CYBER SECURITY

MODULE-I: Introduction to Cyber Security

Hacking:
Hacking is the act of identifying and then exploiting weaknesses in a computer system or
network, usually to gain unauthorized access to personal or organizational data. Hacking is
not always a malicious activity, but the term has mostly negative connotations due to its
association with cybercrime.
Generally, hacking refers to unauthorized intrusion into a network or an individual computer.
In addition, rather than just accessing these networks, hacking usually includes altering
systems or security features to accomplish a goal different from the original purpose of the
system.
Hacking didn’t start as a way to encrypt the files of individuals and businesses for ransom. In
fact, hackers originally referred to students attending the Massachusetts Institute of
Technology during the 50s and 60s who created an elegant solution to a problem or practical
jokes, such as when a replica of a campus police car was put on top of the school’s Great
Dome. Over time, that image and definition has morphed and now the image of a hacker is
someone trying to exploit individuals or companies or those who steal personal and financial
information and sell it on the dark web for a profit.

Types of Hacking:
Some main types of hacking are mentioned below:
1. Web Application Hacking
Web application hacking type is the process of exploiting security vulnerabilities or
weaknesses in web-based applications. Web applications are typically written in languages
like HTML, CSS, and JavaScript, but they can also be written in other languages like PHP
and Ruby on Rails. Because of the nature of these languages and how web browsers interpret
them, it is possible to perform specific actions on a website without actually being authorized.
One example of this would be cross-site scripting (XSS), which involves injecting malicious
code into a website's HTML. If you can craft an XSS attack properly, you can hijack the
browser's session with the server without ever having access to their username or password.
2. Hacking Wireless Networks
Hacking wireless networks is a hacking type that involves accessing a computer network
without authorization, typically by exploiting weak points in the system's security.
An excellent example of this is the practice of wardriving, where an attacker drives around
with a laptop or other device capable of picking up wireless signals, looking for unprotected
or poorly protected networks.
3. System Hacking
System hacking is the sacrifice of computer software to access the targeted computer to steal
their sensitive data. The hacker takes advantage of the weaknesses in a computer system to
get the information and data and takes unfair advantage. System hacking aims to gain access,
escalate privileges, and hide files.
4. Web Server Hacking
Web content is generated as a software application on the server side in real-time. This allows
the hackers to attack the webserver to steal private information, data, passwords, and business
information by using DoS attacks, port scans, SYN floods, and Sniffing. Hackers hack web
servers to gain financial gain from theft, sabotage, blackmail, extortion, etc.
5. Network Hacking
Network hacking refers to the act of gaining unauthorized access to a computer network and
its infrastructure resources, such as devices, servers, software, and other services by using
DoS attacks, MitM attacks, IP spoofing and ARP spoofing.
Network hacking involves gathering information about a target network, identifying
vulnerabilities, and exploiting them to gain access. A variety of tools and techniques are used
to identify potential security threats in computer networks.

Myths about Hacking:

Movies often portray hackers as almighty, all-evil, lonely wolves sitting in dark rooms,
draped in old hoodies, and devouring pizza all day. In reality, hacking is not always what we
imagine it to be.
1. All Hackers are malicious cybercriminals
2. Hackers can hack everything instantly
3. Ones and zeros fly around the hacker’s screen
4. All hackers are expert tech geniuses
5. Hackers are lone wolves who wear cool hoodies
6. The deep web is illegal and occupied by hackers
7. Hackers only attack huge companies
8. The same malware can hack all kinds of systems
9. Hackers can guess any password easily
10. Hackers read lots of books

