CH-6,CYBER SAFETY

M E M B E R S - 1 . D E VA N U J C H O U D H U R Y
 Introduction

 Today’s age cannot be even thought of without internet, even in

dreams. Although internet has made many things easier but at the
same time it has posed many security risks too, if not used in proper
way. Thus, it is important to know about possible threats, challenges
and risks of working on internet to ensure personal safety and
information security. This chapter deals with the same. It talks about
possible risks and threats on internet and the safety measures to
prevent and counter them.
 What is Cyber Safety?

 Cyber Safety refers to the safe and responsible use of internet so that
to ensure safety and security of personal information and not posing
threat to anyone else’s information.

Identity protection while using internet

 Many ways website track you
 a)IP Address-
IP address is a unique address of your device when you connect to the, internet.
 b) Cookies and tracking scripts-
Cookies are small text files on your computer storing small pieces of information related
to your online habits.
Types of cookies---
1)First party cookies: These are the cookies that store your own login id, passwords,auto fill
information etc. for some websites that you frequently visit.
2)Third Party Cookies: These are the cookies that websites store to know about your search
history and web browsing history so as to place advertisements as per your interest.
 c)Http Referer---
The HTTP referer is a header field sent by a web browser or other client application to the
server when making a request via HTTP.
 d)Super Cookies---
Supercookies are persistent tracking mechanisms used by websites to uniquely identify
users across multiple browsing sessions and devices.
 e)User Agent---
A user agent, in the context of web communication, refers to a software
application or system that acts on behalf of a user in a network protocol
exchange.
 Private Browsing

 Private browsing, also known as incognito mode (in some web

browsers), is a feature implemented in web browsers that allows users
to surf the internet without storing local data such as browsing
history, cookies, cached files, or search history.
 In this mode:
 Browsing History: Pages visited in private mode are not saved to the
browser's history.
 Cookies and Site Data: Cookies and other site data obtained during
private browsing are discarded after the session is closed, which means
users are less likely to be tracked by advertisers across different websites.
 Form Data: Entered form data, such as login credentials or search
queries, is not saved.
 Cached Files: Temporary files downloaded during private browsing are
not stored after the session ends.
 Search History: Searches made during private browsing sessions are not
saved in the browser's search history.
 Anonymous browsing

 Anonymous browsing refers to a way of accessing the internet while

concealing one's identity and activities from websites, internet service
providers (ISPs), and other network observers.
 There are several methods and tools available for achieving anonymous
browsing:
 Virtual Private Networks (VPNs): VPNs route internet traffic through
encrypted tunnels, hiding the user's IP address and encrypting data
transmissions. This prevents ISPs and websites from tracking the user's
physical location and browsing activities.
 Tor (The Onion Router): Tor is a decentralized network that anonymizes
internet traffic by routing it through a series of volunteer-operated
servers called nodes. Each node in the network only knows the IP
addresses of the previous and next nodes, making it difficult to trace the
origin of the traffic.
 Proxy Servers: Proxy servers act as intermediaries between users and
the internet. They can mask the user's IP address and provide anonymity
by relaying requests to websites on behalf of the user.
Ways in which your Password may be computer

