SWAMI VIVEKANANDA INSTITUTE OF MODERN

STUDIES

NAME: Anik Chatterjee

ROLL NUMBER: 35101221005

DEPARTMENT: BACHELOR OF COMPUTER APPLICATIONS (B.C.A)

SUBJECT: CYBER SECURITY

PAPER CODE: BCAC602

[1]
 ACKNOWLEDGEMENT

I would like to thank my Professor for guiding me throughout the course of this assignment. He
was there to help me every step of the way, and his motivation is what helped me complete this
assignment successfully. I thank all the teachers who helped me by providing the equipment that
was necessary and vital, without which I would not have been able to work effectively on this
assignment.
I would also like to express my sincere gratitude to my friends and parents, who stood by me and
encouraged me to work on this assignment.

[2]
 INTRODUCTION

Cyber Security is a process that’s designed to protect networks and devices from external threats.
Businesses typically employ Cyber Security professionals to protect their confidential
information, maintain employee productivity, and enhance customer confidence in products and
services.

The world of Cyber Security revolves around the industry standard of confidentiality, integrity,
and availability, or CIA. Privacy means data can be accessed only by authorized parties; integrity
means information can be added, altered, or removed only by authorized users; and availability
means systems, functions, and data must be available on-demand according to agreed-upon
parameters.

The main element of Cyber Security is the use of authentication mechanisms. For example, a
user name identifies an account that a user wants to access, while a password is a mechanism that
proves the user is who he claims to be.

[3]
 Hacking Concept

Defination
Hacking is the act of compromising digital devices and networks by gaining unauthorized access
to an account or computer system. A key part of understanding hacking is understanding the
intent behind it, which usually involves the hacker seeking access to digital infrastructure,
application data, and stealing sensitive customer information that could damage companies if
leaked online. When hacking is used to solicit money, it’s referred to as ransomware.
To better describe hacking, one needs to first understand hackers. One can easily assume them to
be intelligent and highly skilled in computers. In fact, breaking a security system requires more
intelligence and expertise than actually creating one. There are no hard and fast rules whereby
we can categorize hackers into neat compartments. However, in general computer parlance, we
call them white hats, black hats and grey hats. White hat professionals hack to check their own
security systems to make it more hack-proof. In most cases, they are part of the same
organisation. Black hat hackers hack to take control over the system for personal gains. They can
destroy, steal or even prevent authorized users from accessing the system. They do this by
finding loopholes and weaknesses in the system. Some computer experts call them crackers
instead of hackers. Grey hat hackers comprise curious people who have just about enough
computer language skills to enable them to hack a system to locate potential loopholes in the
network security system. Grey hats differ from black hats in the sense that the former notify the
admin of the network system about the weaknesses discovered in the system, whereas the latter
is only looking for personal gains. All kinds of hacking are considered illegal barring the work
done by white hat hackers.

[4]
 Types of Hacking

1) Phishing Attacks
Phishing is a form of luring users to provide vital information such as passwords or credit card
information. The malicious attackers disguise themselves as reputable companies or employees.
Phishing can further trick users into activities like clicking on malicious links that may install
viruses or lead to other forms of attacks.

2) Click jacking Attacks

Almost like phishing, clickjacking tricks the user into clicking on links. The links in this case can
be disguised as other functions such as the like button. Even worse, the elements a user may
click on are sometimes invisible, making the user vulnerable in such cases.

The links accidentally clicked on can lead to unintentional cash transfers, virus downloads,
product purchases, and links that install malware into computer systems.

3) Malware
Malware is the short form for malicious software that a user installs unintentionally. Malware
can be harmful to computer systems, networks, or programs and may lead to systems
crashing.Malware can include spyware, trojan horses, viruses, worms, or ransomware.

4) SQL Injection Attack

SQL injection is a form of attack that injects an SQL code into an application, allowing the
attacker to view, or even modify data in a computer system. The malicious code can allow the
attacker to execute SQL statements within a system.Other than manipulating data, the attacker
can get access to sensitive information, customer information, intellectual properties, and more.

5) Denial of Service
Also known as DOS, denial of service is a form of attack that denies the user access to certain
functions in their computer. An attacker can disrupt the network or the machine itself to make
the user unable to do basic tasks.

Ways that a DOS attacker can use include jamming a network with traffic or sending a code that
initiates a crash to the network.

Though denial of service rarely leads to theft, it can be a method to aid another form of crime.

[5]
6) Cross-Site Scripting
These are also called XXS attacks, and attackers use them to inject scripts into web applications
used by others. These attacks can enable hackers to bypass access. The danger with XXS is the
ability of cyber criminals to inject inaccurate data into trusted websites and execute other forms
of data breaches.