Hacker:
A hacker is a person who breaks into a computer system. The reasons for hacking can be
many: installing malware, stealing or destroying data, disrupting service, and more. Hacking
can also be done for ethical reasons, such as trying to find software vulnerabilities so they can
be fixed.
Types of Hackers:
Computers and the Internet have changed the work environment of the world beyond
imagination. Computers on taking over a major part of our lives, all our data has got
transferred from records and ledgers to computers. Though this kind of shift in working has
reduced the physical burden on workers it has also increased the chances of data theft. People
involved in stealing data or harming the systems are knowledgeable people with wrong
intentions known as Hackers. There are different types of hackers. Let’s take a look at how
many types of hackers are there and the types of hacker attacks and techniques.
1. White Hat / Ethical Hackers
2. Black Hat Hackers
3. Gray Hat Hackers
4. Script Kiddies
5. Green Hat Hackers
6. Blue Hat Hackers
7. Red Hat Hackers
8. State/Nation Sponsored Hackers
9. Hacktivist
10. Malicious insider or Whistleblower etc.
1. White Hat Hackers
White hat hackers are types of hackers who’re professionals with expertise in cybersecurity.
They are authorized or certified to hack the systems. These White Hat Hackers work for
governments or organizations by getting into the system. They hack the system from the
loopholes in the cybersecurity of the organization. This hacking is done to test the level of
cybersecurity in the organization. By doing so, they identify the weak points and fix them to
avoid attacks from external sources. White hat hackers work per the rules and regulations the
government sets. White hat hackers are also known as ethical hackers.
2. Black Hat Hackers
Black hat hackers are also knowledgeable computer experts but with the wrong intention.
They attack other systems to get access to systems where they do not have authorized entry.
On gaining entry they might steal the data or destroy the system. The hacking practices these
types of hackers’ use depend on the individual’s hacking capacity and knowledge. As the
intentions of the hacker make the hacker a criminal. The malicious action intent of the
individual cannot be gauged either can the extent of the breach while hacking.Ex: Lulzsec,
Lizard Squad, The Shadow Brokers.
Note: LulzSec was a black hat computer hacking group that claimed responsibility for
several high-profile attacks, including the compromise of user accounts from PlayStation
Network in 2011. The group also claimed responsibility for taking the CIA website offline.
Lizard Squad was a black hat hacking group and is proud to proclaim itself as the “King of
DDoS attacks.” Over time, Lizard Squad has been held responsible for some of the most
potent hacking attacks and has become genuinely notorious for its actions.
Initially, the Lizard Squad came into public view around 2014. Lizard Squad hackers
launched their DDoS assault first on the League of Legends servers, then on the PlayStation
Network, and then on servers run by Blizzard. The attacks devastated networks for at least a
day and seemed to shut down all gaming activity.
Lizard Squadwas also responsible for Christmas attacks(2014), Tor sybil attack(2014),
Malaysia Airlines website attack(2015), Daybreak Games DDoS(2015) etc.
The Shadow Brokers (TSB) is a hacker group who first appeared in the summer of 2016.
They published several leaks containing hacking tools, including several zero-day exploits,
from the "Equation Group" who are widely suspected to be a branch of the National Security
Agency (NSA) of the United States. Specifically, these exploits and vulnerabilities targeted
enterprise firewalls, antivirus software, and Microsoft products. The Shadow Brokers
originally attributed the leaks to the Equation Group threat actor, who have been tied to the
NSA's Tailored Access Operations unit.
3. Gray Hat Hackers
The intention behind the hacking is considered while categorizing the hacker. The Gray hat
hacker falls between the black and white hat hackers. They are not certified, hackers. These
types of hackers work with either good or bad intentions. The hacking might be for their gain.
The intention behind hacking decides the type of hacker. If the intention is for personal gain,
the hacker is considered a gray hat hacker.Ex: The Jester.
Note:The Jester (also known by the leetspeak handle th3j3st3r) is a self-identified grey hat
hacktivist. He claims to be responsible for attacks on WikiLeaks and Islamist websites. He
claims to be acting out of American patriotism.
4. Script Kiddies
It is a known fact that half knowledge is always dangerous. The Script Kiddies are amateurs’
types of hackers in the field of hacking. They try to hack the system with scripts from other
fellow hackers. They try to hack the systems, networks, or websites. The intention behind the
hacking is just to get the attention of their peers. Script Kiddies are juveniles who do not have
complete knowledge of the hacking process.
5. Green Hat Hackers
Green hat hackers are types of hackers who learn the ropes of hacking. They are slightly
different from the Script Kiddies due to their intention. The intent is to strive and learn to
become full-fledged hackers. They are looking for opportunities to learn from experienced
hackers.
6. Blue Hat Hackers
Blue Hat Hackers are types of hackers who’re similar to Script Kiddies. The intent to learn is
missing. They use hacking as a weapon to gain popularity among their fellow beings. They
use hacking to settle scores with their adversaries. Blue Hat Hackers is dangerous due to the
intent behind the hacking rather than their knowledge.
7. Red Hat Hackers
Red Hat Hackers is synonymous with Eagle-Eyed Hackers. They are the types of hackers
who’re similar to white hackers. The red hat hackers intend to stop the attack of black hat
hackers. The difference between red hat hackers and white hat hackers is that the process of
hacking through intention remains the same. Red hat hackers are quite ruthless when dealing
with black hat hackers or counteracting malware. The red hat hackers continue to attack and
may end up having to replace the entire system setup.
8. State/Nation Sponsored Hackers
Government appoints hackers to gain information about other countries. These types of
hackers are known as State/Nation sponsored hackers. They use their knowledge to gain
confidential information from other countries to be well prepared for any upcoming danger to
their country. The sensitive information aids in being on top of every situation but also in
avoiding upcoming danger. They report only to their governments.Ex: Fancy Bear.
Note: Fancy Bear is a Russian cyber espionage group. Cybersecurity firm CrowdStrike has
said that Fancy Bear is associated with the Russian military intelligence agency GRU.
9. Hacktivist
These types of hackers intend to hack government websites. They pose themselves as
activists, so known as a hacktivist. Hacktivists can be an individual or a bunch of nameless
hackers whose intent is to gain access to government websites and networks. The data gained
from government files accessed are used for personal political or social gain. Ex:Anonymous.
Note: Anonymous is a decentralized international activist and hacktivist collective and
movement primarily known for its various cyberattacks against several governments,
government institutions and government agencies, corporations and the Church of
Scientology.
Anonymous originated in 2003 on the imageboard 4chan representing the concept of many
online and offline community users simultaneously existing as an "anarchic", digitized
"global brain" or "hivemind". Anonymous members (known as anons) can sometimes be
distinguished in public by the wearing of Guy Fawkes masks in the style portrayed in the
graphic novel and film V for Vendetta. Some anons also opt to mask their voices through
voice changers or text-to-speech programs.
10. Malicious insider or Whistleblower
These types of hackers include individuals working in an organization who can expose
confidential information. The intent behind the exposure might be a personal grudge against
the organization, or the individual might have come across illegal activities within the
organization. The reason for exposure defines the intent behind the exposure. These
individuals are known as whistleblowers.Ex: Edward Snowden (whistleblower).
Note: Edward Joseph Snowden (born June 21, 1983) is an American and naturalized
Russian former computer intelligence consultant and whistleblower who leaked highly
classified information from the National Security Agency (NSA) in 2013, when he was an
employee and subcontractor. His disclosures revealed numerous global surveillance
programs, many run by the NSA and the Five Eyes intelligence alliance with the cooperation
of telecommunication companies and European governments and prompted a cultural
discussion about national security and individual privacy.
Note: WikiLeaks is a publisher and media organisation founded in 2006. It operates as a
non-profit and is funded by donations and media partnerships. It has published classified
documents and other media provided by anonymous sources. It was founded by Julian
Assange, an Australian editor, publisher, and activist.
“The Fifth Estate” is a 2013 biographical thriller film directed by Bill Condon about the
news-leaking website WikiLeaks.

Motives for Hacking:

There are lots of reasons a hacker looks to target a business or organization. These
motivations help determine what they’re looking to breach, what they might take, and how
hard they’ll work to succeed. These are the six most common motives for hacking.
Motivation 1: Achieving Financial Gains
These are several common methods by which hackers (black hat hackers, especially) get
financial gains.
Misusing Data
Hackers steal victims’ financial or personally identifiable information (PII) through a variety
of different tactics, including using malware, phishing attacks, and brute-force attacks. They
can then use the data to carry out financial fraud by making fraudulent purchases or
transferring money to their (hackers’) bank account.
Hackers might also execute the following identity theft-related crimes using your PII:
 Apply for a loan in your name.
 Make fake passport/immigration documents.
 Open a bank account or apply for a credit card in your name and use the
overdraft/credit limit.
 Send phishing emails, SMS phishing messages, and voice call impersonating you.
 Create a fake social media account in your name (which they can use to scam other
targets).
 File for state/federal benefit schemes like unemployment benefits impersonating you.
Selling Data on the Dark Web
Some hackers sell the data they steal on the dark web. Basically, this is an underground
marketplace where hackers and other cybercriminals can engage in legal and illegal activities.
Other hackers buy personal and sensitive data to execute financial fraud and other PII-related
crimes. Even unscrupulous online advertisers and marketers are interested in such data. They
can use it to craft targeted advertising or send spam emails.
Either way, it’s a lose-lose situation if your information becomes compromised as a result of
this hacker motivation.
Blackmailing Victims
Blackmail is a very powerful tool in any cybercriminal’s arsenal, including hackers. For
example, hackers can steal confidential data or intercept personal media files (images, videos,
etc.) and demand money to not release the information publicly. They also can encrypt
important data or lock users out of their own devices, then demand the ransom in exchange
for access.
Hackers use special types of malware such as ransomware and spyware to steal data and lock
compromised devices. Sometimes, hackers breach companies or government agencies’
databases to gain access to their data. They then demand extortion money for not revealing
their trade secrets or other sensitive information in the public domain.
Selling Malware
Some hackers are programmers who write the code for various types of malware, including
worms, trojans, viruses, scareware, and rootkits, etc. They can either use these malware
programs or sell them to other cybercriminals.
Using Psychological Manipulation and Social Engineering
Phishing is one of the most commonly used tactics by cybercriminals. Hackers send phishing
messages to victims impersonating any person or company they (victims) trust. They
psychologically manipulate victims into sending them money by:
 Claiming to be experiencing a fake emergency and needing their help.
 Blaming the victims for breaking a law and demanding they pay a penalty.
 Asking for a donation while impersonating a legitimate charity or non-profit
organization.
 Fraudulently claiming the victim’s computer has a virus infection and offering phony
malware removal service (which may result in the target’s computer getting infected
or otherwise compromised).
 Tricking or manipulating them into buying fake software/products/educational
materials.
These are just some techniques hackers use to make money. As you can see, their methods
involve lying, manipulating, threatening, and blackmailing victims and other targets.
Motivation 2: Carrying Out Political Agendas
Some countries’ governments hire hackers for political espionage. In these cases, the hackers
who engage in state-sponsored cyber-attacks become known as nation-state actors. In this
type of role, hackers are assigned duties such as:
 Stealing sensitive, confidential, or classified data (research, trade secrets, or even
personal information on specific targets).
 Manipulating or otherwise interfering with elections.
 Stealing or leaking government or military documents.
  Interfering with the economy.
 Interfering or affecting relationships or treaties with other nations.
The hiring governments often release the compromised or breached data to the public to
cause political unrest in the enemy country. Hackers also hack or deploy cyber-attacks like
DDoS attacks on the rival county’s government websites and servers to cause functional or
operational disruptions. These types of attacks are also known as state-sponsored cyber-
attacks. Countries like Iran, China, North Korea, and Russia are notorious for using these
types of tactics.
Motivation 3: Performing Corporate Espionage
Some companies hire hackers for stealing confidential information from rival firms. In these
situations, hackers are assigned to find leaky or vulnerable databases or launch attacks on the
target organization’s servers or websites. They can attack in multiple ways, including using
brute force attacks, SQL injections, cross-site scripting, and DDoS attacks.
But just what types of information are the hackers looking for? The target data can be
virtually anything but often falls within the following categories:
 Trade secrets,
 Key customers, suppliers, vendors,
 Pricing information,
 Data regarding future financial and marking planning,
 Technical schematics or sensitive product information.
Some companies hire hackers to slow down or crash a competitor’s website by deploying
DDoS attacks. This type of attack essentially overwhelms the organization’s web servers,
making them unavailable for the customers. They may also choose to leak confidential
customer data to ruin the rival’s reputation.
Motivation 4: Proving a Point (Hacktivist)
Some hackers don’t care about money. Instead, they hack to prove their social, ethical,
religious, or political views or to force their views upon others.
Example1: To show their protest and anger against the death of Iran’s late major general Qassim Soleimani,
Iranian hackers attacked the U.S. Federal Depository Library Program’s website in January 2020 to display an
image of President Donald Trump over a map of the Middle East.

