Module 1:Introduction to cyber security

Defining Cyber Space:

 Cyberspace can be defined as an intricate environment that involves interactions

between people, software, and services.
 It is maintained by the worldwide distribution of information and communication
technology devices and networks.
 Cyberspace is the virtual and dynamic space created by the machines.
 The whole Cyberspace is composed of large computer networks which have many
sub-networks. These follow the TCP or IP protocol.
 The TCP (Transmission Control Protocol) is a standard for communications that
allows the application programs and other computing devices to exchange data and
messages over a Cyber network.
 These are designed to send data across the internet which then makes sure that the
sent data are successfully delivered over the networks.

*Overview of computer and web-Technology:-

A computer is a programmable device that stores, retrieves, and processes data.

The basic parts without which a computer cannot work are as follows:
o Processor: It executes instructions from software and hardware.
o Memory: It is the primary memory for data transfer between the CPU and storage.
o Motherboard: It is the part that connects all other parts or components of a
computer.
o Storage Device: It permanently stores the data, e.g., hard drive.
o Input Device: It allows you to communicate with the computer or to input data, e.g.,
a keyboard.
o Output Device: It enables you to see the output, e.g., monitor.
Computers are divided into different types based on different criteria.
Based on the size, a computer can be divided into five types:
1. Micro Computer
2. Mini Computer
3. Mainframe Computer
4. Super Computer
5. Workstations

*Web technology:-

Web Technology refers to the various tools and techniques that are utilized in the process of
communication between different types of devices over the Internet.

A web browser is used to access web pages. Web browsers can be defined as programs that
display text, data, pictures, animation, and video on the Internet.
Hyperlinked resources on the World Wide Web can be accessed using software interfaces
provided by Web browsers.

Web Technology can be classified into the following sections:

 World Wide Web (WWW): The World Wide Web is based on several different
technologies: Web browsers, Hypertext Markup Language (HTML), and Hypertext
Transfer Protocol (HTTP).

 Web Browser: The web browser is application software to explore www (World Wide
Web). It provides an interface between the server and the client and requests to the server
for web documents and services.

 Web Server: Web server is a program which processes the network requests of the
users and serves them with files that create web pages. This exchange takes place using
Hypertext Transfer Protocol (HTTP).

 Web Pages: A webpage is a digital document that is linked to the World Wide Web
and viewable by anyone connected to the internet has a web browser.

 Web Development: Web development refers to the building, creating, and maintaining
of websites. It includes aspects such as web design, web publishing, web programming,
and database management. It is the creation of an application that works over the
internet i.e. websites.

Web Development can be classified into two ways:

 Frontend Development: The part of a website that the user interacts directly is
termed as front end. It is also referred to as the „client side‟ of the application.
 Backend Development: Backend is the server side of a website. It is the part of the
website that users cannot see and interact. It is the portion of software that does not
come in direct contact with the users. It is used to store and arrange data.
 API: API is an abbreviation for Application Programming Interface which is a
collection of communication protocols and subroutines used by various programs to
communicate between them.

Web Protocols: Web protocols are set of rules followed by everyone communicating over the
web.

 HTTP: The Hypertext Transfer Protocol (HTTP) is designed to enable

communications between clients and servers.
HTTP works as a request-response protocol between a client and server.
A web browser may be the client, and an application on a computer that hosts a web site
may be the server.

 Other Protocols:

 TCP/IP Model

 UDP
  FTP

 SMTP

 SOAP

Graphics: Graphical elements are one of the key feature of any webpage. They can be used to
convey important points better than text does and beautify the webpage.

 Canvas: The HTML “canvas” element is used to draw graphics via JavaScript.

 SVG: SVG stands for Scalable Vector Graphics.

It basically defines vector-based graphics in XML format.

*Communication and web technology

Internet:

The internet is a global network of interconnected computers and servers that allows people
to communicate, share information, and access resources from anywhere in the world.

It was created in the 1960s by the US Department of Defence as a way to connect

computers and share information between researchers and scientists.

The Internet is a global network comprised of smaller networks that are interconnected
using standardized communication protocols.

The Internet standards describe a framework known as the Internet protocol suite. This
model divides methods into a layered system of protocols.

These layers are as follows:

1. Application layer (highest) – concerned with the data(URL, type, etc.). This is
where HTTP, HTTPS, etc., comes in.

2. Transport layer – responsible for end-to-end communication over a network.

3. Network layer – provides data route.

The Internet provides a variety of information and communication facilities; contains

forums, databases, email, hypertext, etc. It consists of private, public, academic, business,
and government networks of local to global scope, linked by a broad array of electronic,
wireless, and optical networking technologies.

