E-Commerce and

Cyber Law
Module 4 Cyber Security
  Cyber Security is a process that's designed to protect networks
and devices from external threats;

 Businesses typically employ Cyber Security professionals to

protect their confidential information, maintain employee
productivity, and enhance customer confidence in products and
services;
Cyber  Cyber security is the protection of Internet-connected systems,
Security including hardware, software, and data from cyber-attacks;

 It is made up of two words one is cyber and other is security;

 Cyber is related to the technology which contains systems,

network and programs or data;

 Whereas security related to the protection which includes systems

security, network security and application and information security.
  Cyber security becomes so important in our predominant
digital world;

 Cyber-attacks can be extremely expensive for

businesses to endure;

 In addition to financial damage suffered by the business,

Need of a data breach can also inflict untold reputational
Cyber damage;

Security  Cyber-attacks these days are becoming progressively

destructive;

 Cybercriminals are using more sophisticated ways to

initiate cyber-attacks;

 Regulations such as GDPR are forcing organizations into

taking better care of the personal data they hold.
 Some of the most common types of cyberthreats
include:
• Malware
Common • Ransomware

Cyber • Phishing

Security • Credential theft and abuse

• Insider threats
Threats • AI attacks
• Cryptojacking
• Distributed denial of service (DDoS)
  Malware, short for "malicious software", is any software
code or computer program that is intentionally written to
harm a computer system or its users;

 Almost every modern cyberattack involves some type of

malware;
Malware  Hackers and cybercriminals create and use malware to
gain unauthorized access to computer systems and
sensitive data, hijack computer systems and operate
them remotely, disrupt or damage computer systems, or
hold data or systems hostage for large sums of money
(see "Ransomware").
  Ransomware is a type of malware that encrypts a victim’s
data or device and threatens to keep it encrypted—or
worse—unless the victim pays a ransom to the attacker.

 The earliest ransomware attacks demanded a ransom in

exchange for the encryption key required to unlock the
Ransomwar victim’s data;
e
 Starting around 2019, almost all ransomware attacks
were double extortion attacks that also threatened to
publicly share victims’ data;

 Some triple extortion attacks added the threat of a

distributed denial-of-service (DDoS) attack.
  Phishing attacks are email, text or voice messages that trick
users into downloading malware, sharing sensitive information
or sending funds to the wrong people.

 Most users are familiar with bulk phishing scams—mass-

mailed fraudulent messages that appear to be from a large
and trusted brand, asking recipients to reset their passwords
or reenter credit card information;
Phishing  More sophisticated phishing scams, such as spear phishing
and business email compromise (BEC), target specific
individuals or groups to steal especially valuable data or large
sums of money.

 Phishing is just one type of social engineering, a class of

“human hacking” tactics and interactive attacks that use
psychological manipulation to pressure people into taking
unwise actions.
  Hackers have many techniques for stealing
credentials and taking over accounts;

 For example, Kerberoasting attacks manipulate the

Credential Kerberos authentication protocol commonly used in

Microsoft Active Directory to seize privileged service
Theft and accounts;

 In 2023, the IBM X-Force team experienced a 100%

Account increase in Kerberoasting incidents.

Abuse  Similarly, the X-Force team saw a 266% increase in

the use of infostealer malware that secretly records
user credentials and other sensitive data.
  Insider threats are threats that originate with
authorized users—employees, contractors, business
partners—who intentionally or accidentally misuse
their legitimate access or have their accounts
Insider hijacked by cybercriminals.

Threats  Insider threats can be harder to detect than external

threats because they have the earmarks of
authorized activity and are invisible to antivirus
software, firewalls and other security solutions that
block external attacks.
  Much like cybersecurity professionals are using AI to strengthen their

defenses, cybercriminals are using AI to conduct advanced attacks;

 In generative AI fraud, scammers use generative AI to produce fake

emails, applications and other business documents to fool people into

sharing sensitive data or sending money;

 The X-Force Threat Intelligence Index reports that scammers can use

open-source generative AI tools to craft convincing phishing emails in as

AI Attacks little as five minutes;

 For comparison, it takes scammers 16 hours to come up with the same

message manually.

