By: Sanjenbam Jugeshwor Singh.
Computer security, Cyber security or information technology security (IT security) is the protection of computer system from theft or damage to their hardware, software or electronic data as well as from disruption or misdirection of the services they provide. The field is growing importance due to increasing reliance on computer system, the Internet and wireless networks such as Bluetooth and Wi-Fi and due to the growth of smart devices including smart phones, television and various tiny devices that constitute the Internet of things. Due to its complexity both in terms of politics and technology, it is also one of the major challenges of the contemporary world.
A vulnerability is a weakness in design, implementation, operation or internal control. Most of the vulnerabilities that have been discovered are documented in the common vulnerabilities and exposure (CVE) database. An exploitable vulnerability is one for which at least one working attack or exploit exist. Vulnerabilities are often hunted or exploited with the aid of automated tools or manually using customized scripts. To secure a computer system ,it is important to understand the attacks that can be made against it, and these threats can typically classified as(i) Backdoor in computer system ,a cryptosystem or an algorithm is any secrete method of bypassing normal authentication or security control (ii) Denial –of-service attacks(DoS)are designed to make a machine or network resource unavailable to its intended users(iii) Direct-access attacks, which is an unauthorized user gaining physical access to a computer is most likely able to directly copy data from it.(iv) Eavesdropping is the act of surreptitiously listening to a private conversation ,typically between hosts on a network.(v) Multivector, polymorphic attacks ,surfacing in 2017 ,a new class of multivector, polymorphic cyber threats .(vi) Phishing is the attempt to acquire sensitive information such as usernames, passwords and credit card details directly from users.(vii) Privilege escalation describes a situation where an attacker with some level of restricted access is able to without authorization ,elevate their privilege or access level.(viii) Social Engineering aims to convince a user to disclose secrets such as passwords ,card number etc.(ix) Spoofing is the act of masquerading as a valid entity through falsification of data such as IP address or username in order to gain access to information or resources that one is authorized to obtain.(x) Tampering describe a malicious modification of product.
Many people think of cybersecurity as a highly technical challenge, one that consumes the brain power of technical experts, however the general public plays a vital role in cybersecurity. If cybersecurity & cybercrime deterrence are not treated as priorities, the rate at which system and data are abused will continue to rise, further undermining the public’s trust in technology. The growth in the number of computer systems and the increasing reliance upon them of individuals ,businesses ,industries and government means that there are an increasing number of system at risk, which may be financial system, utilities and industrial equipment, Aviation, Consumer devices ,Large corporations, Automobiles , Government, Internet of things and physical vulnerabilities, medical systems, energy sector etc. Serious financial damage has been caused by security breaches but because there is no standard model for estimating the cost of an incident, the data available is that which is made public by the organization involved. As with physical security, the motivations for breaches of computer security vary between attackers.
In computer security a countermeasure is an action, device, procedure or technique that reduces a threat, a vulnerability or an attack by eliminating or preventing it by minimizing the harm it can cause or by discovering and reporting it so that corrective action can be taken. Some common countermeasure are: Security by design, security architecture, Security measures, Vulnerability management, reducing vulnerabilities, Hardware protection mechanisms ,Secure operating systems, secure coding ,capabilities and access control lists, end user security training, response to breaches. Incident response is an organized approach to addressing and managing the aftermath of a computer security incident or compromise with the goal of preventing a breach or thwarting a cyber-attack. Incident response planning allows an organization to establish a series of best practices to stop an intrusion before it causes damage. Four key components of computer security incident response plan are: preparation, detection & analysis, containment, eradication & recovery and post incident activity. Some of the important components of Network security are- Anti-virus and anti-spyware, Firewall to block unauthorized access to your network, intrusion prevention system (IPS) to identify fast-spreading threats such as zero day or zero hour attacks and Virtual Private networks((VPNs) to provide secure remote access.
International legal issues of cyber-attacks are complicated in nature. There is no global base of common rules to judge and eventually punish, cybercrimes and cybercriminals and cyber security firms or agencies do locate the cybercriminals behind the creation of a particular piece of malware or form of cyber-attack ,often the local authorities cannot take action due to lack of laws under which to prosecute. The role of government is to make regulations to force companies and organizations to protect their systems, infrastructure and information from any cyber- attacks but also to protect its own national infrastructure such as the national power grid. In India some provisions for cyber security have been incorporated into rules framed under the Information Technology Act 2000.The National Cyber Security policy 2013 is a policy framework by Ministry of Electronics and Information Technology (MeitY) which aims to protect the public and private infrastructure from cyber-attack and safeguard information such as personal information (of web user), financial and banking information and sovereign data. CERT-In is the nodal agency which monitors the cyber threats in the country. The Indian Companies Act 2013 has also introduced cyber law and cyber security obligations on the part of Indian directors. Some provisions for cyber security have been incorporated into rules framed under the Information Technology Act 2000 updated in 2013.On the top of all these legality, what we can do simply is educate yourself and others on the preventive measures you can take in order to protect yourself as an individual or as a business.
Some of the important tips about cyber security that we common people can do are: become vigilant when browsing websites, flag and report suspicious e-mails, never click on unfamiliar links or ads, use a VPN whenever possible, ensure websites are safe before entering credentials, keep antivirus/ application system up to date, use strong passwords with 14+ characters.