.

CYBERSECURITY

"Cyber Security is the body of technologies, processes, and practices designed to protect
networks, devices, programs, and data from attack, theft, damage, modification or
unauthorized access."

"Cyber Security is the set of principles and practices designed to protect our computing
resources and online information against threats."

Cyber Security Goals

Cyber Security's main objective is to ensure data protection. The security
community provides a triangle of three related principles to protect the data from
cyber-attacks. This principle is called the CIA triad. The CIA model is designed to
guide policies for an organization's information security infrastructure. When any
security breaches are found, one or more of these principles has been violated.

We can break the CIA model into three parts: Confidentiality, Integrity, and
Availability. It is actually a security model that helps people to think about various
parts of IT security. Let us discuss each part in detail.

Confidentiality

Confidentiality is equivalent to privacy that avoids unauthorized access of

information. It involves ensuring the data is accessible by those who are allowed to
use it and blocking access to others. It prevents essential information from reaching
the wrong people. Data encryption is an excellent example of ensuring
confidentiality.

Integrity

This principle ensures that the data is authentic, accurate, and safeguarded from
unauthorized modification by threat actors or accidental user modification. If any
modifications occur, certain measures should be taken to protect the sensitive data
from corruption or loss and speedily recover from such an event. In addition, it
indicates to make the source of information genuine.

Availability
This principle makes the information to be available and useful for its authorized
people always. It ensures that these accesses are not hindered by system malfunction
or cyber-attacks.

Types of Cyber Security Threats

Malware
Malware means malicious software, which is the most common cyber attacking tool.
It is used by the cybercriminal or hacker to disrupt or damage a legitimate user's
system. The following are the important types of malware created by the hacker:

o Virus: It is a malicious piece of code that spreads from one device to another.
It can clean files and spreads throughout a computer system, infecting files,
stoles information, or damage device.
o Spyware: It is a software that secretly records information about user activities
on their system. For example, spyware could capture credit card details that
can be used by the cybercriminals for unauthorized shopping, money
withdrawing, etc.
o Trojans: It is a type of malware or code that appears as legitimate software or
file to fool us into downloading and running. Its primary purpose is to corrupt
or steal data from our device or do other harmful activities on our network.
o Ransomware: It's a piece of software that encrypts a user's files and data on a
device, rendering them unusable or erasing. Then, a monetary ransom is
demanded by malicious actors for decryption.
o Worms: It is a piece of software that spreads copies of itself from device to
device without human interaction. It does not require them to attach
themselves to any program to steal or damage the data.
o Adware: It is an advertising software used to spread malware and displays
advertisements on our device. It is an unwanted program that is installed
without the user's permission. The main objective of this program is to
generate revenue for its developer by showing the ads on their browser.
o Botnets: It is a collection of internet-connected malware-infected devices that
allow cybercriminals to control them. It enables cybercriminals to get
credentials leaks, unauthorized access, and data theft without the user's
permission.
Malware and its types

 Adware
 Spyware
 Browser hijacking software
 Virus
 Worms
 Trojan horse
 Scareware

Malware, short for malicious software, refers to any software specifically designed to disrupt,
damage, or gain unauthorized access to computer systems or networks. There are various types of
malware, each with its own unique characteristics and purposes. Here are some common types of
malware:

Adware: Adware is a type of malware that displays unwanted advertisements on a user's device. It
often comes bundled with legitimate software and generates revenue for its creators by displaying
targeted ads to the user.

Spyware: Spyware is malware that secretly collects and monitors a user's activities, such as
keystrokes, browsing habits, and personal information. It is often used for stealing sensitive data,
including login credentials, credit card information, and personal documents.

Browser Hijacking Software: This type of malware alters the settings of a user's web browser
without their consent. It may change the default search engine, homepage, or install unwanted
browser extensions. Browser hijackers often redirect users to malicious websites or display excessive
advertisements.

Virus: A computer virus is a self-replicating program that infects other files or programs by inserting
its code into them. Viruses can cause various forms of damage, such as corrupting or deleting files,
disrupting system functionality, or spreading across a network.