 Hackers are also using organizations’ AI tools as attack vectors;

 For example, in prompt injection attacks, threat actors use malicious

inputs to manipulate generative AI systems into leaking sensitive data,

spreading misinformation or worse.
  Cryptojacking happens when hackers gain access to
an endpoint device and secretly use its computing
resources to mine cryptocurrencies such as bitcoin,
ether or monero;

Cryptojacki  Security analysts identified cryptojacking as a

ng cyberthreat around 2011, shortly after the
introduction of cryptocurrency;

 According to the IBM X-Force Threat Intelligence

Index, cryptojacking is now among the top three
areas of operations for cybercriminals.
  A DDoS attack attempts to crash a server, website or
network by overloading it with traffic, usually from a
botnet—a network of distributed systems that a
cybercriminal hijacks by using malware and remote-

Distributed controlled operations.

Denial of  The global volume of DDoS attacks spiked during the

Service COVID-19 pandemic;

 Increasingly, attackers are combining DDoS attacks

with ransomware attacks, or simply threatening to
launch DDoS attacks unless the target pays a ransom.
  The following processes and tools are fairly easy to
introduce and, combined, they will give you a basic level
of security against the most common IT risks;

1. Use Strong Passwords

Measures of 2. Control access to data and systems;
Cyber
3. Put up a firewall;
Security
4. Use security software;

5. Update programs and systems regularly;

6. Monitor for intrusion;

7. Raise awareness.
  Strong passwords are vital to good online security. Make your password

difficult to guess by:

 using a combination of capital and lower-case letters, numbers and symbols

 making it between eight and 12 characters long

 avoiding the use of personal data

 changing it regularly

Password  never using it for multiple accounts

 using two-factor authentication

 Create a password policy for your business to help staff follow security best

practices. Look into different technology solutions to enforce your password

policy, eg scheduled password reset. For detailed guidance on passwords,

read the National Cyber Security Centre's (NCSC) guide on using passwords

to protect your data and consider different password strategies that could

boost your business security.

  A digital signature is a mathematical technique which
validates the authenticity and integrity of a message,
software or digital documents;

 It allows us to verify the author's name, date and time of

Digital
signatures, and authenticate the message contents;
Signature
 The digital signature offers far more inherent security and
intended to solve the problem of tampering and
impersonation (Intentionally copy another person's
characteristics) in digital communications.
  The important reasons to implement digital signature for
communication is;

1. Authentication: Authentication is a process which verifies

identity of a user who wants to access the system. In the digital
signature, authentication helps to authenticate the source of

Application messages.

of Digital 2. Non-repudiation: Non-repudiation means assurance of

Signature something that cannot be denied. It ensures that someone to a

contract or communication cannot later deny the authenticity of
their signature on a document or in a file or the sending of a
message that they originated.

3. Integrity: Integrity ensures that the message is real, accurate

and safeguards from unauthorized user modification during the
transmission.
  A digital signature consist of three algorithms;

1. Key generation algorithm:The key generation

algorithm selects private key randomly from a set
of possible private keys. This algorithm provides the
Algorithms private key and its corresponding public key;
in Digital
Signature 2. Signing Algorithm: A signing algorithm produces
a signature for the document;

3. Signature Verifying Algorithm: A signature

verifying algorithm either accepts or rejects the
document's authenticity.
  Digital signatures are created and verified by using public
key cryptography, also known as asymmetric
cryptography;
 By the use of a public key algorithm, one can generate
two keys that are mathematically linked- one is a private
key, and another is a public key;
 The user who is creating the digital signature uses their
How Digital own private key to encrypt the signature-related
Signature document;
 There is only one way to decrypt that document is with
Works? the use of signer's public key;
 This technology requires all the parties to trust that the
individual who creates the signature has been able to
keep their private key secret;
 If someone has accessed the signer's private key, there
is a possibility that they could create fraudulent
signatures in the name of the private key holder.
 1.Select a file to be digitally signed.
2.The hash value of the message or file content is
calculated. This message or file content is encrypted
by using a private key of a sender to form the digital
signature.
Steps to 3.Now, the original message or file content along with
Create the digital signature is transmitted.