Example 2: In July 2015, a hacktivist group calling themselves the “Impact Team” hacked the online cheating
website Ashley Madison. The result? The personal data of 32 million members was published publicly. They
released the members’ data to teach the members a lesson and make the owner shut down the site.

Motivation 5: Taking Personal Revenge

Some hackers use their hacking skills to take personal revenge on a person or company for a
real or perceived injustice. The hackers harass their nemesis in many ways, such as by:
 Locking their targets’ devices.
 Encrypting or deleting their data.
 Publishing the confidential data/personal media files to the public (called doxxing).
 Sending them numerous spam and phishing emails.
  Hacking their social media profiles and posting false or inappropriate content.
 Hacking their email accounts and sending phishing emails to their contacts.
Motivation 6: Mitigating Cyber Threats
This is the last hacker motivation that we’re going to talk about in this article. Hackers
sometimes hack to attack or stop other hackers from doing bad things. These types of hackers
typically either fall in the white hat or red hat categories.
White hat hackers, or ethical hackers, hack to protect websites, servers, and databases from
black hat hackers who want to cause harm. White hat hackers employ the same hacking
techniques as black hat hackers, but they do it with the system owner’s permission and stick
to legal methods. Companies and government agencies hire them as information security
analysts, cybersecurity researchers, security specialists, penetration testers, etc. They work as
independent consultants or freelancers as well.
White hat hackers’ intentions are typically to:
 Find and fix vulnerabilities in the system before black hat hackers exploit them.
 Develop security software that detects and removes malware.
 Educate users about various cyber threats and ways to prevent them.
 Make contingency plans in the event of a cyber-attack.
 Strengthen the overall security posture of the software and hardware components.
But there is also a different type of hacker that also likes to target the bad guys: red hat
hackers. Red hats are like black hats in that they don’t typically stick to legal routes with their
attacks and will hack without authorization. However, instead of targeting businesses and
other legitimate users, they’ll instead attack other hackers.

Ethical Hacking:
Ethical hacking is an authorized practice of detecting vulnerabilities in an application,
system, or organization's infrastructure and bypassing system security to identify potential
data breaches and threats in a network.
Hacking is the practice of accessing data stored privately by experts. When programmers did
some mistakes, those mistakes make the system vulnerable and these vulnerabilities are being
picked by hackers to hack the system. The hackers who don’t work on principles of ethical
hacking are known as unethical hackers. Hackers are well aware that their activities are
illegal and thus criminal activity which is why they are trying to close their tracks. In other
words, we can say that – an effort to attack a computer system or a private network inside a
computer is known as hacking.
Ethical Hacking is legal access to information that is unauthorized for the rest of the world.
This type of hacking is done to protect the system or websites from malicious hackers and
viruses. The hackers who work on principles of ethical hacking are known as ethical hackers.
While Hackers may be highly skilled at braking system programs, professional ethical
hackers can restore the security of a compromised system and catch the criminal with their
skills and abilities.
Differences Between Hacking and Ethical Hacking:

S.No. Hacking Ethical Hacking

1. Steal valuable information of company Hack system to reduce vulnerabilities of
and individual for illegal activity. company’s system.
2. Illegal practice and considered a Legal practice, authorized by the company
crime. or individual.
3. Such types of hackers are called black- Such types of hackers are called white-hat
hat hackers. hackers.

4. Such hackers try to access restricted Such hackers create firewalls and security
networks through illegal practices and protocols.
reduce the security of data.
5. They work for themselves for dirty They work with different government
money. agencies and big tech companies.

Similarities between Hacking and Ethical Hacking:

 Whether it be a white-hat hacker or black or grey they use the same tools for hacking.
 All the hackers have in-depth and strong knowledge of networks, operating system,
computer fundamentals.
 They all try to find vulnerabilities by zero-day attack initially.
Things to be done when you think you are hacked:
 Turn off your internet connection:If you suspect theft, the first thing you should do
is disconnect the internet from your system in order to stop further interference.
 Open Firewall:Sometimes we close firewall windows to install specific software.
From a protection perspective, we should consistently be available firewalls. A
hardware firewall is another excellent installation alternative. It acts as a partition
between the External Network and your internal systems.
 Change your passwords:For accounts or devices that contain sensitive information,
make sure your password is strong, unique, and not easily guessed.
Note: A firewall is a network security system that monitors and controls incoming and
outgoing network traffic based on predetermined security rules. A firewall typically
establishes a barrier between a trusted network and an untrusted network, such as the Internet.

Concept of cyber security:

Cyber security is the application of technologies, processes, and controls to protect systems,
networks, programs, devices and data from cyber-attacks.
(or)
Cyber security is the practice of defending computers, servers, mobile devices, electronic
systems, networks, and data from malicious attacks. It’s also known as information
technology security or electronic information security.
It aims to reduce the risk of cyber-attacks and protect against the unauthorised exploitation of
systems, networks, and technologies.
Note: August Kerckhoffs, a linguist and German professor at HEC, wrote an essay in the
Journal of Military Science in February 1883. Kerckhoff had unwittingly established the
foundations for contemporary encryption, earning him the title of “Father of Computer
Security.”
Note: "CIA triad" stand for Confidentiality, Integrity, and Availability. The CIA triad is a
common model that forms the basis for the development of security systems. They are used
for finding vulnerabilities and methods for creating solutions.
The term applies in a variety of contexts, from business to mobile computing, and can be
divided into a few common categories.
1. Critical infrastructure security
Critical infrastructure organisations are often more vulnerable to attack than others because
SCADA (supervisory control and data acquisition) systems often rely on older software.
Operators of essential services in the UK’s energy, transport, health, water and digital
infrastructure sectors, and digital service providers are bound by the NIS Regulations.
The Regulations require organisations to implement appropriate technical and organisational
measures to manage their security risks.
2. Network security
Network security involves addressing vulnerabilities affecting your operating systems and
network architecture, including servers and hosts, firewalls and wireless access points, and
network protocols.
3. Cloud security
Cloud security is concerned with securing data, applications, and infrastructure in the Cloud.
4. IoT (Internet of Things) security
IoT security involves securing smart devices and networks connected to the IoT. IoT devices
include things that connect to the Internet without human intervention, such as smart fire
alarms, lights, thermostats, and other appliances.
5. Application security
Application security involves addressing vulnerabilities resulting from insecure development
processes in designing, coding, and publishing software or a website.
Why is cyber security important?
 The costs of cyber security breaches are rising: Organisations that suffer cyber
security breaches may face significant fines. There are also non-financial costs to be
considered, like reputational damage.
  Cyber-attacks are increasingly sophisticated:Cyber-attacks continue to grow in
sophistication, with attackers using an ever-expanding variety of tactics. These
include social engineering, malware and ransomware.
 Cyber security is a critical, board-level issue: New regulations and reporting
requirements make cyber security risk oversight a challenge. The board needs
assurance from management that its cyber risk strategies will reduce the risk of
attacks and limit financial and operational impacts.
 Cyber-crime is a big business: According to a study by McAfee and the CSIS, based
on data collected by Vanson Bourne, the world economy loses more than $1 trillion
each year due to cybercrime. Political, ethical, and social incentives can also drive
attackers.
Types of cyber threats:
Some common cyber threats are:
1. Malware attack
2. SQL injection (SQLi) attack
3. Phishing attack
4. Man-in-the-middle (MitM) attack
5. Denial-of-service (DoS) attack
1. Malware attack
Malware means malicious software. One of the most common cyber threats, malware is
software that a cybercriminal or hacker has created to disrupt or damage a legitimate user’s
computer. Often spread via an unsolicited email attachment or legitimate-looking download,
malware may be used by cybercriminals to make money or in politically motivated cyber-
attacks.
There are a number of different types of malwares, including:
Virus: A self-replicating program that attaches itself to clean file and spreads throughout a
computer system, infecting files with malicious code.
Trojan: A type of malware that is disguised as legitimate software. Cybercriminals trick
users into uploading Trojans onto their computer where they cause damage or collect data.
Worm:A computer worm is a type of malware whose primary function is to self-replicate and
infect other computers while remaining active on infected systems.
Spyware: A program that secretly records what a user does, so that cybercriminals can make
use of this information. For example, spyware could capture credit card details.
Ransomware: Malware which locks down a user’s files and data, with the threat of erasing it
unless a ransom is paid.
Adware: Advertising software which can be used to spread malware.
Botnets: Networks of malware infected computers which cybercriminals use to perform tasks
online without the user’s permission.
2. SQL injection (SQLi) attack
An SQLi (Structured Query Languageinjection) is a type of cyber-attack used to take control
of and steal data from a database. Cybercriminals exploit vulnerabilities in data-driven
applications to insert malicious code into a databased via a malicious SQL statement. This
gives them access to the sensitive information contained in the database.
3. Phishing attack
Phishing is when cybercriminals target victims with emails that appear to be from a
legitimate company asking for sensitive information. Phishing attacks are often used to dupe
people into handing over credit card data and other personal information.
4. Man-in-the-Middle(MitM) attack
A man-in-the-middle attack is a type of cyber threat where a cybercriminal intercepts
communication between two individuals in order to steal data. For example, on an unsecure
Wi-Fi network, an attacker could intercept data being passed from the victim’s device and the
network.
5. Denial-of-Service(DoS) attack
A denial-of-service attack is where cybercriminals prevent a computer system from fulfilling
legitimate requests by overwhelming the networks and servers with traffic. This renders the
system unusable, preventing an organization from carrying out vital functions.

Issues and challenges of cyber security:

1. Ransomware Attacks
Ransomware attacks have become popular in the last few years and pose one of India’s most
prominent Cyber Security challenges in 2023. According to the Cyber Security firm Sophos,
about 82% of Indian organizations were hit by ransomware in the last six
months.Ransomware attacks involve hacking into a user’s data and preventing them from
accessing it until a ransom amount is paid. Ransomware attacks are critical for individual
users but more so for businesses that can’t access the data for running their daily operations.
However, with most ransomware attacks, the attackers don’t release the data even after the
payment is made and instead try to extort more money.
2. IoT Attacks
According to IoT Analytics, there will be about 11.6 billion IoT devices by 2023. IoT devices
are computing, digital, and mechanical devices that can autonomously transmit data over a
network. Examples of IoT devices include desktops, laptops, mobile phones, smart security
devices, etc. As the adoption of IoT devices is increasing at an unprecedented rate, so are the
challenges of Cyber Security. Attacking IoT devices can result in the compromise of sensitive
user data. Safeguarding IoT devices is one of the biggest challenges in Cyber Security, as
gaining access to these devices can open the doors for other malicious attacks.
3. Cloud Attacks
Most of us today use cloud services for personal and professional needs. Also, hacking cloud
platforms to steal user data is one of the challenges in Cyber Security for businesses. We are
all aware of the infamous iCloud hack, which exposed private photos of celebrities. If such an
attack is carried out on enterprise data, it could pose a massive threat to the organization and
maybe even lead to its collapse.
4. Phishing Attacks
Phishing is a type of social engineering attack often used to steal user data, including login
credentials and credit card numbers. Unlike ransomware attacks, the hacker, upon gaining
access to confidential user data, doesn’t block it. Instead, they use it for their own advantages,
such as online shopping and illegal money transfer. Phishing attacks are prevalent among
hackers as they can exploit the user’s data until the user finds out about it. Phishing attacks
remain one of the major challenges of Cyber Security in India, as the demographic here isn’t
well-versed with handling confidential data.
5. Blockchain and Cryptocurrency Attacks
While blockchain and cryptocurrency might not mean much to the average internet user,
these technologies are a huge deal for businesses. Thus, attacks on these frameworks pose
considerable challenges in Cyber Security for businesses as it can compromise customer data
and business operations. These technologies have surpassed their infancy stage but have yet
not reached an advanced secure stage. Thus, several attacks have been attacks, such as
DDOS, Sybil, and Eclipse, to name a few. Organizations need to be aware of the security
challenges that accompany these technologies and ensure that no gap is left open for intruders
to invade and exploit.
6. Software Vulnerabilities
Even the most advanced software has some vulnerabilities that might pose significant
challenges to Cyber Security in 2023, given that the adoption of digital devices now is more
than ever before. Individuals and enterprises don’t usually update the software on these
devices as they find it unnecessary. However, updating your device’s software with the latest
version should be a top priority. An older software version might contain patches for security
vulnerabilities that are fixed by the developers in the newer version. Attacks on unpatched
software versions are one of the major challenges of Cyber Security. These attacks are usually
carried out on a large number of individuals, like the Windows zero-day attacks.
7. Machine Learning and AI Attacks
While Machine Learning and Artificial Intelligence technologies have proven highly
beneficial for massive development in various sectors, it has its vulnerabilities as well. These
technologies can be exploited by unlawful individuals to carry out cyberattacks and pose
threats to businesses. These technologies can be used to identify high-value targets among a
large dataset. Machine Learning and AI attacks are another big concern in India. A
sophisticated attack might prove to be too difficult to handle due to the lack of Cyber Security
expertise in our country.
8. BYOD Policies
Most organizations have a Bring-Your-Own-Device policy for their employees. Having such
systems poses multiple challenges in Cyber Security. Firstly, if the device is running an
outdated or pirated version of the software, it is already an excellent medium for hackers to
access. Since the method is being used for personal and professional reasons, hackers can
easily access confidential business data. Secondly, these devices make it easier to access your
private network if their security is compromised. Thus, organizations should let go of BYOD
policies and provide secure devices to the employees, as such systems possess enormous
challenges of Computer Security and network compromise.
9. Insider Attacks
While most challenges of Cyber Security are external for businesses, there can be instances
of an inside job. Employees with malicious intent can leak or export confidential data to
competitors or other individuals. This can lead to huge financial and reputational losses for
the business. These challenges of Computer Security can be negated by monitoring the data
and the inbound and outbound network traffic. Installing firewall devices for routing data
through a centralized server or limiting access to files based on job roles can help minimize
the risk of insider attacks.
10. Outdated Hardware
Well, don’t be surprised. Not all challenges of Cyber Security come in the form of software
attacks. With software developers realizing the risk of software vulnerabilities, they offer
periodic updates. However, these new updates might not be compatible with the hardware of
the device. This is what leads to outdated hardware, wherein the hardware isn’t advanced
enough to run the latest software versions. This leaves such devices on an older version of the
software, making them highly susceptible to cyberattacks.

