Cyber security Tutorial

Introduction of cyber security :

Cybersecurity is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic information security.

The term "cybersecurity" applies in a variety of contexts, from business to mobile computing, and can be divided into a few common categories.

● Network security is the practice of securing a computer network from intruders,whether targeted attackers or opportunistic malware.

● Application security focuses on keeping software and devices free of threats. A compromised application could provide access to the data its designed to protect. Successful security begins in the design stage, well before a program or device is deployed.

● Information security protects the integrity and privacy of data, both in storage and in transit.

●Operational security includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella.

■ Define cyberspace 

Cyberspace is defined as the dynamic and virtual space that connects the different computer systems . 

=> Characteristics of cyberspace

 It is a boundary less space

 Cyberspace is virtual space

 ICT(Information and Communications Technology) is the foundation of cyberspace

 Low cost of access

 It is virtual but made up of physical objects

 It is impartial space

 Nobody owns cyberspace

 Nobody can regulate, control and track cyberspace

■ Application of cyberspace

1. Different ways of communication such as email,

conferencing etc.

2. Social interaction such as Facebook, WhatsApp

3. Cloud computing

4. Government application

5. Military application

6. Job searching

7. Health and medicine application

8. Online shopping

9. Communication

10. Findings books etc

11. Travelling (online ticket booking)

12. Online entertainment

13. Research activities

= > Types of Cyber Threats

1. Malware: Malicious software such as viruses, ransomware, and spyware.

2. Phishing: Deceptive attempts to obtain sensitive information by disguising as a trustworthy entity.

3. Man-in-the-Middle Attacks (MitM): When an attacker intercepts and possibly alters communication between two parties.

4. Denial-of-Service Attacks (DoS): Attacks that overwhelm systems, servers, or networks with traffic to exhaust resources

and bandwidth.

5. SQL Injection: Inserting malicious SQL code into a query to manipulate a database.

6. Zero-Day Exploits: Attacks on vulnerabilities in software that are not yet known to the vendor.

■ Concept of cyber security

     Cybersecurity refers to the practice of protecting systems, networks, and programs from digital attacks.

    These cyberattacks are usually aimed at accessing, changing, or destroying sensitive information, extorting money from users, or interrupting normal business processes.

    Implementing effective cybersecurity measures is particularly challenging today because there are more devices than people, and attackers are becoming more innovative.

■ Issues and challenges of cyber security

- Cyber security faces a myriad of issues and challenges that evolve continuously as technology advances. Here are some of the key issues and challenges in the field:

1. Advanced Persistent Threats (APTs)

● Nature: These are prolonged and targeted cyber attacks in which an intruder gains access to a network and remains undetected for an extended period.

● Challenges: Difficult to detect, sophisticated in nature, often state-sponsored, and can cause significant damage over time.

2. Ransomware

●  Nature: Malware that encrypts a victim's data and demands a ransom to restore access.

● Challenges: Rapid evolution of ransomware strains, increasing frequency, and significant financial impact on businesses and individuals.

3. Phishing and Social Engineering

●Nature: Techniques used to trick individuals into revealing sensitive information or performing actions that compromise security.

● Challenges: Increasingly sophisticated and personalized attacks, difficult to defend against purely with technology, and requires

continuous user education.

4. IoT Vulnerabilities

■ Nature: Internet of Things (IoT) devices often have weak security measures.

■ Challenges: Large attack surface, diverse device types, and limited ability to patch or update devices in the field.