Cyber Security Notes

Objectives

  • Discuss the basic need and requirement of cyber security.
  • Explain the basic concepts of computer and some nuances of cyber security.
  • Identify the basic do’s and don’ts of cyber world.
  • Analyze the various types of cyber-attacks and ways to deal with them.
  • Understand the legal consequences attached.

Introduction

  • The internet has revolutionized information exchange.
  • Digital technology and new communication systems have dramatically changed lives.
  • Businesses and individuals rely on computers for creating, transmitting, and storing information in electronic form due to its efficiency and cost-effectiveness.
  • The legal framework for cyber security and digital transactions in India is lacking, including substantive laws and the Evidence Act.

Need of Cyber Security

  • The growing accessibility to the internet has made it easier for cyber criminals to target businesses and access personal information.
  • Cyber security involves safeguarding against external threats and preventing unauthorized access within an organization's network.
  • Despite data security measures, online threats persist, putting data at risk.
  • Understanding cyber security concepts is essential for individuals to protect their networks from potential attacks and maintain privileged user access.
  • Cyber attacks are more frequent due to technological advancements and interconnected networks.

CIA Triad Model in Cyber Security

  • CIA is the foundation of any security system: Confidentiality, Integrity, and Availability.
    • Confidentiality: Only authorized parties can access sensitive information. Encryption is used to protect data, as seen in applications like WhatsApp.
    • Integrity: Only authorized individuals can modify or delete sensitive information. Information safety is crucial, and third-party access should be restricted to "read-only" mode.
    • Availability: Authorized personnel must have access to data when needed. Constant accessibility is essential for maintaining data confidentiality and integrity.
    • Figure 8.1 illustrates the CIA Triad.

Types of Cyber Attack

  1. Distributed Denial of Service Attack (DDOS):
    • Overwhelms a server with traffic from multiple sources, preventing legitimate users from accessing resources.
    • A botnet controller commands bots to attack a server.
  2. Man in the Middle:
    • Attackers intercept communication between two parties, such as an online transaction.
    • Attackers can steal credit card details and PINs during transactions.
  3. Email Attack:
    • Emails are sent via servers and DNS to find the destination IP address.
    • Types of email attacks:
      • Phishing: Tricking individuals into sharing sensitive information through deceptive emails.
      • Spoofing: Impersonating someone else to gain trust and trick individuals into divulging information.
      • Email attachments: Sending malicious files (viruses/malware) via email attachments.
  4. Password Attack:
    • Methods to crack passwords:
      • Dictionary Attack: Using a list of common passwords.
      • Brutal Force: Trying every possible combination (time-consuming).
      • Keylogger: Recording keystrokes to capture passwords and account details.
      • Shoulder Surfing: Observing users entering their passwords.
      • Rainbow Table: Using precomputed hash values to find passwords.
  5. Phishing Attack:
    • Stealing user data, including login credentials and bank details, through deceptive emails, messages, or links.
    • Victims are tricked into opening malicious links that lead to malware installation or data theft.
  6. Clickjacking:
    • Tricking users into clicking on malicious links or buttons, often through ads.
    • Example: Manipulating Flash plugin settings to remotely access a computer's microphone and camera.
  7. Crypto Hijacking:
    • Gaining access to a user's computer to mine cryptocurrency in the background.
    • Users are often unaware, experiencing only a delay in execution.
  8. Malware:
    • Malicious software that disrupts or damages a computer.
      • Virus: Malicious code that replicates by attaching itself to other programs or documents.
      • Worms: Stand-alone programs that infect systems independently.
      • Trojan: Disguises itself as a legitimate program, often serving as an entry point for other malware.
      • Adware: Delivers unwanted advertising.
      • Spyware: Collects sensitive data without the user's knowledge.
      • Ransomware: Encrypts files and demands a ransom for the decryption key, often in cryptocurrency.

Important Fundamentals of Cyber Security

  • Device protections:
    • Prioritize device protection using anti-virus software.
    • Enable lock and erase options.
    • Activate two-factor authentication.
    • Perform regular automatic system updates on laptops, PCs, mobile phones, and iPads.
  • Securing Online Connection:
    • Use VPNs (virtual private networks) to encrypt internet traffic, securing online transactions and protecting user identity, location, and sensitive information.
  • Securing Email Communication:
    • Encrypt emails to prevent sensitive data from being accessed by unauthorized parties.
    • Email encryption often includes one-time password authentication.
  • Protecting and Performing Timely Back up of Files and Documents:
    • Back up data remotely (offline) and use cloud storage (online).
      • Remote backups are convenient and inexpensive but not easily accessible.
      • Cloud solutions are accessible from anywhere but require strong security measures.
    • Ensure critical documents have encryption codes.
    • Use a database and infrastructure security management system with strong network, application, and cloud security.
    • Implement a BCDR (Business Continuity and Disaster Recovery) plan to quickly recover from unforeseen cloud security situations.
    • Identity management frameworks provide endpoint security and data security at the highest level.

