CYBER SECURITY

INTRODUCTION + BASICS

To use computers efficiently and effectively, you need to be aware of the potential impact of technology on people. You need to be sensitive to and knowledgeable about personal privacy, organizational security, and ethics.

Computer security focuses on protecting information, hardware, and software from unauthorized use as well as preventing damage from intrusions, sabotage, and natural disasters. Someone who gains unauthorized access to computers that contain information about us is commonly known as a computer hacker. Not all hackers are intent on malicious actions and not all are criminals.

The CIA triad

The CIA triad, not to be confused with the Central Intelligence Agency, is a concept model used for information security. CIA stands for confidentiality, integrity, and availability. It is common practice within any industry to make these three ideas the foundation of security.

In this context, confidentiality is a set of rules that limits access to information, integrity is the assurance that the information is trustworthy and accurate, and availability is a guarantee of reliable access to the information by authorized people.

CONFIDENTIALITY

•Confidentiality is the keeping of another person or entity’s information private.

•Examples of confidential information

01) Bank account statements

02) Personal information

03) Credit card numbers

04) Trade secrets

05) Government documents

•Measures of keep information confidential

01)Encryption

02) Password

03) Two-factor authentication

04) Bio-metric

INTERGRITY

•Integrity involves maintaining the consistency, accuracy, and trustworthiness of data over its entire life cycle.

•Data must not be changed in transit, and steps must be taken to ensure that data cannot be altered by unauthorized people (for example, in a breach of confidentiality).

•These measures include file permissions and user access controls.

•Version control may be used to prevent erroneous changes or accidental deletion by authorized users from becoming a problem.

AVAILABILITY

•This is the final component of the CIA Triad and refers to the actual availability of your data. Authentication mechanisms, access channels and systems all have to work properly for the information they protect and ensure it’s available when it is needed.

•High availability systems are the computing resources that have architectures that are specifically designed to improve availability.

•Based on the specific HA system design, this may target hardware failures, upgrades or power outages to help improve availability, or it may manage several network connections to route around various network outages.

Cybercrime

Cybercrime (computer crime) is an illegal action involving special knowledge of computer technology.

• Malicious programs (malware) include viruses (the Computer Fraud and Abuse Act makes spreading a virus a federal offense), worms, and Trojan horses. Zombies are remotely controlled infected computers used for malicious purposes. A collection of zombie computers is known as a botnet, or robot network.

• Denial of service (DoS) attack is an attempt to shut down or stop a computer system or network.

• Rogue Wi-Fi hotspots imitate legitimate hotspots to capture personal information.

• Data manipulation involves changing data or leaving prank messages. The Computer Fraud and Abuse Act helps protect against data manipulation.

• Identity theft is the illegal assumption of someone’s identity for the purposes of economic gain.

• Scams are designed to trick individuals into spending their time and money with little or no return. Common Internet scams are frequently coupled with phishing websites or e-mails.

• Cyberbullying is the use of the Internet, cell phones, or other devices to send or post content intended to hurt or embarrass another person.

Measures to Protect Computer Security

There are numerous ways in which computer systems and data can be compromised and many ways to protect computer security.

These measures include:

• Access can be restricted through biometric scanning devices and passwords (secret words or phrases; dictionary attacks use thousands of words to attempt to gain access); security suites, firewalls, and password managers help with security tasks.

• Encrypting is coding information to make it unreadable except to those who have the encryption key. Hypertext transfer protocol secure (https) requires browsers and websites to encrypt all messages. Virtual private networks (VPNs) encrypt connections between company networks and remote users. WPA2 (Wi-Fi Protected Access) is the most widely used wireless network encryption for home wireless networks.

• Anticipating disasters involves physical security, data security, and disaster recovery plans.

• Preventing data loss involves protecting data by screening job applicants, guarding passwords, and auditing and backing up data.

Thank you very much for reading!

Hope to see you again with another article. Till then, STAY SAFE!!!

-Nipuni Perera-