1.26 Need for Security- A Technological View
1.27 Types of Cyber threats
1.28 Methods and Practices of Countering Cyber Attacks
1.29 Cyber Security Core Functions
1.30 Four Important Fundamentals of Security
1.31 Other essentials in securing the Computing systems
1.32 Cyber Security Challenges

CYBER SECURITY Week-1 E-Text

1.1 What is Cyberspace? : An Introduction

We are all living in the digital era. All our daily activities either partially or
totally depend on digital devices or Internet. Every Organization whether it is
government or non- government and individuals rely on the usage of
computer networks, systems and related technologies. Most of our daily
routines, including both personal and professional activities, depend on
digital devices connected through public and private networks and the
Internet.
Where do we operate, and which connects us? These are the major questions
that most of us raise when we think about the way we use Internet and other
resources for communication. The answer is: Cyber Space. Cyber Space is
the virtual space that connects all of us and enables the information
exchange, necessary to support interactions in the digital era. More

Definition

Cyberspace refers to the virtual space that provides the

infrastructure, electronic medium and related elements necessary
for online global communication.

specifically, Cyberspace can be defined as,

Cyberspace is a virtual space technically created by human beings. It can be
thought of as the second life space where human beings operate for social
interactions, entertainment, business operations as well as for personal
activities and interests.
Is it a Virtual environment or closely related to it?
"Cyberspace" no longer implies a virtual environment. However, the
incorporation of digital technology possess a large variety of competences
like sensors, signals, connections, transmissions, processors, and controllers
that are necessary to create a simulated interactive experience through
Cyberspace. Simulated environments can also be created in the Cyberspace
for a virtual experience.
Cybernauts are those People who are actively engaged in Cyberspace for all
CYBER SECURITY Week-1 E-Text
their social experience.

CYBER SECURITY Week-1 E-Text

 1.2 The Origin of Cyberspace

The term cyberspace is derived from the word cybernetics which in turn is
extracted from ancient Greek word kubernētēs, that refers to steersman or to
give direction. Recent years have seen a wide proliferation of context-
dependent suffixes applied to cyber.
The term cyberspace first came into existence in various contexts in visual
arts and science fiction during 1940, 1960 and 1984. However, the first
reference was made by the founder of Electronic Frontier Foundation, in the
year 1990 and later in 1991 by Mr. Benedict, which is close to the existing
relationship of computer and telecommunication systems.

1.3 Levels of Cyberspace

Since Cyberspace is a common domain where everyone can operate and no

one can own or govern, there are many trespassing(अतिक्रमण) happening.
Therefore, it is necessary to understand the levels of Cyberspace.
Figure 1.1 depicts the levels of Cyberspace, namely
i. Core Cyberspace and
ii. Extended Cyberspace.

Core Cyberspace

Extended Cyberspace

Figure 1.1Two Levels of Cyberspace

1.3.1 The Core Cyberspace

Core cyberspace covers all electronic devices, the transmission medium or

connecting medium, the control codes, the operation codes, software used to

CYBER SECURITY Week-1 E-Text

handle them and finally the data. This is the place where all of us operate.

CYBER SECURITY Week-1 E-Text

 1.3.2 The Extended Cyberspace

The extended Cyberspace covers everything that surrounds the core.

Anybody can access the core through this extended space. For example, an
automated car or a smart appliance operated through remote control,
through this Cyberspace. That is, one gets the control of core only through
extended cyberspace.
Extended cyberspace is very attractive to new generation of intruders,
including government hackers for Cyber warfare. That is Cyberspace
provides a battle space to target government, business organizations or a
Nation’s critical Infrastructure. It may provide an informal access, if the
security system is not in place. Whether Cyberspace is attractive or not, it is
all about how people choose to use it. Let us see the elements of Cyberspace
in1.4
theComponents of Cyberspace
following section.

Cyberspace comprises 6 major elements as illustrated in Figure

1.2. More specifically, the components of Cyberspace are:
i. Physical infrastructure and telecommunication devices
ii. Computer systems and related software
iii. Networks connecting computer systems and devices
iv. Network of Networks or Internet
v. User and intermediaries Access nodes
vi. Constituent Data

Physical Devices Computer and Data

Software

Networks

Intermediaries

Network of Networks

CYBER SECURITY Week-1 E-Text

 Figure 1.2 Major Components of Cyberspace

CYBER SECURITY Week-1 E-Text

For example, if a person wants to send a message or picture to another person, he
needs the following: first of all, a device for him to send and for the other person to
receive, a network for connectivity, a software or protocol to facilitate the exchange, a
space or a global mechanism for seamless integration of all, the intermediate elements
that do the smooth transfer from one end to other end and finally what is being
transferred that is - data (message, picture, audio, video or a combination of all). The
components of Cyberspace can be arranged on different levels. The level on
which cyberspace operations are conducted is determined by three layers.
Figure 1.3 shows the three layers of cyberspace, namely
i)Physical Layer
ii) Logical Layer and,
iii)Cyber Personal Layer

Cyber Personal Layer

Logical Layer

Physical Layer

Figure 1.3 Layers of Cyberspace

Physical Layer: Comprises the components of physical and geographical
network. It is the means through which data travels.
Logical Layer: Contains network elements that are associated with each other
which are distant from the physical network. It also indicates the structure of
connection of the physical components.
Cyber Personal Layer: Involves the people actually present on the network.
1.5 Cyber Domain Characteristics
The significant characteristics of Cyber Domain are:
i. Connectivity
ii. Virtuality
iii. Expansion

CYBER SECURITY Week-1 E-Text

 iv. Ambiguity
v. Interactivity
Figure 1.4 shows all the main characteristics.

Major Characteristics of Cyber Domain

Connectivity Virtuality Expansion Ambiguity Interactivity

Figure 1.4 Cyber Domain Characteristics

i. Connectivity: As discussed earlier in section 1.4, Cyberspace
interconnects a wide range of physical systems. All these elements
are not physically present in one place but connected virtually in
different places, but they appear as a single entity from the user’s
perception.
ii. Virtuality: Cyber Space is both unbound and virtual in nature. In other
words, Cyberspace does not exist in reality. Rather, it is an
abstraction that can only be realized virtually.
iii. Expansion: Since all communications take place within this virtual
place through various means and with different types of data,
Cyberspace is growing very fast. With the amount of data shared
and used, as well as the number of users sharing, the situation
leads to data proliferation.
iv. Ambiguity: Due to its virtual nature, and lack of physical existence,
with absolutely no centralized controlling or monitoring mechanism,
Cyberspace is indistinctive and ambiguous in nature.
v. Interactivity: Though it is intangible in nature, all communications and
data sharing occur seamlessly through this medium. Cyberspace is
fundamentally interactive in nature.
Ultimately cyberspace provides collaborative and virtual space for a wide range
of participants. All the above five features make Cyberspace inherently
uncertain and complex.
CYBER SECURITY Week-1 E-Text
 1.6 Driving forces of Cyberspace

