STUDY OF MEASURES TO BE TAKEN FOR ENSURING

CYBER SECURITY

 Introduction:
Today man is able to send and receive any form of data may be an e-mail or
an audio or video just by the click of a button but did he ever think how
securely his data id being transmitted or sent to the other person safely without
any leakage of information?? The answer lies in cyber security. Today Internet
is the fastest growing infrastructure in everyday life. In today’s technical
environment many latest technologies are changing the face of the mankind.
But due to these emerging technologies we are unable to safeguard our private
information in a very effective way and hence these days cyber-crimes are
increasing day by day.

Today more than 60 percent of total commercial transactions are done online,
so this field required a high quality of security for transparent and best
transactions. Hence cyber security has become a latest issue. The scope of
cyber security is not just limited to securing the information in IT industry but
also to various other fields like cyber space etc.
Even the latest technologies like cloud computing, mobile computing, E-
commerce, net banking etc also needs high level of security. Since these
technologies hold some important information regarding a person their
security has become a must thing. Enhancing cyber security and protecting
critical information infrastructures are essential to each nation's security and
economic wellbeing.
Making the Internet safer (and protecting Internet users) has become integral
to the development of new services as well as governmental policy. The fight
against cyber-crime needs a comprehensive and a safer approach. Given that
technical measures alone cannot prevent any crime, it is critical that law
enforcement agencies are allowed to investigate and prosecute cyber-crime
effectively. Today many nations and governments are imposing strict laws on
cyber securities in order to prevent the loss of some important information.
Every individual must also be trained on this cyber security and save
themselves from these increasing cyber-crimes.

Cyber Crime:
Cyber-crime is a term for any illegal activity that uses a computer as its
primary means of commission and theft. The U.S. Department of Justice
expands the definition of cyber-crime to include any illegal activity that uses
a computer for the storage of evidence. The growing list of cyber-crimes
includes crimes that have been made possible by computers, such as network
intrusions and the dissemination of computer viruses, as well as computer-
based variations of existing crimes, such as identity theft, stalking, bullying
and terrorism which have become as major problem to people and nations.

Usually in common man’s language cyber-crime may be defined as crime

committed using a computer and the internet to steel a person’s identity or sell
contraband or stalk victims or disrupt operations with malevolent programs.
As day by day technology is playing in major role in a person’s life the cyber-
crimes also will increase along with the technological advances.
 Cyber Security:
Cybersecurity is the protection of internet-connected systems such as
hardware, software and data from cyber-threats. The practice is used by
individuals and enterprises to protect against unauthorized access to data
centres and other computerized systems.
The goal of implementing cybersecurity is to provide a good security posture
for computers, servers, networks, mobile devices and the data stored on these
devices from attackers with malicious intent. Cyber-attacks can be designed
to access, delete, or extort an organization’s or user’s sensitive data; making
cybersecurity vital., Medical, government, corporate and financial
organizations, may all hold vital personal information on an individual, for
example.

Cybersecurity is a continuously changing field, with the development of

technologies that open up new avenues for cyberattacks. Additionally, even
though significant security breaches are the ones that often get publicized,
small organizations still have to concern themselves with security breaches,
as they may often be the target of viruses and phishing.
To protect organizations, employees and individuals, organizations and
services should implement cybersecurity tools, training, risk
management approaches and continually update systems as technologies
change and evolve.

 Types of Cyber Security threats –

The process of keeping up with new technologies, security trends and
threat intelligence is a challenging task. However, it's necessary in order
to protect information and other assets from cyber threats, which take
many forms. Cyber threats can include:

 Malware is a form of malicious software, which any file or program

can be used to harm a computer user, such as worms, computer
viruses, Trojan horses and spyware.

 Ransomware attacks are a type of malware that involves an attacker

locking the victim's computer system files -- typically through
encryption -- and demanding a payment to decrypt and unlock them.

 Social engineering is an attack that relies on human interaction to

trick users into breaking security procedures to gain sensitive
information that is typically protected.
  Phishing is a form of fraud where fraudulent emails are sent that
resemble emails from reputable sources; however, the intention of
these emails is to steal sensitive data, such as credit card or login
information.

 Elements of Cyber Security-

Ensuring cybersecurity requires the coordination of security efforts
made throughout an information system, including:
 Application security
 Information security
 Network security
 Disaster recovery/business continuity planning
 Operational security
 End-user education
It can be a challenge in cybersecurity to keep up with the changing of
security risks. The traditional approach has been to focus resources on
crucial system components and protect against the biggest known
threats, which meant leaving components undefended and not
protecting systems against less dangerous risks.

