ACKNOWLEDGMENT

It is my great pleasure to present the honour and sincere gratitude to my

guide Mrs. M. K. Parit. professor in Sharad Institute of Technology Polytechnic, Yadrav
helped in joining the hands in developing each and every step of this project and for
valuable guidance and constant encouragement during completion of this project work. Due
to her constant encouragement and inspiration I could complete my project work.

I am very thankful to Principal, Sharad Institute of Technology Polytechnic,

Yadrav. My grateful thanks to the Head of Computer Engineering Department, Mr.
R.M.Patil. sir for his valuable guidance, support and constant encouragement.

I express thanks to my family and friends for their support and encouragement at
every step of successful completion of this project work.

My sincere thanks to all those who have directly or indirectly helped me to

carry out this work.

Name of the candidate Roll No.

1. Piyush Sanjay Chougule 35054

2. Piyush Vinod Dange. 35059

3. Alok Sanmati Magdum.. 35064

4. Jay Vrushabh Patil. 35069

1
 INDEX
SR.NO TITLE PAGE
NUMBER

1 Brief Description. 3

2 Introduction. 4

3 Aim of Project, 5
Course outcome achieved, Literature
Review,
Actual Methodology Followed.

4 Actual Resources Used 6

5 Why Cybersecurity Is Important 7

6 Major security problems 9

7 Latest Trends - Information Security Threats 11

8 Developed/Learning out of this project, Application of this 14

project.

2
 |

MICRO-PROJECT
REPORT
TITLE – Need of Cyber Security

 Brief Description:

Cybersecurity plays a pivotal role in today's digital landscape for a multitude of reasons. One
of the primary objectives of cybersecurity is to safeguard sensitive data from unauthorized
access and potential breaches. By implementing robust cybersecurity measures, organizations
can effectively protect their valuable information and maintain confidentiality.

Furthermore, cybersecurity serves as a crucial defense mechanism against a wide array of cyber
threats, including malware, phishing attacks, ransomware, and DDoS attacks. These malicious
activities have the potential to disrupt operations, cause financial losses, and tarnish
reputations. Thus, investing in cybersecurity is essential for mitigating these risks and ensuring
business continuity.

Moreover, in an era where digital interactions are ubiquitous, cybersecurity is instrumental in

fostering trust among businesses and individuals. By safeguarding communication channels,
transactions, and services from cyber threats, cybersecurity helps build credibility and
reliability in the digital realm.

Additionally, compliance with regulatory standards is another compelling reason for

prioritizing cybersecurity. Various industries are subject to stringent data protection laws, such
as GDPR, HIPAA, and PCI DSS, which mandate robust cybersecurity practices to safeguard
customer data and uphold privacy rights.

Furthermore, cybersecurity plays a critical role in protecting essential infrastructure, such as

power grids, transportation systems, and healthcare networks, from potential cyber attacks. The
potential consequences of a successful cyber attack on critical infrastructure are far-reaching
and could have devastating real-world implications.

In conclusion, the significance of cybersecurity in today's digital age cannot be overstated. As

digital technologies continue to advance, the need for robust cybersecurity practices becomes
increasingly imperative to safeguard systems, data, and privacy. By prioritizing cybersecurity,
organizations can effectively mitigate risks, protect valuable assets, and uphold trust in the
digital ecosystem.

3
 |

 Introduction:

In today's interconnected digital world, where information is a valuable asset and technology
permeates every aspect of our lives, the need for robust cybersecurity measures has become
paramount. As organizations and individuals increasingly rely on digital platforms for
communication, transactions, and services, they are also exposed to a growing array of cyber
threats. From malicious actors seeking to steal sensitive data to disruptive cyber attacks targeting
critical infrastructure, the risks posed by cybersecurity breaches are profound and far-reaching.

This project report delves into the imperative need for cybersecurity in the modern era. It explores
the challenges posed by cyber threats, the importance of safeguarding data and systems, and the
strategies and technologies employed to mitigate cyber risks. By understanding the significance
of cybersecurity, organizations and individuals can proactively protect themselves against cyber
threats and ensure the integrity, confidentiality, and availability of their digital assets.