The factors that influence, or the driving forces of Cyberspace are time, space,
anonymity, asymmetry and efficiency. Figure 1.5 shows the driving forces, the
key factors.
Efficiency
Time Space
The key
Vital and Interlinked efficiency
irreplaceab with time element
erspace inis
le into a simultaneou
cyb s
Action, complex actions in differ
preparation, tapestry dimensionalities
realization takes The Initiation are
time of Cyber- performed by the
In cyberspace, attack is operators

Asymmetry Anonymity
Opponent's weak Cyberspace and
point exploitation its operations are
by claiming to be identified
competitive
advantage in the Difficulty to
most optimal way detonate the
location of the
Asymmetrical operator with
warfare their identity
opportunities are

Figure 1.5 Cyberspace Driving Forces

1.7 Advantages and Shortcomings of Cyberspace
The advantages of cyberspace include
i. Informational resources
ii. Entertainment
iii. Social networking
The virtual library of information offers required information on any topic at
any point of time and cyberspace acts as the informational resource now-a-
days. Entertainment and social networking play a major role in cyberspace
as the cyberspace has been evolving as a great medium to connect people
these days.
The disadvantages are due to this great medium of connectivity, as it leads
to spamming, theft of information and threats etc., as the cyberspace
CYBER SECURITY Week-1 E-Text
provides a platform for all criminal activities also. Therefore, security is a
major challenge.

CYBER SECURITY Week-1 E-Text

Generally, people confuse between Internet and Cyberspace. Are they one
and the same or different? Let us see.
1.8 What is Internet?
Internet is an inter-connected network. It comprises of a large number of
world-wide computers connected in a network to facilitate communication and
data exchange.
Definition 1

It makes use of the TCP/IP protocol suite for data transmission and exchange
(Source: Webster Online Dictionary)

Definition 2

A universal system of interrelated computer networks that utilizes Internet

protocol suite (TCP/IP) to link worldwide devices is referred to as the
Internet. (Source: Wikipedia)

Definition 3

A wide variety of information and other communication related facilities in an

interconnected networks standardized using communication protocols is provided
by universal computer.(Source: Oxford Dictionary).

Therefore, Internet provides the technical platform for communication and

actions through well-defined standards of operations.
1.9 Comparing and Contrasting Internet and Cyberspace
Often, the terms Internet and cyberspace are used interchangeably and
considered to be the same in the meaning and usage. However, there are
certain key differences between Internet and Cyberspace.
The Internet links smaller or larger networks of computers, servers and other
personal devices that exist within the scope of Internet.
However, Cyberspace is a symbolic and figurative space that exists within
the Internet and supports a multitude of business, government and social
interactions through information exchange.
Nature of cyberspace: Cyberspace derives more from the decisions made at
the cognitive level rather than through the operation of physical systems.
CYBER SECURITY Week-1 E-Text
The design of the Internet results in a cyberspace that is built out of
components and provides services designed to form more complex services.
Data exchanged in Cyberspace can be in the form of text, audio, video and
image. Internet is a 50-year-old technology. Starting with the military
applications, it was widely used as a tool by the academicians and
researchers to exchange data easily.
After digital communication revolution, introduction of TCP/IP protocol,
Domain Name System (DNS) and Addressing methods made the Internet
available to all devices and all types of users.
Due to privatization and commercialization, Internet started developing
rapidly. Rather, Internet simplified the operations of the organization by
killing the distance.
Therefore, Cyberspace and Internet vary in terms of their meaning, definition
and operations.
The term cyberspace has led to the introduction of other words like, cyber
1.10 Introduction
security, to Cyber
cybercrime, Security - Definition
Cyberwarfare, cyber terrorism and cyber espionage.
Initially
Cyberthe terms
security cyberspace
refers to the actionsand cyber
which security
are taken were
inorder usedthe
to prevent widely in the
computer
academic circle.
systems or the Internet from unauthorized access or against attacks.(Source:
Webster online Dictionary)

It is also referred to process of protecting devices or electronic data from unauthorized

access. (Source: Oxford Dictionary)

Cyber Security also refers to the measures taken against data thefts or protect the
computer systems from damages such as hardware, software or information, as well as
from interruption or deception of various computer services. (source: Wikipedia)

Definition 1

Cyber Security includes techniques that protect computers, networks,

programs and
data from illegal access or outbreaks that may be misused.

Definition 2
CYBER SECURITY Week-1 E-Text
Cyber Security is a technology framework that consists of various
procedures and operations intended to defend networks, computers,
programs and data from outbreak, damage or illegal access.
 Definition 3

Cyber Security involves a wide range of practices in protecting the

integrity of networks, programs and data from various attacks, harm

Definition 4

Cyber Security refers to protection of computer resources or information

from theft , compromise or confront using deterrent measures through a
consideration of possible information threats, like malwares and other
malevolent codes. Identity management, risk management and incident
management are some of the common cyber security strategies in

1.11 Importance of Cyber Security

Some of the remarkable significance of Cyber Security are:

 It endeavors to safeguard that the security properties are realized and
maintained by the Organization.
 User’s assets are protected against various cyber security risks and
remain intact.
 The importance of ensuring protection from attacks, damage and
authorized access on networks, computers and programs is equivalent
to daily routine operations of an organization.
 Helping to understand the current trends in IT and develop effective
solutions.
 Reducing vulnerability in information and ICT systems and networks.
 Enforcing integrity, confidentiality and availability.
1.12 Common Tools of Cyber Security

With the understanding based on the discussions made so far, the Common
tools used for cyber security may be listed as:
 Passwords
 Anti-virus/Anti-malware Software
 Software patches
 Firewalls
 Two-factor Authentication
 Encryption
CYBER SECURITY Week-1 E-Text
Figure 1.6 shows the common tools used

Passwords

Anti-Virus/ Anti-Malware
Software
Software Patches

Common
Firewalls
tools used to
prevent Authentication
Data
Encryption
Leakage

Figure 1.6Standard Tools used for prevention of Data Leakage

1.13 Key Elements of Cyber Security
The key essentials of Cyber Security
i. Application Security
ii. Information Security
iii.Network Security
iv. Disaster Recovery
v. Operational Security and
vi. End-User Education
1.13.1 Application Security
Application security covers procedures or actions that can be taken care of
throughout various stages in the development life-cycle process of an
application. This is to ensure that the application is protected from threats
and vulnerabilities that arises through faults in the development of
applications like, design, deployment, up-gradation or preservation. Some of
the basic techniques involved in ensuring security in applications are:
 Validating the Input parameters
 Authenticating and authorizing valid Users/Roles
 Managing Sessions, manipulating parameters and managing the exceptions
 Security Auditing and Log Analysis.
CYBER SECURITY Week-1 E-Text
 1.13.2 Information Security

The fortification of information from illegal access or information theft thereby

preserving the privacy is referred to as the Information Security. Some of the
common practices that provides Information security are:
 Identification, validation and authorization of users
 Cryptography.
1.13.3 Network Security

The process of ensuring the usability, consistency, truthfulness and security of

the network is referred to as the Network security. Large number of threats
are recognized and stopped from further spreading or entering into the
network system through an Effective network security strategy. Network
security compromises of the following components:
 Anti-virus and anti-spyware
 Firewall, identifies and blocks any unauthorized network access
 Intrusion Detection system (IDS) automatically detects Network Intrusions and
Intrusion Prevention Systems (IPS) that identifies destructive threats, like zero-
day or zero-hour attacks
 Virtual Private Networks (VPNs) provides safe remote access.
1.13.4 Disaster Recovery

A development process that is used to assess various types of risks and

establish different priorities thereby evolving disaster recover strategies is
known as Disaster recovery. Every organizations must develop proper
disaster recovery strategies to protect their business-related activities from
damage. Rather, they should take pro-active measures to handle disasters
because information is a major asset of an Organization.
1.13.5 Operational Security
Very stubborn or stringent measures must be taken as far as operational level
security is concerned especially in a complete automated environment. Of all
the risks, it is really difficult to fix the operational risks in an organization
when data leakages or security breaches happen.