To deal with the current environment, advisory organizations are

promoting a more proactive and adaptive approach. In USA, The
National Institute of Standards and Technology (NIST), for example,
issued updated guidelines in its risk assessment framework that
recommend a shift toward continuous monitoring and real-time
assessments.

Version 1.1 of the Framework for Improving Critical Infrastructure was

released in April 2018. The voluntary cybersecurity framework,
developed for use in the banking, communications, defence and energy
industries, can be adopted by all sectors, including federal and state
governments. President Donald Trump issued an executive order
mandating that federal agencies adopt the NIST Cybersecurity
Framework (NIST CSF) in May 2017.
As a result of security risks, investments in cybersecurity technologies
and services are increasing. In the past, Gartner had predicted that
worldwide spending on information security products and services
would grow to $114 billion in 2018, and another 8.7% increase to $124
billion in 2019. Later, in 2019, Gartner had also predicted spending in
enterprise security and risk management to grow 11% in 2020 regarding
Middle East and North Africa.
 Benefits of Cyber Security-
Benefits of utilizing cybersecurity includes-
 Business protection against malware, ransomware, phishing and
social engineering.
 Protection for data and networks.
 Prevention of unauthorized users.
 Improves recovery time after a breach.
 Protection for end-users.
 Improved confidence in the product for both developers and
customers.
 Cybersecurity challenges-
Cybersecurity is continually challenged by hackers, data loss, privacy,
risk management, and changing cybersecurity strategies. Nothing
currently indicates that cyber-attacks will decrease. Moreover, with the
more entry points, there are for attacks, the more cybersecurity is
needed to secure networks and devices.
One of the most problematic elements of cybersecurity is the
continually evolving nature of security risks. As new technologies
emerge, and technology is used in new or different ways, new avenues
of attack are developed as well. Keeping up with these continual
changes and advances in attacks can be challenging to organizations, as
well as updating their practices to protect against them. This also
includes ensuring that all the elements of cybersecurity are continually
changed and updated to protect against potential vulnerabilities. This
can be especially challenging for smaller organizations.
Additionally, today, there is a lot of potential data an organization can
gather on individuals who take part in one of their services. With more
data being collected, the likelihood of a cybercriminal who wants to
steal personally identifiable information is another concern. For
example, an organization that stores personally identifiable information
in the cloud may be subject to a ransomware attack, and should do what
they can to prevent a cloud breach.
Cybersecurity should also address end-user education, as an employee
may accidently bring a virus into a workplace on their work computer,
laptop, or smartphone.
 Another large challenge to cybersecurity includes a job shortage. As
growth in data from businesses become more important, the need for
more cybersecurity personnel to analyze, manage and respond to
incidents increases. It is estimated that there are two million unfilled
cybersecurity jobs worldwide. Cybersecurity Ventures also estimates
that by 2021, there will be up to 3.5 million unfilled cybersecurity jobs.
However, new advances in machine learning and artificial intelligence
(AI) have started to be developed to help in organizing and managing
data -- although not to the effect needed.

 Cybersecurity vendors-
Vendors in cybersecurity fields will typically use endpoint, network and
advanced threat protection security as well as data loss prevention.
Three commonly known cybersecurity vendors include Cisco, McAfee
and Trend Micro.
Cisco tends to focus on networks and allows its customers to utilize
firewalls, VPNs and advanced malware protection along with
supporting email and endpoint security. Cisco also supports real-time
malware blocking.
McAfee makes cybersecurity products for consumers and enterprise
users. McAfee supports mobile, enterprise clouds, network, web and
server-based security. Data protection and encryption is also offered.
Trend Micro is an anti-malware vendor which offers threat protection
for mobile, hybrid clouds, SaaS and the IoT. Trend Micro provides
users with endpoint, email and web security.
Types of Attacks:
An attack can be active or passive-
 An "active attack" attempts to alter system resources or affect their
operation.
 A "passive attack" attempts to learn or make use of information from
the system but does not affect system resources (e.g., wiretapping).
 An attack can be perpetrated by an insider or from outside the
organization;
An "inside attack" is an attack initiated by an entity inside the security
perimeter (an "insider"), i.e., an entity that is authorized to access system
resources but uses them in a way not approved by those who granted the
authorization.
An "outside attack" is initiated from outside the perimeter, by an
unauthorized or illegitimate user of the system (an "outsider"). In the
Internet, potential outside attackers range from amateur pranksters to
organized criminals, international terrorists, and hostile governments.

