“Basics of cyber security” is an important topic in UPSC Civil Services (Main) Exam General Studies – paper III (Technology, Economic Development, Bio diversity, Environment, Security and Disaster Management). Here we present some basic points on cyber security.
Cyber security is the body of technologies, processes and practices designed to protect networks, computers, programs and data from attack, damage or unauthorized access. In a computing context, the term security implies cyber security. According to a December 2010 analysis of U.S. spending plans, the federal government has allotted over $13 billion annually to cyber security over the next five years.
Ensuring cyber security requires coordinated efforts throughout an information system. Elements of cyber security include:
- Application security
- Information security
- Network security
- Disaster recovery / business continuity planning
- End-user education
One of the most problematic elements of cyber security is the quickly and constantly evolving nature of security risks. The traditional approach has been to focus most resources on the most crucial system components and protect against the biggest known threats, which necessitated leaving some less important system components undefended and some less dangerous risks not protected against. Such an approach is insufficient in the current environment.
Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs cyber crime is nothing but where the computer used as an object or subject of crime
The first recorded cyber crime took place in the year 1820 That is not surprising considering the fact that the abacus, which is thought to be the earliest form of a computer, has been around since 3500 B.C.
Types of Cyber attacks, by percentage
- Financial fraud: 11%
- Sabotage of data/networks: 17%
- Theft of proprietary information: 20%
- System penetration from the outside: 25%
- Denial of service: 27%
- Unauthorized access by insiders: 71%
- Employee abuse of internet privileges 79%
- Viruses: 85%
TYPES OF CYBER CRIME
- CHILD PORNOGRAPHY
- DENIAL OF SERVICE ATTACK
- VIRUS DISSEMINATION
- COMPUTER VANDALISM
- CYBER TERRORISM
- SOFTWARE PIRACY
Hacking in simple terms means an illegal intrusion into a computer system and/or network. It is also known as CRACKING. Government websites are the hot targets of the hackers due to the press coverage, it receives. Hackers enjoy the media coverage .
CHILD PORNOGRAPHY :-The Internet is being highly used by its abusers to reach and abuse children sexually, worldwide. As more homes have access to internet, more children would be using the internet and more are the chances of falling victim to the aggression of pedophiles .
DENIAL OF SERVICE ATTACK :- This is an act by the criminal, who floods the bandwidth of the victims network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide.
VIRUS DISSEMINATION:- Malicious software that attaches itself to other software. (virus, worms, Trojan Horse, web jacking, e-mail bombing etc)
COMPUTER VANDALISM :-Damaging or destroying data rather than stealing or misusing them is called cyber vandalism. Transmitting virus: These are programs that attach themselves to a file and then circulate .
Terrorist attacks on the Internet is by distributed denial of service attacks, hate websites and hate emails, attacks on sensitive computer networks, etc. Technology savvy terrorists are using 512-bit encryption, which is impossible to decrypt.
SOFTWARE PIRACY:- Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original.
Internet security is a branch of computer security specifically related to the Internet. It’s objective is to establish rules and measure to use against attacks over the Internet.
SAFETY TIPS TO CYBER CRIME
- Use antivirus software’s
- insert firewalls
- uninstall unnecessary software
- maintain backup
- check security settings
- Stay anonymous –
- choose a genderless screen name
- Never give your full name or address to strangers
The cyber security will defend us from critical attacks. It helps us to browse the safe website. Internet security process all the incoming and outgoing data on our computer. security will defend from hacks and virus. The application of cyber security used in our PC needs update every week. The security developers will update their database every week once. Hence the new virus also deleted
Technology is like a fish. The longer it stays on the shelf, the less desirable it becomes. Technology is destructive only in the hands of people who do not realize that they are one and the same process as the universe. Alan Watts
FACTS ABOUT INDIA
- India has 800 million active mobile subscribers.
- 160 million internet users half of which are on social media.
- India targets 600 million broadband connections and 100% teledensity by 2020.
- In 2010-2015 duartion internet traffic will grow 9 fold from 1.6 exabytes in 2010 to 13.2 exabytes in 2015.
- ICT (information communication technology) sector CAGR (compounded annual growth rate) is 33%. It and ites sector contributed 6.4 % in GDP (gross domestic product) in 2010-2011 as per idsa task force report
PREVENTION OF CYBER CRIME IN INDIA
The “National Cyber Security Policy” has been prepared in consultation with all relevant stakeholders, user entities and public.
• This policy aims at facilitating creation of secure computing environment and enabling adequate trust and confidence in electronic transactions and also guiding stakeholders actions for protection of cyber space.
• The National Cyber Security Policy document outlines a road-map to create a framework for comprehensive, collaborative and collective response to deal with the issue of cyber security at all levels within the country.
• The policy recognises the need for objectives and strategies that need to be adopted both at the national level as well as international level.
• The objectives and strategies outlined in the National Cyber Security Policy together serve as a means to:
i. Articulate our concerns, understanding, priorities for action as well as directed efforts.
ii. Provide confidence and reasonable assurance to all stakeholders in the country (Government, business, industry and general public) and global community, about the safety, resiliency and security of cyber space.
iii. Adopt a suitable posturing that can signal our resolve to make determined efforts to effectively monitor, deter & deal with cyber crime and cyber attacks.
Salient features of the policy
In brief, the National Cyber Security Policy covers the following aspects:
• A vision and mission statement aimed at building a secure and resilience cyber space for citizens, businesses and Government.
• Enabling goals aimed at reducing national vulnerability to cyber attacks, preventing cyber attacks & cyber crimes, minimising response & recover time and effective cyber crime investigation and prosecution.
• Focused actions at the level of Govt., public-private partnership arrangements, cyber security related technology actions, protection of critical information infrastructure and national alerts and advice mechanism, awareness & capacity building and promoting information sharing and cooperation.
• Enhancing cooperation and coordination between all the stakeholder entities within the country.
• Objectives and strategies in support of the National cyber security vision and mission.
• Framework and initiatives that can be pursued at the Govt. level, sectoral levels as well as in public private partnership mode.
• Facilitating monitoring key trends at the national level such as trends in cyber security compliance, cyber attacks, cyber crime and cyber infrastructure growth.
Cybersecurity Enhancement Act of 2009 - The Cybersecurity Enhancement Act of 2009 is United States legislation intended to improve cybersecurity within the federal government and throughout the public and private sectors.
Cyber Intelligence Sharing and Protection Act of 2011 (CISPA) - The Cyber Intelligence Sharing and Protection Act (CISPA) of 2011 is a proposed United States federal law that would allow for the sharing of Web data between the government and technology companies.