CYBER SECURITY Week-1 E-Text

 1.13.6 End-User Education

The most essential and viable solution is end user education. Most of the
security incidents happen only because of lack of knowledge on the handling
side of the users. Many incidents happen without realizing the significance of
certain activities.
Of all the above, end-user education is very important for an organization to
avoid unnecessary incidents against security.
Why Cyber Security is a challenge in Today’s Digital era?
Dependence on technology is more and the dependency has made it more
vulnerable to compromise. Cyber Security problems are identified in
technologies provoking cyber- attacks easier and more dangerous. The main
problem addressed are being ignorant about the role of cyber security and
the complex situations imbibing various past and current technologies.
What are the cyber security questions?
The questions to be addressed on securing the operations in cyberspace are
i. From what to protect?
ii. What to protect?
iii. How to protect?
The main focus is on the first question. The main concern on this aspect is on
Deciding on what or from what, to mainly protect, and how to operate
strongly during system failures.
Addressing the second question is on the possible threats and the threats are
analysed for further detection in future.
The third question addresses the object’s security assurance from
threatening factors through measures and procedures of implementation.
Cyber security has a significant importance in the current world of digital
technologies as most people make use of Internet for their daily activities.
This replaces the mechanical process with the use of software. The global
usage of Internet has also authorized individuals to unleash unique levels of
innovation, creativity, and has also created new markets unruling old ones.
As Internet is used world-wide it suffers from various security challenges and
CYBER SECURITY Week-1 E-Text
issues of which most of them help in improving the emergence of cyber

CYBER SECURITY Week-1 E-Text

security practices. The major challenge that exists in cyberspace is the
anonymity, as it creates security breaches and complexity between
individuals and government legislations.
1.14 Information Systems-an Introduction
All automated and semi-automated systems span around Information as
Information is the major resource of an Organization. No organization can
survive today in the digital era without a proper Information system in place.
An Information system contains details regarding software, hardware, data,
people and procedures. Sometimes processes and essential system elements
like environment, boundary, purpose, and interactions that surround are also
considered as part of an Information System. Organizations are highly
1.14.1 Fundamental
influenced Concepts
by Information of Information
systems Systems
to do their business in a modernized way.

An information system (IS) is an organized system for collecting, organizing,

storing and communicating with the information. Here the organizations that
use Information system do data collection, filtration, processing, creation and
distribution in complementary networks. In other words,
o Information systems capture both internal data and external data of the
organization and its environment.
o IS Stores the database items over an extensive period of time.
o Based on the user’s need for specific information, the suitable data
items are deployed as necessary.
o The output from the information system varies on its type and may be
displayed in the form of query response, decision outcome, expert-
system advice, transaction document, or a report.
The organization practice provides the established and accepted procedures
for collecting, storing, manipulating, and accessing data and the formal
information systems follow in order to obtain information. The transformation
of data into knowledge is the main role of information systems. With respect
to technological evolution, the information systems became the backbone of
the organization to support decision making and provide value to the
organization. The most important challenge the organizations face in today’s
CYBER SECURITY Week-1 E-Text
digital era is security.

CYBER SECURITY Week-1 E-Text

 1.15 Security of Information Systems

The security of information systems depends on the process and the

methodologies applied for keeping the information confidential, available,
assuring integrity. The security is provided by access controls, protection
methods and detection with remediation by documenting the events.
Information system security deals with all forms of data protection.
1.16 Contributing Factors for Insecure Information Systems
As already mentioned, information system is the integral component of any
organization. The information systems function properly, relying on
individuals, companies, and governments. A devastating situation may arise
due to loss of data. The factors that are threatening the security of
information systems are:
- Lack of awareness
- Wide-open Internet access
- Network traffic
 Lack of Awareness
It is very essential to be aware of various security issues as Information
Systems are more prone to frequent attacks and sophisticated threats.
Hence, Information systems must be examined regularly and frequently to
identify the primary intrusions challenging their security. If one lacks this
awareness of recognizing a threat or vulnerability or risk or any other
weakness in the system, then Information Systems will face major challenges
causing damages to the resources stored in it.
 Wide-open Internet Access
Internet is an open medium and Users are connected without any
geographical and physical barriers. Wide-open Internet access throughs the
problem of Information Security compromising confidentiality, integrity and
availability of shared information.
 Network traffic
Network traffic refers to the amount of data or information passing across a
network at a particular time. As these data are encapsulated in network
CYBER SECURITY Week-1 E-Text
packets, it loads the network resulting in the poor quality of providing
network services. A network traffic in an Information System can be any of
the following

CYBER SECURITY Week-1 E-Text

 - busy/heavy traffic
- non-real-time traffic
- interactive traffic
- or latency-sensitive traffic.
Figure 1.7 shows the factors that threatens the Information Systems Security.

Lack of
Awareness

Insecure
Information
Systems

Wide-open Internet
Network Traffic
access

Figure 1.7 Factors threatening the security of Information Systems

1.17 Protection of Information Systems and its Data

Information is the important asset of an organization and failing to realize

the data value leads to loss of data and security breach in information
systems. Mostly, policies, procedures and controls are used to enforce the
protection of information systems and data. Policies and procedures help in
implementing the standards of organization. Internal controls provide a basis
for the protection of information systems and data. The internal control
methods provide plan for the following:
 Safeguarding assets – to protect the resources present in the Information
Systems
 Reliable and accurate information – to maintain the integrity of the
Information Systems and prevent them from compromise in other
words improved reliability
 Improving operational efficiency – to increase the ability to
enhance their operations according to the prescribed standard of
Information Systems

CYBER SECURITY Week-1 E-Text

  Adhering to policies – to follow the strategies strictly to protect
Information Systems from various threats, risks, vulnerabilities and
other Cyber Attacks.

CYBER SECURITY Week-1 E-Text

Hence by taking into account of these internal control methods, the Information
Systems can be prevented from insecure access.
Figure 1.8 shows the various plan in internal control mechanism of Information
Systems.

