What is cyber security?
Cyber security protects computers, mobile devices, electronic systems, data and networks, and servers from malicious attacks. It’s often referred to as information technology security or electronic data security. Cybersecurity measures, also known as information technology security, are designed to protect networked systems and applications against attacks that emanate within or outside of a firm.
There are several reasons for cyber assaults. The first is money. Cyber attackers might take a system offline and request cash to reactivate it. Ransomware, a type of assault that demands money to restore services, is more complex than ever.
Individuals are also targets of cyber assaults frequently because they keep confidential material on personal mobile phones and utilise unsecured public networks.
Check out our free courses related to software development.
What are some kinds of cyber threats?
Despite the efforts of cybersecurity experts to plug security breaches, attackers are always seeking new ways to avoid detection by IT, dodge protection measures, and exploit developing vulnerabilities. The most recent cybersecurity risks are reinventing “well-known” vulnerabilities by using work-from-home setups, remote access technologies, and new cloud services. Some common cyber threats are:
1. Malware
Malware refers to harmful software types such as worms, viruses, Trojans, and spyware that allow unauthorised access to a computer or cause damage to it. In addition, malware assaults are becoming increasingly “fileless,” designed to avoid detection measures such as antivirus software, which searches for harmful file attachments.
2. Denial of Service (DoS)
A denial of service (DoS) assault overloads a computer or network, rendering it unable to respond to requests. A distributed denial of service (DDoS) assault does the same effect, except the attack begins on a computer network. Cyber attackers frequently use a flood attack to interrupt the “handshake” procedure and carry out a DoS. Some cyber attackers may take advantage of the opportunity when a network is down to launch other assaults.
3. Ransomware
Ransomware is a virus that encrypts files, data, or computers and threatens to wipe or destroy the data if a ransom is not paid to designated cybercriminals. Ransomware attacks have also affected state and municipal governments, which are easier to infiltrate than companies and are under stress to pay ransoms to restore critical programmes and websites used by residents.
4. Phishing
Phishing happens when scammers send emails that appear to be from a legitimate company and ask victims for personal information. Phishing attacks are commonly used to dupe people into supplying credit card information and other sensitive information.
5. Advanced Persistent Threats (APTs)
An APT occurs when an intruder or group of intruders infiltrates a system and remains undiscovered for an extended period. The intruder leaves networks and systems untouched, allowing the intruder to snoop on corporate activities and steal valuable data without triggering defensive countermeasures. An example of an APT is the recent Solar Winds penetration of US federal computers.
6. SQL Injection
SQL or structured language query injection is a type of cyber-attack used to obtain access to and extract data from a database. Using a fraudulent SQL query, cybercriminals exploit weaknesses in data-driven applications to implant malware into a database. This allows them access to the database’s sensitive information.
7. Corporate Account Takeover (CATO)
It is a business theft where the thieves impersonate the business and attempt to send unauthorised wire and transactions. Moreover, these unauthorised accounts are further sent to the cyber criminal’s account.
Businesses and institutions having weak online payment/ banking options are prone to the CATO attack. Cybercriminals could use malware, emails, or any other means to corrupt the computer. This is one of the types of attacks in cyber security which is prone to many and individuals/ organisations must be vigilant in their work.
8. Automated Teller Machine (ATM) Cash Out
This signifies a large withdrawal of cash at one time or a simultaneous withdrawal of cash several times in various regions.
This affects small to medium-sized businesses a lot. Cybercriminals have the power to change the ATM control panels. They have the ability to change the ATM’s dispense function control to unlimited operations.
The unlimited withdrawal setting enables cash withdrawal from the user’s account balance and beyond the withdrawal limit. Usually, criminals use the credentials of stolen cards to initiate fraud.
9. Man-in-the-middle attack (MitM)
While accessing a remote server, a user thinks that they are communicating with the target server. On the contrary, in a MitM attack, the attacker places themselves between the user and the target server.
Once the attacker has established themself between the user and the target server, they are able to gain information that is sensitive. Misuse of the acquired information and credentials becomes easy for the attacker to exploit.
Some of the types of cyber security attacks of MitM include –
- Session hijacking
- Replay attack
- Eavesdropping attack
- IP spoofing
- Bluetooth attacks
10. Password attacks
The attackers can sniff, or guess a password to break into the system. The attackers can guess a password in any random or systematic way.
Some of the password attacks include the following –
- Brute-force password guessing- Use software to try various combinations of passwords.
- Dictionary attack – A dictionary of common passwords is used to gain access to the computer and victim.
- Pass-the-hash attack- The attacker exploits the authentication protocol and gains access to the password hash and then it passes through to the authentication system.
