3.

6 Cyber security: Introduction, common security threats and security mechanisms

Introduction
Cyber security is the practice of defending computers, servers, mobile devices, electronic
systems, networks and data from malicious attacks. It’s also known as information technology
security or electronic information security.
In other words, the activity of protective information and knowledge systems like networks,
computers database, data centres and applications with appropriate procedural and technological
security measures is referred to as cyber-security.
It is all about safeguarding networks, systems, devices, and confidential data from external
malicious threats like phishing, scams, ransomware, viruses to name a few.
Firewalls, antivirus computer code, and other technological solutions for safeguarding personal
data and computer networks are essential but not sufficient to ensure security.
Cyber security is considered as a national security. An issue of each nation could impact the lives
of citizens each day. Security helps to ensure the confidentiality, availability, and integrity of
information systems by preventing Cyber security attacks.
The public-private engagement may take a variety of forms and may address awareness, training,
technological improvements, vulnerability remediation and recovery operations.
Cybersecurity plays an important role in the development of IT, as well as internet services.
These five basic controls are essential for better cyber security in our organization
i. Use a firewall to secure your net affiliation,
ii. Choose the most secure settings for your devices and software,
iii. Control who has access to your data and services,
iv. Protect yourself from viruses and other malware and
v. Keep your devices and software up to date.
International cybersecurity recommendations often mention building and developing human and
technological capacities. In developing countries, where IT has reached its peak, the security of
compiled, stored and transmitted data is almost essential.
No country could claim to have a full understanding of the possible cause of cybercrime and the
potential harm that can result from it. No cyber knowledge can be fully under the control of
security forces.
Cyber Law:
Cyber law is the law governing the digital world and it governs the security and privacy of
information, crimes relating to the damages. Cyber laws have become essential in view of the
rapid developments in ICTs.
The states can respond to computer crime and related criminal law issues associated with these
developments. It is the law that has a spread of problems associated with the web and different
communication technology.
In Nepal, cyber law is called as Electronic Transactions Act (ETA) 2063 which was passed in
2004. Cyber law is a law that governs the facts that happen in the intangible digital world such as
giving legal status to intangible information in cyberspace.
The field of cyber laws is essential and valid for the control of cyber matters. The government
must be transparent in its function. It is the responsibility of the state to introduce strong enough
legislation to deter cybercrime, threats, attract and suppress the misuse of internet and other
cyber media for any illegal activities.
Security is primarily about securing the ICT tools of any organization. Assets can be internal or
external, such as data, information, knowledge resources, programs, hardware and networks, and
so on.
Cyber warfare poses a major threat to highly computerized societies and culture. No country has
been able to develop a security policy that would guarantee full security in communication
practices in the context of the world.
Different countries have completely different cyber laws and cyber law enforcement agencies. In
Nepal, cyber law is referred to as Electronic transaction Act (ETA) 2063. Technology can
threaten the nation with criminal activities. Cyber laws are very important. They provide security
not only to the intellectual property of IT companies, but also help to preserve the privacy of
Internet users. It helps us protect and strengthen the world's IT economy.
Security Threats
There are computer security threats which can risk program, data and information at the local
computer and in the clouds. So, we discuss them here as Cyber Security Threats and in the next
section, we will discuss some measures to protect from these threats.
a) Phishing: Phishing is the fake attempt to obtain sensitive information such as usernames,
passwords and credit card details by disguising oneself as a trustworthy entity in an electronic
communication. Typically carried out by email spoofing or instant messaging, it often directs
users to enter personal information at a fake website which matches the look and feel of the
legitimate site. It could involve an attachment to an email that loads malware onto your
computer. It could also be a link to an illegitimate website that can trick you into downloading
malware or handing over your personal information.
b) Botnet: A botnet is a logical collection of Internet-connected devices such as computers,
smartphones or internet of things (IoT) devices whose security have been breached and control is
given away to a third party. Each compromised device, known as a"bot", is created when a
device is penetrated by software from a malware (malicious software) distribution. The controller
of a botnet is able to direct the activities of these compromised computers through
communication channels formed by standards-based network protocols, such as Hypertext
Transfer Protocol (HTTP). Botnets are increasingly rented out by cybercriminals as commodities
for a variety of purposes.
