Table of Contents
What is the CYBERSPACE
Cyber Space” can be defined as a virtual space or to be more specific an electronic medium that is used to facilitate exchange of ideas via electronic means. The crimes which take place in the cyber space are termed as “cybercrimes“
“Threats to cybersecurity have been evolving from time to time and newer threats seem to emerge day-by-day. It’s difficult to cover all of them however following are the most common security issues witnessed in cyberspace in recent past.”
most common security issues witnessed in cyberspace
It is accessing computer, computer, network, system or device without permission from those who are authorized to access the same.
E.g., Mr. Shyam spies on Ms. Rita and gets to know unlocking pattern set on her mobile device. Then Mr. Shyam without permission of Ms. Rita access pictures stored in her mobile device. This is an unauthorized access. Another example would be Mr. Shyam knows email address of Ms. Rita but not password.
He tries different permutation and combination of passwords and finally gets access to all the emails received by Ms. Rita. Unauthorized can be in the physical form too. Let’s say Ms. Rita without permission from Ms. Shyam steals his pen drive and then accesses data stored in it. This acts also amounts to unauthorized access. Similarly stealing credit/debit card and then trying to use it for siphoning someone else’s money involves element of unauthorized access.
Distributed Denial of Service Attack
It is aimed to adversely affect functioning of a website. by sending multiple requests to a website which is beyond its control to handle. It’s an attack on a machine or network resource to make it unavailable to intended users by flooding it with unnecessary traffic. (Gosafeonline (2014).
Mr. AB creates botnet herd which upon the command from control and command server sends huge amount of data to a server hosting a banks website resulting slowing down of the website. This is an example of denial-of-service attack on the bank.
Malwares are software which are designed to harm network or device. It includes Botnets, Ransomwares, Trojan, Virus, Worms, Spywares etc. Botnets are collections of devices connected through the internet and infected with malware so the same may be controlled to carry out cyber-attacks.
In Cyber Space Ransomwares are malwares which encrypts files, data etc. of the victim and then demands ransom from the victim to decrypt or permit access to files or data. Trojan is a malicious software which primafacie looks legitimate but is intended to steal, harm, damage device of victim. Term trojan has been picked from an ancient Greek story where a large structure resembling horse was used to lead an attack against the city of Troy.
Virus is a malicious Programme which is designed to affect the functioning of a computer/device in which it is executed and capable of spreading from one computer to another. Virus is a malicious Programme capable of self- replicating and spreading across networks. Spywares are malicious software which are installed in victims’ devices without his knowledge to secretly spy and gather information of victims.
E.g., One of the most famous malwares till date is ILOVEYOU malware spread in the year 2000. The mail prompted the victim to download ‘LOVE-LETTER FOR-YOU.TXT.vbs’ attachment. The malware was in fact a worm and it overwrote system file and personal files of those who ended up downloading them.
Social Engineering attacks
These attacks harp upon psychological manipulation of victims and tricking the victim into revealing sensitive information. The victim is tricked to click on a malicious link or respond to fraudulent mail etc.
It’s an activity by which the victim is deceived to reveal sensitive information like usemame, passwords, credit/debit card details etc. by disguising oneself as a trustworthy entity. Coining of term ‘phishing’ is inspired from term fishing as in fishing, bait is cast to fool fishes similarly deceiving message/mail/.webpage is cast to fool innocent online user. E.g., Employee Ms. CD apparently receives a mail from Finance Officer of the Company in which she is working. The mail is in fact sent by an imposter who has disguised himself/herself as Finance officer.
Crypto jacking –
It is unauthorised use of victims’ device to secretly mine crypto Currency: Crypto currency is a virtual currency with no central regulator y or issuing authority and secured through cryptocurrency Crypto jacking affects the functioning of devices as the same takes a toll on the device. For e.g.. Malwares use CPUs for mining cryptocurrency.
Vulnerability is a flaw in the measures taken to secure a device. Such flaw is exploited by the attacker to gain access over the device or harm it.
Cyber physical attacks –
These are cyber-attacks breaching the security and impacting the physical environment. This may include shutting down of cameras, lights etc. which are cyber controlled. E.g. Cyber attacker takes control over water pumps controlled by technology and causes destruction to property. Attacker taking control over cooling systems. in nuclear reactor has the potential to inflict tremendous harm and pose threat to national security and safety.
Internet of Things (IOT) attacks –
Embedded devices that are connected to a network and capable of transferring data are at the risk of being attacked through exploiting vulnerability and can be hacked.
For e.g., Fax machines connected to internet may be exploited with their vulnerability and data can be stolen.
Web Jacking –
Web jacking a term inspired from hijacking, means hijacking at website or its access and control is taken over by the attacker. This taking over is then misused for tricking the visitors of a website or deface the website.
Drive by download –
A legitimate website is compromised and when the victim browses such a compromised website, the same installs malicious payload in the victim’s device. This malicious payload can be in the form of ransomware.
Some of the common security issues witnessed in cyberspace in recent past are as follows:
- Internet time theft: This involves usage by unapproved persons of the internet hours paid for by another person.
2. Key Loggers: It is a software database or a program intended to covertly keep an eye on and log all keystrokes. The Key logger software scans computers, their processes, and data, the moment a person hits a key on the keyboard. This information is straightaway transmitted over to an external control.
- Website defacement: This is usually transmitted by the replacement of the homepage of a site by a system cracker that dislocated into a web server and modifies the hosted website creating one of its own. The attacker usually replaces the site matters with his own message or completely destroys the site’s contents,
- Pharming: This takes place when the attacker redirects a user from an authentic and genuine site to a fake and deceitful site where their systems are infused with malware.
- Phreaking: This refers to people who interfere with systems of telecommunication such as public networks.
- Email bombing: This refers to forwarding a significant large number of emails to the victim resulting in the victim’s email account or mail servers to not respond.
Also Read:Cyber Security Issues And Challenges