Cyber Terrorism:
Cyberterrorism is often defined as any premeditated, politically motivated attack against
information systems, programs and data that threatens violence or results in violence. The
definition is sometimes expanded to include any cyber-attack that intimidates or generates
fear in the target population.
Cyber terrorism involves the same techniques as traditional cyberattacks. Cyber terrorists can
use DDoS attacks, various forms of malware, social engineering strategies, phishing
campaigns and more to reach their targets.
The CRS(Congressional Research Service) categorizes different types of cyber terrorism and
cyber warfare by purpose instead of techniques that are used.
Cyber Terrorists:
Cyber terrorists are state-sponsored and non-state actors who use cyberattacks to achieve
their objectives. Actors such as transnational terrorist organizations, insurgents and jihadists
have used the internet for planning attacks, radicalization and recruitment, propaganda
distribution, a means of communication and for disruptive purposes.
Cyber Spies:
Cyber spies steal classified or proprietary information from governments or private
corporations to gain a strategic, security, financial or political advantage. They often take
directions from foreign government entities and target government networks, cleared defense
contractors and private companies.
Cyber Thieves:
Cyber thieves engage in illegal cyberattacks for monetary gain. An example is an
organization or individual who accesses a system to steal and sell credit card numbers.
Cyber Warriors:
Cyber warriors are agents or quasi-agents of nation-states who develop capabilities and
undertake cyberattacks to support a country’s strategic objectives. Entities may or may not be
acting on behalf of the government in terms of the target, timing of the attack and type(s) of
cyberattack — and they are often blamed by the host country when accusations result from
the attacked nation.
Cyber Activists:
Cyber activists perform cyberattacks for pleasure or philosophical, political or other
nonmonetary reasons. Examples include an individual who hacks a system for a personal
challenge or a “hacktivist” like a member of the cyber-group Anonymous.

Cyber Forensics:
Cyber forensics is a process of extracting data as proof for a crime (that involves electronic
devices) while following proper investigation rules to nab the culprit by presenting the
evidence to the court. Cyber forensics is also known as computer forensics. The main aim of
cyber forensics is to maintain the thread of evidence and documentation to find out who did
the crime digitally. Cyber forensics can do the following:
 It can recover deleted files, chat logs, emails, etc
 It can also get deleted SMS, Phone calls.
 It can get recorded audio of phone conversations.
 It can determine which user used which system and for how much time.
 It can identify which user ran which program.
Why is cyber forensics important?
In today’s technology driven generation, the importance of cyber forensics is immense.
Technology combined with forensic forensics paves the way for quicker investigations and
accurate results. Below are the points depicting the importance of cyber forensics:
 Cyber forensics helps in collecting important digital evidence to trace the criminal.
 Electronic equipment stores massive amounts of data that a normal person fails to see.
For example: in a smart house, for every word we speak, actions performed by smart
devices, collect huge data which is crucial in cyber forensics.
 It is also helpful for innocent people to prove their innocence via the evidence
collected online.
  It is not only used to solve digital crimes but also used to solve real-world crimes like
theft cases, murder, etc.
 Businesses are equally benefitted from cyber forensics in tracking system breaches
and finding the attackers.
Types of cyber forensics
There are multiple types of cyber forensics depending on the field in which digital
investigation is needed. The fields are:
 Network forensics: This involves monitoring and analysing the network traffic to and
from the criminal’s network. The tools used here are network intrusion detection
systems and other automated tools.
 Email forensics: In this type of forensics, the experts check the email of the criminal
and recover deleted email threads to extract out crucial information related to the case.
 Malware forensics: This branch of forensics involves hacking related crimes. Here,
the forensics expert examines the malware, trojans to identify the hacker involved
behind this.
 Memory forensics: This branch of forensics deals with collecting data from the
memory(like cache, RAM, etc.) in raw and then retrieve information from that data.
 Mobile Phone forensics: This branch of forensics generally deals with mobile
phones. They examine and analyse data from the mobile phone.
 Database forensics: This branch of forensics examines and analyses the data from
databases and their related metadata.
 Disk forensics: This branch of forensics extracts data from storage media by
searching modified, active, or deleted files.

The INDIAN cyberspace:

Indian cyberspace was born in 1975 with the establishment of National Informatics Centre
(NIC) with an aim to provide govt with IT solutions. Three networks (NWs) were set up
between 1986 and 1988 to connect various agencies of govt.
These NWs were, INDONET which connected the IBM mainframe installations that made up
India’s computer infrastructure, NICNET (the NIC NW) a nationwide very small aperture
terminal (VSAT) NW for public sector organizations as well as to connect the central govt
with the state govts and district administrations, the third NW setup was ERNET (the
Education and Research Network), to serve the academic and research communities.
New Internet Policy of 1998 paved the way for services from multiple Internet service
providers (ISPs) and gave boost to the Internet user base grow from 1.4 million in 1999 to
over 150 million by Dec 2012.
Exponential growth rate is attributed to increasing Internet access through mobile phones and
tablets. Govt is making a determined push to increase broadband penetration from its present
level of about 6%.