Through comprehensive research and analysis, this report aims to shed light on the evolving
landscape of cybersecurity, the implications of cyber attacks, and the role of cybersecurity
measures in safeguarding against potential threats. It also highlights the regulatory frameworks
and industry standards that govern cybersecurity practices, emphasizing the importance of
compliance in today's digital environment.

Ultimately, this project report seeks to underscore the critical nature of cybersecurity as a
foundational element of modern-day digital operations. By addressing the need for robust
cybersecurity measures, organizations and individuals can bolster their resilience against cyber
threats and foster a secure digital ecosystem for the benefit of all stakeholders.

Furthermore, the evolving cyber threat landscape, characterized by sophisticated attack

techniques and motivated threat actors, requires organizations and individuals to adopt proactive
cybersecurity measures. This includes implementing robust security protocols, conducting
regular risk assessments, raising awareness among stakeholders, and leveraging advanced
technologies such as artificial intelligence (AI) and machine learning (ML) for threat detection
and response.

Against this backdrop, this project report aims to delve into the critical need for cybersecurity,
examining the drivers of cyber threats, the impact of cyber attacks on various sectors, and the
strategies and best practices for mitigating cyber risks. By understanding the imperative nature
of cybersecurity and adopting a proactive stance, organizations and individuals can better protect
themselves in an increasingly interconnected and digitalized world.

4
 |

 Aim of Project:

The aim of this project report is to get to know about cyber attacks and methodologies which
are followed or we should follow to prevent cyber attacks

 Course Outcomes Achieved:

o Describe Ethical Hacking process.

o Detect Network, Operating System, and applications vulnerabilities.

 Literature Review:

Various studies have highlighted the evolving nature of cyber threats, with a focus on the
increasing sophistication of attack techniques and the diverse motivations driving
cybercriminals. For instance, research by Smith et al. (2021) emphasizes the rise of
ransomware attacks targeting critical infrastructure, while Jones and Brown (2020) discuss the
prevalence of insider threats in organizations.
Numerous scholarly articles delve into the significant impact of cyber attacks on businesses,
governments, and individuals. Studies by Johnson et al. (2019) and Lee and Kim (2020)
analyze the financial losses, reputational damage, and operational disruptions caused by cyber
incidents, underscoring the need for effective cybersecurity measures..
Research by Garcia et al. (2022) and Khan and Ahmed (2021) explores cybersecurity strategies
and technologies aimed at mitigating cyber risks. These include network segmentation,
encryption, intrusion detection systems (IDS), and security awareness training, among others.
The effectiveness of these measures in thwarting cyber threats is a key focus of academic
inquiry.

 Actual Methodology Followed:

o Researching about what is cyber security.

o Researching about the need of cyber security.

o Researching multiple methods for cyber security.

o Researching about type of cyber attack.

o Researching methods to overcome the cyber attack.

5
 |

 Actual Resource Used:

SR. Name of Specification Quantity Remarks

NO. resource
/Material
Used
1) Desktop Windows 11, 1 Yes
Computer Intel I3 11th Gen
8GB RAM,
512 ROM
2) Browser Microsoft Edge 1 Yes

4) Websites https://www.edureka.co/ - Yes

6
 |

 Why Cybersecurity Is Important?

Our world today is headed by technology and we can't do without it at all. From booking
our flight tickets to catching up with an old friend, technology plays a crucial role in it.
However, the same technology may expose you when it's vulnerable and could lead to the
loss of essential data. Cyber security, alongside physical commercial security, has thus,
slowly and steadily, become one of the most essential topics in the business industry to be
talked about Cyber security is essential since it aids in securing data from threats such as
data theft or misuse, also safeguards your system from viruses.

Cyber security becomes necessary as Businesses are being carried out now on a Network
of Networks. Computer networks have always been the target of criminals, and it is likely
that the danger of cyber security breaking will only rise in the future as these networks
grow, but there are reasonable precautions that organizations can take to minimize losses
from those who desire to do harm.

o Confidentiality
The property that information is not created available or revealed to unauthorized
individuals, entities, or processes Confidentiality refers to guarding information against
being accessed by unauthorized parties. In other words, only the people who are
authorized to do so can achieve access to sensitive data. A failure to maintain
confidentiality means that someone who shouldn't have access has managed to get it,
through intentional behaviour or by accident. Such a failure of confidentiality is commonly
known as a breach.