c) Rootkit: A rootkit is a malicious code (kit) that hides in system area provides continued
Administrator's (root) privileged access to a computer while actively hiding its presence. Once a
rootkit has been installed, the controller of the rootkit has the ability to remotely execute files
and change system configurations on the host machine. A rootkit on an infected computer can
also access log files and spy on the legitimate computer owner’s usage.
d) Keylogger: Keylogger is hardware or software for recording the keys pressed on a keyboard
secretly so that person using the keyboard does not know that their actions are being monitored.
Data can then be retrieved by the person operating the logging program. While the programs
themselves are legal, with many of them being designed to allow employers to oversee the use of
their computers, keyloggers are most often used for stealing passwords and other confidential
information.
e) Hacker: A computer hacker is any skilled computer expert who uses his/her technical
knowledge to overcome a problem. While "hacker" can refer to any skilled computer
programmer, the term has become associated in popular culture with a "security hacker".
Security hackers are people involved with circumvention of computer security. Among security
hackers, there are several types, including Whit hats, Black hats and Grey hats hackers.
f) Drive-by attack: Drive-by download attacks are a common method of spreading malware.
Hackers look for insecure websites and plant a malicious script into HTTP or PHP code on one
of the pages. This script might install malware directly onto the computer of someone who visits
the site, or it might re-direct the victim to a site controlled by the hackers. Drive-by downloads
can happen when visiting a website or viewing an email message or a pop-up window. Unlike
many other types of cyber security attacks, a drive-by doesn’t rely on a user to do anything to
actively enable the attack — you don’t have to click a download button or open a malicious
email attachment to become infected. A drive-by download can take advantage of an app,
operating system or web browser that contains security flaws due to unsuccessful updates or lack
of updates.
To protect yourself from drive-by attacks, you need to keep your browsers and operating systems
up to date and avoid websites that might contain malicious code.
ii. Malicious codes
Malicious code is the kind of harmful computer code or web script designed to create system
vulnerabilities leading to back doors, security breaches, information and data theft, and other
potential damages to files and computing systems.
It's a type of threat that may not be blocked by antivirus software on its own. It is an auto-
executable application that can activate itself and take on various forms, including Java Applets,
ActiveX controls, pushed content, plug-ins, scripting languages or other programming languages
that are designed to enhance Web pages and email.
The code gives a cybercriminal unauthorized remote access to the attacked system — called an
application back door — which then exposes sensitive company data. By unleashing it,
cybercriminals can even wipe out a computer's data or install spyware.
Security mechanisms
i. Authentication System
The process of identifying an individual usually based on a username and password is called an
authentication system. In security systems, authentication is distinct from authorization, which is
the process of giving individuals access to system objects based on their identity. Let’s discuss
about the different authentication system:
a. Password
A password is a memorized secret used to confirm the identity of a user. In general, a password is
a string of characters including letters, digits, or other symbols. If only numbers are allowed in
the secret code, then it is called a Personal Identification Number (PIN). In computer system
password normally comes with a username. The combination of username and password that is
used to access a resource is offer called credentials. Credentials are required to gain access to our
email, restricted sites, banks website to manage our account, open our computer, and so many
other places. We have to keep the password secure and strong so that unauthorized users may not
gain access to the resource and misuse it with our identity. Following are some of the tips to
make our password secure and strong:
 Never share your credentials online.
 Don't use easily guessable the name of a pet, child, family member, birthdays, birthplace,
name of a favourite holiday.
 Don't use a sequence like abcd or 1234 which are, again, easily guessable.
 Mix characters, numbers and symbols. Also, mix small and capital letters.
 Avoid using the same password in all applications.
 Change password periodically.
b. Biometric
Nowadays, the character or numeric passwords are being replaced by biometric authentication.
Fingerprints, face detection or retina detection are being used as biometrics authentication.