7) Session Attacks
In a session attack, a hacker can take over access to users’ online accounts or accounts, taking
over control to get access to sensitive data like personal information, passwords, and other
private data.

Types of Hackers

a) White Hat Hackers

White hat hackers are the good guys that are referred to as ethical hackers. The hackers gain
unauthorized access without criminal or malicious intent. Ethical hacking and certified
penetration testing methods can be used to identify weaknesses and security flaws in computer
networks in an attempt to have a more robust cybersecurity system in place.

The hacking process is often monitored, and results are compiled into a report that can then be
used to avert and anticipate future threats and fix identified weaknesses.

b) Black Hat Hackers

Unlike white hat hackers, black hat hackers are the “bad guys” who pose online threats to user
systems. Black hat hackers can use attacks to demand ransom, gain unauthorised access to
systems, steal information, and carry out different forms of criminal activities.

c) Gray Hat hackers

Grey hackers lie somewhere in between white and black hat hackers. A grey hat hacker would do
something like hacking a system to identify its weaknesses without any permission, then later
approach the owner with the report and offer to fix the system.

Some grey hackers can hack into systems just to show off their hacking techniques and technical
skills without any ill intent, but without permission either. Most grey hackers are out there to
prove a point that the internet is not a safe place to do any business.

[6]
d) Red Hat Hackers
A red hat hacker is more like a grey hat hacker, but to send a message. The message can be
political, social, or more inclined to vigilante-like activities. Unlike the grey hat hacker, the red
hat hacker is not after any payment and may often hack into systems for fame. Red hat hackers
often try to hack government systems or systems of high-ranking organizations.

e) Green Hat Hackers

Just like the name suggests, a green hat hacker is still “green” when it comes to matters of
hacking. A green hat hacker is not malicious but may unknowingly cause harm to systems.
Green hat hackers do not have the technical knowledge to bypass the security set up by most
organizations.

f) Elite Hackers
These are experienced hackers who are extremely skilled and can carry out black hat hacking or
white hat hacking. Some elite hackers prefer grey-hat hacking to show how good they are.
However, when elite hackers become cyber terrorists, they can cause a lot of damage.

g) Script Kiddies
Script kiddies are amateur hackers who use languages and programs written by others to hack.
The hackers can not write most of their programs. A script kiddie is more likely to be a black hat
hacker.

h) Blue Hat Hackers

Blue hat hackers use their hacking skills to create robust systems that can not be easily hacked
into. The difference between a white and a blue hat hacker is that the blue hat hackers do not try
to bypass systems or expose flaws but improve security measures instead, by providing security
intelligence.

i) Malicious Insiders
Often underestimated, a malicious insider is perhaps the most common type of hacker. Most
confidential data theft is a result of insiders who are under duress to do so or for personal gain.
While we think of criminal hackers as those skilled hackers behind computers, they can be
employees sitting at a desk without much knowledge of computers.

[7]
 Cyber Crimes

Cybercrime is criminal activity that either targets or uses a computer, a computer network or a
networked device. Most cybercrime is committed by cybercriminals or hackers who want to
make money. However, occasionally cybercrime aims to damage computers or networks for
reasons other than profit. These could be political or personal.
Cybercrime can be carried out by individuals or organizations. Some cybercriminals are
organized, use advanced techniques and are highly technically skilled. Others are novice hackers.

Cyber Laws

Cyber law, also known as internet law or digital law, signifies the legal regulations and
frameworks governing digital activities. It covers a large range of issues, including online
communication, e-commerce, digital privacy, and the prevention and prosecution of cybercrimes.
As the internet has become a fundamental part of our daily lives, cyber law has become crucial in
ensuring digital space's orderly and secure functioning.

The significance of cyber law lies in its capacity to navigate and regulate the intricate challenges
that arise from the pervasive use of technology. Cyberlaw provides a framework for protecting
individuals and organizations from cyber threats, ensuring the privacy and security of digital
transactions, and establishing guidelines for ethical and legal conduct in cyberspace. As the
digital world evolves, the importance of cyber law becomes more pronounced, serving as a
cornerstone for the responsible and lawful utilization of digital resources.

[8]
Conclusion

To conclude, we can say that Cyber Crime is a dangerous offense to someone’s privacy or any
material. Also, we can avoid Cyber Crime by following some basic logical things and using our
common sense. Above all, Cyber Crime is a violation of not only law but of human rights too.

[9]
 References

Theory :
1)Toppr.com
2) GeeksforGeeks.com
3) Tutorialspot.com
Information and Knowledge :
Madhumita Saha Ghosh

[10]