Worms: Worms are self-contained programs that replicate and spread across a network without the
need for user interaction. They exploit vulnerabilities in computer systems to propagate and can cause
significant damage by consuming network bandwidth or exploiting security weaknesses.

Trojan horse: Named after the Greek myth, a Trojan horse is a type of malware that disguises itself
as legitimate software. Once installed, it performs malicious actions, such as stealing data, granting
unauthorized access to the attacker, or damaging the system.

Scareware: Scareware is a type of malware that tricks users into believing their system is infected
with malware or experiencing critical issues. It then prompts the user to purchase fake or unnecessary
software or services to resolve the fabricated problems.

It's important to note that this list is not exhaustive, and new types of malware continue to emerge as
cybercriminals develop new techniques. To protect against malware, it's crucial to use reputable
antivirus software, keep operating systems and software up to date, exercise caution while
downloading files or clicking on suspicious links, and regularly backup important data.
Phishing
Phishing is a type of cybercrime in which a sender seems to come from a genuine
organization like PayPal, eBay, financial institutions, or friends and co-workers. They
contact a target or targets via email, phone, or text message with a link to persuade
them to click on that links. This link will redirect them to fraudulent websites to
provide sensitive data such as personal information, banking and credit card
information, social security numbers, usernames, and passwords. Clicking on the link
will also install malware on the target devices that allow hackers to control devices
remotely.

Man-in-the-middle (MITM) attack

A man-in-the-middle attack is a type of cyber threat (a form of eavesdropping
attack) in which a cybercriminal intercepts a conversation or data transfer
between two individuals. Once the cybercriminal places themselves in the middle
of a two-party communication, they seem like genuine participants and can get
sensitive information and return different responses. The main objective of this type
of attack is to gain access to our business or customer data. For example, a
cybercriminal could intercept data passing between the target device and the
network on an unprotected Wi-Fi network.

Distributed denial of service (DDoS)

It is a type of cyber threat or malicious attempt where cybercriminals disrupt targeted
servers, services, or network's regular traffic by fulfilling legitimate requests to the
target or its surrounding infrastructure with Internet traffic. Here the requests come
from several IP addresses that can make the system unusable, overload their servers,
slowing down significantly or temporarily taking them offline, or preventing an
organization from carrying out its vital functions.

Brute Force
A brute force attack is a cryptographic hack that uses a trial-and-error method to
guess all possible combinations until the correct information is discovered.
Cybercriminals usually use this attack to obtain personal information about targeted
passwords, login info, encryption keys, and Personal Identification Numbers (PINS).

SQL Injection (SQLI)

SQL injection is a common attack that occurs when cybercriminals use malicious SQL
scripts for backend database manipulation to access sensitive information. Once the
attack is successful, the malicious actor can view, change, or delete sensitive
company data, user lists, or private customer details stored in the SQL database.

Domain Name System (DNS) attack

A DNS attack is a type of cyberattack in which cyber criminals take advantage of
flaws in the Domain Name System to redirect site users to malicious websites (DNS
hijacking) and steal data from affected computers. It is a severe cybersecurity risk
because the DNS system is an essential element of the internet infrastructure.

Latest Cyber Threats

The following are the latest cyber threats reported by the U.K., U.S., and Australian
governments:

Romance Scams
The U.S. government found this cyber threat in February 2020. Cybercriminals used
this threat through dating sites, chat rooms, and apps. They attack people who are
seeking a new partner and duping them into giving away personal data.

Dridex Malware
It is a type of financial Trojan malware identifies by the U.S. in December 2019 that
affects the public, government, infrastructure, and business worldwide. It infects
computers through phishing emails or existing malware to steal sensitive information
such as passwords, banking details, and personal data for fraudulent transactions.
The National Cyber Security Centre of the United Kingdom encourages people to
make sure their devices are patched, anti-virus is turned on and up to date, and files
are backed up to protect sensitive data against this attack.

Emotet Malware
Emotet is a type of cyber-attack that steals sensitive data and also installs other
malware on our device. The Australian Cyber Security Centre warned national
organizations about this global cyber threat in 2019.