Course Title: Cyber Security

Course Co-Ordinator: Dr Padmavathi Ganapathi

Professor-Department of Computer Science
Avinashilingam Institute for Home Science and
Higher Education for Women
(Deemed-to-be-University), Coimbatore
padmavathi.avinashilingam@gmail.com
9486772744

Content Reviewer : Dr V Rhymend Uthariaraj

Professor, Department of Information Technology
Madras Institute of Technology Campus,
Anna University, Chennai-600 044.
rhymend@annauniv.edu
+919444150081

CYBER SECURITY Week-1 E-Text

Week 1: Introduction to Cyber Security-Fundamentals of Cyber Space-Information
systems-Security Principles - Why Cyber Security is important?- Cyber security
Challenges.
e-text
Objectives
The objectives of the first week of the course are to:
• Introduce the users the fundamentals of cyber security
• Present about cyberspace
• Highlight the importance of cyber security, security principles, and Cyber Security
Challenges.
Learning outcomes
After studying this week, students will be able to:
i. Define and explain the concepts of Cyberspace
ii. Delineate the components of Cyberspace
iii. Compare Cyberspace with Internet
iv. Realize the importance of Information Systems in current technology world
v. Appreciate the importance of security in information systems
vi. Define Cyber Security
vii. Derive the important terminologies and differentiate between certain terms.
viii. Summarize the security rudiments through the incidents happened both at
National and International Level.
ix. Comprehend the cyber security challenges.
Brief outline and Structure
S.No Topic
1.1 What is Cyberspace? : An Introduction
1.2 The Origin of Cyberspace
1.3 Levels of Cyberspace
1.4 Components of Cyberspace
1.5 Cyber Domain Characteristics
1.6 Driving forces of Cyberspace

CYBER SECURITY Week-1 E-Text

 1.7 Advantages and Shortcomings of Cyberspace
1.8 What is Internet?
1.9 Comparing and Contrasting Internet with Cyberspace
1.10 Introduction to Cyber Security – What is Cyber Security?
1.11 Importance of Cyber Security
1.12 Common tools of Cyber Security
1.13 Key Elements of Cyber Security
1.14 Information Systems-an Introduction
1.15 Security of Information Systems
1.16 Factors Contributing to Insecure Information Systems
1.17 Protection of Information Systems and their Data
1.18 Issues in Information Systems
1.19 Security Requirements for Information Systems
1.20 Security Principles
1.21 Security Measures
1.22 Why Cyber Security is important?
1.23 Who are Hackers? What do they do generally?
1.24 Common ways of how a computer can become infected
1.25 Statistics on Cyber Attacks
1.26 Need for Security- A Technological View
1.27 Types of Cyber threats
1.28 Methods and Practices of Countering Cyber Attacks
1.29 Cyber Security Core Functions
1.30 Four Important Fundamentals of Security
1.31 Other essentials in securing the Computing systems
1.32 Cyber Security Challenges

CYBER SECURITY Week-1 E-Text

 1.1 What is Cyberspace? : An Introduction

We are all living in the digital era. All our daily activities either partially or totally depend
on digital devices or Internet. Every Organization whether it is government or non-
government and individuals rely on the usage of computer networks, systems and related
technologies. Most of our daily routines, including both personal and professional
activities, depend on digital devices connected through public and private networks and
the Internet.
Where do we operate, and which connects us? These are the major questions that most
of us raise when we think about the way we use Internet and other resources for
communication. The answer is: Cyber Space. Cyber Space is the virtual space that
connects all of us and enables the information exchange, necessary to support
interactions in the digital era. More specifically, Cyberspace can be defined as,

Definition

Cyberspace refers to the virtual space that provides the

infrastructure, electronic medium and related elements necessary
for online global communication.

Cyberspace is a virtual space technically created by human beings. It can be thought of

as the second life space where human beings operate for social interactions,
entertainment, business operations as well as for personal activities and interests.
Is it a Virtual environment or closely related to it?
"Cyberspace" no longer implies a virtual environment. However, the incorporation of
digital technology possess a large variety of competences like sensors, signals,
connections, transmissions, processors, and controllers that are necessary to create a
simulated interactive experience through Cyberspace. Simulated environments can also
be created in the Cyberspace for a virtual experience.
Cybernauts are those People who are actively engaged in Cyberspace for all their social
experience.

CYBER SECURITY Week-1 E-Text

 1.2 The Origin of Cyberspace

The term cyberspace is derived from the word cybernetics which in turn is extracted
from ancient Greek word kubernētēs, that refers to steersman or to give direction. Recent
years have seen a wide proliferation of context-dependent suffixes applied to cyber.
The term cyberspace first came into existence in various contexts in visual arts and
science fiction during 1940, 1960 and 1984. However, the first reference was made by
the founder of Electronic Frontier Foundation, in the year 1990 and later in 1991 by Mr.
Benedict, which is close to the existing relationship of computer and telecommunication
systems.

1.3 Levels of Cyberspace

Since Cyberspace is a common domain where everyone can operate and no one can
own or govern, there are many trespassing happening. Therefore, it is necessary to
understand the levels of Cyberspace.
Figure 1.1 depicts the levels of Cyberspace, namely
i. Core Cyberspace and
ii. Extended Cyberspace.

Core Cyberspace

Extended Cyberspace

Figure 1.1Two Levels of Cyberspace

1.3.1 The Core Cyberspace

Core cyberspace covers all electronic devices, the transmission medium or connecting
medium, the control codes, the operation codes, software used to handle them and finally
the data. This is the place where all of us operate.

CYBER SECURITY Week-1 E-Text

 1.3.2 The Extended Cyberspace

The extended Cyberspace covers everything that surrounds the core. Anybody can
access the core through this extended space. For example, an automated car or a smart
appliance operated through remote control, through this Cyberspace. That is, one gets
the control of core only through extended cyberspace.
Extended cyberspace is very attractive to new generation of intruders, including
government hackers for Cyber warfare. That is Cyberspace provides a battle space to
target government, business organizations or a Nation’s critical Infrastructure. It may
provide an informal access, if the security system is not in place. Whether Cyberspace is
attractive or not, it is all about how people choose to use it. Let us see the elements of
Cyberspace in the following section.
1.4 Components of Cyberspace
Cyberspace comprises 6 major elements as illustrated in Figure 1.2.
More specifically, the components of Cyberspace are:
i. Physical infrastructure and telecommunication devices
ii. Computer systems and related software
iii. Networks connecting computer systems and devices
iv. Network of Networks or Internet
v. User and intermediaries Access nodes
vi. Constituent Data

Physical Devices Computer and Software Data

Networks

Intermediaries

Network of Networks

Figure 1.2 Major Components of Cyberspace

CYBER SECURITY Week-1 E-Text

For example, if a person wants to send a message or picture to another person, he needs
the following: first of all, a device for him to send and for the other person to receive, a
network for connectivity, a software or protocol to facilitate the exchange, a space or a
global mechanism for seamless integration of all, the intermediate elements that do the
smooth transfer from one end to other end and finally what is being transferred that is -
data (message, picture, audio, video or a combination of all). The components of
Cyberspace can be arranged on different levels. The level on which cyberspace
operations are conducted is determined by three layers. Figure 1.3 shows the three layers
of cyberspace, namely
i) Physical Layer
ii) Logical Layer and,
iii) Cyber Personal Layer

Cyber Personal Layer

Logical Layer

Physical Layer

Figure 1.3 Layers of Cyberspace

Physical Layer: Comprises the components of physical and geographical network. It is
the means through which data travels.
Logical Layer: Contains network elements that are associated with each other which are
distant from the physical network. It also indicates the structure of connection of the
physical components.
Cyber Personal Layer: Involves the people actually present on the network.
1.5 Cyber Domain Characteristics
The significant characteristics of Cyber Domain are:
i. Connectivity
ii. Virtuality
iii. Expansion

CYBER SECURITY Week-1 E-Text

 iv. Ambiguity
v. Interactivity
Figure 1.4 shows all the main characteristics.

