Cyber Security-Class- XI.pdf

Full Transcript

2.3 CYBER THREATS AND CYBER SECURITY

2.3.1 Security concerns
With the increase in use of the network for accessing data and resource sharing, security
is becoming a prime concern. The Internet represents an insecure channel for exchanging
information, which leads to a high risk of intrusion or fraud, such as phishing, [viruses,
trojans, worms and more.

2.3.1.1Malwares
The term malware refers to malicious software (programs) designed with the intention to
affect the normal functionality by causing harm to the system, or with the intention of getting
unauthorized access to the system or denying access to legitimate users of computing
resources. A malware may be a virus, worm, Trojan horse.
Virus
A virus is a software code that may harm your system by overwriting or corrupting the
system files. A computer virus is similar in action to viruses in our body which replicate
themselves and affect body cells. The affected part is called the infected area. A computer
virus may make several copies of it by inserting its code onto the system programs, files or
boot sector of hard drives and thereby may corrupt them. This causes the system to slow
down or even stop functioning like boot sector virus, file infector virus, and macro virus.
Worm
A worm is often received via network, and it automatically keeps on creating several copies
of itself on the hard disk thereby flooding the hard disk. When a worm is received as an
email attachment, it is automatically forwarded to the recipients leading to network
congestion. Thus, a worm may crash the system and entire network. No host application is
required for worms to replicate themselves e.g. Code Red Worm which makes more than
2,50,000 copies of itself in approximately 9 hours.
Trojan Horse
Trojan Horse is a code that appears to be desirable and useful but ends up harming the
system.
Trojan horse can attach itself with a safe application. For example, it may be attached to
any game downloaded over the Internet. Such an application when executed creates a
backdoor in the system through which a hacker can access the system. The hacker can
monitor all the activity performed on the system. He can also control the infected system by
harming the data on the system. For example, in the late 1990s, Trojan Horse named Sub7
was created which took advantage of security flaws of earlier version browsers such as
Internet Explorer and Chrome to illegally access the host computer.
2.3.1.2 Eavesdropping
Eavesdropping is the act of secretly or stealthily listening to the private conversation or
communications of others without their consent. Eavesdropping is done through telephone
lines, cellular networks, email, and instant messaging.

2.3.1.3 Denial of Service

A denial-of-service attack (DoS attack) is a cyber-attack in which the machine or network
resource becomes unavailable to its users by temporarily or indefinitely disrupting servic es.
Denial of service is typically accomplished by flooding the targeted machine or resource
with superfluous requests to overload systems and prevent requests from being fulfilled. A
DoS attack is like a group of people crowding the entry door of a shop, making it hard for
legitimate customers to enter.

2.3.1.4 Phishing
Phishing refers to the act of stealing a user's personal information through fraud mails.
These emails eit4er entail personal information through embedded forms or contain links
to the web page that may prompt you to provide this information. Information attempted to
be stolen may include bank account number, debit/credit card number, passwords or any
other valuable data
2.3.1.5 Cyber Crime
Cybercrimes are the crimes related to the misuse of computers or the Internet such as theft,
fraud, and forgery. The IT act defines cybercrime as an unlawful act where in the computer
is either a tool or a target or both. Some of these crimes are mentioned below
 Cyber bullying
Harassment or bullying inflicted through the use of electronic or communication devices
such as computer, mobile phone, laptop, etc.
 Cyber stalking
Use of electronic communication by a person to follow a person or attempts to contact a
person to foster personal interaction repeatedly despite a clear indication of disinterest by
such person.
 Online Job Fraud
An attempt to defraud people who need employment by giving them a false hope/ promise
of better employment with higher wages.
 Vishing
To seek personal information like Customer ID, Net Banking password, ATM PIN, OTP,
Card expiry date, CVV etc. through a phone call.
 SMSing
Use of mobile phone text messages to lure victims into calling back on a fraudulent phone
number, visiting fraudulent websites or downloading malicious content via phone or web.
 SIM Swap Scam
Getting a new SIM card against a registered mobile number
 Credit card (or debit card) fraud
An unauthorized use of another's credit or debit card information for the purpose of
purchases or withdrawing funds from it.
 Identity theft
Dishonestly making use of the electronic signature, password or any other unique
identification feature of any other person.
 Spamming
Persuading a recipient to buy a product or service, or visit a website via email, SMS, MMS
where he can make purchases.
 Ransomware
The victim is asked to pay the demanded ransom to get his device decrypts.
2.3.2 Network Security Tools and Services
Since the Internet has emerged as a prime tool for sharing resources and accessing data,
an exponentially growing number of users are using it with both good and bad intentions.
Everyone accessing the Internet needs to be aware of the security issues and take
protective measures to address the same.
Network layer security