World wide web:-

 • The World Wide Web, or simply the web, is a system of interconnected documents
and resources, linked together by hyperlinks and URLs.

• It was created by Tim Berners-Lee in 1989 as a way for scientists to share

information more easily.

• The Web is the only way to access information through the Internet. It‟s a system of
Internet servers that support specially formatted documents. The documents are
formatted in a markup language called HTML, or “HyperText Markup Language”,
which supports a number of features including links and multimedia. These
documents are interlinked using hypertext links and are accessible via the Internet.

To link hypertext to the Internet, we need:

1. The markup language, i.e., HTML.

2. The transfer protocol, e.g., HTTP.

3. Uniform Resource Locator (URL), the address of the resource.

URI: URI stands for ‘Uniform Resource Identifier’. A URI can be a name, locator, or
both for an online resource whereas a URL is just the locator. URLs are a subset of URIs.
• A URL is a human-readable text that was designed to replace the numbers (IP
addresses) that computers use to communicate with servers.
• A URL consists of a protocol, domain name, and path (which includes the specific
subfolder structure where a page is located) like-
protocol://WebSiteName.topLevelDomain/path
1. Protocol – HTTP or HTTPS.
2. WebSiteName – geeksforgeeks, google etc.
3. topLevelDomain- .com, .edu, .in etc.
4. path- specific folders and/or subfolders that are on a given website.

Uses of Internet and the Web :

1. Communication: The internet and web have made communication faster and easier
than ever before. We can now send emails, chat online, make video calls, and use social
media platforms to connect with people all over the world.

2. Information sharing: The web has made it possible to access vast amounts of
information on any topic from anywhere in the world. We can read news articles, watch
videos, listen to podcasts, and access online libraries and databases.

3. Online shopping: The internet and web have revolutionized the way we shop. We
can now browse and purchase products online, from clothes and groceries to electronics
and furniture.

4. Entertainment: The internet and web provide a wealth of entertainment options,

from streaming movies and TV shows to playing online games and listening to music.
5. Education: The web has made it possible to access educational resources from
anywhere in the world. We can take online courses, access e-books and digital libraries,
and connect with educators and other learners through online communities.

6. Business: The internet and web have transformed the way businesses operate.
Companies can now use e-commerce platforms to sell products and services,
collaborate with remote workers, and access global markets.

7. Research: The internet and web have made it easier for researchers to access and
share information. We can now access scientific journals and databases, collaborate
with other researchers online, and conduct surveys and experiments through online
platforms.

Issues in Internet and the Web :

1. Privacy and security: The internet and web are vulnerable to various security
threats, such as hacking, identity theft, and phishing attacks. These threats can
compromise our personal information, such as login credentials, financial information,
and personal data.

2. Cyberbullying: The anonymity of the internet and web can lead to cyberbullying,
where individuals are harassed or threatened online. Cyberbullying can have severe
consequences, including depression, anxiety, and suicide.

3. Online addiction: The internet and web can be addictive, and individuals can spend
hours browsing social media or playing online games, leading to neglect of other
important aspects of their lives.

4. Disinformation: The internet and web are filled with inaccurate or false
information, which can lead to misinformation, propaganda, and conspiracy theories.

5. Digital divide: Access to the internet and web is not universal, and many
individuals, particularly those in low-income areas or rural communities, lack access to
reliable and high-speed internet.

6. Online censorship: Some governments or organizations may censor or restrict

access to certain websites or information, limiting freedom of speech and expression.

7. Environmental impact: The internet and web consume a significant amount of

energy, contributing to carbon emissions and climate change.

*Internet infrastructure for data transfer and governance

Infrastructure:

The communications infrastructure of the Internet consists of its hardware components and a
system of software layers that control various aspects of the architecture. with any computer
network, the Internet physically consists of routers, media (such as cabling and radio links),
repeaters, modems etc.
Service tiers

• Packet routing across the Internet involves several tiers of Internet service providers.

• Internet service providers (ISPs) establish the worldwide connectivity between

individual networks at various levels of scope.

• End-users who only access the Internet when needed to perform a function or obtain
information, represent the bottom of the routing hierarchy.

• At the top of the routing hierarchy are the tier 1 networks, large telecommunication
companies that exchange traffic directly with each other via very high speed fiber-
optic cables and governed by peering agreements.

• Tier 2 and lower-level networks buy Internet transit from other providers to reach at
least some parties on the global Internet, though they may also engage in peering.