Plans in Internal Control

Methods of Securing
Information Systems
• Safeguarding Assets
• Reliable and accurate
information
• Improving operational
efficiency
• Adhering to policies

Figure 1.8 Various plans in Internal Control methods of Secure Information

Systems
1.18 Issues in Information Systems
Information systems face a lot of problems either in the form of cybercrime or
through computer abuse due to its increasing evolution in the field of
technology world promoting any illegitimate or unscrupulous task. Both
Computer crime and computer abuse executes differently. Computer crime
refers to the use of computers by an individual to perform unauthorized or
illegitimate activities causing damages to the information and resources that
resides inside it. The increased dependability of businesses and individuals
on information systems encourages an individual to perform crime and
abuses related with computers and the insecure telecommunication
networks pose an increased risk of threat. An illegitimate user can easily
access the information during the failure of Hardware and software, fire,
electrical problems, personnel actions, user errors, and telecommunication
problems. The information systems move into more threatened state during
the exposure of the telecommunication networks. Major threats to

CYBER SECURITY Week-1 E-Text

Information systems today are:
 Spamming

CYBER SECURITY Week-1 E-Text

  Hacking
 Jamming
 Malicious software
 Sniffing and spoofing(phishing)
 Identity theft
 Cloning
All these will be explained in a later section. In summary, the important point to be
noted here is that security is a major challenge in Information Systems.
Figure 1.9 shows the various forms of threats that target the Information Systems.

Hackin Jammin
g g

Information
Systems
spammin
g
Malware
s

Clonin
g

Phishin
Identity g
theft
Figure 1.9 Major threats to Information Systems
1.19 Security Requirements for Information Systems
The security principle for information system is a triad which will be discussed in
future. In addition to this triad, there are principles for maintaining and
securing the information systems. They are:
 Accountability

CYBER SECURITY Week-1 E-Text

  Management of data
 Trust
 Isolation
 Change
 Compliance
These principles are applied over the entire system development process and
the security is enforced in the system. Information system security
requirements should be based on
 Data Confidentiality
 Data Integrity
 System availability
 System configuration
o Data Confidentiality
This prevents the readability of sensitive information and disclosure of such
information to unauthorized recipients by controlling measures. In other
words, people who have authorized permission are allowed to access the
confidential information. Whereas the other unauthorized parties are
prevented from information access.
o Data Integrity
Establishing the assurance of modification, alteration, change of information is
done in a definite and legal means. It also refers to the process assuring the
consistency and validity of data over its lifecycle. Data integrity improves the
reusability and maintainability of information increasing the stability and
performance of Information Systems.
o System availability
System availability is the probability of a system that functions under normal
operating conditions. It assures authorized users to access the information
and resources of the system during a specific time.
o System configuration
Based on well-defined security guidelines and authorization of users, the system
or the network’s configuration are changed accordingly. Information Systems
have their own configuration functions to let administrators or users to
CYBER SECURITY Week-1 E-Text
change their system configuration. The security requirements are to be
satisfied and this is followed by security services like,
 Authentication

CYBER SECURITY Week-1 E-Text

  Authorization
 Auditing
 Non-repudiation
o Authentication
It is used to verify the identity of a particular user during any type of access in
the system. This type of identity is generally authenticated based on what a
user knows (e.g., a password), what a user has (e.g., a hardware computer-
readable token), or what a user is (e.g., a fingerprint). Only if the password,
token or fingerprint is valid, the user will be allowed to access the system
and its related resources. An unmatched password, token or fingerprint
denies access and the person is declared to be illegitimate.
o Authorization
It is used to grant permission to authorized users to accomplish a determined
set of activities. It also specifies access rights and privileges to the resources
related to Information Security. During this process, the system verifies for
its authenticated user’s identity and either grants or denies access to
information resources.
o Auditing
It accounts each invoking operation in addition to the identity of the subject
performing it and the object acted upon. Conducting a Security audit
mechanism is very essential in Information Systems so as to increase its
competence.
o Non-repudiation
Non-repudiation is a legal perception which is a broadly used service in
Information Security Systems that delivers the proof of data origin and data
integrity. It makes use of digital signatures to sustain the integrity of a given
message along with the creator’s identity protecting a subsequent attempt
in denying user’s authenticity.
Figure 1.10 shows the requirements and services for securing Information systems.

CYBER SECURITY Week-1 E-Text

 Data Confidentiality Authentication

Authorization
Data Integrity

System Availability Auditing

System Configuration Non-repudiation

Figure 1.10 Security Requirements and Services in Information Systems

1.20 Security Principles
The fundamental principles of security according to AtulKahate, are:
 Confidentiality
 Integrity
 Authentication
 Non-repudiation
 Access Control and
 Availability
Figure 1.11 shows the Security Principles of Information Security.

Confidentiality

Integrit

Authenticati
on

Security Principles
of Information Non-
Repudiation

Access
Availabilit Control
y
Figure 1.11 Security Principles of Information Security

CYBER SECURITY Week-1 E-Text

Basically, he has classified them into two types namely primary and
secondary. This classification will help to understand the attacks and handle
them better. All the above principles can be explained with reference to the
exchange of a message.
1.20.1 Confidentiality
Confidentiality is the of being secret. The idea of confidentiality ensures
that only the sender and the receiver of the communication must be able to
access the message. They are the parties who are authorized to access the
message. Confidentiality is conceded when an unauthorized person is able to
access the message. Lack of confidentiality leads to the attack called
interception. In other words, interception causes loss of confidentiality of the
message. Figure 1.12 shows an example for the interception of the message

A B

which is sent from A to B.

Figure 1.12 An example for interception of Messages
In the above figure, sender A wants to communicate to B. The
communication takes place by sending a secret message. C is an
unauthorized intermediary who intercepts the communication without the
knowledge of A or B. This interception of message breaks the confidentiality
1.20.2
of Authentication
the data and the connection established between A and B.

Authentication deals with the proof of identity in a communication. When the

legitimate parties communicate with each other, security is ensured, if there
is a proper authentication mechanism. Authentication ensures the originity of
the message. When this is compromised, then it leads to an attack type
known as fabrication. This probably occurs when authentication is vague. The
authenticated person must have their own identity with which they will be
CYBER SECURITY Week-1 E-Text
allowed to access the message. A person with unknown or false identity is
restricted from access.
Figure 1.13 shows the absence of authentication.

CYBER SECURITY Week-1 E-Text

 A B

I am A
C

Figure 1.13 Absence of authentication

The above figure displays the effect of the absence of authentication. The
actual process takes place by sending a message from A to B. The
authenticity of the user is not verified in this process. Hence an intermediary
using fake identity authenticates himself as A and sends the message to B.
The receiver B also believes the received message to be legitimate resulting
in1.message
20.3 Integrity
fabrication.
When the
contents are altered after the sender directs them, there
is a possibility of loss of integrity. The loss in the integrity of the message is
caused by Modification.
Figure 1.14 shows the modification of a message.

Original Message
A
B

Modified Message
C

Figure 1.14 Modification of a Message

The above figure displays the loss of integrity in the message which is sent
from user A to B. The original message is sent from A to B. An intermediary C
through illegitimate means obtains the original message from A modifies it
and sends to B. Here user A does not know the modified message which is
sent to B instead of the original message. User B also assumes the modified
message to be the original message sent by A.
CYBER SECURITY Week-1 E-Text
 1.20.4 Non-Repudiation

Sender cannot disprove the claim of transferring the message. During some
circumstances the user may send the message and he may negate the same
1.20.5 Access Control
later.

