What is Cybersecurity?
Before we move to the significant concern of this blog, let’s digest some basic information about cyber security. Cybersecurity is the technological process through which devices and websites are of utmost importance incur cybersecurity measures to protect what has become the cornerstone of our lives - data. One of the best ways to understand the nuances of cybersecurity is through the CIA triad where C stands for Confidentiality, I for Integrity, and A for Availability. When we talk about confidentiality, we are referring to a state of accessing the information only by a specific group of users. This is usually applicable in organizations and institutions such as the Indian defense forces etc. Integrity bestows this specific group of people the right to modify, edit or delete the information at hand. Availability implies that the system, the database framework, etc. should be developed in such a manner that they are readily available to be accessed. Cybersecurity is of utmost importance to prevent the technology skills for students from giving access to strangers of sensitive information and to surf the internet safely.
Common types of cyberattacks
Every cyberattack has a motive. It can be money-driven or could be about venegeance. In some cases, a cyberattack is disguised as a military tactic and sometimes, it is more of political maneuvering. On a whole, cyberattacks can come with great cost. So, it’s of utmost importance to incorporate the types of attacks and the forms in which they come to the doorstep of your system as one of the technology skills for students.
There are basically five types of attacks - Distributed denial of service or DDoS, man in the middle, e-mail attacks, password attack and malware attack. Let’s understand each one of them in great detail.
Distributed Denial of Service or DDoS
Aint able to access a website? Internet traffic? Well, sometimes, internet traffic is artificially created. A website has a botnet controller controls all the bots that are under it. The hacker sends a signal to this botnet controller commanding all the bots to attack a server or a website so that it will be flooded. The moment you ain’t able to access a website, the hacker considers himself successful. This is a type of cyberattck known as distributed denial of service or DDoS.
Man in the Middle
Suppose you want to do an online transaction and you connect to your bank and make the payment. Now, while you are completing the transaction, you have to put in credit card details and the CVV. At that very jiffy, the hacker can spoof you and monitor your transaction. As soon as you put in your details, they will be visible to the hacker. This paves way to a financial fraud and can be termed as the “man in the middle”.
Password attack
A password attack is done to crack a password. A password attack can of five types:
Rainbow table - Remember the log table that you use for Physics or Chemistry numericals in school? Rainbow tables are similar to log tables in the sense that they display precomputed hash values that can be used to crack a password.
Keylogger - A keylogger is used to record the keystrokes on a keyboard. Your account details and password can easily be fetched using a keylogger.
Dictionary attack - Under this method, every possible password is entered through a dictionary.
Brute force - The minimum number of attempts to login a profile or initiate a transaction do not exist here. You try to enter every password in this trial and error method making it very time-consuming.
Shoulder surfing - Commonly happening in cybercafes and other public places, here the hacker overlooks your keyboard from your shoulder to catch a glimpse of passwords and account details.
E-mail attack
E-mail attacks can be branched out into three categories:
Phishing: The attacker sends bait, often in the form of an email. It encourages people to share their details. If someone is a customer of ABC bank, he would probably open the link and give the details. But these kinds of e-mails are always phishing; banks do not send e-mails like this.
Spoofing: The attacker pretends to be another person or organization and sends you an e-mail stating that it is a legitimate e-mail. Always ask the person from whom you received the e-mail one more time to confirm that he is the right person.
Email attachments: Under this attack, the hacker sends you an e-mail with an attached file. Once you download these attachments, your entire system is hacked.
Malware Attack
A malware is a malicious program or software that disrupts or damages the computer. They are of three types - virus, worms and Trojan horse. They end up at your system via a removable media device such a pendrive or a CD, from document files, from online downloads, from unsecured network connections, from e-mail attachments as well as from malicious advertisements.
In order to prevent your system from being a victim of cyberattack, make sure that you don’t click on any fishy link, download any illegitimate attachments or advertisements. Furthermore, you can enable the Windows Defense Firewall to prevent any susceptible virus or threat from entering your system. A majority of users are nowadays opting for antivurus programs that help in identifying threats as soon as they try to enter the system. Take caution the next time you surf internet. So, this was all the basic information about cyber security that a student should know.
For more such insightful blogs, stay tuned to https://www.itscybertech.com/.