Major Characteristics of Cyber Domain

Connectivity Virtuality Expansion Ambiguity Interactivity

Figure 1.4 Cyber Domain Characteristics

i. Connectivity: As discussed earlier in section 1.4, Cyberspace interconnects a
wide range of physical systems. All these elements are not physically present
in one place but connected virtually in different places, but they appear as a
single entity from the user’s perception.
ii. Virtuality: Cyber Space is both unbound and virtual in nature. In other words,
Cyberspace does not exist in reality. Rather, it is an abstraction that can only
be realized virtually.
iii. Expansion: Since all communications take place within this virtual place
through various means and with different types of data, Cyberspace is growing
very fast. With the amount of data shared and used, as well as the number of
users sharing, the situation leads to data proliferation.
iv. Ambiguity: Due to its virtual nature, and lack of physical existence, with
absolutely no centralized controlling or monitoring mechanism, Cyberspace is
indistinctive and ambiguous in nature.
v. Interactivity: Though it is intangible in nature, all communications and data
sharing occur seamlessly through this medium. Cyberspace is fundamentally
interactive in nature.
Ultimately cyberspace provides collaborative and virtual space for a wide range of
participants. All the above five features make Cyberspace inherently uncertain and
complex.

CYBER SECURITY Week-1 E-Text

 1.6 Driving forces of Cyberspace

The factors that influence, or the driving forces of Cyberspace are time, space, anonymity,
asymmetry and efficiency. Figure 1.5 shows the driving forces, the key factors.

Efficiency
Time Space
The key efficiency
Vital and Interlinked with element in
irreplaceable time into a cyberspace is that
Action, preparation, complex simultaneous
realization takes time tapestry actions in different
In cyberspace, The Initiation dimensionalities are
actions occur in the of Cyber-attack performed by the
blink of an eye is from digital operators
battle space

Asymmetry Anonymity
Opponent's weak Cyberspace and its
point exploitation by operations are to be
claiming competitive identified
advantage in the
most optimal way Difficulty to detonate
the location of the
Asymmetrical warfare operator with their
opportunities are the identity found in
sources created by cyberspace
cyberspace

Figure 1.5 Cyberspace Driving Forces

1.7 Advantages and Shortcomings of Cyberspace
The advantages of cyberspace include
i. Informational resources
ii. Entertainment
iii. Social networking
The virtual library of information offers required information on any topic at any point of
time and cyberspace acts as the informational resource now-a-days. Entertainment and
social networking play a major role in cyberspace as the cyberspace has been evolving
as a great medium to connect people these days.
The disadvantages are due to this great medium of connectivity, as it leads to spamming,
theft of information and threats etc., as the cyberspace provides a platform for all criminal
activities also. Therefore, security is a major challenge.

CYBER SECURITY Week-1 E-Text

Generally, people confuse between Internet and Cyberspace. Are they one and the same
or different? Let us see.
1.8 What is Internet?
Internet is an inter-connected network. It comprises of a large number of world-wide
computers connected in a network to facilitate communication and data exchange.
Definition 1

It makes use of the TCP/IP protocol suite for data transmission and exchange
(Source: Webster Online Dictionary)

Definition 2

A universal system of interrelated computer networks that utilizes Internet

protocol suite (TCP/IP) to link worldwide devices is referred to as the Internet.
(Source: Wikipedia)

Definition 3

A wide variety of information and other communication related facilities in an

interconnected networks standardized using communication protocols is provided
by universal computer.(Source: Oxford Dictionary).

Therefore, Internet provides the technical platform for communication and actions through
well-defined standards of operations.
1.9 Comparing and Contrasting Internet and Cyberspace
Often, the terms Internet and cyberspace are used interchangeably and considered to be
the same in the meaning and usage. However, there are certain key differences between
Internet and Cyberspace.
The Internet links smaller or larger networks of computers, servers and other personal
devices that exist within the scope of Internet.
However, Cyberspace is a symbolic and figurative space that exists within the Internet
and supports a multitude of business, government and social interactions through
information exchange.
Nature of cyberspace: Cyberspace derives more from the decisions made at the cognitive
level rather than through the operation of physical systems.

CYBER SECURITY Week-1 E-Text

The design of the Internet results in a cyberspace that is built out of components and
provides services designed to form more complex services.
Data exchanged in Cyberspace can be in the form of text, audio, video and image.
Internet is a 50-year-old technology. Starting with the military applications, it was widely
used as a tool by the academicians and researchers to exchange data easily.
After digital communication revolution, introduction of TCP/IP protocol, Domain Name
System (DNS) and Addressing methods made the Internet available to all devices and all
types of users.
Due to privatization and commercialization, Internet started developing rapidly. Rather,
Internet simplified the operations of the organization by killing the distance.
Therefore, Cyberspace and Internet vary in terms of their meaning, definition and
operations.
The term cyberspace has led to the introduction of other words like, cyber security,
cybercrime, Cyberwarfare, cyber terrorism and cyber espionage.
Initially the terms cyberspace and cyber security were used widely in the academic circle.
1.10 Introduction to Cyber Security - Definition

Cyber security refers to the actions which are taken inorder to prevent the computer
systems or the Internet from unauthorized access or against attacks.(Source:
Webster online Dictionary)

It is also referred to process of protecting devices or electronic data from unauthorized

access. (Source: Oxford Dictionary)
Cyber Security also refers to the measures taken against data thefts or protect the
computer systems from damages such as hardware, software or information, as well as
from interruption or deception of various computer services. (source: Wikipedia)

Definition 1

Cyber Security includes techniques that protect computers, networks, programs and
data from illegal access or outbreaks that may be misused.

Definition 2

Cyber Security is a technology framework that consists of various procedures and

operations intended to defend networks, computers, programs and data from
outbreak, damage or illegal access.

CYBER SECURITY Week-1 E-Text

 Definition 3

Cyber Security involves a wide range of practices in protecting the integrity of

networks, programs and data from various attacks, harm or unintended access.

Definition 4

Cyber Security refers to protection of computer resources or information from theft ,

compromise or confront using deterrent measures through a consideration of
possible information threats, like malwares and other malevolent codes. Identity
management, risk management and incident management are some of the
common cyber security strategies in practice.

