Cyber Security for Cyber-Citizen

Cybersecurity is a branch of computer technology also known as Information Security as it is applied to computers and networks. The objective of cybersecurity is the protection of sensitive and valuable information and services from unauthorized access, hacking or natural disaster while allowing it to remain accessible and productive to its intended users while maintaining Confidentiality, Integrity & Availability(CIA).

Cyber Security is the process of preventing and detecting unauthorized use of your computer and network. Preventive measures help you to put barriers for unauthorized users also known as ―intruders‖ from accessing any part of your computer system. Cybersecurity helps you to determine whether or not someone attempted to break into your system if they were successful, and what they may have done and what may be further security.

CONFIDENTIALITY:- When we talk about the confidentiality of information, we are talking about protecting the information from disclosure to unauthorized parties. Confidentiality also refers to limiting information access and disclosure to authorized users — “the right people” — and preventing access by or disclosure to unauthorized ones — “the wrong people.” Confidentiality is necessary but not sufficient for maintaining the privacy of the people whose personal information a system holds. The aspect of confidentially is the protection of traffic flow from analysis. This requires that an attacker not be able to observe to source and destination, frequency, length, or any other characteristics of the traffic on a communication facility.

INTEGRITY:- Ensuring the information has not been altered by unauthorized or unknown means. One must have the ability to detect data manipulation by unauthorized parties. Data manipulation includes such things as insertion, deletion, and substitution.

Availability:- Availability of information refers to ensuring that authorized parties are able to access the information when needed. Information only has value if the right people can access it at the right times. Denying access to information has become a very common attack nowadays. Almost every week you can find news about high-profile websites being taken down by DDoS attacks. The primary aim of DDoS attacks is to deny users of the website access to the resources of the website. Such downtime can be very costly. Other factors that could lead to lack of availability of important information may include accidents such as power outages or natural disasters such as floods.

Cyber Security Terminologies :

1. Threat — An action or event which is a potential challenge to Security.
2. Vulnerability — It is the existence of a Flaw or Error in the Design of the System which can cause undesired results ranging from Compromise of System Security to Service or System Unavailability.
3. Attack — An action that attempts to violate or challenge the Integrity or Security of a System.
4. Exploit — A defined way to breach the security of a System or Product using an identified vulnerability.

The cyberworld is vulnerable because of a lack of user awareness; usually, victims are inexperienced, unskilled people. Intruders also referred to as hackers are unauthorized users who break into computer systems in order to steal, change or destroy information.

Type of Hackers:

1. Black Hats: These hackers are the bad guys who operate on the opposite side of the law. They may or may not have an agenda. In most cases, black-hat hacking and outright criminal activities are not far removed from each other.
2. White Hats: These hackers think like the attacking party but work for the good guys. They are typically characterized by having a code of ethics that says essentially they will cause no harm. This group is also known as ethical hackers or pen-testers.
3. Gray Hats: These hackers straddle the line between good and bad and have decided to reform and become the good side. Once they are reformed, they still might not be fully trusted.
4. Script Kiddies: These hackers have limited or no training and know-how to use only basic techniques or tools. Even then they may not understand any or all of what they are doing.
5. Suicide Hackers: These hackers try to knock out a target to prove a point. They are not stealthy, because they are not worried about getting caught or doing prison time.