The security principle of access control is to decide who has to access what.
The access rights and permissions are monitored by this. Access Control
specifies who can access what and the permissions are maintained in Access
1.20.6 Availability
Control List (ACL).

The concept of availability ensures that the information is available to the

genuine users at all points of time. When the principle of availability is
compromised it leads to the attack called Interruption. Interruption puts the
availability of resources in danger. Figure 1.15 shows the interruption of a

A B

message.
Figure 1.15 Interruption of a message
In the above figure, user A sends a message to user B. An intermediary who
is present in-between this communication may purposely interrupt the
process thereby preventing the flow of message from reaching its specific
genuine user. Similarly, here the user C may delay the communication
process or restrict the message by making it unavailable to user B at a vital
time.
The OSI Standards for Security Model defines the security principles in seven
layers. they are as follows,
 Authentication

CYBER SECURITY Week-1 E-Text

  Access Control
 Non-repudiation
 Data Integrity

CYBER SECURITY Week-1 E-Text

  Confidentiality
 Assurance or Availability
 Notarization or Signature
Figure 1.16 shows the seven layers of Security Principles given by OSI Standards.

Authentication

Access Control

Non-repudiation

Data Integrity

Confidentiality

Assurance or Availability

Notarization or Signature

Figure 1.16 OSI’s Seven layer of Security Principles

According to Information Technology Promotion Agency, Japan, whose motto is
to protect and nurture IT Society, suggested FIVE Cyber Security Principles.
They are:
o Installation of Newest or latest OS and Software
o Use of Security Software (to prevent threats targeting the systems)
o Usage of Strong Passwords (with guidelines provided by the
password generator)
o Checking of sharing settings (to restrict intermediaries)
o Know what threatens the Organization and How one may be
attacked Figure 1.17 shows the Five Cyber Security Principles
suggested by Information Technology Promotion Agency.

CYBER SECURITY Week-1 E-Text

 Use of Security
Software

Installation of
Newest OS and Cyber Security
Principles

Use of
Strong

Checking of
Sharing
Protecting
organizations from

Figure 1.17 Cyber Security principles suggested by Information Technology

Promotion Agency
Information systems has a large number of uses that helps the
organization in performing the tasks in an easier, faster and efficient
manner. However, securing the Information systems has been realized as a
major challenge to an Organization. In spite of these obstacles, there are
solutions that helps in counter programming and for other legislations
passed by several governing bodies. No single solution exists to solve or
evade the issues that outbreak information systems and their security. The
problems are exceptional, and requires corresponding solutions based on the
needs. One of the tasks considered as huge and needs more attention in this
technological age for information systems is security. Since Information
Systems have become the integral part of daily life in all aspects security has
become a major challenge. Technology has also altered the life style of
different peoples in conducting business and governmental organizations.
Therefore, securing the Information is much more a challenging task due to
the advancements and developments in the technology.

CYBER SECURITY Week-1 E-Text

 1.21 Security Measures

Information systems require strict controls as they are vulnerable to cyber-

attacks and the controls are required to countermeasure.
The three-step approach ensuring security is:
 Threat identification
 Establishing controls
 Performing audits
The initial step to be taken for securing information system is identifying the
threats. This step uncovers the problems that require serious attention.
The second step is establishing the controls both general and application
oriented.
The final step is to discover the security breach. Audits are performed
generally to ensure the effectiveness of controls. The role of auditing checks
if information systems safeguard corporate assets, maintains the integrity of
data that are stored and communicated, support corporate objectives
effectively, and operate efficiently. Figure1.18 shows the steps involved in
security measures.
3. Performing
Audits
2. Establishing
Controls
1. Threat
Identification

Figure 1.18 Three-Step approach to ensure Security

1.22 Why Cyber Security is important?

 In the previous sections, we discussed the significance of Cyberspace

and the importance of securing our operations in Cyberspace.
 The importance of secured Information Systems is also discussed.
 Security is one of the emerging and most important challenges of
Cyberspace when everything is digitized and shared across platforms.
CYBER SECURITY Week-1 E-Text
  The dependency on the Information systems and Communication
technologies and the pervasive nature of the digital devices make
security a very important feature.
 Actually, Cyber Security is not a one-time process to achieve; it is an
ever-growing challenge and new challenges will be encountered from
time to time.
 By the time the old problem is fixed and rectified, new targeted attacks
challenge the Cyberspace. Cyber security is a process by itself and not
the end.
I would like to justify the need for Cyber Security through various insights. First let
me talk about hackers.
1.23 Who are Hackers? What do they generally do?
 Hackers are unauthorized users of a system who invade a system
through the vulnerabilities or weak points in the system.
 Hackers makes use of large diverse tools to harm a computer system.
 Hackers usually gain access to computer systems through malicious
logic (like virus or malware) through some attachments and waiting for
users to open the attachments.
 These attachments implant viruses or malwares for unwanted
operations or destructions through malicious logic.
1.24 Common ways a computer can become infected
A computer can be infected through various ways such as just click away of the
users in the computer. Figure 1.19 shows the common ways a computer can
be infected. Infected computer systems through the entry of viruses or
malwares start malfunctioning and start damaging the system in numerous
ways without the intend of the user. Some examples are: password stealing,
stealing of personal information or identity, credit card number, social
security numbers or other personal identities.
In the worst case, hackers can take control of an infected computer and use it
to launch an attack on a larger system. Even if sensitive data are not stored
in the computer, it can still be used to infect other computers without the
knowledge of the user. This practice is so prevalent among hackers.

CYBER SECURITY Week-1 E-Text

 Opening an email
from
unknown sources

Visiting
malicious Careless download
of software, free
downloads

Figure 1.19 Common ways to infect a computer

1.25 Statistics on Cyber Attacks
Some incidents happened during the recent years are presented below.
 First of all, the number of cyber-attacks is increasing every year.
 In the period 2013-2015, it was reported that the cost of cybercrimes
quadrupled, that is from $400 billion to $500 billion during that time
alone.
 In a Cyber Security Project report on cybercrimes, it is mentioned that
the cost of cyber threats tend to rise to $6 trillion annually by 2021.
 This includes everything from damage and destruction of data, stolen
money, lost productivity, theft of intellectual property, theft of personal
and financial data, embezzlement, fraud, post-attack disruption to
businesses, forensic investigation, restoration and deleted/hacked data
and systems, to name a few.
 The rising threat of cyber-attacks on medical devices reached $101 billion
in 2018.
 In the Global State of Information Security Survey 2017, 59 percent of
respondents expressed that “digitization of their business ecosystems has
impacted security budgets”.
 Hence, cyber security is a very important area worthy of commitment,
and companies are seriously working on it.

