Cyber Security Class XI PDF
Document Details
Tags
Summary
This document provides a detailed overview of cyber threats and security concepts, including different types of malware (viruses, worms, Trojan horses), eavesdropping, denial-of-service attacks, phishing, and cybercrimes. It also outlines various security measures and explores the significance of cyber laws for protecting digital resources and information.
Full Transcript
2.3 CYBER THREATS AND CYBER SECURITY 2.3.1 Security concerns With the increase in use of the network for accessing data and resource sharing, security is becoming a prime concern. The Internet represents an insecure channel for exchanging information, which leads to a high risk of intrusion or frau...
2.3 CYBER THREATS AND CYBER SECURITY 2.3.1 Security concerns With the increase in use of the network for accessing data and resource sharing, security is becoming a prime concern. The Internet represents an insecure channel for exchanging information, which leads to a high risk of intrusion or fraud, such as phishing, [viruses, trojans, worms and more. 2.3.1.1Malwares The term malware refers to malicious software (programs) designed with the intention to affect the normal functionality by causing harm to the system, or with the intention of getting unauthorized access to the system or denying access to legitimate users of computing resources. A malware may be a virus, worm, Trojan horse. Virus A virus is a software code that may harm your system by overwriting or corrupting the system files. A computer virus is similar in action to viruses in our body which replicate themselves and affect body cells. The affected part is called the infected area. A computer virus may make several copies of it by inserting its code onto the system programs, files or boot sector of hard drives and thereby may corrupt them. This causes the system to slow down or even stop functioning like boot sector virus, file infector virus, and macro virus. Worm A worm is often received via network, and it automatically keeps on creating several copies of itself on the hard disk thereby flooding the hard disk. When a worm is received as an email attachment, it is automatically forwarded to the recipients leading to network congestion. Thus, a worm may crash the system and entire network. No host application is required for worms to replicate themselves e.g. Code Red Worm which makes more than 2,50,000 copies of itself in approximately 9 hours. Trojan Horse Trojan Horse is a code that appears to be desirable and useful but ends up harming the system. Trojan horse can attach itself with a safe application. For example, it may be attached to any game downloaded over the Internet. Such an application when executed creates a backdoor in the system through which a hacker can access the system. The hacker can monitor all the activity performed on the system. He can also control the infected system by harming the data on the system. For example, in the late 1990s, Trojan Horse named Sub7 was created which took advantage of security flaws of earlier version browsers such as Internet Explorer and Chrome to illegally access the host computer. 2.3.1.2 Eavesdropping Eavesdropping is the act of secretly or stealthily listening to the private conversation or communications of others without their consent. Eavesdropping is done through telephone lines, cellular networks, email, and instant messaging. 2.3.1.3 Denial of Service A denial-of-service attack (DoS attack) is a cyber-attack in which the machine or network resource becomes unavailable to its users by temporarily or indefinitely disrupting servic es. Denial of service is typically accomplished by flooding the targeted machine or resource with superfluous requests to overload systems and prevent requests from being fulfilled. A DoS attack is like a group of people crowding the entry door of a shop, making it hard for legitimate customers to enter. 2.3.1.4 Phishing Phishing refers to the act of stealing a user's personal information through fraud mails. These emails eit4er entail personal information through embedded forms or contain links to the web page that may prompt you to provide this information. Information attempted to be stolen may include bank account number, debit/credit card number, passwords or any other valuable data 2.3.1.5 Cyber Crime Cybercrimes are the crimes related to the misuse of computers or the Internet such as theft, fraud, and forgery. The IT act defines cybercrime as an unlawful act where in the computer is either a tool or a target or both. Some of these crimes are mentioned below Cyber bullying Harassment or bullying inflicted through the use of electronic or communication devices such as computer, mobile phone, laptop, etc. Cyber stalking Use of electronic communication by a person to follow a person or attempts to contact a person to foster personal interaction repeatedly despite a clear indication of disinterest by such person. Online Job Fraud An attempt to defraud people who need employment by giving them a false hope/ promise of better employment with higher wages. Vishing To seek personal information like Customer ID, Net Banking password, ATM PIN, OTP, Card expiry date, CVV etc. through a phone call. SMSing Use of mobile phone text messages to lure victims into calling back on a fraudulent phone number, visiting fraudulent websites or downloading malicious content via phone or web. SIM Swap Scam Getting a new SIM card against a registered mobile number Credit card (or debit card) fraud An unauthorized use of another's credit or debit card information for the purpose of purchases or withdrawing funds from it. Identity theft Dishonestly making use of the electronic signature, password or any other unique identification feature of any other person. Spamming Persuading a recipient to buy a product or service, or visit a website via email, SMS, MMS where he can make purchases. Ransomware The victim is asked to pay the demanded ransom to get his device decrypts. 