Basics of Cyber Security

Cyber Security is the practice of protecting our cyber space (critical infrastructure) from attack, damage, misuse and economic espionage. These attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.

Basics of Cyber Security

The Cyberspace as an independent theatre of war is about attacks that compromise the capability to use these facilities: they cannot be prevented by the security services in isolation. The defence of cyberspace necessarily involves the forging of effective partnerships between the public organisations charged with ensuring the security of cyberspace and those who manage the use of this space by myriad users like government departments, banks, infrastructure, manufacturing and service enterprises and individual citizens. The national territory or space that is being defended by the land, sea and air forces is well defined. Outer space and cyberspace are different. They are inherently international even from the perspective of national interest.

Common Methods in Cyber Attacks

• Physical Attack: The computer infrastructure is damaged by using conventional methods like bombs, fire, etc.
• Syntactic Attack: The computer infrastructure is damaged by modifying the logic of the system in order to introduce delay or make the system unpredictable. Computer viruses and Trojans are used in this type of attack.
• Semantic Attack: This is more treacherous as it exploits the confidence of the user in the system. During the attack the information keyed in the system during entering and exiting the system is modified without the user’s knowledge in order to induce errors.

Tools of Cyber Terrorism

Cyber terrorists use certain tools and methods to unleash this new age terrorism.These are:

• Hacking: The most popular method used by a terrorist. It is a generic term used for any kind of unauthorized access to a computer or a network of computers. Some ingredient technologies like packet sniffing, tempest attack, password cracking and buffer outflow facilitates hacking.
• Trojans: Programmes which pretend to do one thing while actually are meant for doing something different, like the wooden Trojan Horse of the 1^st Century BC.
• Computer Viruses: It is a computer programme, which infects other computer, programmes by modifying them. They spread very fast.
• Computer Worms: The term ‘worm’ in relation to computers is a self-contained programme or a set of programmes that is able to spread functional copies of itself or its segments to other computer systems usually via network connections.
• E-Mail Related Crime: Usually worms and viruses have to attach themselves to a host programme to be injected. Certain emails are used as host by viruses and worms. E-mails are also used for spreading disinformation, threats and defamatory stuff.
• Denial of Service: These attacks are aimed at denying authorized persons access to a computer or computer network.
• Cryptology: Terrorists have started using encryption, high frequency encrypted voice/data links, etc. It would be a Herculean task to decrypt the information terrorist is sending by using a 512-bit symmetric encryption.

What is Cybercrime?

When Internet was developed, the founding fathers of Internet hardly had any inclination that Internet could also be misused for criminal activities. Today, there are many disturbing things happening in cyberspace. Cybercrime refers to all the activities done with criminal intent in cyberspace. These could be either the criminal activities in the conventional sense or could be activities, newly evolved with the growth of the new medium. Because of the anonymous nature of the Internet, it is possible to engage into a variety of criminal activities with impunity and people with intelligence, have been grossly misusing this aspect of the Internet to perpetuate criminal activities in cyberspace. The field of Cybercrime is just emerging and new forms of criminal activities in cyberspace are coming to the forefront with the passing of each new day.

How different are Cybercriminals from Others?

• In a way, cybercriminals are the same – they employ techniques that are similar and, like conventional criminals, they target the most vulnerable the first and most.
• They hide behind software that obscures their identity and leads investigators to look far from their actual hideouts. They kidnap data and hold it hostage. They target companies and people whose information is the worst protected.
• Unlike nuclear energy, a neat division between civilian and military use of cyberspace is difficult. Just as the Indian Army may face serious cyber-attacks from non-state actors in Pakistan, the digital assets of a major Indian conglomerate — say, the Oil and Natural Gas Corporation — may be taken down by a military.

Why India Remains Vulnerable to Cyber Attacks?

• The majority of internet consumers in India have got online only recently and would not be aware of all the dangers that lurk in the World Wide Web (www). Already, there are many instances across the country of unsuspecting users becoming easy targets for fraudsters.
• It is now a proven fact that connecting any strategic infrastructure to the internet makes it vulnerable to security threats. Yet, most users continue to be extremely vulnerable to hacking, data leakages and hijacking.
• India is a net information exporter. Its information highways point west, carrying with them the data of millions of Indians. This is not a design flaw, but simply reflects the popularity of social media platforms and the lack of any serious effort by the Indian government to restrict the flow of data.
• Nearly 500 million Indians use the Internet today, but they do not access the Internet from the same devices. The massive gap between the security offered by the cheapest phone in the Indian market and a high-end smartphone makes it impossible for regulators to set legal and technical standards for data protection.