 Proper usage of passwords is essential for maintaining the security of your accounts and
personal information. Here are some best practices for creating and managing passwords:
 Use Strong Passwords: Create passwords that are long, complex, and difficult to guess. A
strong password typically includes a combination of uppercase and lowercase letters,
numbers, and special characters. Avoid using easily guessable information such as
birthdays, names, or common words.
 Unique Passwords for Each Account: Avoid using the same password across multiple
accounts. If one account is compromised, using unique passwords ensures that other
accounts remain secure.
 Change Passwords Regularly: Periodically change your passwords, especially for
sensitive accounts like email, banking, and social media. This practice reduces the risk of
unauthorized access, particularly in the event of a data breach.
 Avoid Common Passwords: Do not use easily guessable passwords such as "password,"
"123456," or "qwerty." Hackers often target accounts with weak passwords first.
 Consider Passphrases: Instead of a single complex password, consider using a
passphrase composed of multiple words or a sentence. Passphrases can be easier to
remember while still providing strong security.
 Enable Two-Factor Authentication (2FA): Whenever possible, enable two-factor
authentication for your accounts. 2FA adds an extra layer of security by requiring a
secondary form of verification, such as a code sent to your phone, in addition to your
password.
 Practises to Ensure Confidentiality of
information
 Ensuring the confidentiality of information is crucial for protecting
sensitive data from unauthorized access, disclosure, or modification.
Here are some best practices to maintain confidentiality:
 Implement Access Controls: Restrict access to sensitive information
based on the principle of least privilege. Only grant access to
individuals who require it to perform their job responsibilities. Use
access control mechanisms such as role-based access control (RBAC) or
attribute-based access control (ABAC) to enforce access policies.
 Encrypt Data: Use encryption to protect sensitive data both in transit
and at rest. Encrypt data before storing it on servers, databases, or
storage devices, and ensure that data transmissions are encrypted
using secure protocols such as HTTPS or SSL/TLS.
 Secure Authentication: Implement strong authentication mechanisms
to verify the identities of users accessing sensitive information. Utilize
methods such as multi-factor authentication (MFA) or biometric
authentication to add an extra layer of security beyond passwords.
 Malware

 Malware, short for malicious software, refers to any software intentionally designed to
cause damage, steal data, or disrupt computing systems. Malware can take many forms,
including viruses, worms, trojans, ransomware, spyware, adware, and more. It can be
distributed through various means such as email attachments, malicious websites,
infected USB drives, or software vulnerabilities.
 Here are some common types of malware:
 Viruses: These are programs that can replicate themselves and spread to other files on
the same computer or to other computers through networks.
 Worms: Similar to viruses, worms can self-replicate, but they do not need to attach
themselves to existing files. They spread independently through network connections.
 Trojans: Trojans disguise themselves as legitimate software but contain malicious code.
They often trick users into installing them, allowing attackers to gain unauthorized access
to the system.
 Ransomware: Ransomware encrypts files on a victim's computer and demands payment,
usually in cryptocurrency, for the decryption key. It's a type of extortion attack.
 Spyware: Spyware secretly monitors and gathers information about a user's activities,
such as browsing habits or login credentials, and sends it to a third party without the
user's consent.
 Adware: Adware displays unwanted advertisements on a user's computer, often through
pop-up windows or by redirecting web browsers to advertising websites.
 Damage caused by Malware

 The damage caused by malware can vary widely depending on the type of malware, its
capabilities, the target system, and the intentions of the attacker. Here are some common
forms of damage caused by malware:
 Data Loss or Theft: Malware can delete, corrupt, or steal sensitive data stored on the infected
system. This can include personal information, financial records, intellectual property, or
credentials.
 Financial Loss: Certain types of malware, such as ransomware or banking trojans, can directly
target financial resources. Ransomware can encrypt files and demand payment for decryption,
while banking trojans can steal banking credentials or conduct unauthorized transactions.
 System Disruption: Malware may disrupt the normal operation of a computer system or
network, leading to downtime and loss of productivity. This disruption can range from minor
annoyances like pop-up ads to more serious issues like crashing the system or rendering it
unusable.
 Privacy Violations: Spyware and other types of malware designed for surveillance can invade
user privacy by monitoring activities such as web browsing, keystrokes, or webcam usage
without the victim's consent.
 Damage to Reputation: If malware compromises sensitive information or leads to system
outages, it can damage the reputation of individuals or organizations. This can have long-term
consequences for trust and credibility.
 Propagation and Further Infections: Some malware, such as worms or botnets, are
designed to spread rapidly to other systems. This can lead to a cascading effect where multiple
systems become infected, amplifying the overall damage.
Safety Measures