A resource (both physical or logical), called an asset, can have one or more
vulnerabilities that can be exploited by a threat agent in a threat action. As
a result, the confidentiality, integrity or availability of resources may be
compromised. Potentially, the damage may extend to resources in addition
to the one initially identified as vulnerable, including further resources of
the organization, and the resources of other involved parties (customers,
suppliers). The so-called CIA triad is the basis of information security. The
attack can be active when it attempts to alter system resources or affect
their operation: so, it compromises integrity or availability. A "passive
attack" attempts to learn or make use of information from the system but
does not affect system resources: so, it compromises confidentiality.
A threat is a potential for violation of security, which exists when there is
a circumstance, capability, action or event that could breach security and
cause harm. That is, a threat is a possible danger that might exploit a
vulnerability. A threat can be either "intentional" (i.e., intelligent; e.g., an
individual cracker or a criminal organization) or "accidental" (e.g., the
possibility of a computer malfunctioning, or the possibility of an "act of
God" such as an earthquake, a fire, or a tornado). A set of policies
concerned with information security management, the information security
management systems (ISMS), has been developed to manage, according to
risk management principles, the countermeasures in order to accomplish to
a security strategy set up following rules and regulations applicable in a
country.
An attack should lead to a security incident i.e. a security event that
involves a security violation. In other words, a security-relevant system
event in which the system's security policy is disobeyed or otherwise
breached. The overall picture represents the risk factors of the risk scenario.
An organization should make steps to detect, classify and manage security
incidents. The first logical step is to set up an incident response plan and
eventually a computer emergency response team. In order to detect attacks,
a number of countermeasures can be set up at organizational, procedural
and technical levels. Computer emergency response team, information
technology security audit and intrusion detection system are examples of
these. An attack usually is perpetrated by someone with bad intentions:
black hatted attacks falls in this category, while other perform penetration
testing on an organization information system to find out if all foreseen
controls are in place.
The attacks can be classified according to their origin: i.e. if it is conducted
using one or more computers: in the last case is called a distributed attack.
Botnets are used to conduct distributed attacks. Other classifications are
according to the procedures used or the type of vulnerabilities exploited:
attacks can be concentrated on network mechanisms or host features.
Some attacks are physical: i.e. theft or damage of computers and other
equipment. Others are attempts to force changes in the logic used by
computers or network protocols in order to achieve unforeseen (by the
original designer) result but useful for the attacker. Software used to for
logical attacks on computers is called malware.
 Passive-
a) Computer and network surveillance.
b) Network-
i. Wiretapping.
ii. Fiber tapping.
iii. Port scan.
iv. Idle scan.
c) Host-
i. Keystroke logging.
ii. Data scraping.
iii. Backdoor.

 Active-
a) Denial-of-service attack-
DDos or Distributed Denial of service attack is an attempt made
by the hacker to block access to a server or a website that is
connected to the Internet. This is achieved using multiple
computerized systems, which overloads the target system with
requests, making it incapable of responding to any query.
b) Spoofing.
c) Mixed threat attack.
d) Network-
i. Man-in-the-middle.
ii. Man-in-the-browser.
iii. ARP poisoning.
iv. Ping flood.
v. Ping of death.
vi. Smurf attack.
e) Host-
i. Buffer overflow.
ii. Heap overflow.
iii. Stack overflow.
 iv. Format string attack.

Life in a Networked World:

Rapid Development in Information and Technology-
 Speed of Microprocessor chips doubles every 12-18 months.
 Storage Density doubles every 12 months.
 Bandwidth is doubling every 12 months.
 Price keeps dropping making technology affordable & pervasive.

 The Internet in India by 2020:

 Evolution of Cyber Security:

It used to be that programmers created and launched annoying but mild virus
and spam malware to show the world just how brilliant they were and to gain
notoriety. Today, we live in a very different world where cyber threats and
attacks are recognized as significant global, political and commercial
challenges with serious financial and reputational consequences.
The cyber-criminal community has evolved from pranksters, lone wolves, and
organized gangs to nation-states and hacktivist groups whose primary results
have been increased costs and lost productivity. As enterprises and
governments connect literally everything to the Internet, the size of their attack
 surface has grown, opening more opportunities for cyber criminals. Many of
their current exploits are going unnoticed.