TCP/IP protocols may be secured with cryptographic methods and security protocol like
Secure Sockets Layer (SSL)

Firewalls

A firewall aims at protecting the internal network of an organization, home, or individual
from malicious traffic from external networks. A router or a computer (often dedicated to
serve as a firewall) may be installed between external network and internal network for this
purpose. Firewall inspects the network traffic and allows only that data to pass through the
network that does not violate the security constraint. Hardware firewalls in the form of a
router prevents malicious software from entering your network from outside the network.
However, software firewalls installed on personal computers prevent unauthorized access
or malwares from gaining access to personal computers. Network firewalls may also
encrypt the incoming data by converting it to non-readable format, thus, adding further
protection.
Antivirus
Anti-virus is software that aims to protect your system against malicious and potentially
unwanted programs. It is responsible for detecting these malicious programs by searching
for them, and removing them to keep the system protected. The software operates by
maintaining a database of malware definitions, which are automatically updated. It searches
for any malicious program by scanning the files against the stored malware definitions for
a match. In case of a match, they are declared as potentially harmful, and are disabled and
removed depending upon anti-virus software settings.

Password managers

A password manager is a software application that helps a user store and organize
passwords. Password managers usually store passwords encrypted, requiring the user to
create a master password; a single, ideally very strong password which grants the user
access to their entire password database from top to bottom
Cyber Law
Cyber laws are the laws for systematic use of e-resources, for example, e-business, and
serve as a measure against illegal cyber-crime. Various cyber laws have also been enacted
to prevent cyber-crimes and take action against those involved in such crimes. These laws
define the action that would be taken against people committing the offences. For cyber
security, an amendment in IT Act 2000 named Information Technology Amendment
Act,2008 was also introduced. The act also defines offences and penalties for cyber-crime.
Cyber police are responsible for detecting such crimes and taking the necessary measure
against it according to the IT Act.

2.3.3 Protective Measures while accessing Internet
Never click on a suspicious link specified on a web page or send through a mail for which
you are not sure about its authenticity.
Make sure that passwords are strong and are changed frequently. Passwords are the
means for authenticating users, thereby allowing access to networked systems. Weak
passwords have smaller length and use a small subset of possible characters, and thus,
are subjected to be cracked easily. One should also avoid setting obvious pas swords such
as names, mobile numbers, or date of birth. Passwords should be strong, having long length
and including characters such as numbers and punctuation signs.
Never disclose personal information such as date of birth, home address, personal phone
number, account details, passwords, credit and debit card details, work history details.
Report phishing issues to the concerned authorities or at cybercrime.gov.in. In case of
unsolicited mails, mark them as spam mails.
Security of the communication made over the Internet can be indicated by the security of
protocol being used. Secure Hypertext Transfer Protocol (HTTPs) is a secure version used
for communication between client and host on the Internet. So, ensure that all
communications are secure, especially online transactions. The security of the website can
be ensured if there is a padlock on the left side of the address bar. It indicates that the
website has a SSL (Secure Socket Layer) digital certificate issued by a trusted party which
ensures and proves the identity of the remote host.
 Ensure that the web browser being used for accessing the web is updated and is secure.
For example, chrome browser is up to date, if the security patch indicated by three dots on
top right corner are grey in color. Green, orange and red color security patches indicate that
browser update is available for two, four and seven days respectively.
Be selective while making friends on the social networking site. Do not send or accept
friendship requests from any unknown user. Also, trust the authenticity of a message only
if you are sure about its origin (sender).
Do not post any offensive content on social networking site as it may lead to a criminal
action against you.
Beware before spreading any kind of a rumor as it may be treated as a cyber-crime.
If someone is harassing or threatening you, take snapshot of it as a proof, and block the
person. Also, report the incident to the site administrator.
Use updated antivirus and firewall, secure browsing, and password management
techniques.
Make sure that the website address is properly spelled. Because there may be two
websites with almost the same name, one being a phishing website.
Delete cookies periodically. A cookie is a small piece of information about the client
browsing a website. On receiving a request from a client, the server records the client
information such as domain name and registration id on the server site in the form of a file
or a string. The server sends this cookie along with the response requested by the client.
At the client side, the browser stores this cookie received from the server in a directory
called cookie directory. By obtaining access to these cookies, hackers may gain
unauthorized access to these websites. Thus, cookies should be deleted occasionally along
with the temporary files stored on our system during web browsing.