1.11 Importance of Cyber Security

Some of the remarkable significance of Cyber Security are:
• It endeavors to safeguard that the security properties are realized and maintained
by the Organization.
• User’s assets are protected against various cyber security risks and remain intact.
• The importance of ensuring protection from attacks, damage and authorized
access on networks, computers and programs is equivalent to daily routine
operations of an organization.
• Helping to understand the current trends in IT and develop effective solutions.
• Reducing vulnerability in information and ICT systems and networks.
• Enforcing integrity, confidentiality and availability.
1.12 Common Tools of Cyber Security
With the understanding based on the discussions made so far, the Common tools used
for cyber security may be listed as:
• Passwords
• Anti-virus/Anti-malware Software
• Software patches
• Firewalls
• Two-factor Authentication
• Encryption

CYBER SECURITY Week-1 E-Text

Figure 1.6 shows the common tools used

Passwords

Anti-Virus/ Anti-Malware Software

Software Patches

Common tools
Firewalls
used to
prevent Data Authentication
Leakage
Encryption

Figure 1.6Standard Tools used for prevention of Data Leakage

1.13 Key Elements of Cyber Security
The key essentials of Cyber Security are:
i. Application Security
ii. Information Security
iii. Network Security
iv. Disaster Recovery
v. Operational Security and
vi. End-User Education
1.13.1 Application Security
Application security covers procedures or actions that can be taken care of throughout
various stages in the development life-cycle process of an application. This is to ensure
that the application is protected from threats and vulnerabilities that arises through faults
in the development of applications like, design, deployment, up-gradation or preservation.
Some of the basic techniques involved in ensuring security in applications are:
• Validating the Input parameters
• Authenticating and authorizing valid Users/Roles
• Managing Sessions, manipulating parameters and managing the exceptions
• Security Auditing and Log Analysis.

CYBER SECURITY Week-1 E-Text

 1.13.2 Information Security

The fortification of information from illegal access or information theft thereby preserving
the privacy is referred to as the Information Security. Some of the common practices that
provides Information security are:
• Identification, validation and authorization of users
• Cryptography.
1.13.3 Network Security
The process of ensuring the usability, consistency, truthfulness and security of the
network is referred to as the Network security. Large number of threats are recognized
and stopped from further spreading or entering into the network system through an
Effective network security strategy. Network security compromises of the following
components:
• Anti-virus and anti-spyware
• Firewall, identifies and blocks any unauthorized network access
• Intrusion Detection system (IDS) automatically detects Network Intrusions and
Intrusion Prevention Systems (IPS) that identifies destructive threats, like zero-day
or zero-hour attacks
• Virtual Private Networks (VPNs) provides safe remote access.
1.13.4 Disaster Recovery
A development process that is used to assess various types of risks and establish
different priorities thereby evolving disaster recover strategies is known as Disaster
recovery. Every organizations must develop proper disaster recovery strategies to protect
their business-related activities from damage. Rather, they should take pro-active
measures to handle disasters because information is a major asset of an Organization.
1.13.5 Operational Security
Very stubborn or stringent measures must be taken as far as operational level security is
concerned especially in a complete automated environment. Of all the risks, it is really
difficult to fix the operational risks in an organization when data leakages or security
breaches happen.

CYBER SECURITY Week-1 E-Text

 1.13.6 End-User Education

The most essential and viable solution is end user education. Most of the security
incidents happen only because of lack of knowledge on the handling side of the users.
Many incidents happen without realizing the significance of certain activities.
Of all the above, end-user education is very important for an organization to avoid
unnecessary incidents against security.
Why Cyber Security is a challenge in Today’s Digital era?
Dependence on technology is more and the dependency has made it more vulnerable to
compromise. Cyber Security problems are identified in technologies provoking cyber-
attacks easier and more dangerous. The main problem addressed are being ignorant
about the role of cyber security and the complex situations imbibing various past and
current technologies.
What are the cyber security questions?
The questions to be addressed on securing the operations in cyberspace are
i. From what to protect?
ii. What to protect?
iii. How to protect?
The main focus is on the first question. The main concern on this aspect is on Deciding
on what or from what, to mainly protect, and how to operate strongly during system
failures.
Addressing the second question is on the possible threats and the threats are analysed
for further detection in future.
The third question addresses the object’s security assurance from threatening factors
through measures and procedures of implementation.
Cyber security has a significant importance in the current world of digital technologies as
most people make use of Internet for their daily activities. This replaces the mechanical
process with the use of software. The global usage of Internet has also authorized
individuals to unleash unique levels of innovation, creativity, and has also created new
markets unruling old ones. As Internet is used world-wide it suffers from various security
challenges and issues of which most of them help in improving the emergence of cyber

CYBER SECURITY Week-1 E-Text

security practices. The major challenge that exists in cyberspace is the anonymity, as it
creates security breaches and complexity between individuals and government
legislations.
1.14 Information Systems-an Introduction
All automated and semi-automated systems span around Information as Information is
the major resource of an Organization. No organization can survive today in the digital
era without a proper Information system in place. An Information system contains details
regarding software, hardware, data, people and procedures. Sometimes processes and
essential system elements like environment, boundary, purpose, and interactions that
surround are also considered as part of an Information System. Organizations are highly
influenced by Information systems to do their business in a modernized way.
1.14.1 Fundamental Concepts of Information Systems
An information system (IS) is an organized system for collecting, organizing, storing and
communicating with the information. Here the organizations that use Information system
do data collection, filtration, processing, creation and distribution in complementary
networks. In other words,
o Information systems capture both internal data and external data of the organization
and its environment.
o IS Stores the database items over an extensive period of time.
o Based on the user’s need for specific information, the suitable data items are
deployed as necessary.
o The output from the information system varies on its type and may be displayed in
the form of query response, decision outcome, expert-system advice, transaction
document, or a report.
The organization practice provides the established and accepted procedures for
collecting, storing, manipulating, and accessing data and the formal information systems
follow in order to obtain information. The transformation of data into knowledge is the
main role of information systems. With respect to technological evolution, the information
systems became the backbone of the organization to support decision making and
provide value to the organization. The most important challenge the organizations face in
today’s digital era is security.

CYBER SECURITY Week-1 E-Text

 1.15 Security of Information Systems

The security of information systems depends on the process and the methodologies
applied for keeping the information confidential, available, assuring integrity. The security
is provided by access controls, protection methods and detection with remediation by
documenting the events. Information system security deals with all forms of data
protection.
1.16 Contributing Factors for Insecure Information Systems
As already mentioned, information system is the integral component of any organization.
The information systems function properly, relying on individuals, companies, and
governments. A devastating situation may arise due to loss of data. The factors that are
threatening the security of information systems are:
- Lack of awareness
- Wide-open Internet access
- Network traffic
• Lack of Awareness
It is very essential to be aware of various security issues as Information Systems are
more prone to frequent attacks and sophisticated threats. Hence, Information systems
must be examined regularly and frequently to identify the primary intrusions challenging
their security. If one lacks this awareness of recognizing a threat or vulnerability or risk or
any other weakness in the system, then Information Systems will face major challenges
causing damages to the resources stored in it.
• Wide-open Internet Access
Internet is an open medium and Users are connected without any geographical and
physical barriers. Wide-open Internet access throughs the problem of Information
Security compromising confidentiality, integrity and availability of shared information.
• Network traffic
Network traffic refers to the amount of data or information passing across a network at a
particular time. As these data are encapsulated in network packets, it loads the network
resulting in the poor quality of providing network services. A network traffic in an
Information System can be any of the following

CYBER SECURITY Week-1 E-Text

 - busy/heavy traffic
- non-real-time traffic
- interactive traffic
- or latency-sensitive traffic.
Figure 1.7 shows the factors that threatens the Information Systems Security.