• Internet exchange points are major traffic exchanges with physical connections to
multiple ISPs. Large organizations, such as academic institutions, large enterprises,
and governments, may perform the same function as ISPs, engaging in peering and
purchasing transit on behalf of their internal networks.

Access

• Common methods of Internet access by users include dial-up with a

computer modem via telephone circuits, broadband over coaxial cable, fiber optics or
copper wires, Wi-Fi, satellite, and cellular telephone technology (e.g. 3G, 4G).

• The Internet may often be accessed from computers in libraries and Internet
cafés. Internet access points exist in many public places such as airport halls and
coffee shops. Various terms are used, such as public Internet kiosk, public access
terminal, and Web payphone.

• Many hotels also have public terminals that are usually fee-based. These terminals are
widely accessed for various usages, such as ticket booking, bank deposit, or online
payment. Wi-Fi provides wireless access to the Internet via local computer
networks. Hotspots providing such access include Wi-Fi cafés, where users need to
bring their own wireless devices, such as a laptop or PDA. These services may be free
to all, free to customers only, or fee-based.

Mobile communication

The International Telecommunication Union (ITU) estimated that, by the end of 2017, 48%
of individual users regularly connect to the Internet, up from 34% in 2012.[69] Mobile
Internet connectivity has played an important role in expanding access in recent years,
especially in Asia and the Pacific and in Africa.[70]

Internet society:

The Internet Society (ISOC) is an American nonprofit advocacy organization founded in

1992.
Its mission is "to promote the open development, evolution, and use of the Internet for the
benefit of all people throughout the world." It has offices in Reston, Virginia, U.S.,
and Geneva, Switzerland.

Regulation of cyber space:

REGULATIONS :-There are five predominant laws to cover when it comes to cybersecurity:.

 Information Technology Act, 2000 The Indian cyber laws are governed by the
Information Technology Act, penned down back in 2000.
 The importance of this Act is to offer reliable legal inclusiveness to eCommerce,
facilitating registration of real-time records with the Government. But with the cyber
attackers getting sneakier, topped by the human tendency to misuse technology, a
series of amendments followed. The ITA, enacted by the Parliament of India,
highlights the grievous punishments and penalties safeguarding the e-governance, e-
banking, and e-commerce sectors.
 Section 43 - Applicable to people who damage the computer systems without
permission from the owner. The owner can fully claim compensation for the entire
damage in such cases.
 Section 66 - Applicable in case a person is found to dishonestly or fraudulently
committing any act referred to in section 43. The imprisonment term in such instances
can mount up to three years or a fine of up to Rs. 5 lakh.
 Section 66B - Incorporates the punishments for fraudulently receiving stolen
communication devices or computers, which confirms a probable three years
imprisonment. This term can also be topped by Rs. 1 lakh fine, depending upon the
severity.
 Section 66C - This section scrutinizes the identity thefts related to imposter digital
signatures, hacking passwords, or other distinctive identification features. If proven
guilty, imprisonment of three years might also be backed by Rs.1 lakh fine.
 Section 66 D - This section was inserted on-demand, focusing on punishing cheaters
doing impersonation using computer resources. Indian Penal Code (IPC) 1980
Identity thefts and associated cyber frauds are embodied in the Indian Penal Code
(IPC), 1860 - invoked along with the Information Technology Act of 2000.

The legislature ensured that all the regulatory compliances are well-covered,
including cyber forensics, e-discovery, and cybersecurity diligence. The Companies
(Management and Administration) Rules, 2014 prescribes strict guidelines confirming
the cyber security obligations and responsibilities upon the company directors and
leaders.
Concept of cyber security

 Cyber security is the body of technologies, processes, and practices designed to

protect networks, computers, programs and data from attack, damage or unauthorized
access.
 The term cyber security refers to techniques and practices designed to protect digital
data.
 The data that is stored, transmitted or used on an information system.

OR

 Cyber security is the protection of Internet-connected systems, including hardware,

software, and data from cyber-attacks. It is made up of two words one is cyber and
other is security.
 Cyber is related to the technology which contains systems, network and programs or
data.
 Whereas security related to the protection which includes systems security, network
security and application and information security.

Why is cyber security important?

Listed below are the reasons why cyber security is so important

: • Cyber attacks can be extremely expensive for businesses to endure.

• In addition to financial damage suffered by the business, a data breach can also inflict
untold reputational damage.

• Cyber-attacks these days are becoming progressively destructive. Cybercriminals are using
more sophisticated ways to initiate cyber attacks.