Points to remember

A communication system consists of four components: sender, receiver, messages, and
channel.
A collection of interconnected nodes (electronic devices such as computers, printers, fax
machines, and telephones) which communicate by means of some channel from computer
network. Computer networks can be used as means of resource sharing and
communication.
A transmission medium refers to the channel of transmission through which data can be
transmitted from one node to another. a transmission medium can be categorized as guided
and unguided medium. u guided medium refers to the physical conductor such as twisted
pair, coaxial cable, and fiber optics. The unguided medium uses electro-magnetic waves
that do not require a physical conductor, for example, infrared, radio, microwave, and
satellite links.
The arrangement (also called layout) of nodes in a network is called network topology.
 In bus topology, there is a long cable, called backbone cable (or simply backbone), that
connects various nodes through a connector called tap.
In ring topology, all the devices are attached through a cable in the form of a ring.
In star topology, all the devices are connected to the central controller called hub.
In mesh topology, all nodes are connected with every other node in the network.
Tree topology is a combination of star and bus topology. Backbone cable in a bus topology
acts like the stem of the tree, and star networks (and even individual nodes) are connected
to the main backbone cable like the branches of a tree.
LAN stands for local area network. They are private networks and can span a radius of
up to 1Km. they are generally established within a building or campus.
Man stands for Metropolitan area network. it may be owned by a single organization or
by many individuals or organizations. These networks are used to establish links within a
city, and span an area of radius up to 50 Km.
Wan stands for Wide area network. Typically, a WAN spans a segment of about 1000
Km. they establish link within a country or continent
A repeater is used to restore the input signal to its original form, so that it can travel a
larger distance. It is also known as a digital regenerator.
A hub comprises several input/output (i/o) ports, each of which connects to a single cable
segment.
A bridge is a multiport device used for connecting two or more local area networks (LAN),
possibly operating at different speeds.
Switches are used to connect individual nodes in the network with each other.
Routers are used for connecting various networks with each other. a router transmits data
from an incoming network to another network.
Gateway connects networks based on different protocol technologies to communicate
with each other.
A wide network of networks is known as the internet. It has made it possible to exchange
information and communicate with remote nodes.
A network protocol defines the rules and conventions of communication that must be
followed when two devices interact with each other. it specifies what should be
communicated, and how and when communication should take place.
An email may be written text and may include multimedia attachment. Sender of the e-
mail may send it to one or more intended recipients. sending and receiving of m ails can
take place through web-based email applications.
FTP is a File transfer Protocol used for transferring files from one machine to another.
Telnet stands for terminal network. It is a client server-based application that allows the
user working on one system to login and access a remote system.
World Wide Web (WWW), commonly known as web, is a repository of information on
machines spread all over the internet and linked to each other.
A web page may contain text, images, audio, videos, and information for linking the web
pages in the form of hyperlinks.
The TCP/IP (transmission control Protocol/internet Protocol) is the glue which holds the
internet and WWW (collection of servers where information is stored) together.
 A MAC (Media Access Control) address is a unique 12 digit (6 digits for manufacturer
code and 6 digits for serial number) hexadecimal number assigned to each NIC. MAC
address of an NIC never changes.
An IP (Internet Protocol) address is a unique 4-digit hexadecimal number assigned to
each node on a network.
Domain Name is a name assigned to a server through Domain Name System (DNS). A
domain name usually has more than one parts: top level domain name or primary domain
name and sub-domain name(s).
Domain Name Resolution is the process of getting corresponding IP address from
a domain name.
The term malware refers to malicious software (programs) designed with the intention to
affect the normal functionality by causing harm to the system, or with the intention of getting
unauthorized access to the system or denying access to legitimate users of computing
resources.
A virus is a software code that may harm your system by overwriting or corrupting the
system files. a computer virus may make several copies of it by inserting its code onto the
system programs, files or boot sector of hard drives and thereby may corrupt them.
A worm is a malware often received via network, and it automatically keeps on creating
several copies of itself on the hard disk thereby flooding the hard disk.
A Trojan horse is a code that appears to be desirable and useful but ends up harming the
system. A Trojan horse can attach itself with a safe application. Such an application when
executed creates a backdoor in the system through which a hacker can access the system.
Spams are the unwanted electronic mails, generally sent in bulk over the internet to
recipients. Such undesirable mails are generally commercial mails sent for advertisement
purpose. However, they may contain links to phishing sites that attempt to steal user
information or link to sites that contain malware or infected files.
Phishing refers to the act of stealing user’s personal information through fraud mails.
These mails either entail personal information through embedded forms or contain links to
the web page that may prompt you to provide this information.
Hacking may be described as having unauthorized access to someone’s computer or
computer network for stealing resources such as passwords or confidential files or causing
harm to the network or system.
Anti-virus is software that aims to protect your system against malicious and potentially
unwanted programs. it is responsible for detecting these malicious programs by searching
for them and removing them to keep the system protected.
A firewall aims at protecting the internal network of an organization, home, or individual
from malicious traffic from external networks. a router or a computer (often dedicated to
serve as a firewall) may be installed between external network and internal network for this
purpose.
Cybercrimes are the crimes related to the misuse of computers or the internet such as
theft, fraud, forgery. The IT Act defines cybercrime as an unlawful act where in the computer
is either a tool or a target or both. u cyber laws are the laws for systematic use of e-
resources, for example, e-business, and serve as a measure against illegal cyber-crime.
 Social network refers to the network of people interacting and sharing information such
as their views, photographs, videos and any other information.
Digital literacy refers to raising knowledge and awareness about technology such as
desktop computers, smartphones, tablets, and other electronic gadgets. It also includes
familiarity with software tools and the internet.