Lack of
Awareness

Insecure
Information
Systems

Wide-open Internet
Network Traffic
access

Figure 1.7 Factors threatening the security of Information Systems

1.17 Protection of Information Systems and its Data

Information is the important asset of an organization and failing to realize the data value
leads to loss of data and security breach in information systems. Mostly, policies,
procedures and controls are used to enforce the protection of information systems and
data. Policies and procedures help in implementing the standards of organization. Internal
controls provide a basis for the protection of information systems and data. The internal
control methods provide plan for the following:
• Safeguarding assets – to protect the resources present in the Information Systems
• Reliable and accurate information – to maintain the integrity of the Information
Systems and prevent them from compromise in other words improved reliability
• Improving operational efficiency – to increase the ability to enhance their
operations according to the prescribed standard of Information Systems
• Adhering to policies – to follow the strategies strictly to protect Information Systems
from various threats, risks, vulnerabilities and other Cyber Attacks.

CYBER SECURITY Week-1 E-Text

Hence by taking into account of these internal control methods, the Information Systems
can be prevented from insecure access.
Figure 1.8 shows the various plan in internal control mechanism of Information Systems.

Plans in Internal Control

Methods of Securing
Information Systems
• Safeguarding Assets
• Reliable and accurate
information
• Improving operational
efficiency
• Adhering to policies

Figure 1.8 Various plans in Internal Control methods of Secure Information

Systems
1.18 Issues in Information Systems
Information systems face a lot of problems either in the form of cybercrime or through
computer abuse due to its increasing evolution in the field of technology world promoting
any illegitimate or unscrupulous task. Both Computer crime and computer abuse
executes differently. Computer crime refers to the use of computers by an individual to
perform unauthorized or illegitimate activities causing damages to the information and
resources that resides inside it. The increased dependability of businesses and
individuals on information systems encourages an individual to perform crime and abuses
related with computers and the insecure telecommunication networks pose an increased
risk of threat. An illegitimate user can easily access the information during the failure of
Hardware and software, fire, electrical problems, personnel actions, user errors, and
telecommunication problems. The information systems move into more threatened state
during the exposure of the telecommunication networks. Major threats to Information
systems today are:
• Spamming

CYBER SECURITY Week-1 E-Text

 • Hacking
• Jamming
• Malicious software
• Sniffing and spoofing(phishing)
• Identity theft
• Cloning
All these will be explained in a later section. In summary, the important point to be noted
here is that security is a major challenge in Information Systems.
Figure 1.9 shows the various forms of threats that target the Information Systems.

Hacking Jamming

Information
Systems
spamming
Malwares

Cloning

Phishing
Identity theft

Figure 1.9 Major threats to Information Systems

1.19 Security Requirements for Information Systems
The security principle for information system is a triad which will be discussed in future.
In addition to this triad, there are principles for maintaining and securing the information
systems. They are:
• Accountability

CYBER SECURITY Week-1 E-Text

 • Management of data
• Trust
• Isolation
• Change
• Compliance
These principles are applied over the entire system development process and the security
is enforced in the system. Information system security requirements should be based on
• Data Confidentiality
• Data Integrity
• System availability
• System configuration
o Data Confidentiality
This prevents the readability of sensitive information and disclosure of such information
to unauthorized recipients by controlling measures. In other words, people who have
authorized permission are allowed to access the confidential information. Whereas the
other unauthorized parties are prevented from information access.
o Data Integrity
Establishing the assurance of modification, alteration, change of information is done in a
definite and legal means. It also refers to the process assuring the consistency and validity
of data over its lifecycle. Data integrity improves the reusability and maintainability of
information increasing the stability and performance of Information Systems.
o System availability
System availability is the probability of a system that functions under normal operating
conditions. It assures authorized users to access the information and resources of the
system during a specific time.
o System configuration
Based on well-defined security guidelines and authorization of users, the system or the
network’s configuration are changed accordingly. Information Systems have their own
configuration functions to let administrators or users to change their system configuration.
The security requirements are to be satisfied and this is followed by security services like,
• Authentication

CYBER SECURITY Week-1 E-Text

 • Authorization
• Auditing
• Non-repudiation
o Authentication
It is used to verify the identity of a particular user during any type of access in the system.
This type of identity is generally authenticated based on what a user knows (e.g., a
password), what a user has (e.g., a hardware computer-readable token), or what a user
is (e.g., a fingerprint). Only if the password, token or fingerprint is valid, the user will be
allowed to access the system and its related resources. An unmatched password, token
or fingerprint denies access and the person is declared to be illegitimate.
o Authorization
It is used to grant permission to authorized users to accomplish a determined set of
activities. It also specifies access rights and privileges to the resources related to
Information Security. During this process, the system verifies for its authenticated user’s
identity and either grants or denies access to information resources.
o Auditing
It accounts each invoking operation in addition to the identity of the subject performing it
and the object acted upon. Conducting a Security audit mechanism is very essential in
Information Systems so as to increase its competence.
o Non-repudiation
Non-repudiation is a legal perception which is a broadly used service in Information
Security Systems that delivers the proof of data origin and data integrity. It makes use of
digital signatures to sustain the integrity of a given message along with the creator’s
identity protecting a subsequent attempt in denying user’s authenticity.
Figure 1.10 shows the requirements and services for securing Information systems.

CYBER SECURITY Week-1 E-Text

 Data Confidentiality Authentication

Authorization
Data Integrity

System Availability Auditing

System Configuration Non-repudiation

Figure 1.10 Security Requirements and Services in Information Systems

1.20 Security Principles
The fundamental principles of security according to AtulKahate, are:
• Confidentiality
• Integrity
• Authentication
• Non-repudiation
• Access Control and
• Availability
Figure 1.11 shows the Security Principles of Information Security.

Confidentiality

Integrity

Authentication

Security Principles of
Information Security Non-Repudiation

Access Control
Availability

Figure 1.11 Security Principles of Information Security

CYBER SECURITY Week-1 E-Text

Basically, he has classified them into two types namely primary and secondary. This
classification will help to understand the attacks and handle them better. All the above
principles can be explained with reference to the exchange of a message.
1.20.1 Confidentiality
Confidentiality is the state of being secret. The idea of confidentiality ensures that only
the sender and the receiver of the communication must be able to access the message.
They are the parties who are authorized to access the message. Confidentiality is
conceded when an unauthorized person is able to access the message. Lack of
confidentiality leads to the attack called interception. In other words, interception causes
loss of confidentiality of the message. Figure 1.12 shows an example for the interception
of the message which is sent from A to B.

A B

Figure 1.12 An example for interception of Messages

In the above figure, sender A wants to communicate to B. The communication takes place
by sending a secret message. C is an unauthorized intermediary who intercepts the
communication without the knowledge of A or B. This interception of message breaks the
confidentiality of the data and the connection established between A and B.
1.20.2 Authentication
Authentication deals with the proof of identity in a communication. When the legitimate
parties communicate with each other, security is ensured, if there is a proper
authentication mechanism. Authentication ensures the originity of the message. When
this is compromised, then it leads to an attack type known as fabrication. This probably
occurs when authentication is vague. The authenticated person must have their own
identity with which they will be allowed to access the message. A person with unknown
or false identity is restricted from access.
Figure 1.13 shows the absence of authentication.