Regulation of Cyberspace:
In India, Information Technology Act, 2000 is the legislation which covers the domain of
cyber law.The main objective of the Act is to provide legal recognition for transactions
carried out by means ofelectronic data interchange and other means of
electroniccommunication, commonly referred to as ecommerce, which involve the use of
alternatives to paper-based methods of communication and storageof information to facilitate
electronic filing of documents with the Government agencies.
Electronic Signatures:
Any subscriber (i.e., a person in whose name the Digital Signature Certificate is issued)
mayauthenticate electronic record by affixing his Digital Signature. Electronic record means
data record ordata generated image or sound, stored, received or sent in an electronic form or
microfilm or computer-generated microfiche.
Electronic Governance:
Where any law provides submission of information in writing or in the typewritten or printed
form, itwill be sufficient compliance of law, if the same is sent in an electronic form. Further,
if any statuteprovides for affixation of signature in any document, the same can be done by
means of DigitalSignature.
Similarly, the filing of any form, application or any other documents with the Government
Authoritiesand issue or grant of any licence, permit, sanction or approval and any receipt
acknowledging payment can be done by the Government offices by means of electronic
form.Retention of documents, records, or information as provided in any law, can be done by
maintainingelectronic records. Any rule, regulation, order, by-law or notification can be
published in the OfficialGazette or Electronic Gazette.
However, no Ministry or Department of Central Government or the state Government or
anyAuthorityestablished under any law can be insisted upon acceptance of a document only
in the form of electronicrecord.
Regulation of Certifying Authorities:
The Central Government may appoint a Controller of Certifying Authority who shall exercise
supervision over the activities of Certifying Authorities.
Digital Signature Certificate:
Any person may make an application to the Certifying Authority for issue of Digital
Signature Certificate. The Certifying Authority while issuing such certificate shall certify that
it has complied with the provisions of the Act.
Penalties and Adjudication:
If any person without the permission of the owner, accesses the owner’s computer, computer
system or computer net-work or downloads copies or any extract or introduces any computer
virus or damages computer, computer system or computer network data etc. he/she shall be
liable to pay damage by way of compensation not exceeding Rupees One Crore to the person
so effected.
The Appellate Tribunal:
The section 48 of IT Act provides ‘that The Telecom Disputes Settlement and Appellate
Tribunal established under section 14 of the Telecom Regulatory Authority of India Act, 1997
shall, on and from the commencement of Part XIV of Chapter VI of the Finance Act, 2017,
be the Appellate Tribunal for the purposes of this Act and the said Appellate Tribunal shall
exercise the jurisdiction, powers and authority conferred on it by or under this Act. However,
the Central Government shall specify, by notification, the matters and places in relation to
which the Appellate Tribunal, may exercise jurisdiction’.
Under the act, the Central Government has the power to establish the Cyber Regulations
Appellate Tribunal having power to entertain the cases of any person aggrieved by the Order
made by the Controller of Certifying Authority or the Adjudicating Officer.
Offences:
Tampering with computer source documents or hacking with computer system entails
punishment with imprisonment up to three years or with fine up to Rs. 2 lakhs or with both.
Publishing of information, which is obscene, in electronic form, shall be punishable with
imprisonment up to five years or with fine up to Rs. 10 lakh and for second conviction with
imprisonment up to ten years and with fine up to Rs. 2 lakhs.
The Information Technology Act, 2000 was amended in 2015 wherein the Supreme Court in
the case of Shreya Singhal v. Union of India had struck Section 66A of Information
Technology Act, 2000 as it violates the freedom of speech and expression provided under
Article 19(1)(a) of the Constitution of India.

National Cyber Security Policy:

National Cyber Security Policy is a policy framework by Department of Electronics and
Information Technology (DeitY). It aims at protecting the public and private infrastructure
from cyber-attacks. The policy also intends to safeguard "information, such as personal
information (of web users), financial and banking information and sovereign data". This was
particularly relevant in the wake of US National Security Agency (NSA) leaks that suggested
the US government agencies are spying on Indian users, who have no legal or technical
safeguards against it. Ministry of Communications and Information Technology (India)
defines Cyberspace as a complex environment consisting of interactions between people,
software services supported by worldwide distribution of information and communication
technology.
Reason for Cyber Security Policy:
India had no Cyber security policy before 2013. In 2013, The Hindu newspaper, citing
documents leaked by NSA whistle-blower "Edward Snowden", has alleged that much of the
NSA surveillance was focused on India's domestic politics and its strategic and commercial
interests. This sparked a furore among people. Under pressure, the government unveiled a
National Cyber Security Policy 2013 on 2 July 2013.
Vision:
To build a secure and resilient cyberspace for citizens, business, and government and also to
protect anyone from intervening in user's privacy.
Mission:
To protect information and information infrastructure in cyberspace, build capabilities to
prevent and respond to cyber threat, reduce vulnerabilities and minimize damage from cyber
incidents through a combination of institutional structures, people, processes, technology, and
cooperation.
Objectives:
 To create a secure cyber ecosystem in the country, generate adequate trust and
confidence in IT system and transactions in cyberspace and thereby enhance adoption
of IT in all sectors of the economy.
 To create an assurance framework for the design of security policies and promotion
and enabling actions for compliance to global security standards and best practices by
way of conformity assessment (Product, process, technology & people).
 To strengthen the Regulatory Framework for ensuring a SECURE CYBERSPACE
ECOSYSTEM.
 To enhance and create National and Sectoral level 24x7 mechanism for obtaining
strategic information regarding threats to ICT infrastructure, creating scenarios for
response, resolution and crisis management through effective predictive, preventive,
protective response and recovery actions.
 To improve visibility of integrity of ICT products and services by establishing
infrastructure for testing & validation of security of such product.
 To create workforce for 5,00,000skilled professionals in next 5 years through capacity
building skill development and training.
 To provide fiscal benefit to businesses for adoption of standard security practices and
processes.
 To enable Protection of information while in process, handling, storage & transit so as
to safeguard privacy of citizen's data and reducing economic losses due to cybercrime
or data theft.
 To enable effective prevention, investigation and prosecution of cybercrime and
enhancement of law enforcement capabilities through appropriate legislative
intervention.
Strategies:
 Creating a secured Ecosystem.
 Creating an assurance framework.
 Encouraging Open Standards.
 Strengthening The regulatory Framework.
 Creating a mechanism for Security Threats Early Warning, Vulnerability management,
and response to security threats.
 Securing E-Governance services.
 Protection and resilience of Critical Information Infrastructure.
 Promotion of Research and Development in cyber security.
 Reducing supply chain risks
  Human Resource Development (fostering education and training programs both in
formal and informal sectors to Support the Nation's cyber security needs and build
capacity.
 Creating cyber security awareness.
 Developing effective Public-Private partnerships.
 To develop bilateral and multilateral relationships in the area of cyber security with
another country. (Information sharing and cooperation)
 A Prioritized approach for implementation.

Communication Technology:
Communication is the exchange of information through different mediums.
It is an activity that started even before the civilization of human beings; however, over a
period of time, as technology advanced, accordingly different modes of communications also
developed including telecommunication and wireless communication.In today’s world,
information and communication technology play an important role in almost every activity
that we perform.
Types of Communication
1. Telecommunication
2. Wireless Communication
Telecommunication
Telecommunication is a technique of transmission of information from one location to
another by electromagnetic means.
Different types of information can be transferred through a telecommunication system, such
as voice, text, pictures, etc.
Modern Telecommunication System
The modern form of telecommunication involves computer technology and it is capable of
transferring wide range of data including audio, video, textual, many other computer files.
Major components of modern telecommunication are:

 Hardware − For example, computer system and modems.

 Software − This controls the Computer programs.
 Media − This is the communication outlet, wired or wireless.
 Networking − This technology connects various computer systems.
 Protocols − These rules govern information and communication transmission system.
Wireless Communication
Wireless communication is a technique of transmitting the information or power between two
or more points, which are actually not connected with the physical wire/conductor.
The most common wireless technology uses radio waves. Microwave transmission is another
technology.
The world’s first wireless telephone communication took place in 1880. This was
experimented by Alexander Graham Bell and Charles Summer Tainter. Both of them together
invented and patented the ‘photophone.’
Photophone was a sort of telephone, which conducted audio conversations wirelessly over
modulated light beams, i.e., electromagnetic waves.
However, in the 21st century, the invention of cellular phones radically changed the concept
of communication system and made available the wireless communication system even in the
remote part of the country.