2.3.2 Network Security Tools and Services Since the Internet has emerged as a prime tool for sharing resources and accessing data, an exponentially growing number of users are using it with both good and bad intentions. Everyone accessing the Internet needs to be aware of the security issues and take protective measures to address the same. Network layer security TCP/IP protocols may be secured with cryptographic methods and security protocol like Secure Sockets Layer (SSL) Firewalls A firewall aims at protecting the internal network of an organization, home, or individual from malicious traffic from external networks. A router or a computer (often dedicated to serve as a firewall) may be installed between external network and internal network for this purpose. Firewall inspects the network traffic and allows only that data to pass through the network that does not violate the security constraint. Hardware firewalls in the form of a router prevents malicious software from entering your network from outside the network. However, software firewalls installed on personal computers prevent unauthorized access or malwares from gaining access to personal computers. Network firewalls may also encrypt the incoming data by converting it to non-readable format, thus, adding further protection. Antivirus Anti-virus is software that aims to protect your system against malicious and potentially unwanted programs. It is responsible for detecting these malicious programs by searching for them, and removing them to keep the system protected. The software operates by maintaining a database of malware definitions, which are automatically updated. It searches for any malicious program by scanning the files against the stored malware definitions for a match. In case of a match, they are declared as potentially harmful, and are disabled and removed depending upon anti-virus software settings. Password managers A password manager is a software application that helps a user store and organize passwords. Password managers usually store passwords encrypted, requiring the user to create a master password; a single, ideally very strong password which grants the user access to their entire password database from top to bottom Cyber Law Cyber laws are the laws for systematic use of e-resources, for example, e-business, and serve as a measure against illegal cyber-crime. Various cyber laws have also been enacted to prevent cyber-crimes and take action against those involved in such crimes. These laws define the action that would be taken against people committing the offences. For cyber security, an amendment in IT Act 2000 named Information Technology Amendment Act,2008 was also introduced. The act also defines offences and penalties for cyber-crime. Cyber police are responsible for detecting such crimes and taking the necessary measure against it according to the IT Act. 2.3.3 Protective Measures while accessing Internet Never click on a suspicious link specified on a web page or send through a mail for which you are not sure about its authenticity. Make sure that passwords are strong and are changed frequently. Passwords are the means for authenticating users, thereby allowing access to networked systems. Weak passwords have smaller length and use a small subset of possible characters, and thus, are subjected to be cracked easily. One should also avoid setting obvious pas swords such as names, mobile numbers, or date of birth. Passwords should be strong, having long length and including characters such as numbers and punctuation signs. Never disclose personal information such as date of birth, home address, personal phone number, account details, passwords, credit and debit card details, work history details. Report phishing issues to the concerned authorities or at cybercrime.gov.in. In case of unsolicited mails, mark them as spam mails. Security of the communication made over the Internet can be indicated by the security of protocol being used. Secure Hypertext Transfer Protocol (HTTPs) is a secure version used for communication between client and host on the Internet. So, ensure that all communications are secure, especially online transactions. The security of the website can be ensured if there is a padlock on the left side of the address bar. It indicates that the website has a SSL (Secure Socket Layer) digital certificate issued by a trusted party which ensures and proves the identity of the remote host. Ensure that the web browser being used for accessing the web is updated and is secure. For example, chrome browser is up to date, if the security patch indicated by three