Cyber security can simply be defined as the protection of computer systems from the damage or theft to the software, hardware, the information they contain, and also from misdirection or disruption of the services they provide.
It incorporates protecting against the harm that may come through network access and control physical access to the hardware, data and code injection, and due to malpractice by operators, regardless of whether it is accidental, intentional, or due to them being deceived into deviating from secure procedures.
The cyber security field is of growing significance because of the expanding reliance on the Internet and computer systems in the society at large, wireless networks such as Wi-Fi and Bluetooth and the growth of smart devices, which includes televisions, smartphones, and tiny devices as part of the IoT (Internet of Things).
Vulnerabilities and Attacks
Vulnerability in basic terms means system susceptibility to flaws. To secure a PC, it is imperative to understand the threats and attacks that can be made against the system and these types of threats can be classified into the following categories below:
Denial-Of-Service Attack
This type of attack is designed to make a network resource or machine unavailable to its intended users. Individual victims can be denied service by attackers, such as by intentionally entering a wrong password repeatedly enough to cause the recipient’s account to be locked, or by overloading the capabilities of a network or machine and block all users within the blinking of an eye. When a network attack originates from a single IP address, it can be blocked by installing a new firewall rule. Several forms of Distributed denial-of-service (DDoS) attacks are possible. In this case, the attack originates from multiple points and defending in this kind of situation is much more difficult. This form of attacks can arise from the zombie computers of a botnet, and also a range of other possible techniques including amplification and reflection attacks, where innocent systems are tricked into sending huge traffic to the victim.
Backdoors
A backdoor in a cryptosystem, computer system, or an algorithm, is any hidden method of bypassing security controls or normal authentication. They may exist for various reasons, which includes by poor configuration or from the original design. They might have been included by an attacker for malicious reasons or an authorized party to permit some legitimate access; but irrespective of the motives behind their existence, they create a degree of vulnerability.
Privilege Escalation
This describes a situation where an intruder or attacker with some degree of restricted access is able to elevate their access or privileges or without authorization. For instance, a standard PC user may be able to deceive the system into giving them access to confined data; or even to have full unhindered access to a system.
Eavesdropping
This is the act of cautiously listening to a private conversation, commonly between different hosts on a network. For example, programs such as NarusInsight and Carnivore have been utilized by the NSA and FBI to eavesdrop on the systems of ISPs (Internet Service Provider). Even devices that operate as a closed system with no interaction with the outside world can be eavesdropped upon through observing the faint EM (electro-magnetic) transmissions produced by the hardware.
Ransomware
Ransomware is a highly spread threat these days. It encrypts all or the important document in the computer and ask for the ransom to provide a decryption key to recover the data. Recent WannaCry Cyber attack is the one of the example of it.
Cyber Security and the Networked World
A lot of people see the developing nature of the internet of things in a few ways. They either consider it as the world where actually every individual, thing, and place can literally converse with one other through wireless connectivity and sensors, and see this as an enormous help for mankind.
Other individuals see this same world as being very terrible, and raising huge issues in terms of security and privacy, and do not believe it will ever truly happen. Computer security is a core issue in all walks of life utilizing computers. Presently, most electronic gadgets such as laptops, desktop computers, and cell phones are produced by default with built-in firewall security software, yet regardless of this, computers are not totally dependable and accurate to protect our data. In any case, computers can be secured through well-built hardware and software. By possessing solid internal interactions of properties, security failure and software crash can be prevented by software complexity.
There are various ways of hacking into computers. It can be done through clicking into unknown links, a network system, downloading software and files from unsafe sites, connecting to unfamiliar Wi-Fi, electromagnetic radiation waves, power consumption, and much more. Here are some fields where cyber security affects in a colossal proportion.
Aviation
This technologically-driven industry is extremely reliant on a combination of complex systems which could be prone to attacks. A basic power outage at an airport can cause devastating repercussions worldwide in the light of the fact that a significant part of the system relies on radio transmissions which could be affected and controlling airplanes over oceans.
The outcome of a successful attack can be so devastating thereby resulting into loss of confidentiality and system integrity which may even lead to more genuine concerns such as network and air traffic control outages, infiltration of data, which in turn can lead closures to loss of aircraft, airport closure, loss of passenger life, damages to transportation infrastructure and on the ground. For instance, a well mapped-out and successful attack on a military aviation system in charge of ammunition could have even more disastrous consequences.
Government
Military computer systems and government are usually attacked by foreign powers and activists. Regional and local government infrastructure such as police and intelligence agency communications, student records, traffic light controls, personnel records, and financial systems are likewise potential targets as they are now all largely depend on computers for data security and information database. Government ID cards and passports that control access to offices and facilities which use Radio Frequency Identification (RFID) can be susceptible and vulnerable to cloning.
