Authors: Aman Kumar, Anand Pandey, Ashutosh Sangam, Manjot Kaur Bhatia
Certificate: View Certificate
A crucial element of information technology is cyber security. Cyber security is the process of defending sensitive information and crucial systems against online assaults. When we think of cyber security, the first thing that comes to mind is cybercrimes, which are on the rise every day. Governments and other businesses are taking a lot of measures to stop these cybercrimes. Maintaining cyber security continues to be a very challenging task for us despite many attempts.
Internet usage is currently the most common form of infrastructure. Many modern technologies are changing the way people look in today's world. But because of these new technologies, we are unable to effectively protect our private information, which is why cybercrime is on the rise right now. Today, more than 70% of transactions take place online; hence this industry needed robust security for open and honest dealings. Even the most cutting-edge technology, such as cloud computing, online shopping, net banking, etc., require a high level of security. Since these technologies contain some of a person's most important information, their security has become essential. Each country's security and economic growth depend on improving cyber security and safeguarding vital information infrastructure. It is now crucial for both the creation of new services and public policy that the Internet be made safer (and users of the Internet are protected). A thorough and safer strategy is required to combat cybercrime. In order to avoid the loss of critical information, many countries and governments today have severe rules against cybercrime. Everyone must receive training in cyber security so they can defend themselves against online crimes.
II. CYBER CRIME
Cybercrime is any illicit conduct involving a computer, network, or other networked device. While the majority of cybercrimes are committed to make money for the perpetrators, others are committed against computers or other technology to cause financial or psychological harm to the target.
III. CYBER SECURITY
The process of defending our systems and sensitive data against online threats is known as cyber security. Cyber security is intended to counter attacks against networked systems and applications from both inside and outside of a business.
IV. TRENDS CHANGING CYBER SECURITY
Some of the trends that are significantly affecting cyber security are listed below.
For years, network security tools like web filtering and intrusion prevention systems (IPS) have been crucial in spotting such targeted attacks (mostly after the initial compromise). As attackers grow more daring and employ shadier strategies, network security must collaborate with other security services to identify attacks. Therefore, we must enhance our security measures to stop new risks from emerging in the future.
4. Mobile Networks: We can now communicate with anyone, anywhere in the world. Security, however, is a very serious worry for these mobile networks. As more people utilize devices like tablets, phones, PCs, and other such devices—all of which again require additional security protections beyond those included in the applications used—firewalls and other security mechanisms are becoming permeable. We must always consider how secure these mobile networks are. Additionally, mobile networks are quite vulnerable to these cybercrimes, thus extreme caution must be used in the event of any security difficulties.
5. IPv6: New internet protocol: The new Internet protocol, IPv6, is replacing IPv4 (the previous version), which served as the foundation of both our networks and the Internet as a whole. It takes more than simply migrating IPv4 capabilities to protect IPv6. While IPv6 is a complete replacement that increases the number of available IP addresses, there are several very basic modifications to the protocol that will greatly increase the risk of personal cyber threats. The use of social media by employees is surging, just like the attack threat. Since the majority of people use social media or social networking sites virtually daily, it has developed into a significant platform for cybercriminals to get into personal data and steal vital information.
V. COMMON CYBER THREATS
Although cyber security experts put a lot of effort into closing security gaps, attackers are constantly looking for novel ways to avoid IT detection, get around defenses, and take advantage of developing weaknesses. The most recent cyber security risks are reinventing "existing" risks by utilizing work-from-home settings, remote access technologies, and new cloud services. Among these rising threats are:
Malicious software that gives unauthorised access to or harms a computer, such as worms, viruses, Trojan horses, and spyware, is referred to as "malware." Attacks by malware are becoming more "fileless" and are made to avoid common detection techniques, including antivirus software that checks for harmful file attachments.
Ransomware is a sort of virus that encrypts files, data, or systems and demands a ransom payment from the cybercriminals who attacked the system in order to unlock it. If the ransom is not paid, the data may be erased, destroyed, or made public. State and local governments have been the target of recent ransomware attacks because they are easier to hack than organizations and are under pressure to pay ransoms in order to restore the websites and programmes that citizens depend on.
C. Phishing / Social Engineering
Phishing, a form of social engineering, is the activity of deceiving users into divulging their own PII or sensitive information. In phishing scams, emails or text messages that seem to be from a reliable company seek for private information, including login credentials or credit card information. The rise of remote employment has been linked to an increase in pandemic-related phishing, according to the FBI.
D. Insider Threats
If they misuse their access privileges, current or former employees, business partners, contractors, or anybody else who has accessed systems or networks in the past can be regarded as an insider threat. Traditional security measures that concentrate on external threats, such as firewalls and intrusion detection systems, may not be able to detect insider threats.
E. Distributed Denial-Of-Service (DDOS) Attacks
DDoS assaults often involve flooding a server, website, or network with traffic from numerous synchronised systems in an effort to bring them down.
DDoS assaults bring down enterprise networks by using the simple network management protocol (SNMP), which is utilised by modems, printers, switches, routers, and servers.
F. Advanced Persistent Threats (APTS)
APTs happen when a hacker or group of hackers compromises a system and goes for a long period of time without being discovered. The invader ignores networks and systems in order to monitor business activity and gather crucial data without activating defensive countermeasures. The most recent Solar Winds intrusion into US federal networks serves as an example of an APT.
G. Man-In-The-Middle Attacks
An eavesdropping technique known as "man-in-the-middle" involves a cybercriminal intercepting and relaying messages between two parties in order to steal data. An attacker may, for instance, collect data passing between a visitor's device and an insecure Wi-Fi network.
VI. CYBER SECURITY TECHNIQUES
VII. CYBER ETHICS
The internet's code is nothing more than cyber ethics. There is a good possibility that we will use the internet in a proper and safe manner if we put these cyber ethics into practice. Several of them are listed below:
Always respect copyrighted information, and only download legal games or videos. The aforementioned are a few cyber-ethics that one should adhere to when utilizing the internet. Since we were very young, we have always been taught the correct rules, and the same is true in cyberspace.
Because the world is getting increasingly interconnected and relies on networks to conduct crucial transactions, the broad topic of cyber security is becoming more crucial. As time goes on, cybercrime continues to take numerous routes while still protecting the data. Enterprises are being put to the test by the newest and most innovative technologies in terms of how they protect their infrastructure and how they require new platforms has enough wisdom to do so. The day-to-day emergence of new cyber tools and threats. In order to have a safe and secure future in cyberspace, we should do our best to reduce cybercrimes. However, there is no ideal answer to this problem.
 Understanding cybercrime and cyber security - Sunit Belapure N. Godbole  Audrie Krause\'s report for NetAction, Computer Security Practices in Nonprofit Organizations  James Lyne\'s article for Sophos, dated April 12, 2014, titled \"Eight Trends Shaping Network Security.\"  A Review of Cyber Security 2012 by Luis Corrons of Panda Labs  \"Study of Cloud Computing in the HealthCare Industry,\" by G.Nikhita Reddy and G.J. Ugander Reddy, appeared in the September 2013 issue of the International Journal of Scientific & Engineering Research, volume 4, issue 9.  Safety Critical Systems - Next Generation, IEEECS, July/August 2013, IEEE Security and Privacy Magazine.  CIO Asia, September 3, H1 2013, by Avanthi Kumar, \"Cyber security in Asia.\"
Copyright © 2022 Aman Kumar, Anand Pandey, Ashutosh Sangam, Manjot Kaur Bhatia. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.