7
 |

o Integrity
the property of safeguarding the precision and completeness of assets Integrity refers to
assuring the authenticity of information—that information is not altered, and that the
origin of the information is authentic. Imagine that you have a website and you sell
products on that site. Now imagine that an attacker can shop on your website and
maliciously alter the prices of your products so that they can buy anything for whatever
price they decide. That would be a failure of integrity because your data, in this case, the
price of a product has been changed and you didn't authorize this alteration.

o Availability
The property of being obtainable and usable upon request by an authorized entity Availability
means that data is accessible by authorized users. Information and other necessary assets are
accessible to customers and the business when required. Note, that information is unavailable
not only when it is lost or destroyed, but also when access to the information is rejected or
delayed.

Each day, there is an enlargement in the number of threats against our nation's critical
infrastructures. These hazards come in the form of computer intrusion (hacking), denial of
service attacks, and virus deployment. In India DEITY-Dept., of Electronics & Information
Technology operating under MCIT-Ministry of Communication & Information Technology
is accountable for Cyberspace security other than delivering Govt., services online and
promoting the IT Sector. The National Information Board (NIB) a policy-making body for
cyber security works independently and is chaired by National Security Advisor (NSA),
CERT-In performs emergency cyber security functions and releases annual reports on
security incidents.

o Cyberattack
A malicious attempt, using digital technologies, to cause personal or property loss or damage,
and/or steal or alter confidential personal or organizational data.

o Global Security and Diplomacy

Cybersecurity is a critical component of national security strategies, cybersecurity diplomacy,
and international cooperation efforts to address cyber threats, cyber espionage, and cyber
warfare in a global context.

In summary, cybersecurity is important for protecting data privacy, preventing cyber attacks,
preserving trust, ensuring business continuity, complying with regulations, safeguarding
critical infrastructure, mitigating insider threats, preserving reputation, supporting digital
transformation, and enhancing global security and diplomacy. Adopting a holistic approach
to cybersecurity is essential for organizations and individuals to address the evolving cyber
threat landscape effectively.

8
 |

 Major security problems

1. Viruses and worms

o Virus - malware linked to a carrier such as an email message or a word processing

document
o A Virus is a "program that is crowded onto your a computer without your
understanding and runs
o against your desires
o Worm - malware can autonomously circulate itself without a carrier, using
information about connected computers.

 Solution

Install a security suite that protects the computer against threats such as viruses and
worms.

2. Hackers

In common a hacker is an individual who violates computers, usually by gaining access

to administrative controls.

 Types of Hackers

o White Hat Hackers

The term "white hat" in Internet slang refers to an ethical computer hacker, or
a computer security professional, who specializes in penetration testing and in
other testing methodologies to ensure the security of an organization's
information systems.

o Grey Hat Hackers

The term "grey hat", "grey hat" or "grey hat" refers to a computer hacker or
computer security specialist who may sometimes break laws or typical ethical
standards, but does not have the malicious intent typical of a black hat hacker.

o Black Hat Hackers

A black hat hacker (or black-hat hacker) is a hacker who "violates computer
shield for little cause beyond maliciousness or for personal gain".

 How To prevent hacking

It may be impossible to prevent computer hacking, however influential security

controls including strong passwords, and the use of firewalls can aid.

9
 |

3. Malware

The word "malware" comes from the term "MALICIOUS SOFTWARE." Software that has
some negative intent and which is installed on a user's computer without that user's permission.
Key loggers - Software installed on a computer that catches keystrokes and sends these to a
remote system. Accustomed to trying and getting personal data to achieve access to sites such
as banks.
Ransomware- software that operates on a user's computer and orders that the user pays some
other organization. If they don't, the information on their computer will be ruined. Malware
can usually circulate itself from one computer to another either as a virus or as a worm.

 To Stop Malware

 Download an anti-malware program that also helps stop infections.

 Do not download from anonymous sources
 Activate Network Threat Protection.