dots on top right corner are grey in color. Green, orange and red color security patches indicate that browser update is available for two, four and seven days respectively. Be selective while making friends on the social networking site. Do not send or accept friendship requests from any unknown user. Also, trust the authenticity of a message only if you are sure about its origin (sender). Do not post any offensive content on social networking site as it may lead to a criminal action against you. Beware before spreading any kind of a rumor as it may be treated as a cyber-crime. If someone is harassing or threatening you, take snapshot of it as a proof, and block the person. Also, report the incident to the site administrator. Use updated antivirus and firewall, secure browsing, and password management techniques. Make sure that the website address is properly spelled. Because there may be two websites with almost the same name, one being a phishing website. Delete cookies periodically. A cookie is a small piece of information about the client browsing a website. On receiving a request from a client, the server records the client information such as domain name and registration id on the server site in the form of a file or a string. The server sends this cookie along with the response requested by the client. At the client side, the browser stores this cookie received from the server in a directory called cookie directory. By obtaining access to these cookies, hackers may gain unauthorized access to these websites. Thus, cookies should be deleted occasionally along with the temporary files stored on our system during web browsing. Points to remember A communication system consists of four components: sender, receiver, messages, and channel. A collection of interconnected nodes (electronic devices such as computers, printers, fax machines, and telephones) which communicate by means of some channel from computer network. Computer networks can be used as means of resource sharing and communication. A transmission medium refers to the channel of transmission through which data can be transmitted from one node to another. a transmission medium can be categorized as guided and unguided medium. u guided medium refers to the physical conductor such as twisted pair, coaxial cable, and fiber optics. The unguided medium uses electro-magnetic waves that do not require a physical conductor, for example, infrared, radio, microwave, and satellite links. The arrangement (also called layout) of nodes in a network is called network topology. In bus topology, there is a long cable, called backbone cable (or simply backbone), that connects various nodes through a connector called tap. In ring topology, all the devices are attached through a cable in the form of a ring. In star topology, all the devices are connected to the central controller called hub. In mesh topology, all nodes are connected with every other node in the network. Tree topology is a combination of star and bus topology. Backbone cable in a bus topology acts like the stem of the tree, and star networks (and even individual nodes) are connected to the main backbone cable like the branches of a tree. LAN stands for local area network. They are private networks and can span a radius of up to 1Km. they are generally established within a building or campus. Man stands for Metropolitan area network. it may be owned by a single organization or by many individuals or organizations. These networks are used to establish links within a city, and span an area of radius up to 50 Km. Wan stands for Wide area network. Typically, a WAN spans a segment of about 1000 Km. they establish link within a country or continent A repeater is used to restore the input signal to its original form, so that it can travel a larger distance. It is also known as a digital regenerator. A hub comprises several input/output (i/o) ports, each of which connects to a single cable segment. A bridge is a multiport device used for connecting two or more local area networks (LAN), possibly operating at different speeds. Switches are used to connect individual nodes in the network with each other. Routers are used for connecting various networks with each other. a router transmits data from an incoming network to another network. Gateway connects networks based on different protocol technologies to communicate with each other. A wide network of networks is known as the internet. It has made it possible to exchange information and communicate with remote nodes. A network protocol defines the rules and conventions of communication that must be followed when two devices interact with each other. it specifies what should be communicated, and how and when communication should take place. An email may be written text and may include multimedia attachment. Sender of the e- mail may send it to one or more intended recipients. sending and receiving of m ails can take place through web-based email applications. FTP is a File transfer Protocol used for transferring files from one machine to another. Telnet stands for terminal network. It is a client server-based application that allows the user working on one system to login and access a remote system. World Wide Web (WWW), commonly known as web, is a repository of information on machines spread