CYBER SECURITY Week-1 E-Text

 A B

C I am A

Figure 1.13 Absence of authentication

The above figure displays the effect of the absence of authentication. The actual process
takes place by sending a message from A to B. The authenticity of the user is not verified
in this process. Hence an intermediary using fake identity authenticates himself as A and
sends the message to B. The receiver B also believes the received message to be
legitimate resulting in message fabrication.
1. 20.3 Integrity
When the message contents are altered after the sender directs them, there is a
possibility of loss of integrity. The loss in the integrity of the message is caused by
Modification.
Figure 1.14 shows the modification of a message.

Original Message
A
B

Modified Message
C

Figure 1.14 Modification of a Message

The above figure displays the loss of integrity in the message which is sent from user A
to B. The original message is sent from A to B. An intermediary C through illegitimate
means obtains the original message from A modifies it and sends to B. Here user A does
not know the modified message which is sent to B instead of the original message. User
B also assumes the modified message to be the original message sent by A.

CYBER SECURITY Week-1 E-Text

 1.20.4 Non-Repudiation
Sender cannot disprove the claim of transferring the message. During some
circumstances the user may send the message and he may negate the same later.
1.20.5 Access Control
The security principle of access control is to decide who has to access what. The access
rights and permissions are monitored by this. Access Control specifies who can access
what and the permissions are maintained in Access Control List (ACL).
1.20.6 Availability
The concept of availability ensures that the information is available to the genuine users
at all points of time. When the principle of availability is compromised it leads to the attack
called Interruption. Interruption puts the availability of resources in danger. Figure 1.15
shows the interruption of a message.

A B

Figure 1.15 Interruption of a message

In the above figure, user A sends a message to user B. An intermediary who is present
in-between this communication may purposely interrupt the process thereby preventing
the flow of message from reaching its specific genuine user. Similarly, here the user C
may delay the communication process or restrict the message by making it unavailable
to user B at a vital time.
The OSI Standards for Security Model defines the security principles in seven layers. they
are as follows,
• Authentication
• Access Control
• Non-repudiation
• Data Integrity

CYBER SECURITY Week-1 E-Text

 • Confidentiality
• Assurance or Availability
• Notarization or Signature
Figure 1.16 shows the seven layers of Security Principles given by OSI Standards.

Authentication

Access Control

Non-repudiation

Data Integrity

Confidentiality

Assurance or Availability

Notarization or Signature

Figure 1.16 OSI’s Seven layer of Security Principles

According to Information Technology Promotion Agency, Japan, whose motto is to protect
and nurture IT Society, suggested FIVE Cyber Security Principles. They are:
o Installation of Newest or latest OS and Software
o Use of Security Software (to prevent threats targeting the systems)
o Usage of Strong Passwords (with guidelines provided by the password
generator)
o Checking of sharing settings (to restrict intermediaries)
o Know what threatens the Organization and How one may be attacked
Figure 1.17 shows the Five Cyber Security Principles suggested by Information
Technology Promotion Agency.

CYBER SECURITY Week-1 E-Text

 Use of Security Software

Installation of Newest
OS and Software Cyber Security
Principles

Use of Strong
Passwords

Checking of Sharing
settings
Protecting organizations
from possible threats

Figure 1.17 Cyber Security principles suggested by Information Technology

Promotion Agency
Information systems has a large number of uses that helps the organization in
performing the tasks in an easier, faster and efficient manner. However, securing the
Information systems has been realized as a major challenge to an Organization. In spite
of these obstacles, there are solutions that helps in counter programming and for other
legislations passed by several governing bodies. No single solution exists to solve or
evade the issues that outbreak information systems and their security. The problems are
exceptional, and requires corresponding solutions based on the needs. One of the tasks
considered as huge and needs more attention in this technological age for information
systems is security. Since Information Systems have become the integral part of daily life
in all aspects security has become a major challenge. Technology has also altered the
life style of different peoples in conducting business and governmental organizations.
Therefore, securing the Information is much more a challenging task due to the
advancements and developments in the technology.

CYBER SECURITY Week-1 E-Text

 1.21 Security Measures

Information systems require strict controls as they are vulnerable to cyber-attacks and the
controls are required to countermeasure.
The three-step approach ensuring security is:
• Threat identification
• Establishing controls
• Performing audits
The initial step to be taken for securing information system is identifying the threats. This
step uncovers the problems that require serious attention.
The second step is establishing the controls both general and application oriented.
The final step is to discover the security breach. Audits are performed generally to ensure
the effectiveness of controls. The role of auditing checks if information systems safeguard
corporate assets, maintains the integrity of data that are stored and communicated,
support corporate objectives effectively, and operate efficiently. Figure1.18 shows the
steps involved in security measures.

3. Performing
Audits
2. Establishing
Controls
1. Threat
Identification

Figure 1.18 Three-Step approach to ensure Security

1.22 Why Cyber Security is important?

• In the previous sections, we discussed the significance of Cyberspace and the

importance of securing our operations in Cyberspace.
• The importance of secured Information Systems is also discussed.
• Security is one of the emerging and most important challenges of Cyberspace
when everything is digitized and shared across platforms.

CYBER SECURITY Week-1 E-Text

 • The dependency on the Information systems and Communication technologies
and the pervasive nature of the digital devices make security a very important
feature.
• Actually, Cyber Security is not a one-time process to achieve; it is an ever-growing
challenge and new challenges will be encountered from time to time.
• By the time the old problem is fixed and rectified, new targeted attacks challenge
the Cyberspace. Cyber security is a process by itself and not the end.
I would like to justify the need for Cyber Security through various insights. First let
me talk about hackers.
1.23 Who are Hackers? What do they generally do?
• Hackers are unauthorized users of a system who invade a system through the
vulnerabilities or weak points in the system.
• Hackers makes use of large diverse tools to harm a computer system.
• Hackers usually gain access to computer systems through malicious logic (like
virus or malware) through some attachments and waiting for users to open the
attachments.
• These attachments implant viruses or malwares for unwanted operations or
destructions through malicious logic.
1.24 Common ways a computer can become infected
A computer can be infected through various ways such as just click away of the users in
the computer. Figure 1.19 shows the common ways a computer can be infected. Infected
computer systems through the entry of viruses or malwares start malfunctioning and start
damaging the system in numerous ways without the intend of the user. Some examples
are: password stealing, stealing of personal information or identity, credit card number,
social security numbers or other personal identities.
In the worst case, hackers can take control of an infected computer and use it to launch
an attack on a larger system. Even if sensitive data are not stored in the computer, it can
still be used to infect other computers without the knowledge of the user. This practice is
so prevalent among hackers.