Internet:
The Internet is the foremost important tool and the prominent resource that is being used by
almost every person across the globe. It connects millions of computers, webpages, websites,
and servers. Using the internet we can send emails, photos, videos, and messages to our loved
ones. Or in other words, the Internet is a widespread interconnected network of computers
and electronic devices(that support Internet). It creates a communication medium to share and
get information online. If your device is connected to the Internet then only you will be able
to access all the applications, websites, social media apps, and many more services. The
Internet nowadays is considered the fastest medium for sending and receiving information.
History of the Internet
The Internet came in the year 1960 with the creation of the first working model called
ARPANET (Advanced Research Projects Agency). It allowed multiple computers to work on
a single network which was their biggest achievement at that time. ARPANET uses packet
switching to communicate multiple computer systems under a single network. In October
1969, using ARPANET first message was transferred from one computer to another. After
that technology continues to grow.

World Wide Web (WWW):

The world wide web is a collection of all the web pages, and web documents that we can see
on the Internet by searching their URLs (Uniform Resource Locator) on the Internet. For
example, www.mrec.ac.inis the URL of the GFG website, and all the content of this site like
webpages and all the web documents are stored on the world wide Web. Or in other words,
the world wide web is an information retrieval service of the web. It provides users with a
huge array of documents that are connected to each other by means of hypertext or
hypermedia links. Here, hyperlinks are known as electronic connections that link the related
data so that users can easily access the related information hypertext allows the user to pick a
word or phrase from text, and using this keyword or word or phrase can access other
documents that contain additional information related to that word or keyword or phrase.
World wide web is a project which is created by Timothy Berner’s Lee in 1989, for
researchers to work together effectively at CERN (Conseil Européen pour la Recherche
Nucléaire or European Council for Nuclear Research). It is an organization, named World
Wide Web Consortium (W3C), which was developed for further development in the web.
Note: There are millions of pages on the internet however about 90% of the pages are not
indexed by search engines like Google, Yahoo, Bing etc. Which means only a tiny portion of
the internet is accessible through search engines or standard means. Deep Web is the internet
that cannot be accessed through standard search engines or the pages that are not indexed in
any way.
If we imagine web as an ocean, the surface web is the top of the ocean which appears to
spread for miles around, and which can be seen easily or "accessible"; the deep web is the
deeper part of the ocean beneath the surface; the dark web is the bottom of the ocean, a place
accessible only by using special technologies.
Difference between World Wide Web and the Internet
The main difference between the World Wide Web and the Internet are:

World Wide Web Internet

All the web pages and web documents are The Internet is a global network of
stored there on the World wide web and to computers that is accessed by the World
find all that stuff you will have a specific wide web.
URL for each website.
The world wide web is a service. The Internet is an infrastructure.
The world wide web is a subset of the The Internet is the superset of the world
Internet. wide web.
The world wide web is software-oriented. The Internet is hardware-oriented.
The world wide web uses HTTP. The Internet uses IP Addresses.
The world wide web can be considered as a The Internet can be considered a Library.
book from the different topics inside a
Library.

Advantages and Disadvantages of the Internet:

Advantages of the Internet:
 Online Banking and Transaction: The Internet allows us to transfer money online
through the net banking system. Money can be credited or debited from one account
to the other.
 Education, Online Jobs, Freelancing: Through the Internet, we are able to get more
jobs via online platforms like LinkedIn and to reach more job providers. Freelancing
on the other hand has helped the youth to earn a side income and the best part is all
this can be done via the INTERNET.
 Entertainment: There are numerous options for entertainment online we can listen to
music, play games can watch movies, and web series, and listen to podcasts, YouTube
itself is a hub of knowledge as well as entertainment.
 New Job Roles: The Internet has given us access to social media, and digital products
so we are having numerous new job opportunities like digital marketing and social
media marketing online businesses are earning huge amounts of money just because
the Internet is the medium to help us to do so.
 Best Communication Medium: The communication barrier has been removed from
the Internet. You can send messages via email, WhatsApp, and Facebook. Voice
 chatting and video conferencing are also available to help you to do important
meetings online.
 Comfort to humans: Without putting any physical effort you can do so many things
like shopping online it can be anything from stationeries to clothes, books to personal
items, etc. You can book train and plane tickets online.
 GPS Tracking and google maps: Yet another advantage of the internet is that you are
able to find any road in any direction, and areas with less traffic with the help of GPS
on your mobile.
Disadvantages of the Internet:
 Time Wastage: Wasting too much time on the internet surfing social media apps and
doing nothing decreases your productivity rather than wasting time on scrolling social
media apps one should utilize that time in doing something skilful and even more
productive.
 Bad Impacts on Health: Spending too much time on the internet causes bad impacts
on your health physical body needs some outdoor games exercise and many more
things. Looking at the screen for a longer duration causes serious impacts on the eyes.
 Cyber Crimes: Cyberbullying, spam, viruses, hacking, and stealing data are some of
the crimes which are on the verge these days. Your system which contains all the
confidential data can be easily hacked by cybercriminals.
 Effects on Children: Small children are heavily addicted to the Internet watching
movies, and games all the time is not good for their overall personality as well as
social development.
 Bullying and Spreading Negativity: The Internet has given a free tool in the form of
social media apps to all those people who always try to spread negativity with very
revolting and shameful messages and try to bully each other which is wrong.

Internet Governance:
Internet governance refers to the rules, policies, standards and practices that coordinate and
shape global cyberspace.
The Internet is a vast network of independently-managed networks, woven together by
globally standardized data communication protocols (primarily, Internet Protocol, TCP, UDP,
DNS and BGP). The common adoption and use of these protocols unified the world of
information and communications like never before. Millions of digital devices and massive
amounts of data, software applications, and electronic services became compatible and
interoperable. The Internet created a new environment, a complex and dynamic “cyberspace.”
While Internet connectivity generated innovative new services, capabilities and
unprecedented forms of sharing and cooperation, it also created new forms of crime, abuse,
surveillance and social conflict. Internet governance is the process whereby cyberspace
participants resolve conflicts over these problems and develop a workable order.
Policy Topics in Internet Governance:
The term “Internet governance” first started to be used in connection with the governance of
Internet identifiers such as domain names and IP addresses, which led to the formation of
ICANN(Internet Corporation for Assigned Names and Numbers).Since then, the economic,
political, social and military implications of Internet governance have expanded to embrace a
number of other areas of policy:
1. Cybersecurity: Cybersecurity is the practice of protecting systems, networks, and
programs from digital attacks. These cyberattacks are usually aimed at accessing, changing,
or destroying sensitive information; extorting money from users; or interrupting normal
business processes.
2. Digital Trade: Digital trade refers to commerce enabled by electronic means – by
telecommunications and/or ICT services – and covers trade in both goods and services.
3. Freedom of Expression Online: Freedom of expression is the right to express and receive
opinions, ideas and information. Expression and exchanges of views increasingly take place
online, including through social media platforms, websites and search engines.
4. Privacy & Surveillance: At the most basic level, surveillance is a way of accessing data.
Surveillance, implies an agent who accesses (whether through discovery tools, rules or
physical/logistical settings) personal data. Privacy, in contrast, involves a subject who
restricts access to personal data through the same means.
5. Internet Of Things: The Internet of things describes physical objects with sensors,
processing ability, software, and other technologies that connect and exchange data with other
devices and systems over the Internet or other communications networks.
6. IG Institutions:Internet Governance Institute (IGI) is an initiative established for
strengthening Internet Governance at the grass-root level through research, capacity building,
awareness, debates and policy intervention across the Asia Pacific. IGI believes in
collaboration and operates through the participation of IG related institutions.
The main objective of IGI is to contribute to strengthening grass root level stakeholders
through research, capacity building, awareness, debates, and policy intervention.
Major objectives of IGI are as follows:
 Research and development on Internet Governance issues
 Conduct short and long academic and non-academic online and offline course on
Internet Governance
 Conduct lectures, symposia, international meetings, conferences, and workshops on
Internet Governance
 Exchange of researchers and students working in the area of Internet Governance
 Do advocacy and promotional activities on Internet Governance related issues and
others
 Design, develop, distribution and sales of digital and nondigital content on Internet
Governance issues
7. Internet Identifiers: Internet identifiers means an electronic mail address, instant message
address or identifier, or any other designation or moniker used for self-identification during
internet communication or posting, including all designations used for the purpose of routing
or self-identification in internet communications or postings.
8. Geopolitics of IG: Geopolitics is the study of the effects of Earth's geography on politics
and international relations. Geopolitical examples may include trade agreements, war treaties,
border or territorial acknowledgements, climate agreements, and more. Two recent examples
are NAFTA and the Kyoto protocol.
Note:
1. NAFTA - The North American Free Trade Agreement (NAFTA), which was enacted
in 1994 and created a free trade zone for Mexico, Canada, and the United States, is
the most important feature in the U.S.-Mexico bilateral commercial relationship.
2. Kyoto Protocol: The Kyoto Protocol was an international treaty which extended the
1992 United Nations Framework Convention on Climate Change that commits state
parties to reduce greenhouse gas emissions, based on the scientific consensus that
global warming is occurring and that human-made CO₂ emissions are driving it.
Note: For more information visit this site - https://www.internetgovernance.org/what-is-
internet-governance/.