CYBER SECURITY Week-1 E-Text

 Cyber Attack incidents in the year 2018
 According to the World Economic Forum’s Global Risk Report 2018,
Cyber-attacks are the third-largest threat the World is facing today
after natural disasters and extreme weather conditions.
 The top five risks that may lead to global instability over the next five
years are listed according to their severity.
They are:
 Natural Disasters
 Extreme Weather Conditions
 Cyber-Attacks
 Data Fraud
 Failure to address Climate Change.
Of the top five risks, two are related to the Security of Cyberspace.
 Major challenges are going to be faced by Human due to the
dependency on Cyber Space.
 The World Economic Forum has also expressed in its report that Cyber
Security risks have grown with every observed prevalence and
disruptive potential.
 The biggest risks noted by the report are against the critical
infrastructures and automated industrial sectors, many of which may
cause disastrous situations. Some recent examples like WannaCry
ransomware, Petya, and NotPetya indicate this.
 Major losses are encountered in the financial sectors. For example,
NotPetya caused losses upto $300 million per quarter for some
companies.
 The ransomware spread through emails, demanded money for release
of encrypted data, 64% emails of this nature affected many
organizations across the world.
 Apart from the financial organizations, the next industry that is
challenged is the Aviation Industry. According to the European Aviation
Safety Agency’s report, the modern aviation industries are digitally

CYBER SECURITY Week-1 E-Text

 equipped for their flight operations.

CYBER SECURITY Week-1 E-Text

  Here, reliability is the major quality insisted on operational data. On an
average, this industry alone is attacked 1000 times a month.
 Billions of data records are leaked for business and political gains.
There are many occurrences that have brought the peace talk
initiatives between Nations because of the security threats.
 The data leakage is growing at a very faster rate than ever before in
the recent times. There are many incidents we read almost every day
in the newspapers at National and International Levels.
I would like to quote some incidents in the International Scenario.
Npr-stories about Cyber Security
1. Politics
 Not Just Ballots: Tennessee Hack Shows Election Websites are
vulnerable too.
 On May 17, 2018, an attack in Tennessee highlighted the fact that
election result websites offer attackers a much easier target than
ballots or voter registration systems.
2. National Security
 Sounding the Alarm about a New Russian Cyber Threat
 April 24, 2018, The U.S. and U.K. governments say Russia is
targeting infrastructure in the West with cyber-attacks. This is
expressed by the Cyber Security Chief, Department of Homeland
Security.
3. The two-way
 April 17, 2018 - A joint U.S., U.K. and Australia statement blaming the
Kremlin for a cyber-attack last year was released.
 Russia's 'Fancy Bear' Reportedly Hacks German Government’s Network.
 March 1, 2018, German media reported that the Kremlin-linked hacking
group placed malware in a key government network that may have
gone undetected for as long as a year.
4. The torch
 Malware Attacks on Olympics could have come from Russia and North
Korea, experts say.

CYBER SECURITY Week-1 E-Text

  February 13, 2018, A cyber-attack known as "Olympic Destroyer"
similar to the ones initiated by Russian hackers in the past was
launched.
How important Cyber Security is? I addressed the very important question from the
economic and political discernment.
Now, I would also like to take up the question again from the technology
perception.
1.26 Need for Security-Technological View
 The major objectives of Cyber to protect the important asset
Security are
that is information, and other physical infrastructures from major
threats, attacks and challenges.
 The cyber-attacks take many forms today due to technological
sophistications.
 The cyber adversaries employ automation and intelligent mechanisms
to launch very critical and refined attacks which are very difficult to
handle.
 Mostly these attacks are launched at very lower costs too.
 Keeping pace with the advancements in technology, the cyber security
policies, strategies and operations can be a great challenge to the
government, business organizations and even to an individual.
 Cyber threats aim at critical, political and infrastructural assets of a
Nation or its people.
 One of the trickiest elements of cyber security is the quickly and
constantly evolving nature of security risks.
 The traditional approaches have attended the attacks on critical
systems and protected them from biggest known threats.
 This automatically left the less important systems unattended and less
dangerous risks unnoticed. This is not a good practice in today’s
describes
environment.the problem as follows:
"Cyber threat is advancing quicker than one can keep up with it. The
 Adam Vincent, CTO-public sector at Layer 7 Technologies - the security
threat changes faster than the idea of the risk. It is no longer possible
service
to write aprovider
large white to
paper federal agencies
about the risk including
to a particular Defense
system. One
Departmentwould be rewriting the white paper constantly..."
organizations,

CYBER SECURITY Week-1 E-Text

  This statement is an important testimony for today’s cyber threats.
 Many more such incidents, publications and sayings can be quoted to
justify Cyber Security.
 Proactive and adaptive approaches are the need of the hour.
 The NIST-National Institute of Standards and Technology recently
issued the updated guidelines in risk assessment framework that
recommends a shift towards continuous monitoring and real-time
assessments.
Important Terminologies

Some of the main terms in cyber security are: vulnerability, threat, attack and risk.
Vulnerability: any weakness in the system, product or process that
compromise the basic security principles. Thereby, the system becomes
susceptible to attacks.
Threat: when there is a possibility for violation of security, due to
circumstance or capability or action or event, it may cause harm.
Threat is a possible danger to assets that might exploit vulnerability.
Attack: is a deliberate attempt to evade security services and violate the
security policy of a system.
Risk: The possibility of suffering a loss. Risk is a fundamental part of operations. It
is not something to fear, but something to manage.
But, any risk unnoticed or unobserved in the system may lead to vulnerability
and subsequently to attacks.
Figure 1.20 shows the interdependency of vulnerability, threat and risk.
Vulnerability

Risk
Cyber Threat

Actor Motivation

CYBER SECURITY Week-1 E-Text

 Figure 1.20 Links between Vulnerability, Threat and Risk

CYBER SECURITY Week-1 E-Text

 1.27 Types of cyber threats

There are a number of ways with the actor or adversary attempting to gain
access to a system. Threats try to gain access to a network through
malicious attempts to compromise or disrupt a computer network or system.
The types of threats are increasing in its landscape by two technology trends
i. IoT (Internet of Things) and ii. Data Proliferation.
The very fundamental concept in security is CIA triad referring to
Confidentiality, Integrity and Availability. One or more facets of the triad are
protected by the security methods. The asset can be exploited by threats to
compromise the triad. The threats which are either intentional or accidental
fall under three categories based on the triad principles.
Figure 1.21 shows the CIA triad.