Digital 4.The receiver decrypts the digital signature by using a

public key of a sender.
Signature 5.The receiver now has the message or file content and
can compute it.
6.Comparing these computed message or file content
with the original computed message. The comparison
needs to be the same for ensuring integrity.
 1. Certified Signature: The certified digital signature documents display
a unique blue ribbon across the top of the document. The certified
signature contains the name of the document signer and the certificate
issuer which indicate the authorship and authenticity of the document;

2. Approval Signatures: The approval digital signatures on a document

can be used in the organization's business workflow. The approval

Types of signatures to include details such as an image of our physical signature,

location, date, and official seal;
Digital 3. Visible Digital Signature: The visible digital signature allows a user to
Signature sign a single document digitally. This signature appears on a document
in the same way as signatures are signed on a physical document;

4. Invisible Digital Signature: The invisible digital signatures carry a

visual indication of a blue ribbon within a document in the taskbar. We
can use invisible digital signatures when we do not have or do not want
to display our signature but need to provide the authenticity of the
document, its integrity, and its origin.
  Nowadays, computing systems play a significant role in every
aspect of human activity;

 Every marketing, software, banking, healthcare, and education

application uses this computing technology;

 However, you might be curious about how businesses protect their

data and maintain the privacy of their banking activities.
Cryptograp  "Cryptography" is the answer to each of these questions;
hy  In today's connected world, sensitive information must be
protected, which is why cryptography has influenced the current
information age;

 Cryptography uses codes to protect data and communications so

only the intended receivers can decode and understand them.
Consequently, restricting access to information from outside
parties.
  Cryptography aims to keep data and messages private and
inaccessible to possible threats or bad actors. It frequently works
invisibly to encrypt and decrypt the data you send through email,
social media, applications, and website interactions.

 There are several uses for symmetric cryptography, including:

1. Payment applications and card transactions

Purpose of 2. Random number generation
Cryptograp 3. Verify the sender's signature to be sure they are who they claim
hy they are

 There are several uses for asymmetric cryptography, including:

1. Email messages

2. SIM card authentication

3. Web security

4. Exchange of private keys

 1. Symmetric Cryptography: With the encryption technique, the
sender and the recipient use the same shared key to encrypt and
decrypt messages. Although symmetric key systems are quicker and
easier to use, they have the drawback of requiring a secure key
exchange between the sender and the receiver. Data Encryption
System (DES) is the most widely used symmetric key encryption

Types of method;

Cryptograp 2. Hash Functions: In this algorithm, no key is used. The plain text is

hy used to produce a hash value that has a fixed length, making it

challenging to retrieve the plain text's information. Hash functions are
widely used by operating systems to encrypt passwords.

3. Asymmetric Key Cryptography: This approach uses a set of keys

to encrypt and decrypt data. Public keys are used for encryption,
whereas private keys are used for decryption. The Public Key and
Private Key are different from one another. Even if everyone knows
the public key, only the intended recipient may decode the message
  In the age of computers, cryptography is frequently
Techniques associated with converting plain text into cipher text,
used for which is text that the intended recipient can only
Cryptograp decode. This process is known as encryption. The
hy process of converting encrypted text into plain text is
called decryption.
 • Confidentiality: The only person who can access information is the one it is
intended for, which is the primary feature of cryptography.

• Integrity: Information cannot be altered while it is being stored or sent from the
sender to the intended destination without the recipient spotting the addition of new
information in Cryptography.

• Non-repudiation: The creator/sender of a message cannot deny his intent to send

Features of information at a future point.

Cryptograp • Authentication: The identities of the sender and the recipient have been
confirmed. Furthermore, the information's source and final destination are confirmed.

hy • Availability: It also ensures that the required information is available to authorized

users at the appropriate time.

• Key Management: The creation, distribution, storage, and alteration of

cryptographic keys take place in this process.

• Algorithm: Mathematical formulae are used in cryptography to encrypt and decrypt

messages.