CYBER SECURITY Week-1 E-Text

 Opening an email from
unknown sources

Visiting malicious
websites Careless download of
software, free
downloads

Figure 1.19 Common ways to infect a computer

1.25 Statistics on Cyber Attacks
Some incidents happened during the recent years are presented below.
• First of all, the number of cyber-attacks is increasing every year.
• In the period 2013-2015, it was reported that the cost of cybercrimes quadrupled,
that is from $400 billion to $500 billion during that time alone.
• In a Cyber Security Project report on cybercrimes, it is mentioned that the cost of
cyber threats tend to rise to $6 trillion annually by 2021.
• This includes everything from damage and destruction of data, stolen money, lost
productivity, theft of intellectual property, theft of personal and financial data,
embezzlement, fraud, post-attack disruption to businesses, forensic investigation,
restoration and deleted/hacked data and systems, to name a few.
• The rising threat of cyber-attacks on medical devices reached $101 billion in 2018.
• In the Global State of Information Security Survey 2017, 59 percent of respondents
expressed that “digitization of their business ecosystems has impacted security
budgets”.
• Hence, cyber security is a very important area worthy of commitment, and
companies are seriously working on it.

CYBER SECURITY Week-1 E-Text

 Cyber Attack incidents in the year 2018
• According to the World Economic Forum’s Global Risk Report 2018, Cyber-attacks
are the third-largest threat the World is facing today after natural disasters and
extreme weather conditions.
• The top five risks that may lead to global instability over the next five years are
listed according to their severity.
They are:
• Natural Disasters
• Extreme Weather Conditions
• Cyber-Attacks
• Data Fraud
• Failure to address Climate Change.
Of the top five risks, two are related to the Security of Cyberspace.
• Major challenges are going to be faced by Human due to the dependency on Cyber
Space.
• The World Economic Forum has also expressed in its report that Cyber Security
risks have grown with every observed prevalence and disruptive potential.
• The biggest risks noted by the report are against the critical infrastructures and
automated industrial sectors, many of which may cause disastrous situations.
Some recent examples like WannaCry ransomware, Petya, and NotPetya indicate
this.
• Major losses are encountered in the financial sectors. For example, NotPetya
caused losses upto $300 million per quarter for some companies.
• The ransomware spread through emails, demanded money for release of
encrypted data, 64% emails of this nature affected many organizations across the
world.
• Apart from the financial organizations, the next industry that is challenged is the
Aviation Industry. According to the European Aviation Safety Agency’s report, the
modern aviation industries are digitally equipped for their flight operations.

CYBER SECURITY Week-1 E-Text

 • Here, reliability is the major quality insisted on operational data. On an average,
this industry alone is attacked 1000 times a month.
• Billions of data records are leaked for business and political gains. There are many
occurrences that have brought the peace talk initiatives between Nations because
of the security threats.
• The data leakage is growing at a very faster rate than ever before in the recent
times. There are many incidents we read almost every day in the newspapers at
National and International Levels.
I would like to quote some incidents in the International Scenario.
Npr-stories about Cyber Security
1. Politics
• Not Just Ballots: Tennessee Hack Shows Election Websites are vulnerable too.
• On May 17, 2018, an attack in Tennessee highlighted the fact that election result
websites offer attackers a much easier target than ballots or voter registration
systems.
2. National Security
• Sounding the Alarm about a New Russian Cyber Threat
• April 24, 2018, The U.S. and U.K. governments say Russia is targeting
infrastructure in the West with cyber-attacks. This is expressed by the Cyber
Security Chief, Department of Homeland Security.
3. The two-way
• April 17, 2018 - A joint U.S., U.K. and Australia statement blaming the Kremlin for
a cyber-attack last year was released.
• Russia's 'Fancy Bear' Reportedly Hacks German Government’s Network.
• March 1, 2018, German media reported that the Kremlin-linked hacking group
placed malware in a key government network that may have gone undetected for
as long as a year.
4. The torch
• Malware Attacks on Olympics could have come from Russia and North Korea,
experts say.

CYBER SECURITY Week-1 E-Text

 • February 13, 2018, A cyber-attack known as "Olympic Destroyer" similar to the
ones initiated by Russian hackers in the past was launched.
How important Cyber Security is? I addressed the very important question from the
economic and political discernment.
Now, I would also like to take up the question again from the technology
perception.
1.26 Need for Security-Technological View
• The major objectives of Cyber Security are to protect the important asset that is
information, and other physical infrastructures from major threats, attacks and
challenges.
• The cyber-attacks take many forms today due to technological sophistications.
• The cyber adversaries employ automation and intelligent mechanisms to launch
very critical and refined attacks which are very difficult to handle.
• Mostly these attacks are launched at very lower costs too.
• Keeping pace with the advancements in technology, the cyber security policies,
strategies and operations can be a great challenge to the government, business
organizations and even to an individual.
• Cyber threats aim at critical, political and infrastructural assets of a Nation or its
people.
• One of the trickiest elements of cyber security is the quickly and constantly
evolving nature of security risks.
• The traditional approaches have attended the attacks on critical systems and
protected them from biggest known threats.
• This automatically left the less important systems unattended and less dangerous
risks unnoticed. This is not a good practice in today’s environment.
• Adam Vincent, CTO-public sector at Layer 7 Technologies - the security service
provider to federal agencies including Defense Department organizations,
describes the problem as follows:
"Cyber threat is advancing quicker than one can keep up with it. The
threat changes faster than the idea of the risk. It is no longer possible to
write a large white paper about the risk to a particular system. One
would be rewriting the white paper constantly..."

CYBER SECURITY Week-1 E-Text

 • This statement is an important testimony for today’s cyber threats.
• Many more such incidents, publications and sayings can be quoted to justify Cyber
Security.
• Proactive and adaptive approaches are the need of the hour.
• The NIST-National Institute of Standards and Technology recently issued the
updated guidelines in risk assessment framework that recommends a shift towards
continuous monitoring and real-time assessments.
Important Terminologies
Some of the main terms in cyber security are: vulnerability, threat, attack and risk.
Vulnerability: any weakness in the system, product or process that compromise the
basic security principles. Thereby, the system becomes susceptible to attacks.
Threat: when there is a possibility for violation of security, due to circumstance or
capability or action or event, it may cause harm.
Threat is a possible danger to assets that might exploit vulnerability.
Attack: is a deliberate attempt to evade security services and violate the security policy
of a system.
Risk: The possibility of suffering a loss. Risk is a fundamental part of operations. It is not
something to fear, but something to manage.
But, any risk unnoticed or unobserved in the system may lead to vulnerability and
subsequently to attacks.
Figure 1.20 shows the interdependency of vulnerability, threat and risk.

Vulnerability

Risk
Cyber Threat

Actor Motivation

Figure 1.20 Links between Vulnerability, Threat and Risk

CYBER SECURITY Week-1 E-Text

 1.27 Types of cyber threats
There are a number of ways with the actor or adversary attempting to gain access to a
system. Threats try to gain access to a network through malicious attempts to
compromise or disrupt a computer network or system. The types of threats are increasing
in its landscape by two technology trends i. IoT (Internet of Things) and ii. Data
Proliferation.
The very fundamental concept in security is CIA triad referring to Confidentiality, Integrity
and Availability. One or more facets of the triad are protected by the security methods.
The asset can be exploited by threats to compromise the triad. The threats which are
either intentional or accidental fall under three categories based on the triad principles.
Figure 1.21 shows the CIA triad.