Confidentiality

CIA TRIAD

Integrity Availability

Figure 1.21 CIA Triad

The speed with which the malwares spread, the multitude of organizations
harmed, which include critical infrastructure, and the serious obstacles in
restoring the corrupted data once again underline today’s priority of cyber
security. The cyber-attacks on the information and data on the Internet can
affect these three fundamental principles of cyber security. So, there is a great
need to setup cyber security principles in terms of Confidentiality, integrity and
availability. The elements of the triad are considered as the most crucial
components of cyber security. These are also termed as security goals.
The crime which can take place with the help of the computer system
and the Internet is known as cybercrime. It is a malicious activity which can
CYBER SECURITY Week-1 E-Text
affect the three

CYBER SECURITY Week-1 E-Text

fundamental principles of network security, that is, confidentiality, integrity,
and availability. The cybercrime includes the terms like fraud, stealing,
fights, and world war. There are three common categories of cyber threats
based on the triad are:
 Attack on confidentiality
 Attack on integrity
 Attack on availability
1.27.1 Attacks on confidentiality

 Stealing, or rather copying, the target's personal information. For

example, attacks like credit card fraud, identity theft, or stealing
bitcoin wallets.
 Confidentiality attacks are the major portion of work of International
spies to acquire confidential information for political, military, or
1.27.2economic gains.
Attacks on integrity
 The common name
used is sabotage. Integrity attacks seek to corrupt,
damage, or destroy information or systems, and the people who rely on
them.
 Offenders can range from script kiddies to international or national
1.27.3 Attacks on availability
attackers.
 Preventing a target from accessing by the genuine users is the most
frequent occurrence today. For example, ransomware and denial-of-
service attacks.
 Ransomware encrypts the target's data and demands a ransom to decrypt
it.
 A denial-of-service attack, also known as DoS attacks, typically in the
form of a distributed denial-of-service (DDoS) attack, floods a network
resource with requests, making it unavailable due to jam.
1.28 Methods and Practices of Cyber Attacks
The following section describes the means by which these attacks are carried
out. There is always a typical strategy for an attack. The beginning step is to
gain access to the computer or network followed by manipulation of data and
CYBER SECURITY Week-1 E-Text

1.28.1 Social engineering

steal data on the computer. Figure 1.22 shows the possible and common
ways of an attack strategy.

a computer if they can hack a human instead.

 Socially engineered malwares are often used to deliver ransomware.

CYBER SECURITY Week-1 E-Text

  This is rated as the no. 1 method of attack (not a buffer overflow,
misconfigurations, or advanced exploit).
 An end-user is tricked into running a Trojan horse program, even from
a website they trust and visit regularly.
 End user education is the best countermeasure against this attack.

Social Engineering

Phishing

Unpatched Software

Advanced Social Media

Persistent
Threats
Threats

Figure 1.22 Possible Attack Strategies

1.28.2 Phishing attacks
 Sometimes the best way to steal someone's password is to trick them to
reveal it.
 This is called phishing.
 Even smart users, well-trained security personnel can fall prey for a
phishing attack.
 The best defense mechanism is two-factor authentication- 2FA. A
stolen password is useless to an attacker without a second factor, which
may be a hardware security token, or a soft token authenticator app on
1.28.3the user's phone.
Unpatched software

 It is hard to blame the enterprise if an attacker deploys a zero-day

exploit against the user.
 Failure to patch is the main reason for that. This may due to diligence,
even after months and years after disclosure of vulnerability, the
enterprise has not applied the software patch for enhanced security.

CYBER SECURITY Week-1 E-Text

1.28.4 Social media threats

 Many fake accounts can be created in somebody’s name spoiling the

reputation of an individual, or group or an organization.
 Social media espionage of both industry and Nation is carried out for
personal, financial and political reasons.
1.28.5 Advanced Persistent Threats
Most of the corporate networks are challenged by APTs, which are very difficult
to handle. Apart from the efforts of cyber criminals stealing personal
information and intellectual properties, a state-sponsored attempt to steal
data and compromising infrastructure is an APT. A trained and focused
cybercriminal can use multiple routes and entry points to steer around
defenses, crack the network in minutes and elude detection for months.
Multiple APTs can play hide-and-seek in the corporate networks. Corporate
operate remotely interesting to someone, anywhere, and then they are
vulnerable to sophisticated APTs. This is due to the reason that corporate
have rich, valuable assets that is, information and valuable intellectual
1.29 Cyberwhich
properties Security Core
many Functions
criminals and Nations may not hesitate to steal.

The core functions in cyber security are the fundamentals to be understood to

reduce the loss of information, reclaim the digital autonomy and for personal
and professional protection. The functions include identify, protect, detect,
respond and recover.Figure1.23 shows the core functions and their
importance.

CYBER SECURITY Week-1 E-Text

 Identify

Protect
Develop
understanding Detect
Develop
Manag
systems and
, assets, Respond
e safeguard Identify the
implement
data and occurrence Recover
capabilitie s
of cyber Take action
s Ensure security on the
delivery detected Resilience
cyber Restoratio

Figure 1.23 Core Functions of Cyber Security

1.30 Four Important Fundamentals of Security

The emergence and the advancements of technology have parallelly

increased the innovation for security. Higher understanding of the security
technologies can minimize the fear and risk standing in the powerful
services and the easily accessible online facilities.
The four Fundamentals of Cyber Security are listed below
 Protect the Device
 Protect the Connection of Devices
 Protect email Communication
 Protect and back up electronic documents and files
1.30.1 Protect the Device

Protecting the devices used for communication is the first and foremost step
in the security process. Today devices like Smartphone’s, laptops and
tablets are connected to the Internet and are used for personal and official
operations. They must be protected with the latest or updated versions of
software and hardware security solutions. The state-of-the-art security
CYBER SECURITY Week-1 E-Text
solutions are available now-a-days and they are server centric.

CYBER SECURITY Week-1 E-Text

They can be accessed remotely by the individuals for updates so that the
devices connected can be protected from new threats. The most important
point to note here is that the security solutions often come with new
updates and it is mandatory to install the updated versions in the devices or
computers. Therefore, the device protection solutions should have the
following features:
 Remote management or updating feature.
 No intervention of user-input or behavioral modifications.
 It should be done automatically.
 Anti-virus software updates browser and application protection
with high quality handling mechanism.
 Facility to Lock the device and erase functions.
 Password management applications with seamless integration
of mobile platform.
 Purchase of updated software versions and training to the
employees of the organization.
 Automatic updates of Operating system software and other
application software. Example, Adobe, Java.
 Actionable real-time and pro-active threat intelligent defensive
mechanism.
 Intelligent procedures/ processes/ algorithms to improve the
effectiveness of the usage by protecting from future threats.
The ideal device protection solutions provide automated and remotely
managed functions that facilitate the users to mitigate the risk of attacks on
the devices irrespective of their location. Figure 1.24 shows the risks
involved in the device handling and the consequences of device tampering.

CYBER SECURITY Week-1 E-Text

 Key - logging
Intrusion
Risks
Theft
Malicious applications

Fraud
Extortion
Consequences Spying
Corruption and loss

Figure 1.24 Risks and Consequences in Devices

1.30.2 Protecting the Connection of Devices
 Once the individual device is next level of protection should
protected, the be
ensured.
 When we connect on-line, the information is transmitted across the
network. Many data leakages can happen during this transit.
 A good solution provider will use strong encryption mechanisms or the
data is encoded and transferred through Virtual Private Networks
(VPN).
 A good VPN will protect the user’s identity, location, browsing,
shopping, banking, and all information transacted online, even when
they use public WiFi networks.
 So consumers must use devices with VPN connection capability. New
updates must also be provided, whenever new challenges arise.
Figure 1.25 shows the risks and consequences in the online communication.

