Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
We are all living in the digital era. All our daily activities either partially or totally depend
on digital devices or Internet. Every Organization whether it is government or non-
government and individuals rely on the usage of computer networks, systems and related
technologies. Most of our daily routines, including both personal and professional
activities, depend on digital devices connected through public and private networks and
the Internet.
Where do we operate, and which connects us? These are the major questions that most
of us raise when we think about the way we use Internet and other resources for
communication. The answer is: Cyber Space. Cyber Space is the virtual space that
connects all of us and enables the information exchange, necessary to support
interactions in the digital era. More specifically, Cyberspace can be defined as,
Definition
The term cyberspace is derived from the word cybernetics which in turn is extracted
from ancient Greek word kubernētēs, that refers to steersman or to give direction. Recent
years have seen a wide proliferation of context-dependent suffixes applied to cyber.
The term cyberspace first came into existence in various contexts in visual arts and
science fiction during 1940, 1960 and 1984. However, the first reference was made by
the founder of Electronic Frontier Foundation, in the year 1990 and later in 1991 by Mr.
Benedict, which is close to the existing relationship of computer and telecommunication
systems.
Since Cyberspace is a common domain where everyone can operate and no one can
own or govern, there are many trespassing happening. Therefore, it is necessary to
understand the levels of Cyberspace.
Figure 1.1 depicts the levels of Cyberspace, namely
i. Core Cyberspace and
ii. Extended Cyberspace.
Core Cyberspace
Extended Cyberspace
Core cyberspace covers all electronic devices, the transmission medium or connecting
medium, the control codes, the operation codes, software used to handle them and finally
the data. This is the place where all of us operate.
The extended Cyberspace covers everything that surrounds the core. Anybody can
access the core through this extended space. For example, an automated car or a smart
appliance operated through remote control, through this Cyberspace. That is, one gets
the control of core only through extended cyberspace.
Extended cyberspace is very attractive to new generation of intruders, including
government hackers for Cyber warfare. That is Cyberspace provides a battle space to
target government, business organizations or a Nation’s critical Infrastructure. It may
provide an informal access, if the security system is not in place. Whether Cyberspace is
attractive or not, it is all about how people choose to use it. Let us see the elements of
Cyberspace in the following section.
1.4 Components of Cyberspace
Cyberspace comprises 6 major elements as illustrated in Figure 1.2.
More specifically, the components of Cyberspace are:
i. Physical infrastructure and telecommunication devices
ii. Computer systems and related software
iii. Networks connecting computer systems and devices
iv. Network of Networks or Internet
v. User and intermediaries Access nodes
vi. Constituent Data
Networks
Intermediaries
Network of Networks
Logical Layer
Physical Layer
The factors that influence, or the driving forces of Cyberspace are time, space, anonymity,
asymmetry and efficiency. Figure 1.5 shows the driving forces, the key factors.
Efficiency
Time Space
The key efficiency
Vital and Interlinked with element in
irreplaceable time into a cyberspace is that
Action, preparation, complex simultaneous
realization takes time tapestry actions in different
In cyberspace, The Initiation dimensionalities are
actions occur in the of Cyber-attack performed by the
blink of an eye is from digital operators
battle space
Asymmetry Anonymity
Opponent's weak Cyberspace and its
point exploitation by operations are to be
claiming competitive identified
advantage in the
most optimal way Difficulty to detonate
the location of the
Asymmetrical warfare operator with their
opportunities are the identity found in
sources created by cyberspace
cyberspace
It makes use of the TCP/IP protocol suite for data transmission and exchange
(Source: Webster Online Dictionary)
Definition 2
Definition 3
Therefore, Internet provides the technical platform for communication and actions through
well-defined standards of operations.
1.9 Comparing and Contrasting Internet and Cyberspace
Often, the terms Internet and cyberspace are used interchangeably and considered to be
the same in the meaning and usage. However, there are certain key differences between
Internet and Cyberspace.
The Internet links smaller or larger networks of computers, servers and other personal
devices that exist within the scope of Internet.
However, Cyberspace is a symbolic and figurative space that exists within the Internet
and supports a multitude of business, government and social interactions through
information exchange.
Nature of cyberspace: Cyberspace derives more from the decisions made at the cognitive
level rather than through the operation of physical systems.