Biometrics authentication is considered more secure than string password.
c. Firewalls
When it comes to preventing unauthorized access of the third party in a private network,
firewalls are used. A firewall is the network security systems that monitors and controls the
traffic flow between the Internet and private network or private computer on the basis of a set of
user-defined rules.
Firewalls shelter the computer network of an organization against unauthorized incoming or
outgoing access and provide the best network security. Firewall can be a hardware firewall,
software firewall or firewall incorporated in Operating System such as Windows Firewall. An OS
incorporated firewall is a component of the Operating System and we can enable its operation by
turning its access on. We can enable Windows firewall in our computer to protect it from
unwanted traffic from the Internet.
d. Cryptography
We share data and information with other people and institutions through the Internet. There are
many ways we can share files- we can send them as email attachments, we can share them from
online storage spaces. We can also share them from websites. There are data presented in the
form of webpages, downloads from and upload to the HTTP or FTP sites and exchange of data
using online forms.
There is a great risk that these data we have shared through the Internet are accessed by
unauthorized users from cloud storage or they are intercepted by hackers during the transmission.
There are also risks that the message or multimedia like: pictures or video clips that we share,
post or stream are copied or recorded by other party and misused. There are many instances that
the private, sensitive or objectionable picture or video clips that we share with our social media
friends are captured or recorded and misused. So the rule of thumb, is not to share personal and
objectionable data through social media or messaging apps. Here, let's discuss some ways of
securing data while storing or transferring them online.
We can protect our files with strong passwords so that the hacker cannot open it. A more reliable
way is to use cryptography.
Cryptography is the study of secure communications techniques that allow only the sender and
intended recipient of a message to view its contents. The term is derived from the Greek word “
kryptos”, which means hidden. More generally, cryptography is about constructing and analysing
protocols that prevent third parties or the public from reading private messages. Cryptography
includes ensuring that data/ message cannot be understood by an unauthorized user. There are
different types of cryptography technology used.
i. Encryption
ii. Decryption
iii. Malware: viruses, spyware, worms, adware, nagware, trojan,etc.
Antivirus Software
Antivirus software, nowadays also known as anti-malware, is a computer program used to
prevent, detect, and remove malware.
Backup system
Backup is the system of copying data and programs into another location or creating a duplicate
copy of it’s in a secured place. Backups are essential to computer security system to save
important data and programs from the accidental or intentional harm.
Cyber safety tips – protection against Cyberattacks
While it may not be possible to completely eradicate cybercrime and ensure complete internet
security, businesses can reduce their exposure to this cybercrime by maintaining an effective
cyber security strategy using a deep approach to system, network and data security.
Cybercrime risks can be reduced with the following steps:

 Keeping software and operating system up to date ensures that we benefit from the latest
security patches to protect our computer.
 Using anti-virus is a smart way to protect system from attacks. It allows us to scan,
detect and remove threats before they become a problem. Having this protection in place
helps to protect our computer and our data from cybercrime, giving peace of mind.
 Using strong passwords that people can't guess or record anywhere. Or use a reputable
password manager to randomly generate strong passwords to make it easier.
 Do not open email attachments from unknown senders as they may be infected with
malware.
 Do not respond to emails requesting personal information, credit card number, pin-code,
password etc.
 Backup data and information regularly to reduce the damage in the event of a
ransomware attack or data breach.
 Avoid using unsecure WiFi networks in public places as these unsecure network make us
vulnerable to man-in-the middle attacks.
 Keeping word/ PIN codes safe and memorize. Read privacy and policy statements
before any transaction.
 Keep in mind which website URLs we visit. Track the URLs we click. Do not click on
links with unknown or spam URLs. Log out immediately after completing an online task.
 Monitor your bank statements and inquire about any unknown bank transactions. The
bank can investigate whether they are fraudulent.
 Be careful when communicating with people met online. Remove inappropriate profile
information.
 Do not post personal information on social media.
 While using the Internet in a public place, remember that Internet browsers save the
password in this browser and the account can be hacked.
 Firewalls monitor open connections including email attachments, block unauthorized
incoming and outgoing Internet traffic, and block Internet add-ons such as cookies, pop-
ups, etc.