CYBER SECURITY Week-1 E-Text

 • Snooping and
Risks Sniffing
• Tracking
• Fake
Devices
• Information
loss
• Fraud
Consequences • Physical
harm

Figure 1.25 Online Communication risks and consequences

1.30.3 Protect email communication
 E-mail services are offered free of cost which has distracted the users
to forget the value of privacy.
 It is better to use the service that automatically strips IP location and
metadata information from individual emails as they travel through
Internet.
 Use services that employ open-source software for ultimate security,
portability, and compatibility across technology architectures and
platforms.
 Private e-mails of the organizations are safe compared to personal
accounts when using them for official and professional communication.
1.30.4 Protect and back up electronic documents and files
 Due to advancements in virtualization and cloud computing, remote
backup services are easier and data storage is cheaper.
 Important documents like scanned passports, social security cards,
birth certificates, educational certificates, Aadhar card details, wills,
trusts, tax returns, and the other personal documents are stored in
the cloud now in digital vaults.
On the other hand, there are many potential threats even due to proprietary
software. For example, network management software used to handle virtual
environment may face certain threats, unless it is carefully configured.

CYBER SECURITY Week-1 E-Text

Sometimes the functionalities of the software can be hijacked by
unauthorized user who can try to install the software with administrative
rights for all clients.

CYBER SECURITY Week-1 E-Text

Thereby they can gain access to all client computers compromising security
and privacy. Such remote management software is not designed to collect
or deliver confidential data. So, they should not be used to collect
confidential data.
Figure 1.26 shows the risks and consequences in email services and backup

Email Services Backup Services

Risks
Risks
Phishing
Cloud-based servers
Social
Online theft
Engineering
Unsecure networks,
Metadata loss

Consequences
Consequences
Fraud
Permanenet
Theft
loss Fraud
Reputational
risk ID theft

services.
Figure 1.26 Risks and Consequences in Email and Backup Services
The four fundamental solutions apply technological advancements and every
day activities are built on a Cyber eco-system reducing the loss of
information.
The risks associated are substantially reduced in all aspects of life, personal
and professional, virtual and real.
1.31 Other essentials in securing the Computers
Some more essentials are also available in the literature. Let us see some of
them.
1.31.1 Physical Security
 There is no security without physical security. So servers and other
important resources must be stored in a secure place with controlled
access.
 It is ideal to keep all the resources in a locked room.

CYBER SECURITY Week-1 E-Text

  The controlled access requires stringent administrative policies in an
organization.
 Low security client machines can be stored in locked places with
additional facilities like anti-theft cables.

CYBER SECURITY Week-1 E-Text

  For more clients, use laptops and educate the users to attach a lock.
 Multi-layer security mechanisms like firewalls, anti-virus software
provide defense in depth.
1.31. 2 Protect Against Unauthorized Administrators
 Unauthorized administrators are a high security risk. An unauthorized
administrator could launch numerous attacks, including running
malicious software on every client computer, enabling remote tools to
configure and gain access without user’s permission.
 Configure for DoS attacks.
 Running Network Monitoring Tool to conduct unauthorized packet
sniffing.
1.31.3 Assign the Least Permissions Possible
 Assign only minimum permissions
Necessary to complete a task.
 Enforce role separation to limit administrative exposure. For
example, read, distribute and modify permissions.
 Create and Maintain Secure Baselines for all Systems. It describes all
relevant configuration settings for secure computing.
 Elements of a secure baseline include:
o Settings for services and applications.
o Configuration of operating system components.
o Permissions and rights assignments.
o Administrative procedures like changing passwords.
1.31.4 Use the most secure operating systems possible

o This is very important today. Even very famous operating systems are
prone to threats. Sometimes, the vulnerabilities introduced by these
operating systems create unacceptable risks. In such a case upgrade
the OS as soon as possible.
o Use a secure file system.
o Apply security updates as needed.
o Stay informed about new updates for operating systems by
subscribing to the Security Notification Services to receive the latest
security notifications.

CYBER SECURITY Week-1 E-Text

 o Security updates are also applied to the virtual machines by using the
software update feature. However, the updated state will be lost, if
the virtual machine is turned off without saving the changes.
o Audit for changes to the secure baseline. Enable auditing and review
audit logs regularly to look for unauthorized changes to the approved
operating system baseline.
1. 31.5 Use Strong Passwords or Pass Phrases
o Even the strongest security measures may fail due to weak
passwords. Weak passwords are unnecessary risks to the network
environment.
o If users have difficulty remembering sufficiently complex passwords,
consider implementing smart cards or biometric authentication
methods.
o Instead of passwords, pass phrases can also be used.
o Pass phrases combine several words that are easier to remember but
are usually longer and harder to break.
o Always use strong passwords with 15 or more characters for all
service accounts and Administrator accounts. Never use blank
passwords.
o Do not modify default password filters.
1.31.6 Use Secure Authentication Methods
o The default methods for network authentication services are
available in proprietary operating systems.
o Such operating systems use Industry standard protocol with either a
password or a smart card for interactive logons.
1.32 Cyber Security Challenges
A report of the World Economic Forum predicts the necessity for new
approaches to handle cyber-attacks and failure will have a severe impact of
approximately US$ 3 trillion by 2020. Cyber threats have now opened up
new channels through social media and mobile technologies. All the threats
ultimately lead to breach of data privacy and security. Following are some of
the emerging challenges for data protection and cyber security.

CYBER SECURITY Week-1 E-Text

  Connected environment
 More reliance on ICT
 Increasing number of users and adoption of technology

CYBER SECURITY Week-1 E-Text

  Increasing number of smart devices and access
 Unrestricted or open access to Information
 Lack of control mechanisms
 International dimensions
 Increasing speed of data exchange process
 Scope for anonymous communications
 Growing sophistication of threats.
 Movements of threats to mobile sphere
 Big Data Myth
 Lack of preparedness to handle the upcoming challenges
 Compliance vs. risk-management
 Inadequate and restricted handling of related crimes legally or
the legal challenges
The main cyber security risks arise due to the increasing population and the
better placement of technology to handle the challenges like, dependency on
ICT and automation. Proper identification of threats that impact the
organization’s capability to conduct business is the very important need of
the day. Therefore, risk assessment is imperative for every organization that
depends completely on ICT infrastructure and automation for their activities.
Risk assessment provides proper measures, processes and controls to
Conclusion
reduce the impact of risks on organizations.
So, to
in this digital era when everything is accessed and operated
through cyber space, security is the very important feature. To understand
the need for cyber security, different incidents and statistical reports are
presented. Lack of security may lead to set backs in financial matters,
personal and professional operations. Important terms related to Cyber
Security are also discussed in this module. Different types of Cyber threats,
the methods of Cyber Attacks are also explained. The four important
fundamentals of security and the other essentials in securing the computers
are also explored to understand the basic operations in cyberspace. Cyber
security is a broader term which protects all the hardware (devices, routers,
CYBER SECURITY Week-1 E-Text
and switches), software, information, and data that are part of the cyber
space. Cyber Security cannot be

CYBER SECURITY Week-1 E-Text

misguided with data security. This suggests the principles and challenges
discussed in this report there must be a security technique that can defend
against ever-changing attacks at different levels of network protocols. The
environment must also be considered with remote user connectivity and
device policy.
**********************************************************************************
******************

CYBER SECURITY Week-1 E-Text