all over the internet and linked to each other. A web page may contain text, images, audio, videos, and information for linking the web pages in the form of hyperlinks. The TCP/IP (transmission control Protocol/internet Protocol) is the glue which holds the internet and WWW (collection of servers where information is stored) together. A MAC (Media Access Control) address is a unique 12 digit (6 digits for manufacturer code and 6 digits for serial number) hexadecimal number assigned to each NIC. MAC address of an NIC never changes. An IP (Internet Protocol) address is a unique 4-digit hexadecimal number assigned to each node on a network. Domain Name is a name assigned to a server through Domain Name System (DNS). A domain name usually has more than one parts: top level domain name or primary domain name and sub-domain name(s). Domain Name Resolution is the process of getting corresponding IP address from a domain name. The term malware refers to malicious software (programs) designed with the intention to affect the normal functionality by causing harm to the system, or with the intention of getting unauthorized access to the system or denying access to legitimate users of computing resources. A virus is a software code that may harm your system by overwriting or corrupting the system files. a computer virus may make several copies of it by inserting its code onto the system programs, files or boot sector of hard drives and thereby may corrupt them. A worm is a malware often received via network, and it automatically keeps on creating several copies of itself on the hard disk thereby flooding the hard disk. A Trojan horse is a code that appears to be desirable and useful but ends up harming the system. A Trojan horse can attach itself with a safe application. Such an application when executed creates a backdoor in the system through which a hacker can access the system. Spams are the unwanted electronic mails, generally sent in bulk over the internet to recipients. Such undesirable mails are generally commercial mails sent for advertisement purpose. However, they may contain links to phishing sites that attempt to steal user information or link to sites that contain malware or infected files. Phishing refers to the act of stealing user’s personal information through fraud mails. These mails either entail personal information through embedded forms or contain links to the web page that may prompt you to provide this information. Hacking may be described as having unauthorized access to someone’s computer or computer network for stealing resources such as passwords or confidential files or causing harm to the network or system. Anti-virus is software that aims to protect your system against malicious and potentially unwanted programs. it is responsible for detecting these malicious programs by searching for them and removing them to keep the system protected. A firewall aims at protecting the internal network of an organization, home, or individual from malicious traffic from external networks. a router or a computer (often dedicated to serve as a firewall) may be installed between external network and internal network for this purpose. Cybercrimes are the crimes related to the misuse of computers or the internet such as theft, fraud, forgery. The IT Act defines cybercrime as an unlawful act where in the computer is either a tool or a target or both. u cyber laws are the laws for systematic use of e- resources, for example, e-business, and serve as a measure against illegal cyber-crime. Social network refers to the network of people interacting and sharing information such as their views, photographs, videos and any other information. Digital literacy refers to raising knowledge and awareness about technology such as desktop computers, smartphones, tablets, and other electronic gadgets. It also includes familiarity with software tools and the internet. Exercises 1. Give the full form of following terms: (a) ARPANET (b) LAN (c) MAN (d) WAN (e) WWW (f) TELNET 2. Differentiate between the following: (a) Bus and Star Topology (b) Star and Tree Topology (c) Star and Mesh Topology (d) Ring and Bus Topology (e) LAN and WAN (f) LAN and MAN (g) MAN and WAN (h) Internet and WWW 3. What is the purpose of network devices? Explain following network devices. (a) Bridge (b) Router (c) Repeater (d) Switch 4. Which of the following listed acts are cyber-crimes? (a) Copying data from someone’s computer without his permission. (b) Stealing someone’s device. (c) Accessing one’s bank account for carrying online transactions. (d) Modifying the official documents without permission. (e) Creating a fake identity and posting on someone’s behalf. (f) Sending friend request to someone on a social networking site. 5. What is the difference between Email and Chat? 6. What are cookies? 7. Differentiate between firewall and antivirus. How both contribute to the security of the system? 8. Define protocol. 9. Explain TCP/IP Model. 10. What is the significance of cyber law? 11. How is TELNET used for remote login? 12. List the various security issues concerned with using the Internet. Explain each of them by giving proper examples. 13. List various protective measures that can be taken for network security. 14. Define cybercrime and cyber law. 15. Define Digital Literacy.