Cyber Security
Cyber Security
When we think about cybersecurity the first thing which comes in our mind is computer security and a major question comes that computer security and cybersecurity are different from each other or the same? I believe that they are different.
What is Computer Security?
Computer security is the protection of computing systems and the data that they store or access. Computer security is information security as applied to computers and networks.
The field covers all the processes and mechanisms by which computer-based equipment, information and services are protected from unintended or unauthorized access, change or destruction. Computer security also includes protection from unplanned events and natural disasters.
What is Cyber Security?
Cyber Security requires greater situational awareness. Cyber Security is not about the password security which I used to authenticate against something like a firewall. Cyber security is more about monitoring behaviours and our cyber monitoring efforts.
Cyber Security includes not only access control lists, firewalls, intrusion protection systems, flow throttling, deep packet inspection, signatures, and similar terms but also security event correlation, application traffic flow analytics, and intrusion detection. Cyber Security specializes in the area of network behaviour analysis.
The complete concept of cyber security is based on finding the vulnerabilities and eliminating them before anyone else find that particular vulnerability and exploits it to gain unauthorized access to the classified data. Here we are going to discuss vulnerabilities and their causes and most importantly the impact of the exploitation of the vulnerability. There are hundreds of vulnerabilities; we will only put lime light on the frequently exploited vulnerabilities.
Backdoors
A backdoor in a computer system is an algorithmic born method of bypassing the authentication mechanism. It is used to gain unauthorized access to the private data and secures remote access to the computers while attempting to remain undetected. A backdoor can exist in many forms, it may be untrusted software installed on your computer that was intentionally generated and developed by the programmer to gain unauthorized access to the remote system.
Some common types of backdoors are rootkit and remote administration tool (developed by black shades).
Denial-of-Service attack
This attack is different from other kinds of vulnerabilities, while other vulnerabilities try to gain unauthorized access to the computer network. It attacks and paralyzes the availability among the three pillars CIA of the information security. It can be of many types i.e., Volumetric etc.
A denial of service attack can be performed on different layers of the OSI model i.e., network layer and the application layer.
Eavesdropping
This is the act of intentionally listening to the conversation between the host and the client. These types of vulnerabilities give birth to the man in the middle attack which can be used to exploit both the confidentiality and the integrity of the data. Confidentiality is exploited as soon as the man in the middle eavesdrops and sniffs the packet going in the correction and the integrity is exploited when he tries to manipulate the packets.
Exploits
This is the software specially programmed to take advantage of a flaw in the architecture and the programming of a software network system. These are the automated bots to continuously perform actions like privilege escalation and denial of service attack.
We can take many countermeasures to overcome these vulnerabilities and secure our systems and to ensure the confidentiality, integrity, and availability of the data.
Reducing Vulnerabilities
It is possible to evaluate the correctness of certain classes of computer programs on a small scale. We can check the programs in testing and reject the programs which are found with vulnerabilities.
By reducing the vulnerabilities, we can reduce or minimize the cost caused by the attackers. There is a need to increase the sophistication of the testing programs because of an exponential increase in the sophistication of the programs and exploits used in the attacks.
Security Measures
The backbone of the security measures are the three processes; threat prevention, threat detection and response to the threats. Some security measures are given below;
Cryptography can secure the data in the transmission state. A person with the key can only decode the data in transmission and anyone who try to sniff the packets will not able to interpret the confidential data in transit.
Firewalls can be used to filter the malicious packets. Firewalls are set of protocols and all packets entering the firewall are checked and if and only if a packet satisfies the condition and adhere to the protocols of the firewall, it will be allowed to pass through the firewall.
Intrusion detection systems are developed to detect the ongoing attack; it also helps to solve the post attack forensics.
Hacking Back
This is the most recent countermeasure taken to strictly implement the cyber security modules. This section includes hacking back the servers of the organization or the individual that was involved in the hacking attempt.
Security Architecture
This defines the positioning of the security control units and defines how they are related to the overall information technology architecture. It is a unified security design that calculates the potential risk and necessities involved in an environment and also when and where to apply the security countermeasures. The key components of security architecture are;
It standardized all the countermeasures.
It defines the relationship between different components of security systems and also defines how different components depend on each other.
It determines countermeasures based on risk assessment, finances, and legal matters.
You May Also Like-
Threats to Information System
What About Information Security??
What do you understand by Information System??
6 Important Question on Tar (Highway Material)
7 Important questions on Bituminous Materials
What are imperfection or defects of Solids
Right Understanding
Right Understanding We all know that the Human Desire is to be in continuous happiness which is the need of I (self). But do you know, from where Continuous happiness will come? No, right! So continuous happiness is to be in Right Understanding, Right Feeling, and Right Thought that is Activity of I (Self). Do…
Where We Are
Where We Are (Self-Evolution) We exist as human being. We want to live a fulfilling life. We have some desires and we have some programs for the fulfilment of it. We need to understand our basic aspiration and program for its fulfillment correctly and comprehensively. Only then, we can ensure fulfillment. We should explore ourselves…
Highway Construction
Highway Construction Embankment Construction Materials and General Requirements The materials used in embankments, subgrades, earthen, shoulders, and miscellaneous backfills shall be soil, moorum, gravel, a mixture of these. Clay having liquid limit exceeding 70 and plasticity index exceeding 45; shall be considered unsuitable for embankment. Sub-grade and top 500mm portion of the embankment just below…
Special Concretes
Special Concretes Concrete is most vital material in modern construction. In addition to normal concrete, other varieties in use are, high strength and high-performance concrete, self-compacting, lightweight, high density, fiber reinforced, polymer, colored concrete, etc. The making of concrete is an art as well as a science. Special types of concrete are those with out-of-the-ordinary…
Marketing Practices
Marketing Practices Success in the world of business, no matter how you earn it, you have to rule on the marketplace. Although luck plays a role in the outcome of the market strategies. In the business decisions, there should be the understanding of market otherwise the failure will take place by the marked decisions. While…
Risk Analysis
Risk Analysis The risk that remains after the implementation of controls is called the residual risk. All systems will have residual risk because it is virtually impossible to completely eliminate risk to an IT system. In other words, we can say that there are two main parts of the security risk analysis known as Quantitative…
Recent Comments