Cyber security refers to the actions which are taken inorder to prevent the computer
systems or the Internet from unauthorized access or against attacks.(Source:
Webster online Dictionary)
Definition 1
Cyber Security includes techniques that protect computers, networks, programs and
data from illegal access or outbreaks that may be misused.
Definition 2
Definition 4
Passwords
Software Patches
Common tools
Firewalls
used to
prevent Data Authentication
Leakage
Encryption
The fortification of information from illegal access or information theft thereby preserving
the privacy is referred to as the Information Security. Some of the common practices that
provides Information security are:
• Identification, validation and authorization of users
• Cryptography.
1.13.3 Network Security
The process of ensuring the usability, consistency, truthfulness and security of the
network is referred to as the Network security. Large number of threats are recognized
and stopped from further spreading or entering into the network system through an
Effective network security strategy. Network security compromises of the following
components:
• Anti-virus and anti-spyware
• Firewall, identifies and blocks any unauthorized network access
• Intrusion Detection system (IDS) automatically detects Network Intrusions and
Intrusion Prevention Systems (IPS) that identifies destructive threats, like zero-day
or zero-hour attacks
• Virtual Private Networks (VPNs) provides safe remote access.
1.13.4 Disaster Recovery
A development process that is used to assess various types of risks and establish
different priorities thereby evolving disaster recover strategies is known as Disaster
recovery. Every organizations must develop proper disaster recovery strategies to protect
their business-related activities from damage. Rather, they should take pro-active
measures to handle disasters because information is a major asset of an Organization.
1.13.5 Operational Security
Very stubborn or stringent measures must be taken as far as operational level security is
concerned especially in a complete automated environment. Of all the risks, it is really
difficult to fix the operational risks in an organization when data leakages or security
breaches happen.
The most essential and viable solution is end user education. Most of the security
incidents happen only because of lack of knowledge on the handling side of the users.
Many incidents happen without realizing the significance of certain activities.
Of all the above, end-user education is very important for an organization to avoid
unnecessary incidents against security.
Why Cyber Security is a challenge in Today’s Digital era?
Dependence on technology is more and the dependency has made it more vulnerable to
compromise. Cyber Security problems are identified in technologies provoking cyber-
attacks easier and more dangerous. The main problem addressed are being ignorant
about the role of cyber security and the complex situations imbibing various past and
current technologies.
What are the cyber security questions?
The questions to be addressed on securing the operations in cyberspace are
i. From what to protect?
ii. What to protect?
iii. How to protect?
The main focus is on the first question. The main concern on this aspect is on Deciding
on what or from what, to mainly protect, and how to operate strongly during system
failures.
Addressing the second question is on the possible threats and the threats are analysed
for further detection in future.
The third question addresses the object’s security assurance from threatening factors
through measures and procedures of implementation.
Cyber security has a significant importance in the current world of digital technologies as
most people make use of Internet for their daily activities. This replaces the mechanical
process with the use of software. The global usage of Internet has also authorized
individuals to unleash unique levels of innovation, creativity, and has also created new
markets unruling old ones. As Internet is used world-wide it suffers from various security
challenges and issues of which most of them help in improving the emergence of cyber
The security of information systems depends on the process and the methodologies
applied for keeping the information confidential, available, assuring integrity. The security
is provided by access controls, protection methods and detection with remediation by
documenting the events. Information system security deals with all forms of data
protection.
1.16 Contributing Factors for Insecure Information Systems
As already mentioned, information system is the integral component of any organization.
The information systems function properly, relying on individuals, companies, and
governments. A devastating situation may arise due to loss of data. The factors that are
threatening the security of information systems are:
- Lack of awareness
- Wide-open Internet access
- Network traffic
• Lack of Awareness
It is very essential to be aware of various security issues as Information Systems are
more prone to frequent attacks and sophisticated threats. Hence, Information systems
must be examined regularly and frequently to identify the primary intrusions challenging
their security. If one lacks this awareness of recognizing a threat or vulnerability or risk or
any other weakness in the system, then Information Systems will face major challenges
causing damages to the resources stored in it.
• Wide-open Internet Access
Internet is an open medium and Users are connected without any geographical and
physical barriers. Wide-open Internet access throughs the problem of Information
Security compromising confidentiality, integrity and availability of shared information.