• Digital Signatures: A signature that can be applied to messages to protect the

message's authenticity and sender identification.
  Cryptography involves two phases at its most fundamental level:
Encryption and Decryption;

 Encryption uses a cipher to encrypt and transform the plaintext

into ciphertext;

 On the other hand, decryption transforms the ciphertext into

Encryption plaintext by employing the same cipher;

and  The most popular application of cryptography when sending

electronic data is encrypting and decrypting emails and other
Decryption plaintext messages;

 The simplest method is the "secret key" or symmetric approach;

 The secret key is used to encrypt data, and after decoding, the
secret key and encoded message are sent to the recipient;

 What is the problem, then? A third party is all they need to

decode and analyze the message if it is intercepted.
  Access Management: Access control can use cryptography to
guarantee that only individuals with the appropriate
authorizations are granted access to a resource. The resource is
encrypted and can only be accessed by those with the proper
decryption key.

 Secure Communication: Cryptography is essential for private

Advantages communication over the Internet. It provides safe methods for
of sending sensitive data like bank account numbers, passwords,

Cryptograp and other private information over the Internet.

hy  Protection against attacks: Attacks like replay and man-in-

the-middle attacks can be defended against with the help of
cryptography. It provides techniques for identifying and
preventing these assaults.

 Compliance with legal requirements: Businesses can use

cryptography to help them deal with several legal obligations,
such as data protection and privacy laws.
  Computer passwords: Cryptography is frequently used in computer security, especially when
creating and managing passwords. When users log in, their password is hashed and contrasted
with the previously saved hash. To store them, passwords are first hashed and encrypted. This
method encrypts the passwords so that even if hackers can access the password database, they
can't comprehend the passwords.
 Digital Currencies: Cryptography is also used by digital currencies like Bitcoin to secure
transactions and prevent fraud. Since advanced algorithms and cryptographic keys safeguard
transactions, tampering with or creating fake transactions is practically impossible.
 Secure web browsing: Cryptography protects users from eavesdropping in on their
conversations and man-in-the-middle attacks and provides online browsing security. The Secure
Applications Sockets Layer (SSL) and Transport Layer Security (TLS) protocols use public key cryptography to
encrypt data between the web server and the client, creating a secure communication channel.
of  Digital signatures: Digital signatures are used to sign papers and act as the handwritten
signature's digital copy. Cryptography is used to create digital signatures, and public key
Cryptograp cryptography is used to verify them. Digital signatures are becoming more widely used, and
many countries have laws that make them legally binding.

hy  Authentication: When logging into a computer, cryptography is employed as the authentication

method, for example, a bank account or a secure network. The authentication protocols use
cryptographic techniques to validate the user's identity and possession of the necessary access
privileges to the resource
Cryptocurrencies: Cryptocurrencies like Bitcoin and Ethereum largely rely on cryptography to
protect transactions, prevent fraud, and uphold the integrity of the network. Transactions are
protected by complicated algorithms and cryptographic keys, making it nearly impossible to
tamper with or fake transactions.
 End-to-End Encryption: Email, instant messages, and video chats are all examples of two-way
communications protected by end-to-end encryption. Even if a message is encrypted, this
guarantees that only the intended recipients can decode it. End-to-end encryption is frequently
employed in messaging apps like WhatsApp and Signal, offering users high protection and
anonymity.
  A firewall can be defined as a special type of network
security device or a software program that monitors and
filters incoming and outgoing network traffic based on a
defined set of security rules. It acts as a barrier between
internal private networks and external sources (such as the
public Internet).
Firewall
 The primary purpose of a firewall is to allow non-
threatening traffic and prevent malicious or unwanted data
traffic for protecting the computer from viruses and
attacks. A firewall is a cybersecurity tool that filters
network traffic and helps users block malicious software
from accessing the Internet in infected computers.
  This is one of the most problematic questions whether a firewall is a
hardware or software. As stated above, a firewall can be a network
security device or a software program on a computer. This means that
the firewall comes at both levels, i.e., hardware and software, though
it's best to have both.

 Each format (a firewall implemented as hardware or software) has

Firewall different functionality but the same purpose. A hardware firewall is a

Hardware or physical device that attaches between a computer network and a

Software gateway. For example, a broadband router. On the other hand, a

software firewall is a simple program installed on a computer that works
through port numbers and other installed software.

