CMSC413 Introduction Cyber Security

The practise of securing a computer network from intruders, whether targeted attackers or opportunistic malware, is known as network security.

Application security is concerned with ensuring that software and devices are free of dangers. A hacked application could allow access to the data it was supposed to secure. Security starts throughout the design phase, long before a programme or device is deployed.

Data integrity and privacy are protected by information security, both in storage and in transport.

The processes and decisions for handling and securing data assets are included in operational security. The protocols that dictate how and where data may be kept or exchanged, as well as the permissions users have while accessing a network, all fall under this umbrella.

Disaster recovery and business continuity are terms used to describe how a company reacts in the case of a cyber-security breach or any other catastrophe that results in the loss of operations or data. Disaster recovery policies define how an organisation returns operations and information to the same operational capabilities as before the disaster. Business continuity is the plan that an organisation uses when it is unable to operate due to a lack of resources.

End-user education addresses the most unpredictably unpredictable aspect of cyber-security: people. By failing to follow appropriate security measures, anyone can unintentionally introduce a virus into an otherwise protected system. It is critical for every organization's security to teach users to delete suspicious email attachments, not plug in unrecognised USB drives, and a variety of other key teachings.

Cybercrime refers to individuals or groups who attack systems for monetary gain or to cause disruption.

Politically motivated information collection is common in cyber-attacks.

The goal of cyberterrorism is to generate panic or dread by undermining electronic systems.

Malware - It is a term that refers to malicious software. Malware is software designed by a cybercriminal or hacker to disrupt or damage a legitimate user's computer. It is one of the most common cyber dangers. Malware, which is commonly sent by an unsolicited email attachment or a legitimate-looking download, can be used by cybercriminals to gain money or in politically motivated cyber-attacks. There are a number of different types of malware, including – virus, Trojans, spyware, ransomware, botnets etc.

SQL injection - An SQL (structured language query) injection is a type of cyber-attack that allows a hacker to take control of a database and steal information from it. Using a malicious SQL query, cybercriminals exploit vulnerabilities in data-driven systems to install malicious code into a database. This provides them with access to the database's sensitive information.

Phishing - When fraudsters send emails that look to be from a reputable company and ask for sensitive information, this is known as phishing. Phishing attacks are frequently used to trick people into divulging personal information such as credit card numbers and passwords.

Man-in-the-middle attack - A man-in-the-middle attack is a type of cyber threat in which a hacker intercepts communication between two people in order to obtain information. On an insecure WiFi network, for example, an attacker could intercept data passing between the victim's device and the network.

Denial-of-service attack - A denial-of-service attack occurs when thieves flood a computer system's networks and servers with traffic, preventing it from fulfilling legitimate requests. This makes the system unworkable, prohibiting an organisation from doing essential tasks