Confidentiality

CIA TRIAD

Integrity Availability

Figure 1.21 CIA Triad

The speed with which the malwares spread, the multitude of organizations harmed, which
include critical infrastructure, and the serious obstacles in restoring the corrupted data
once again underline today’s priority of cyber security. The cyber-attacks on the
information and data on the Internet can affect these three fundamental principles of cyber
security. So, there is a great need to setup cyber security principles in terms of
Confidentiality, integrity and availability. The elements of the triad are considered as the
most crucial components of cyber security. These are also termed as security goals.
The crime which can take place with the help of the computer system and the
Internet is known as cybercrime. It is a malicious activity which can affect the three

CYBER SECURITY Week-1 E-Text

fundamental principles of network security, that is, confidentiality, integrity, and
availability. The cybercrime includes the terms like fraud, stealing, fights, and world war.
There are three common categories of cyber threats based on the triad are:
• Attack on confidentiality
• Attack on integrity
• Attack on availability
1.27.1 Attacks on confidentiality
• Stealing, or rather copying, the target's personal information. For example, attacks
like credit card fraud, identity theft, or stealing bitcoin wallets.
• Confidentiality attacks are the major portion of work of International spies to
acquire confidential information for political, military, or economic gains.
1.27.2 Attacks on integrity
• The common name used is sabotage. Integrity attacks seek to corrupt, damage,
or destroy information or systems, and the people who rely on them.
• Offenders can range from script kiddies to international or national attackers.
1.27.3 Attacks on availability
• Preventing a target from accessing by the genuine users is the most frequent
occurrence today. For example, ransomware and denial-of-service attacks.
• Ransomware encrypts the target's data and demands a ransom to decrypt it.
• A denial-of-service attack, also known as DoS attacks, typically in the form of a
distributed denial-of-service (DDoS) attack, floods a network resource with
requests, making it unavailable due to jam.
1.28 Methods and Practices of Cyber Attacks
The following section describes the means by which these attacks are carried out. There
is always a typical strategy for an attack. The beginning step is to gain access to the
computer or network followed by manipulation of data and steal data on the computer.
Figure 1.22 shows the possible and common ways of an attack strategy.
1.28.1 Social engineering
• Attackers need not hack a computer if they can hack a human instead.
• Socially engineered malwares are often used to deliver ransomware.

CYBER SECURITY Week-1 E-Text

 • This is rated as the no. 1 method of attack (not a buffer overflow, misconfigurations,
or advanced exploit).
• An end-user is tricked into running a Trojan horse program, even from a website
they trust and visit regularly.
• End user education is the best countermeasure against this attack.

Social Engineering

Phishing

Unpatched Software

Advanced Social Media

Persistent
Threats
Threats

Figure 1.22 Possible Attack Strategies

1.28.2 Phishing attacks
• Sometimes the best way to steal someone's password is to trick them to reveal it.
• This is called phishing.
• Even smart users, well-trained security personnel can fall prey for a phishing
attack.
• The best defense mechanism is two-factor authentication- 2FA. A stolen password
is useless to an attacker without a second factor, which may be a hardware security
token, or a soft token authenticator app on the user's phone.
1.28.3 Unpatched software
• It is hard to blame the enterprise if an attacker deploys a zero-day exploit against
the user.
• Failure to patch is the main reason for that. This may due to diligence, even after
months and years after disclosure of vulnerability, the enterprise has not applied
the software patch for enhanced security.

CYBER SECURITY Week-1 E-Text

 1.28.4 Social media threats

• Many fake accounts can be created in somebody’s name spoiling the reputation
of an individual, or group or an organization.
• Social media espionage of both industry and Nation is carried out for personal,
financial and political reasons.
1.28.5 Advanced Persistent Threats
Most of the corporate networks are challenged by APTs, which are very difficult to handle.
Apart from the efforts of cyber criminals stealing personal information and intellectual
properties, a state-sponsored attempt to steal data and compromising infrastructure is an
APT. A trained and focused cybercriminal can use multiple routes and entry points to
steer around defenses, crack the network in minutes and elude detection for months.
Multiple APTs can play hide-and-seek in the corporate networks. Corporate operate
remotely interesting to someone, anywhere, and then they are vulnerable to sophisticated
APTs. This is due to the reason that corporate have rich, valuable assets that is,
information and valuable intellectual properties which many criminals and Nations may
not hesitate to steal.
1.29 Cyber Security Core Functions
The core functions in cyber security are the fundamentals to be understood to reduce the
loss of information, reclaim the digital autonomy and for personal and professional
protection. The functions include identify, protect, detect, respond and recover.Figure1.23
shows the core functions and their importance.

CYBER SECURITY Week-1 E-Text

 Identify
Protect
Develop
understanding Detect
Develop and
Manage
implement Respond
systems, assets, Identify the
safeguards
data and occurrence of Recover
capabilities Ensure cyber security Take action on
delivery of events the detected
services cyber security Resilience
events Restoration

Figure 1.23 Core Functions of Cyber Security

1.30 Four Important Fundamentals of Security
The emergence and the advancements of technology have parallelly increased the
innovation for security. Higher understanding of the security technologies can minimize
the fear and risk standing in the powerful services and the easily accessible online
facilities.
The four Fundamentals of Cyber Security are listed below
• Protect the Device
• Protect the Connection of Devices
• Protect email Communication
• Protect and back up electronic documents and files
1.30.1 Protect the Device
Protecting the devices used for communication is the first and foremost step in the
security process. Today devices like Smartphone’s, laptops and tablets are connected
to the Internet and are used for personal and official operations. They must be protected
with the latest or updated versions of software and hardware security solutions. The
state-of-the-art security solutions are available now-a-days and they are server centric.

CYBER SECURITY Week-1 E-Text

They can be accessed remotely by the individuals for updates so that the devices
connected can be protected from new threats. The most important point to note here is
that the security solutions often come with new updates and it is mandatory to install the
updated versions in the devices or computers. Therefore, the device protection solutions
should have the following features:
• Remote management or updating feature.
• No intervention of user-input or behavioral modifications.
• It should be done automatically.
• Anti-virus software updates browser and application protection with high
quality handling mechanism.
• Facility to Lock the device and erase functions.
• Password management applications with seamless integration of mobile
platform.
• Purchase of updated software versions and training to the employees of the
organization.
• Automatic updates of Operating system software and other application
software. Example, Adobe, Java.
• Actionable real-time and pro-active threat intelligent defensive mechanism.
• Intelligent procedures/ processes/ algorithms to improve the effectiveness
of the usage by protecting from future threats.
The ideal device protection solutions provide automated and remotely managed
functions that facilitate the users to mitigate the risk of attacks on the devices irrespective
of their location. Figure 1.24 shows the risks involved in the device handling and the
consequences of device tampering.

CYBER SECURITY Week-1 E-Text

 Key - logging
Intrusion
Risks
Theft
Malicious applications

Fraud
Extortion
Consequences Spying
Corruption and loss

Figure 1.24 Risks and Consequences in Devices

1.30.2 Protecting the Connection of Devices
• Once the individual device is protected, the next level of protection should be
ensured.
• When we connect on-line, the information is transmitted across the network. Many
data leakages can happen during this transit.
• A good solution provider will use strong encryption mechanisms or the data is
encoded and transferred through Virtual Private Networks (VPN).
• A good VPN will protect the user’s identity, location, browsing, shopping, banking,
and all information transacted online, even when they use public WiFi networks.
• So consumers must use devices with VPN connection capability. New updates
must also be provided, whenever new challenges arise.
Figure 1.25 shows the risks and consequences in the online communication.

