cyber security guidelines.pdf
- 1. What is cybersecurity Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic information security. The term applies in a variety of contexts, from business to mobile computing, and can be divided into a few common categories. 1.Cybersecurity Attack? A Cybersecurity attack is any form of malicious activity that targets IT systems, or the people using them, to gain unauthorized access to the systems and the data or information they contain. In most cases, the cyber-attackers are criminals looking to exploit the attack for financial gain. In other cases, the aim is to disrupt operations by disabling access to IT systems, or in some cases directly damaging physical equipment. The latter type of attack is commonly state-backed and carried out by state actors, or cybercriminals in their employ. Cybersecurity attacks can be targeted at specific organizations or individuals, or they can be broadcast in nature and impact on multiple organizations regionally and globally. Often targeted attacks jump from their intended victims to become more general problems for all organizations. The NotPetya global infestation in June 2017 was likely a side effect of a targeted attack on Ukrainian banks and utilities by state actors. It had the intended impact on Ukraine, but it also spread globally and caused approximately $10 billion in costs to recover IT systems and in lost productivity according to articles covering the clean-up 2. Critical infrastructure security
- 2. Critical infrastructure security is the area of concern surrounding the protection of systems, networks and assets whose continuous operation is deemed necessary to ensure the security of a given nation, its economy, and the public’s health and/or safety. Although the elements of critical infrastructure vary to some extent on the country in question, there are many commonalities among nations. In the United States, the Department of Homeland Security (DHS) has identified 16 sectors involving critical infrastructure, including energy, communications, transportation, financial services, food and agriculture. With the ongoing trends to M2M networking and the Internet of Things (IoT), devices in industrial environments are increasingly connected to the internet and capable of exchanging data. Despite the importance of these systems, for those that aren’t involved in IT (information technology), security is often inadequate. Industrial control systems (ICS) are ubiquitous in many areas of critical infrastructure, controlling everything from nuclear power plants and other utilities to HVAC installations, robotics and even prison cell doors. When many such systems were built -- even in environments that were somewhat automated -- computing resources and connectivity were limited. As such, cybersecurity was not considered a very serious concern.
- 3. 3. Application security DoS security: DDoS stands for Distributed Denial for Service attack. In this digital attack, the attacker uses multiple numbers of devices to keep the web server engaged in accepting the requests sent by him from the multiple devices. It creates fake website traffic on the server. To deal with this, Cybersecurity helps to provide a DDoS mitigation service to help cope with it which diverts the traffic to the other cloud-based servers and the situation gets resolved. Web Firewall: A web application server-based firewall gets applied on a large area network and it checks all the incoming and outgoing traffic on the server and it automatically tracks and removes fake and malicious website traffic. This Cybersecurity measure helps to determine and enable auto-traffic monitoring by reducing attack risk. 4. Network security Network security is a broad term that covers a multitude of technologies, devices and processes. In its simplest term, it is a set of rules and configurations designed to protect the integrity,
- 4. confidentiality and accessibility of computer networks and data using both software and hardware technologies. Every organization, regardless of size, industry or infrastructure, requires a degree of network security solutions in place to protect it from the ever-growing landscape of cyber threats in the wild today. Today's network architecture is complex and is faced with a threat environment that is always changing and attackers that are always trying to find and exploit vulnerabilities. These vulnerabilities can exist in a broad number of areas, including devices, data, applications, users and locations. For this reason, there are many network security management tools and applications in use today that address individual threats and exploits and also regulatory non-compliance. When just a few minutes of downtime can cause widespread disruption and massive damage to an organization's bottom line and reputation, it is essential that these protection measures are in place 5. (IoT) security The Internet of Things (IoT) is a network of connected devices, each with a unique identifier that automatically collects and exchanges data over a network. IoT devices are used in multiple sectors and industries, including:
- 5. Consumer applications – IoT consumer products include smartphones, smart watches and smart homes, which control everything from air conditioning to door locks, all from a single device. Business applications – Businesses use a wide range of IoT devices, including smart security cameras, trackers for vehicles, ships and goods, as well as sensors that capture data about industrial machinery. Governmental applications – Governmental IoT applications include devices used to track wildlife, monitor traffic congestion and issue natural disaster alerts. 6. Denial of service attack A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network, making it inaccessible to its intended users. DoS attacks accomplish this by flooding the target with traffic, or sending it information that triggers a crash. In both instances, the DoS attack deprives legitimate users (i.e. employees, members, or account holders) of the service or resource they expected. Victims of DoS attacks often target web servers of high-profile organizations such as banking, commerce, and media companies, or government and trade organizations. Though DoS attacks do not
- 6. typically result in the theft or loss of significant information or other assets, they can cost the victim a great deal of time and money to handle. There are two general methods of DoS attacks: flooding services or crashing services. Flood attacks occur when the system receives too much traffic for the server to buffer, causing them to slow down and eventually stop. 7. (MITM) Attacks A MITM attack is a form of cyber-attack where a user is introduced with some kind of meeting between the two parties by a malicious individual, manipulates both parties and achieves access to the data that the two people were trying to deliver to each other. A man-in-the-middle attack also helps a malicious attacker, without any kind of participant recognizing till it's too late, to hack the transmission of data intended for someone else and not supposed to be sent at all. In certain aspects, like MITM, MitM, MiM or MIM, MITM attacks can be referred.
- 7. If an attacker puts himself between a client and a webpage, a Man-in-the-Middle (MITM) attack occurs. This form of assault comes in many different ways.