- Golden ticket attack- On Kerberos (Windows AD) system, the attacker uses the stolen password hash access to the key distribution centre. The attackers do this to forge a ticket-granting-ticket (TGT) hash.
Some of the other types of network attacks inlcude –
- Unauthorised access
- Insider threats
- Endpoint attacks
- Advanced persistent threats
- Code and SQL injection attacks
- Privilege escalation
Enroll in Software Engineering Courses from the World’s top Universities. Earn Executive PG Programs, Advanced Certificate Programs, or Masters Programs to fast-track your career.
What are some types of cyber security measures?
a) Information Security
Information security, or InfoSec, prevents unauthorised access, interruption, disclosure, abuse, alteration, inspection, deletion, recording, or manipulation of sensitive data or information. Information security is often constructed around three goals: CIA (confidentiality, integrity, and availability). It strives to safeguard both physical and digital data in any form.
b) Cloud Security
Cloud security refers to the technologies, solutions, controls, and policies meant to protect cloud data, infrastructure, cybersecurity threats and attacks. By continually securing and evaluating the data in the cloud, it helps to eliminate any risks connected with on-premises threats.
c) Application Security
Application security employs software and technology to protect and secure applications from dangers that may arise during the development stage. Examples include firewalls, antivirus software, encryption, and other application security.
d) Network Security
While cyber security is concerned with external threats, network security protects your internal networks against unauthorised infiltration with malicious intent. Network security safeguards internal networks by securing the infrastructure and restricting its access.
Security teams are increasingly employing machine learning to spot unusual traffic and send alerts in real-time to better manage network security monitoring. Network administrators continue to implement strict rules and processes to prevent unwanted network access, modification, and exploitation.
e) Data Loss Prevention
Data loss prevention is concerned with developing procedures and policies to avoid and handle data loss and recovery strategies as a countermeasure to successful cybersecurity breaches. Data loss prevention entails establishing network permissions and regulations for information storage.
f) Identity Management and Access Control
Identity management and access control are essential components of a security architecture because they govern access to company resources. This is an excellent security precaution to safeguard systems and data. It authenticates users before providing them access to systems and engaging in information exchange.
Types of Cyber Security Tools
- JOHN THE RIPPER
Experts use John the Ripper to evaluate the strength of passwords. This program can swiftly detect sophisticated cyphers, encrypted logins, hash-type passwords, and weak passwords, which can pose a significant danger to a secured system.
2. NIKTO
Nikto is accessible security software that detects online vulnerabilities and takes relevant action. The app provides a database with over 6400 distinct threats. Security specialists maintain this database up to date so that users may readily spot new vulnerabilities.
3. NMAP
Nmap, often known as Network Mapper, is a free network identification and security auditing application that professionals use to scan both single hosts and big networks. Its primary functions are detecting unknown devices and identifying network difficulties for testing security vulnerabilities.
4. SPLUNK
Splunk is a comprehensive computer system security programme used to monitor network security. The programme is used for real-time network analysis and historical threat data searches. It is an easy-to-use application with a unified user interface for capturing, indexing, and assembling data and generating real-time alerts, reports, dashboards, and graphs.
Explore Our Software Development Free Courses
Who are cyber threat sources?
While discussing various types of cybersecurity threats, knowing about different types of cybersecurity sources is also important. Some of the common sources of cybersecurity threats include-
- State-sponsored – A cybersecurity attack from the state can disrupt communications and halt military activities, normal day-to-day services, etc.
- Terrorists – The terrorists may attack the government or military targets, they may also target websites that are used by civilians.
- Industrial spies – Monetary theft is being carried out by organised crime and international corporate spies.
- Hacktivists – These individuals disrupt or hack a system for political or ideological reasons.
- Cyber espionage – This steals classified or sensitive intellectual data to gain a competitive advantage.
If you are looking for a course in cyber security, you have come to the right place. upGrad’s Advanced Certificate Programme in Cyber Security can propel your career in the right direction!
Key highlights of the course:
- You just need a Bachelor’s degree with a passing grade point average of 50% or above. There is no coding experience necessary.
- Student assistance is provided seven days a week, twenty-four hours a day.
- You will be able to pay in Easy Monthly Instalments.
- This course is specifically designed for working professionals.
- The students will get an IIT Bangalore Alumni Status.
- The course teaches you Cryptography, Data Secrecy, Network Security, Application security and a lot more!
Explore our Popular Software Engineering Courses
Conclusion
When it pertains to our privacy and security, we cannot afford to neglect it. It can be difficult to safeguard people and organisations from cyber dangers now that cyber attackers are becoming more sophisticated and consumers have more than one device. Recognising the reasons why establishing security measures is crucial for both the organisation as well as its clients. Different cybersecurity measures may be used to secure your company’s assets and essential information, depending on the type of your organisation. It’s an investment worth making.