CYBER SECURITY Week-1 E-Text

 • Snooping and Sniffing
Risks
• Tracking
• Fake

Devices
• Information loss
• Fraud
Consequences • Physical harm
• Extortion
• Theft

Figure 1.25 Online Communication risks and consequences

1.30.3 Protect email communication
• E-mail services are offered free of cost which has distracted the users to forget the
value of privacy.
• It is better to use the service that automatically strips IP location and metadata
information from individual emails as they travel through Internet.
• Use services that employ open-source software for ultimate security, portability,
and compatibility across technology architectures and platforms.
• Private e-mails of the organizations are safe compared to personal accounts when
using them for official and professional communication.
1.30.4 Protect and back up electronic documents and files
• Due to advancements in virtualization and cloud computing, remote backup
services are easier and data storage is cheaper.
• Important documents like scanned passports, social security cards, birth
certificates, educational certificates, Aadhar card details, wills, trusts, tax returns,
and the other personal documents are stored in the cloud now in digital vaults.
On the other hand, there are many potential threats even due to proprietary software. For
example, network management software used to handle virtual environment may face
certain threats, unless it is carefully configured.
Sometimes the functionalities of the software can be hijacked by unauthorized user who
can try to install the software with administrative rights for all clients.

CYBER SECURITY Week-1 E-Text

Thereby they can gain access to all client computers compromising security and privacy.
Such remote management software is not designed to collect or deliver confidential data.
So, they should not be used to collect confidential data.
Figure 1.26 shows the risks and consequences in email services and backup services.

Email Services Backup Services

Risks
Risks
Phishing
Cloud-based servers
Social Engineering
Online theft
Metadata loss
Unsecure networks, sharing
Theft

Consequences
Consequences
Fraud
Permanenet loss
Theft
Fraud
Reputational risk
ID theft
Blackmail

Figure 1.26 Risks and Consequences in Email and Backup Services

The four fundamental solutions apply technological advancements and every day
activities are built on a Cyber eco-system reducing the loss of information.
The risks associated are substantially reduced in all aspects of life, personal and
professional, virtual and real.
1.31 Other essentials in securing the Computers
Some more essentials are also available in the literature. Let us see some of them.
1.31.1 Physical Security
• There is no security without physical security. So servers and other important
resources must be stored in a secure place with controlled access.
• It is ideal to keep all the resources in a locked room.
• The controlled access requires stringent administrative policies in an organization.
• Low security client machines can be stored in locked places with additional
facilities like anti-theft cables.

CYBER SECURITY Week-1 E-Text

 • For more clients, use laptops and educate the users to attach a lock.
• Multi-layer security mechanisms like firewalls, anti-virus software provide defense
in depth.
1.31. 2 Protect Against Unauthorized Administrators
• Unauthorized administrators are a high security risk. An unauthorized
administrator could launch numerous attacks, including running malicious
software on every client computer, enabling remote tools to configure and gain
access without user’s permission.
• Configure for DoS attacks.
• Running Network Monitoring Tool to conduct unauthorized packet sniffing.
1.31.3 Assign the Least Permissions Possible
• Assign only minimum permissions Necessary to complete a task.
• Enforce role separation to limit administrative exposure. For example, read,
distribute and modify permissions.
• Create and Maintain Secure Baselines for all Systems. It describes all relevant
configuration settings for secure computing.
• Elements of a secure baseline include:
o Settings for services and applications.
o Configuration of operating system components.
o Permissions and rights assignments.
o Administrative procedures like changing passwords.
1.31.4 Use the most secure operating systems possible
o This is very important today. Even very famous operating systems are prone to
threats. Sometimes, the vulnerabilities introduced by these operating systems
create unacceptable risks. In such a case upgrade the OS as soon as possible.
o Use a secure file system.
o Apply security updates as needed.
o Stay informed about new updates for operating systems by subscribing to the
Security Notification Services to receive the latest security notifications.

CYBER SECURITY Week-1 E-Text

 o Security updates are also applied to the virtual machines by using the software
update feature. However, the updated state will be lost, if the virtual machine is
turned off without saving the changes.
o Audit for changes to the secure baseline. Enable auditing and review audit logs
regularly to look for unauthorized changes to the approved operating system
baseline.
1. 31.5 Use Strong Passwords or Pass Phrases
o Even the strongest security measures may fail due to weak passwords. Weak
passwords are unnecessary risks to the network environment.
o If users have difficulty remembering sufficiently complex passwords, consider
implementing smart cards or biometric authentication methods.
o Instead of passwords, pass phrases can also be used.
o Pass phrases combine several words that are easier to remember but are usually
longer and harder to break.
o Always use strong passwords with 15 or more characters for all service accounts
and Administrator accounts. Never use blank passwords.
o Do not modify default password filters.
1.31.6 Use Secure Authentication Methods
o The default methods for network authentication services are available in
proprietary operating systems.
o Such operating systems use Industry standard protocol with either a password or
a smart card for interactive logons.
1.32 Cyber Security Challenges
A report of the World Economic Forum predicts the necessity for new approaches to
handle cyber-attacks and failure will have a severe impact of approximately US$ 3 trillion
by 2020. Cyber threats have now opened up new channels through social media and
mobile technologies. All the threats ultimately lead to breach of data privacy and security.
Following are some of the emerging challenges for data protection and cyber security.
• Connected environment
• More reliance on ICT
• Increasing number of users and adoption of technology

CYBER SECURITY Week-1 E-Text

 • Increasing number of smart devices and access
• Unrestricted or open access to Information
• Lack of control mechanisms
• International dimensions
• Increasing speed of data exchange process
• Scope for anonymous communications
• Growing sophistication of threats.
• Movements of threats to mobile sphere
• Big Data Myth
• Lack of preparedness to handle the upcoming challenges
• Compliance vs. risk-management
• Inadequate and restricted handling of related crimes legally or the legal
challenges
The main cyber security risks arise due to the increasing population and the better
placement of technology to handle the challenges like, dependency on ICT and
automation. Proper identification of threats that impact the organization’s capability to
conduct business is the very important need of the day. Therefore, risk assessment is
imperative for every organization that depends completely on ICT infrastructure and
automation for their activities. Risk assessment provides proper measures, processes
and controls to reduce the impact of risks on organizations.
Conclusion
So, to conclude, in this digital era when everything is accessed and operated through
cyber space, security is the very important feature. To understand the need for cyber
security, different incidents and statistical reports are presented. Lack of security may
lead to set backs in financial matters, personal and professional operations. Important
terms related to Cyber Security are also discussed in this module. Different types of Cyber
threats, the methods of Cyber Attacks are also explained. The four important
fundamentals of security and the other essentials in securing the computers are also
explored to understand the basic operations in cyberspace. Cyber security is a broader
term which protects all the hardware (devices, routers, and switches), software,
information, and data that are part of the cyber space. Cyber Security cannot be

CYBER SECURITY Week-1 E-Text

misguided with data security. This suggests the principles and challenges discussed in
this report there must be a security technique that can defend against ever-changing
attacks at different levels of network protocols. The environment must also be considered
with remote user connectivity and device policy.
****************************************************************************************************

CYBER SECURITY Week-1 E-Text