Consumer Devices
Laptops and desktop computers are generally infected with malware either to gather financial account information or passwords or to attack another target by constructing a botnet. Tablet computers, smartphones, smart watches, and other mobile devices such as activity trackers have also become targets and most of these devices have sensors such as microphones, cameras, GPS receivers, and accelerometers, and compasses which could be exploited to gather personal information including sensitive health data. Bluetooth, Wi-Fi, and cell phone networks on any of these electronic devices could be utilized as attack sensors and vectors and can be remotely actuated after a successful breach.
Automobiles
In the light of the fact that access is gained to an automobile’s internal controller area network, it is conceivable to deactivate the brakes and control the steering wheel. Cruise control, computerized engine timing, anti-lock brakes, door locks, seat belt tensioners, advanced driver assistance systems and airbags make these alterations possible and these disruptions can go even further in automatic self-driving cars. Cars that are connected may use Bluetooth and Wi-Fi in communicating with onboard consumer devices, and the cell phone network to contact emergency assistance services, or get entertainment and navigational information. All of these aforementioned networks are a potential entry point for an attacker and malware. In 2011, researchers were even able to carry out a successful attack by utilizing a compact disc in a car’s stereo system as an attack vector, and cars with remote assistance features or built-in voice recognition have onboard microphones which could be utilized for eavesdropping.
Medical Systems
Most medical devices had potentially deadly vulnerabilities demonstrated or have been successfully attacked, and these attacked devices include both implanted devices and in-hospital diagnostic equipment such as insulin pumps and pacemakers. There are several reports of hospital organizations and hospitals getting hacked, including Windows XP exploits, ransom ware attacks, viruses, and data breaches of sensitive data securely saved on hospital servers.
Physical Vulnerabilities and Internet of Things
The Internet of Things (IoT) is the network associated with physical objects such as vehicles, devices, and buildings that are implanted with software, devices, network connectivity and sensors that allow them to exchange and collect data. Concerns have been raised that IoT is being developed without any consideration of the security challenges.
While the IoT opens a door of opportunities for more direct integration of the computer-based systems into the physical world, it also creates opportunities for abuse and misuse. As the IoT spreads its tentacles everywhere, cyber attacks are more likely to become a physical phenomenon rather than a virtual simple threat. If the home front door’s lock has Internet connectivity and can be unlocked or locked from a phone, then a burglar could enter the house at the press of a button from a hacked or stolen phone. Individuals could stand to lose invaluable things than their credit card numbers in an IoT-controlled world. Criminals have also utilized electronic means to outsmart hotel door locks not connected to the Internet.
Effect of Security Breaches
Security breaches have caused genuine financial damages. But because no standard model exists for evaluating the cost of a cyber-related incident, the only information accessible is that which is publicized by the affected organizations. Several consulting firms for computer security produce estimates of total losses worldwide attributable to worm and virus attacks and to hostile digital acts generally. As at 2003, the loss estimated by these firms for worms and viruses attacks only is around 13 billion US dollars and 226 billion US dollars for all forms of cyber attacks.
However, rational investment decisions can be made by the organizations from the estimates of the financial cost of cyber/security breaches. According to an online research body, the amount a firm spends to protect data should generally be only a small segment of the expected loss resulting from a cyber breach.
Computer Countermeasure and Protection
In the world of computer security, a countermeasure is an action, technique, procedure, or device that decreases vulnerability, threat, or an attack by minimizing the harm it can cause, discovering and reporting, eliminating or preventing it so that proper corrective action can be taken against such threats and vulnerability. Computer security is the conceptual idea achieved by utilizing the following processes: threat prevention, detection, and response. These aforementioned processes are based on system components and various policies.
Firewalls are the most popular prevention systems from the perspective of network security as they can repel access to internal network services if properly configured, and block specific forms of attacks through packet filtering. Firewalls can be both software or hardware-based.
Network attacks can be detected by certain system products called Intrusion Detection System (IDS) products. These devices also detect in-progress attacks and help in post-attack forensics, while logs and audit trails perform the same function for individual systems.
The response is defined by the evaluated security requisites of an individual system and ranges from the basic upgrade of protections to counter-attacks, notification of legal authorities, and the like. In some special cases, sheer destruction of the compromised system is beneficial, as it may occur that not all the compromised items are detected.
Presently, computer security mainly comprises of preventive measures, like an exit procedure firewalls. A firewall is a way of filtering network data between a network and a host and another network, like the Internet, and can be utilized as software running on the machine, to provide real-time filtering and blocking. A physical firewall is another implementation which comprises of a separate machine that filters network traffic. Firewalls are very common amidst machines that are connected to the Internet permanently.
With tons of threats faced in the present world filled with cyber activities, sophisticated security practices need to be utilized by both businesses and individuals. The measures and practices utilized are those that offer defense against cyber challenges and attacks and thwarts the impact of an attack.