 Cyber security Fundamentals –

 Confidentiality: Confidentiality is about preventing the disclosure of data to

unauthorized parties.

It also means trying to keep the identity of authorized parties involved in sharing and holding
data private and anonymous. Often confidentiality is compromised by cracking poorly
encrypted data, Man-in-the-middle (MITM) attacks, disclosing sensitive data.

Standard measures to establish confidentiality include:

• Data encryption

• Two-factor authentication

• Biometric verification
  Integrity :-

Integrity refers to protecting information from being modified by unauthorized parties.

Standard measures to guarantee integrity include:

• Cryptographic checksums
• Using file permissions
• Uninterrupted power supplies
• Data backups Availability

 Availability
 making sure that authorized parties are able to access the information when needed.
 Standard measures to guarantee availability include:
 Backing up data to external drives
 Implementing firewalls
 Having backup power supplies
 Data redundancy.

Issues and challenges of cyber security:-

Issues in Cyber security:-

Types of Cyber Attacks:- A cyber-attack is an exploitation of computer systems and

networks. It uses malicious code to alter computer code, logic or data and lead to
cybercrimes, such as information and identity theft.

Cyber-attacks can be classified into the following categories:

1) Web-based attacks
2) System-based attacks Web-based attacks

These are the attacks which occur on a website or web applications.

Some of the important web-based attacks are as follows

1. Injection attacks It is the attack in which some data will be injected into a web application
to manipulate the application and fetch the required information. Example- SQL Injection,
code Injection, log Injection, XML Injection etc.

2. DNS Spoofing DNS Spoofing is a type of computer security hacking. Whereby a data is
introduced into a DNS resolver's cache causing the name server to return an incorrect IP
address, diverting traffic to the attackers computer or any other computer. The DNS spoofing
attacks can go on for a long period of time without being detected and can cause serious
security issues.
3. Session Hijacking It is a security attack on a user session over a protected network. Web
applications create cookies to store the state and user sessions. By stealing the cookies, an
attacker can have access to all of the user data.

4. Phishing :-Phishing is a type of attack which attempts to steal sensitive information like
user login credentials and credit card number. It occurs when an attacker is masquerading as a
trustworthy entity in electronic communication.

5. Brute force It is a type of attack which uses a trial and error method. This attack generates
a large number of guesses and validates them to obtain actual data like user password and
personal identification number. This attack may be used by criminals to crack encrypted data,
or by security, analysts to test an organization's network security.

6. Denial of Service It is an attack which meant to make a server or network resource

unavailable to the users. It accomplishes this by flooding the target with traffic or sending it
information that triggers a crash. It uses the single system and single internet connection to
attack a server.

It can be classified into the following

 Volume-based attacks- Its goal is to saturate the bandwidth of the attacked site, and is
measured in bit per second. Protocol attacks- It consumes actual server resources, and
is measured in a packet.
 Application layer attacks- Its goal is to crash the web server and is measured in
request per second.

7. Dictionary attacks This type of attack stored the list of a commonly used password and
validated them to get original password.

8. URL Interpretation It is a type of attack where we can change the certain parts of a URL,
and one can make a web server to deliver web pages for which he is not authorized to
browse.

9. File Inclusion attacks It is a type of attack that allows an attacker to access unauthorized or
essential files which is available on the web server or to execute malicious files on the web
server by making use of the include functionality.

10. Man in the middle attacks It is a type of attack that allows an attacker to intercepts the
connection between client and server and acts as a bridge between them. Due to this, an
attacker will be able to read, insert and modify the data in the intercepted connection.

 System-based attacks

These are the attacks which are intended to compromise a computer or a computer network.
Some of the important system-based attacks are as follows
1. Virus It is a type of malicious software program that spread throughout the computer files
without the knowledge of a user. It is a self-replicating malicious computer program that
replicates by inserting copies of itself into other computer programs when executed. It can
also execute instructions that cause harm to the system.

2. Worm It is a type of malware whose primary function is to replicate itself to spread to

uninfected computers. It works same as the computer virus. Worms often originate from
email attachments that appear to be from trusted senders.

3. Trojan horse It is a malicious program that occurs unexpected changes to computer setting
and unusual activity, even when the computer should be idle. It misleads the user of its true
intent. It appears to be a normal application but when opened/executed some malicious code
will run in the background.

4. Backdoors It is a method that bypasses the normal authentication process. A developer

may create a backdoor so that an application or operating system can be accessed for
troubleshooting or other purposes.

5. Bots A bot (short for "robot") is an automated process that interacts with other network
services. Some bots program run automatically, while others only execute commands when
they receive specific input. Common examples of bots program are the crawler, chatroom
bots, and malicious bots.