Viruses (1990s)
Anti-Virus, Firewalls

Worms (2000s)
Intrusion Detection & Prevention

Botnets (late 2000s to Current)

DLP, Application-aware Firewalls, SIM

APT, Insiders (Current)

Network Flow Analysis
 Cyber Threat Evolution:

Cybersecurity is evolving at a rapid pace and certainly, there is no slowing

down. From the time of the first virus attack in 1989, The Morris Worm which
infected around 6000 computers then to today where cybersecurity has
become a board-room level concern.

 Cyber Situation in India:

 India ranks 3rd in terms of the highest number of internet users in the world
after USA and China, the number has grown 6-fold between 2012-2017
with a compound annual growth rate of 44%.
 India secures a spot amongst the top 10 spam-sending countries in the
world alongside USA.
 India was ranked among the top five countries to be affected by
cybercrime, according to a 22 October report by online security firm”
Symantec Corp”.
 Recent Cyber Attack in India:

JULY 2016 MAY 2017 MAY 2017 JUNE 2017

Union Bank of WANNACRY DATA THEFT PETYA
India Heist- RANSOMWARE- AT ZOMATO- RANSOMWARE-
Through a The global The food tech The ransomware
phishing email ransomware attack company attack made its
sent to an took its toll in India discovered that impact felt across
with several
employee, hackers data, including the world, including
thousand computers
accessed the getting locked down names, email IDs India, where
credentials to by ransom-seeking and hashed container handling
execute a fund hackers. The attack passwords, of 17 functions at a
transfer, swindling also impacted million users was terminal operated by
Union Bank of systems belonging stolen by an the Danish firm AP
India of $171 to the Andhra ‘ethical’ hacker Moller-Maersk at
Pradesh police and
million, Prompt who demanded the Mumbai’s
state utilities of
action helped the West Bengal. company must Jawaharlal Nehru
bank recover acknowledge its Port Trust got
almost the entire security affected.
money. vulnerabilities-and
put up for sale on
the Dark Web.

 Measures to be Taken for Ensuring Cyber Security:

 Install a firewall. Just as a real firewall keeps an inferno in one room from
spreading to the rest of the building, a computer firewall blocks unwanted
information and people from entering a business' computer system from
the Internet. Once the firewall is in place and working, never turn it off of
any computer in the business.

 Set up an Access Control List. This will allow your business' system
administrator to control which employee have access to the computer
system or certain parts of the computer system and whether they can log in
remotely or only from the office.
 Change the default passwords for the company's point of sale
system. A vulnerability the Verizon report mentions specifically is
businesses failing to change the POS password credentials from the
manufacturer's default setting to a custom password for the company. The
report also recommends making sure that all third-party vendors change
passwords as well.

 Establish security roles and responsibilities. Identify which employees

need to have access to the business information and set up responsibilities
for those employees. The Federal Communications
Commission recommends setting a period of time an employee must be in
the role before access rights are granted.

 Establish policies for Internet and social media usage. If your business
wants to limit the use of the Internet and social media to break time, make
sure the employees know the policy.

 Use a Web-filtering system. These programs can block harmful sites as

well as sites that may be inappropriate for viewing during company time.

 Use Internet security programs on each computer. The programs work

in addition to the firewall to help block malicious software from attacking
the computer and compromising data.

 Be wary of peer-to-peer sites. If your company uses peer-to-peer sharing,

be cautious of the security of such connections and learn what the peer
site's safeguards are.
 Keep the most critical data offline. Organize your business' data and keep
the most critical information—such as customers' personal information—
offline.
 Get cybercrime insurance. This kind of policy covers the liability of the
company in the case of a cyberattack or a data breach. Some policies cover
direct loss, legal liability and consequential loss from security breaches.
Some insurance carriers also offer network security risk assessments to
determine your company's exposure risk to attack.
 Advantages and Disadvantages of Cyber Security:

Advantages Disadvantages

Protects system against viruses, worms, Firewalls can be difficult to configure

spyware and other unwanted programs. correctly.

Protection against data from theft. Incorrectly configured firewalls may block
users from performing certain actions on the
Internet, until the firewall configured
correctly.

Protects the computer from being hacked. Makes the system slower than before.

Minimizes computer freezing and crashes. Need to keep updating the new software in
order to keep security up to date.

Gives privacy to users Could be costly for average user.