Cyber Security: Best Practices

  1. Updating the Software Regularly:
    • Install updates to include updated features, bug fixes and security patches.
  2. Computer Protection from Viruses and Malware:
    • Install an antivirus and anti-malware program.
  3. Set Up two-Factor Authentication:
    • Enable two-factor authentication to strengthen web security.
  4. Protect Your Connections with VPN:
    • Use a virtual private network (VPN) for a more secure web to encrypt the connection.
  5. Careful while Clicking on Links:
    • Double-check the legitimacy of hyperlink messages before clicking.
  6. Bluetooth Disabled When Not in Use:
    • Turn off Bluetooth devices when not in use.
  7. Delete Adware on Your Computer:
    • Remove adware to maintain your privacy and install ad blockers.
  8. Upgrade Your Security System:
    • Invest in a high-grade security system.
  9. Virus Scans External Storage Devices:
    • Scan external storage devices for malware before accessing them.
  10. Back Up of Critical Data:
    • Regularly back up critical data to the cloud or a local storage device and add password protection.

Handling Misinformation, Fake Identities, Fake News and Legal Consequences

  • The abundance of online information has led to issues with misinformation, disinformation, and confirmation bias.

  • Misinformation is shared without the intention to harm, while disinformation is knowingly shared to cause harm.

  • Verify news facts through internet searches and use reverse image searches.

  • Artificial Intelligence (AI) can create realistic fake images, with economic, political, and geopolitical consequences.

  • Figure 8.2: Types of Mis- Information and Disinformation

    • Manipulated Content
    • Satire or Parody
    • False Connection
    • Misleading Content
    • False Context
    • Imposter Content
    • Fabricated Content

  • Legal Consequences in India

    • India lacks a specific law to combat fake news but uses provisions from the Indian Penal Code 1860 and Information Technology Act 2000.

  • Relevant Sections:

    • Section 153 IPC: Provocation to cause riots (if fake news provokes riots).
    • Section 153A IPC: Creating disharmony based on religion, race, caste, region, etc.
    • Section 295A IPC: Outraging religious feelings.
    • Sections 499 and 500 IPC: Defamation.
    • Section 505 IPC: Causing public mischief.

Cyber Crime Offences and Penalties

  • IT Act 2000 deals with cyber-crime offences and penalties.

    • Tampering with computer source document.
    • Hacking with computer system.
    • Publishing obscene information.
    • Powers of the controller.
    • Directions of the controller.
    • Protected system.
    • Penalty for misrepresentation.
    • Penalty for breach of privacy.
    • Penalty for publishing false digital signature certificates.
    • Publication for fraudulent purposes.

  • Specific Sections:

    • Section 65: Tampering with computer source code (imprisonment up to 3 years or fine up to 2 lakhs or both).
      • Example: Altering a smartphone's IMEI number or unauthorized website modification.
    • Section 66: Computer-related offenses (imprisonment up to 3 years, a fine up to 5 lakhs, or both) for acts prohibited under Section 43 IT Act.
      • Examples of acts covered by section 43:
        • Unauthorized access or securing access.
        • Downloading, copying, or extracting data.
        • Introducing a computer contaminant or virus.
        • Causing damage or disruption.
        • Denying access to authorized personnel.
        • Providing assistance for unauthorized access.
        • Tampering with services.
        • Destroying, deleting, or altering information.
        • Stealing or concealing computer source code.
    • Section 66A: Declared unconstitutional by the Supreme Court in Shreya Singhal v. Union of India AIR 2015 SC 1523.
    • Section 66B: Dishonestly receiving stolen computer resources (imprisonment up to 3 years, a fine up to 1 lakh, or both).
      • Example: Using a stolen smartphone.
    • Section 66C: Identity theft (imprisonment up to 3 years and a fine of 1 lakh).
    • Section 66D: Cheating by personation using computer resources (imprisonment up to 3 years and a fine of 1 lakh).
    • Section 66E: Violation of privacy (imprisonment up to 3 years, fine up to 2 lakhs, or both).
    • Section 66F: Cyber terrorism (imprisonment up to life imprisonment).
    • Section 67: Publishing obscene material (imprisonment up to 3 years and a fine up to 5lakhsforthefirstconviction,andimprisonmentupto5yearsandafineupto5 lakhs for the first conviction, and imprisonment up to 5 years and a fine up to10 lakhs for subsequent convictions).
    • Section 67A: Publishing sexually explicit material (penalty up to 10lakhsorimprisonmentupto5years,orboth;subsequentconvictions:penaltyupto10 lakhs or imprisonment up to 5 years, or both; subsequent convictions: penalty up to10 lakhs or imprisonment up to 7 years, or both).
    • Section 71: Misrepresentation to a controller/certifying authority (penalty up to 1 lakh or imprisonment up to 2 years, or both).
    • Section 72: Breach of confidentiality and privacy (penalty up to 1 lakh or imprisonment up to 2 years, or both).
    • Section 72A: Disclosure of information in breach of lawful contract (penalty up to 5 lakhs or imprisonment up to 3 years, or both).
    • Section 73: Publishing a false electronic signature certificate (penalty up to 1 lakh or imprisonment up to 2 years, or both).
    • Section 74: Creating electronic signature certificate for fraudulent purposes (penalty up to $$1 lakh or imprisonment up to 2 years, or both).
    • Section 75: Applies the Act to offenses committed outside India involving computer systems in India.
    • Section 76: Allows for the confiscation of computer systems used in contravention of the Act.

Important Dos and Don’ts

  • Critical to know points to keep in mind online for safety.
  • Cyber security Dos help safeguard personal information
    • Use complex passwords (minimum 8 characters, combination of uppercase, lowercase, numbers, special characters).
    • Change passwords every 45 days.
    • Use multi-factor authentication.
    • Save data in a secondary drive.
    • Maintain offline backup.
    • Keep OS and BIOS firmware updated.
    • Install enterprise antivirus.
    • Lock/log off when leaving the computer.
    • Shut down computer and printers when leaving.
    • Keep printer software updated.
    • Use a hardware VPN token.
    • Disable GPS, Bluetooth, NFC when not needed.
    • Download apps from official stores.
    • Check app popularity and reviews.
    • Use a standard user account.
    • Encrypt data before transmission.
    • Be cautious with URLs and links.
    • Report suspicious emails.
    • Adhere to security advisories.
    • Report cyber-crimes.
  • Cyber security Don’ts:
    • Don’t use the same password everywhere.
    • Don’t save passwords in browsers or unprotected documents.
    • Don’t write down passwords on unsecured materials.
    • Don’t save data on the system drive.
    • Don’t upload restricted data to cloud services.
    • Don’t use obsolete operating systems.
    • Don’t use third-party DNS or NTP services.
    • Don’t use third-party anonymization services.
    • Don’t use third-party toolbars.
    • Don’t install pirated software.
    • Don’t open links from unknown senders.
    • Don’t share passwords with unauthorized persons.
    • Don’t allow internet access to printers.
    • Don’t allow printers to store print history.
    • Don’t disclose sensitive details on social media.
    • Don’t plug in unauthorized devices.
    • Don’t use unauthorized remote admin tools.
    • Don’t use unauthorized video conferencing tools.
    • Don’t jailbreak/root phones.
    • Don’t share passwords with unknown callers.

Let Us Sum Up

  • Cyber security is crucial, given the rise in cyber-crimes.
  • Understanding cyber-crimes, prevention, and response is essential.
  • Mobile phones/computers become public when connected to internet; handle with care and awareness of best practices.
  • Think before sharing, verify information, and prefer authoritative sources.

Key Words

  • Network: Connection between two or more computers.
  • Internet: Connecting computers worldwide via routers and servers.
  • IP address: Address assigned to devices connected to a network (e.g., "168.192.10.3").
  • Internet protocol: Rules controlling internet data flow.
  • MAC Address: Unique identification number for internet-connected devices (e.g., D8-FC-93-C5-A5-EO).
  • Domain Name Server (DNS): Phonebook of the internet, linking domain names to IP addresses.
  • DHCP: Protocol assigning IP addresses to devices.
  • Router: Routes data to the appropriate path.
  • Bots: Programs controlling computers without user knowledge.