• Network traffic
Network traffic refers to the amount of data or information passing across a network at a
particular time. As these data are encapsulated in network packets, it loads the network
resulting in the poor quality of providing network services. A network traffic in an
Information System can be any of the following
Lack of
Awareness
Insecure
Information
Systems
Wide-open Internet
Network Traffic
access
Information is the important asset of an organization and failing to realize the data value
leads to loss of data and security breach in information systems. Mostly, policies,
procedures and controls are used to enforce the protection of information systems and
data. Policies and procedures help in implementing the standards of organization. Internal
controls provide a basis for the protection of information systems and data. The internal
control methods provide plan for the following:
• Safeguarding assets – to protect the resources present in the Information Systems
• Reliable and accurate information – to maintain the integrity of the Information
Systems and prevent them from compromise in other words improved reliability
• Improving operational efficiency – to increase the ability to enhance their
operations according to the prescribed standard of Information Systems
• Adhering to policies – to follow the strategies strictly to protect Information Systems
from various threats, risks, vulnerabilities and other Cyber Attacks.
Hacking Jamming
Information
Systems
spamming
Malwares
Cloning
Phishing
Identity theft
Authorization
Data Integrity
Confidentiality
Integrity
Authentication
Security Principles of
Information Security Non-Repudiation
Access Control
Availability
A B
C I am A
Original Message
A
B
Modified Message
C
A B
Authentication
Access Control
Non-repudiation
Data Integrity
Confidentiality
Assurance or Availability
Notarization or Signature
Installation of Newest
OS and Software Cyber Security
Principles
Use of Strong
Passwords
Checking of Sharing
settings
Protecting organizations
from possible threats
Information systems require strict controls as they are vulnerable to cyber-attacks and the
controls are required to countermeasure.
The three-step approach ensuring security is:
• Threat identification
• Establishing controls
• Performing audits
The initial step to be taken for securing information system is identifying the threats. This
step uncovers the problems that require serious attention.
The second step is establishing the controls both general and application oriented.
The final step is to discover the security breach. Audits are performed generally to ensure
the effectiveness of controls. The role of auditing checks if information systems safeguard
corporate assets, maintains the integrity of data that are stored and communicated,
support corporate objectives effectively, and operate efficiently. Figure1.18 shows the
steps involved in security measures.
3. Performing
Audits
2. Establishing
Controls
1. Threat
Identification
Visiting malicious
websites Careless download of
software, free
downloads
Vulnerability
Risk
Cyber Threat
Actor Motivation
Confidentiality
CIA TRIAD
Integrity Availability
Social Engineering
Phishing
Unpatched Software
• Many fake accounts can be created in somebody’s name spoiling the reputation
of an individual, or group or an organization.
• Social media espionage of both industry and Nation is carried out for personal,
financial and political reasons.
1.28.5 Advanced Persistent Threats
Most of the corporate networks are challenged by APTs, which are very difficult to handle.
Apart from the efforts of cyber criminals stealing personal information and intellectual
properties, a state-sponsored attempt to steal data and compromising infrastructure is an
APT. A trained and focused cybercriminal can use multiple routes and entry points to
steer around defenses, crack the network in minutes and elude detection for months.
Multiple APTs can play hide-and-seek in the corporate networks. Corporate operate
remotely interesting to someone, anywhere, and then they are vulnerable to sophisticated
APTs. This is due to the reason that corporate have rich, valuable assets that is,
information and valuable intellectual properties which many criminals and Nations may
not hesitate to steal.
1.29 Cyber Security Core Functions
The core functions in cyber security are the fundamentals to be understood to reduce the
loss of information, reclaim the digital autonomy and for personal and professional
protection. The functions include identify, protect, detect, respond and recover.Figure1.23
shows the core functions and their importance.
Fraud
Extortion
Consequences Spying
Corruption and loss
Devices
• Information loss
• Fraud
Consequences • Physical harm
• Extortion
• Theft
Risks
Risks
Phishing
Cloud-based servers
Social Engineering
Online theft
Metadata loss
Unsecure networks, sharing
Theft
Consequences
Consequences
Fraud
Permanenet loss
Theft
Fraud
Reputational risk
ID theft
Blackmail