Internet Society (ISOC):(For more information visit -https://www.internetsociety.org/)

Internet Society (ISOC) is a professional membership society that promotes the use and
future development of the Internet. It has individual and organization members all over the
world and is governed by an elected board of trustees. ISOC coordinates various groups
responsible for Internet infrastructure. These include the Internet Engineering Task Force
(IETF), the Internet Architecture Board (IAB), and the Internet Engineering Steering Group
(IESG). The IETF develops technical standards for the Internet. The IAB has overall
responsibility for the architecture and adjudicates on disputes about standards. The IESG,
along with the IAB, reviews standards proposed by the IETF. The ISOC specifically
addresses several diverse areas of concern.
 It helps to devise and implement technical standards for the Internet and its
internetworking technologies and applications.
 It harmonizes policies and developments at the international level.
 It devises and contributes to administrative policies and processes.
 It leads educational and research efforts to promote better understanding of and
dialogue about the Internet.
 It collects and stores data for archiving and disseminating the history of the Internet.
 It performs hands-on work in helping developing countries to implement a viable
Internet infrastructure.
Note: IANA (Internet Assigned Numbers Authority) - A branch of the IAB formerly
responsible for assigning IP addresses. In 1998 its functions were taken over by ICANN.
ICANN (Internet Corporation for Assigned Names and Numbers) - A nonprofit-making
authority formed in 1998 to take over the assignment of IP addresses from IANA, and also to
administer domain names and certain technical matters.

Recent Cyber-attacks and Data breaches in India:

Data breaches particularly refer to those incidents wherein the confidentiality of information
is compromised. Another commonly used term for ‘data breach’ or ‘breach’ is ‘cyber-attack’.
However, it’s important to note that not every data breach is a cyber-attack and vice versa.
For example, a ransomware attack that is carried out to obtain confidential company data for
the purpose of blackmailing and subsequently extortion can be termed as a security breach.
According to a report by IBM titled ‘Cost of a data breach 2022’, the cost incurred by an
organisation due to a data breach is approximately 4.35 million dollars. It further stated that
about 83 percent of companies have experienced more than one incident of data breach.
All types of organisations – governmental, private, non-profits of various sizes – have been
the victims of data breach. But the specific sectors that suffer the most ramifications are
finance, healthcare, and the public sectors.
Recent data breaches in India:
Air India data breach
In February 2021, hackers broke into Air India’s database to steal the personal information of
4.5 million Air India customers. The data compromise happened on the heels of another data
breach at Akasa Air. After the incident, Air India sent emails to the affected passengers that
the security of their data had been compromised and personal information such as user ID
and password had been stolen.
The hackers obtained sensitive information to access passengers’ GST invoices and reveal it
in the public domain. However, credit card information like CVC and CVV numbers were not
stolen as claimed by Air India in response to allegations.
CAT data breach
Another breach that took place in 2021 affected 190,000 Common Admission Test (CAT)
applicants. The test was conducted by the Indian Institute of Management (IIM). The
personal identifiable data and the test results of the applicants were obtained by hackers who
put them on sale on a cybercrime forum.
Apart from the data pertaining to the admission examination, the past scores and academic
records were also posted on the forum. As per CloudSEK, this was the second time a data
spill of CAT admission exam results had occurred – the first one occurred in 2019.
Upstox data leak
The security systems of Upstox, India’s second-biggest stock broking firm with regard to the
number of clients, were breached in April 2021 by hackers who obtained KYC and other
information of 25 lakh customers. According to a Times of India report, the data theft was
traced to a third-party warehouse, and the documents were uploaded on the dark web.
The hackers responsible for the contravention allegedly belonged to a group called ‘Shiny
Hunters’. Investigators discovered that the hackers had obtained the Amazon Web Service
Key to unearth account information.
Police exam data spill (2019) and Cyberabad data theft (2023)
The confidential data of over 50,000 individuals who attended the police recruitment exam in
December 2019 was violated by hackers. The information of participants like birth dates, cell
phone numbers, candidate names, email IDs, FIR history, and criminal records, among others,
was put up for sale by hackers. The information leak was discovered by CloudSEK when the
hacker shared a sample of the stolen data with them.
However, the 2019 data spill pales in comparison to the data theft of 66.9 crore people in
2023. The incident came to light when Cyberabad police sent notices to 11 entities including
three banks, an IT services company, and a social media behemoth, asking the company
representatives to present themselves before them in pertinence to the massive data leak. The
Cyberabad police reportedly arrested one Vinay Bharadwaj for thieving, storing, and selling
the personal information of 66.9 crore people and companies across India.
Covid-19 information breach incident
Through a string of cyber-attacks on government websites in 2021, hackers managed to lay
their hands on a database that comprised the personal data of approximately 1500 Indian
citizens. The hackers rendered the data public through PDF files that were available for
download. It was further discovered that the agencies responsible for the onslaught were
based in New Delhi.
Likewise, in another incident in 2023, the information of 80,000 Covid patients was
compromised when hackers paved their way into the Delhi State Health Mission’s database.
A hacking group from Kerala assumed responsibility for the attack and stated dissatisfaction
with the government’s handling of the pandemic as the reason for the breach.
Domino’s India data theft
The Indian arm of Domino’s Pizza revealed in April 2021 that a threat actor had hacked their
database and sold the compromised data on a hacking forum.The actor claimed to have laid
their hands on 13 TB of information comprising data of 18 million orders reflecting customer
names, addresses, delivery locations, and phone numbers, along with the credit card
information of 1 million individuals from the database of Domino’s India. However, the pizza
chain claimed that customer credit card data wasn’t compromised as they don’t maintain the
financial records of their clients.
Justpay data leak
Justpay is an Indian payment portal utilized for making online payments. In 2020,
unidentified actors hacked 35 million user accounts of Justpay. A cyber-security expert
confirmed the hacking in 2021 while surfing the dark web. According to him, the user data
was being sold for 5000 dollars.
The information on sale included card details and fingerprints of clients. The hackers were
reportedly negotiating the prices via Telegram App due to its feature of timely self-erasure of
stored information.