Exercises
1. Give the full form of following terms:
(a) ARPANET
(b) LAN
(c) MAN
(d) WAN
(e) WWW
(f) TELNET

2. Differentiate between the following:
(a) Bus and Star Topology
(b) Star and Tree Topology
(c) Star and Mesh Topology
(d) Ring and Bus Topology
(e) LAN and WAN
(f) LAN and MAN
(g) MAN and WAN
(h) Internet and WWW

3. What is the purpose of network devices? Explain following network devices.
(a) Bridge
(b) Router
(c) Repeater
(d) Switch

4. Which of the following listed acts are cyber-crimes?
(a) Copying data from someone’s computer without his permission.
(b) Stealing someone’s device.
(c) Accessing one’s bank account for carrying online transactions.
(d) Modifying the official documents without permission.
(e) Creating a fake identity and posting on someone’s behalf.
(f) Sending friend request to someone on a social networking site.
5. What is the difference between Email and Chat?
6. What are cookies?
7. Differentiate between firewall and antivirus. How both contribute to the security of the
system?
8. Define protocol.
9. Explain TCP/IP Model.
10. What is the significance of cyber law?
11. How is TELNET used for remote login?
12. List the various security issues concerned with using the Internet. Explain each of
them
by giving proper examples.
13. List various protective measures that can be taken for network security.
14. Define cybercrime and cyber law.
15. Define Digital Literacy.