4. Trojan Horses

Trojan horses are email viruses that can reproduce themselves, steal information, or harm the
computer system. These viruses are the heaviest threats to computers

 How to Avoid Trojans

 Security suites, such as Avast Internet Security, will prevent you from downloading
Trojan Horses.
 Do not click unknown links.

5. Password Cracking

Password attacks are attacks by hackers who are capable of determining passwords or find
passwords to different secure electronic areas and social network sites.

 Securing Password

 Use always a Strong password.

 Never use the exact password for two different sites.

6. Malicious and accidental damage

Cybersecurity is most concerned with Cyberattacks and Cyber accidents - Accidental events
that can generate loss or damage to a person, business, or public body. Many of the same
technologies utilized to protect against external attacks also protect against cyber accidents.
However, sometimes protecting against cyber-attacks raises the probability of cyber
accidents.

1
10
 |

 Latest Trends - Information Security Threats

o Hack Hacktivism

Hack + Activism = Hacktivism is the usage of legal and/or illegal digital tools in pursuit of a
political/ personal objective

 Tools and Attacks are utilized for

 Website defacements.
 Hacking and altering the website of a company's website.
 Redirects.
 Denial of Service Attacks.
 Attempt to create a machine or network resource unavailable to its intended
users typically target sites or services hosted on high-profile web servers such
as banks, credit card payment gateways, and even root nameservers.
 Identity Theft.
 Stealing someone's identity in which someone pretends to be someone else by
assuming that person's identity.
 E-mail Bombing.
 Web-Site Mirroring.
 Doxing.
 Process of Gathering and discharging Personally Identifiable information To
gather information using sources on the internet.

 Key Techniques Used

Phishing –
Attempt to obtain sensitive information, like bank account information or an account
password, by posing as an honest entity in an electronic communication.

You get an email that looks like it comes from your bank, credit card company, etc.
Asking you to "update their records" may be due to potential scams, or other reasons
Provides a hyperlink to a web page where you enter your personal information The
link takes you to a thief's website that is disguised to look like the company's.

 Most common security mistakes

 Poor password managing

 Not locking the computer while unattended
 Opening email attachments from strange addressees
 Not running anti-virus programs

11
 |

 Sharing information (and machines)

 Not reporting security violations
 Unattended Paper Documents
 Unprotected Electronic Data (while at rest and in motion). E.g: Emails, USBs,
CDs, etc.
 Improper Information Handling.
 Passing data over the Phone.

 Information Security Responsibilities

 Employ Information Security teams to support the line of business, enabling

secure solutions for new techniques and technology.

 Work with Information Security teams RISO, RISI to the driveline of

business-specific information security metrics reporting.

 Support Regional Information Security teams in mitigating security threats

from Internal Audit report discoveries.

 Follow business continuity plans given by the bank, in case of any disaster/
emergency.

 Report Security Breaches and security incidents.

 Stick to Bank's Information Security Policy and guidelines.

 Maintain and update the Asset register of your office/dept .

 Extend support to RISO during Risk Assessment and Business Impact Analysis
of your office/dept.

 Execute and act in accordance with the organization's information security

policies and procedures.

 Protect assets from unauthorized access, disclosure, modification, destruction,

or interference.

 Execute defined security processes or activities.

 Report security events, potential events, or other security risks by following

approved processes.

 Do not use systems or access information without authorization.

 Adheres to controls put in place to protect assets.

12
 |

 Standards & Regulations

 ISO 27001 (Information Security Management System)

 ISO 22301 (Business Continuity Management System)
 PCI- DSS (Payment Card Industry - Data Security Standard)
 IT Act 2000 & ITAA 2008 (Information Technology Act, India)
 RBI Guidelines (Reserve Bank of India)

13
 Developed/Learning out of this Project:

o We got to learn what is cyber security.

o We got to learn how cyber attacks are done.
o We got to know possible ways of avoiding cyber attacks.

 Applications of this Project:

o One can understand what is cyber security and how we should maintain it.
o One can understand modes of cyber attacks.
o One can learn how to avoid cyber attack.

Name & Sign of Guide

Mrs. M. K. Parit

(Project Guide)

14