 Apart from that, there are cloud-based firewalls. They are commonly
referred to as FaaS (firewall as a service). A primary advantage of using
cloud-based firewalls is that they can be managed centrally. Like
hardware firewalls, cloud-based firewalls are best known for providing
perimeter security.
  Some of the important risks of not having a firewall are:

1. Open Access: If a computer is running without a firewall, it is giving

open access to other networks. This means that it is accepting every

kind of connection that comes through someone. In this case, it is not

possible to detect threats or attacks coming through our network.

Without a firewall, we make our devices vulnerable to malicious users

Why and other unwanted sources.

Firewall? 2. Lost or Comprised Data: Without a firewall, we are leaving our

devices accessible to everyone. This means that anyone can access our

device and have complete control over it, including the network. In this

case, cybercriminals can easily delete our data or use our personal

information for their benefit.

3. Network Crashes: In the absence of a firewall, anyone could access

our network and shut it down. It may lead us to invest our valuable

time and money to get our network working again.

  A firewall system analyzes network traffic based on pre-
defined rules. It then filters the traffic and prevents any such
traffic coming from unreliable or suspicious sources;

 It only allows incoming traffic that is configured to accept;

How Does  Typically, firewalls intercept network traffic at a computer's

Firewall entry point, known as a port;

Works?  Firewalls perform this task by allowing or blocking specific

data packets (units of communication transferred over a
digital network) based on pre-defined security rules.;

 Incoming traffic is allowed only through trusted IP addresses,

or sources.
  Firewall acts as a barrier or filter between the computer system and
other networks (i.e., the public Internet), we can consider it as a traffic
controller;

 Therefore, a firewall's primary function is to secure our network and

information by controlling network traffic, preventing unwanted
incoming network traffic, and validating access by assessing network
traffic for malicious things such as hackers and malware;
Functions of  Generally, most operating systems (for example - Windows OS) and security

Firewall software come with built-in firewall support;

 Firewalls have become so powerful, and include a variety of functions and
capabilities with built-in features:
• Network Threat Prevention
• Application and Identity-Based Control
• Hybrid Cloud Support
• Scalable Performance
• Network Traffic Management and Control
• Access Validation
• Record and Report on Events
 1. Packet Filtering Firewalls: These firewalls are designed to block network
traffic IP protocols, an IP address, and a port number if a data packet does not
match the established rule-set;

2. Circuit Level Gateways: These types of firewalls typically operate at the

session-level of the OSI model by verifying TCP (Transmission Control Protocol)
connections and sessions;

3. Application-Level Gateways (Proxy Firewalls): Proxy firewalls operate at the

Types of application layer as an intermediate device to filter incoming traffic between

Firewall
two end systems;

4. State Multi-layer Inspection Firewalls: Stateful multi-layer inspection firewalls

include both packet inspection technology and TCP handshake verification,
making SMLI firewalls superior to packet-filtering firewalls or circuit-level
gateways;

5. Next Generation Firewalls: Many of the latest released firewalls are usually
defined as 'next-generation firewalls. This type of firewall is usually defined
as a security device combining the features and functionalities of other firewalls;

Continued…..
 6. Threat Focused Next Generation Firewalls: Threat-focused NGFW
includes all the features of a traditional NGFW. Additionally, they also
provide advanced threat detection and remediation;

7. Network Address Translation Firewall: Network address

translation or NAT firewalls are primarily designed to access Internet

Types of traffic and block all unwanted connections;

Firewall 8. Cloud Firewalls: Whenever a firewall is designed using a cloud

solution, it is known as a cloud firewall or FaaS (firewall-as-service).
Cloud firewalls are typically maintained and run on the Internet by third-
party vendors;

9. Unified Threat Management Firewalls: UTM firewalls are a special

type of device that includes features of a stateful inspection firewall with
anti-virus and intrusion prevention support.
 • Firewalls cannot stop users from accessing malicious websites,
making it vulnerable to internal threats or attacks.

• Firewalls cannot protect against the transfer of virus-infected

files or software.

• Firewalls cannot prevent misuse of passwords.

Limitations
• Firewalls cannot protect if security rules are misconfigured.
of Firewall
• Firewalls cannot protect against non-technical security risks,
such as social engineering.

• Firewalls cannot stop or prevent attackers with modems from

dialing in to or out of the internal network.