Challenges:-

Today cybersecurity is the main component of the country's overall national security and
economic security strategies.

1. Ransomware Evolution

 Ransomware is a type of malware in which the data on a victim's computer is locked,

and payment is demanded before the ransomed data is unlocked. After successful
payment, access rights returned to the victim.
  Ransomware attacks are growing day by day in the areas of cybercrime. IT
professionals and business leaders need to have a powerful recovery strategy against
the malware attacks to protect their organization.
 It involves proper planning to recover corporate and customers' data and application
as well as reporting any breaches against the Notifiable Data Breaches scheme.
 Today's DRaaS solutions are the best defence against the ransomware attacks. With
DRaaS solutions method, we can automatically back up our files, easily identify
which backup is clean, and launch a fail-over with the press of a button when
malicious attacks corrupt our data.

2. Blockchain Revolution

 The blockchain is a technology that enables cryptocurrencies like Bitcoin.

 The blockchain is a vast global platform that allows two or more parties to do a
transaction or do business without needing a third party for establishing trust.
 It is difficult to predict what blockchain systems will offer in regards to cybersecurity.
The professionals in cybersecurity can make some educated guesses regarding
blockchain. As the application and utility of blockchain in a cybersecurity context
emerges, there will be a healthy tension but also complementary integrations with
traditional, proven, cybersecurity approaches.

3. IoT Threats

 IoT stands for Internet of Things. It is a system of interrelated physical devices which
can be accessible through the internet.
 The connected physical devices have a unique identifier (UID) and have the ability to
transfer data over a network without any requirements of the human-to-human or
human-to-computer
 interaction. The firmware and software which is running on IoT devices make
consumer and businesses highly susceptible to cyber-attacks.
 every organization needs to work with cybersecurity professionals to ensure the
security of their password policies, session handling, user verification, multifactor
authentication, and security protocols to help in managing the risk.

4. AI Expansion

AI short form is Artificial intelligence. According to John McCarthy, father of Artificial

Intelligence defined AI: "The science and engineering of making intelligent machines,
especially intelligent computer programs."

It is an area of computer science which is the creation of intelligent machines that do work
and react like humans. Some of the activities related to artificial intelligence include speech
recognition, Learning, Planning, Problem-solving, etc.

The key benefits with AI into our cybersecurity strategy has the ability to protect and defend
an environment when the malicious attack begins, thus mitigating the impact.
5. Serverless Apps Vulnerability

Serverless architecture and apps is an application which depends on third-party cloud

infrastructure or on a back-end service such as google cloud function, Amazon web services
(AWS) lambda, etc.

The serverless apps invite the cyber attackers to spread threats on their system easily because
the users access the application locally or off-server on their device. Therefore it is the user
responsibility for the security precautions while using serverless application.

The serverless apps do nothing to keep the attackers away from our data. The serverless
application doesn't help if an attacker gains access to our data through a vulnerability such as
leaked credentials, a compromised insider or by any other means then serverless.

The serverless applications are typically small in size. It helps developers to launch their
applications quickly and easily. They don't need to worry about the underlying infrastructure.
The web-services and data processing tools are examples of the most common serverless
apps.

Difference between Web and Internet:

Internet Web

The Internet is the network of The Web is a way to access

networks and the network information through the Internet.
allows to exchange of data
between two or more
computers.

It is also known as the The Web is a model for sharing information using
Network of Networks. the Internet.

The Internet is a way of The protocol used by the web is HTTP.

transporting information
between devices.

Accessible in a variety of The Web is accessed by the Web Browser.

ways.

Network protocols are used to Accesses documents and online sites through
transport data. browsers.
Internet Web

Global network of networks Collection of interconnected websites

Access Can be accessed using Accessed through a web browser

various devices

Connectivity Network of Connectivity Allows users to access and view web

networks that allows devices pages, multimedia content, and other resources
to communicate and exchange over the Internet
data

Protocols TCP/IP, FTP, Protocols HTTP, HTTPS, FTP, SMTP, etc.

SMTP, POP3, etc.

Infrastructure Consists of Infrastructure Consists of web servers, web

routers, switches, servers, and browsers, and other software and hardware
other networking hardware

Used for communication, Used for publishing and accessing web pages,
sharing of resources, and multimedia content, and other resources on the
accessing information from Internet
around the world

No single creator Creator Tim Berners-Lee

Provides the underlying Provides a platform for publishing and accessing

infrastructure for the Web, information and resources on the Internet
email, and other online
services