• Firewalls cannot secure the system which is already infected.

Difference
between
Firewall and
Anti virus
  Antivirus software (computer protection software) is a
program(s) that is created to search, detect, prevent and
remove software viruses from your system that can harm your
system;

 Other harmful software such as worms, adware, and other

Anti-virus threats can also be detected and removed via antivirus;
Software  This software is designed to be used as a proactive approach
to cyber security, preventing threats from entering your
computer and causing issues;

 Most antivirus software operates in the background once

installed, providing real-time protection against virus attacks.
  Antivirus software works by comparing your computer
applications and files to a database of known malware
kinds;

 Because hackers are continually creating and

disseminating new viruses, they will also check
How Anti- systems for the presence of new or undiscovered
virus malware threats;
Works?
 The antivirus checks files, programs, and applications
going in and out of your computer to its database to
identify matches;

 Similar and identical matches to the database are

segregated, scanned, and eliminated.
 • Signature detection is a method by which an
antivirus keenly scans files that are brought into a
system to analyze more likely hazardous files.

• Specific detection, which looks for known parts or

types of malware or patterns that are linked by a
Anti-virus common codebase
Detection • A genericthe detection is a type of detection that
Techniques looks for known parts or types of malware or patterns
that are related to a common codebase.

• Heuristic detection is a type of virus detection that

looks for unknown infections by spotting suspicious
file structures.
 The antivirus software is available in 2 types:

(i) Free: Free anti-virus software provides basic virus protection

(ii) Paid: commercial anti-virus software provides more extensive protection.

The following are some commonly used antivirus software:

1. Bitdefender: Bitdefender Total Security is a comprehensive security suite that protects

against viruses and dangerous malware of all varieties. This user-friendly antivirus software is

Types of compatible with all four major operating systems and smart homes, and it also includes a free

VPN with a daily limit of 200MB, parental controls, camera protection, a password manager,

Anti-virus etc. This security suite is reasonably priced and will protect up to five devices 24 hours a day,

Software seven days a week.

2. AVAST: This is a free antivirus available. All you have to do to obtain top-notch protection

on your computer, emails, downloads, and instant messages in the free version is register (for

free) once a year. It includes a sophisticated heuristics engine that enables it to detect viruses.

3. Panda: It can detect viruses, trojans, spyware, adware, worms, and malware at the same

level as other antiviruses do. It is different from others because using this software, when you

scan your computer, it doesn’t consume any of your computer’s resources instead, it runs in

the cloud, allowing your machine to continue to function normally.

 • Spam and advertisements are blocked: Viruses exploit pop-up advertising and

spam websites as one of the most common ways to infect your computer and

destroy your files. Antivirus acts against harmful virus-infected adverts and websites

by denying them direct access to your computer network.

• Virus protection and transmission prevention: It identifies any possible

infection and then attempts to eliminate it.

• Hackers and data thieves are thwarted: Antivirus do regular checks to see if
Benefits of there are any hackers or hacking-related apps on the network. As a result, antivirus

Anti-virus offers complete security against hackers.

Software • Protected against devices that can be detached: Antivirus scans all removable

devices for potential viruses, ensuring that no viruses are transferred.

• To improve security from the to web, restrict website access: Antivirus

restricts your online access in order to prevent you from accessing unauthorized

networks. This is done to ensure that you only visit websites that are safe and non-

harmful to your computer.

• Password Protection: Using antivirus, you should consider using a password

manager for added security.

  Slows down system’s speed: When you use antivirus programs,
you’re using a lot of resources like your RAM and hard drive. As a result,
the computer’s overall speed may be significantly slowed.

 Popping up of Advertisements: Apart from commercial antivirus

applications, free antivirus must make money in some way. One
Disadvanta approach to attaining these is through advertising. Many times these

ges of Anti- advertisements degrade the user experience by popping up every

time.
virus  Security Holes: When security flaws exist in the operating system or
Software networking software, the virus will be able to defeat antivirus
protection. The antivirus software will be ineffective unless the user
takes steps to keep it updated.

 No customer care service: There will be no customer service

provided unless you pay for the premium version. If an issue arises, the
only method to solve it is to use forums and knowledge resources.