Cybersecurity involves protecting computers, servers, networks, and data from malicious attacks. There are several categories of cybersecurity including protecting critical infrastructure, applications, networks, IoT devices, and defending against denial of service and man-in-the-middle attacks. Critical infrastructure security focuses on protecting systems necessary for national security, the economy, and public health and safety. Network security establishes rules and configurations to protect network integrity, confidentiality, and accessibility from evolving cyber threats.
1. What is cybersecurity
Cyber security is the practice of defending computers, servers,
mobile devices, electronic systems, networks, and data from
malicious attacks. It's also known as information technology security
or electronic information security. The term applies in a variety of
contexts, from business to mobile computing, and can be divided into
a few common categories.
1.Cybersecurity Attack?
A Cybersecurity attack is any form of malicious activity that targets IT
systems, or the people using them, to gain unauthorized access to
the systems and the data or information they contain. In most cases,
the cyber-attackers are criminals looking to exploit the attack for
financial gain. In other cases, the aim is to disrupt operations by
disabling access to IT systems, or in some cases directly damaging
physical equipment. The latter type of attack is commonly
state-backed and carried out by state actors, or cybercriminals in
their employ.
Cybersecurity attacks can be targeted at specific organizations or
individuals, or they can be broadcast in nature and impact on multiple
organizations regionally and globally. Often targeted attacks jump
from their intended victims to become more general problems for all
organizations. The NotPetya global infestation in June 2017 was likely
a side effect of a targeted attack on Ukrainian banks and utilities by
state actors. It had the intended impact on Ukraine, but it also spread
globally and caused approximately $10 billion in costs to recover IT
systems and in lost productivity according to articles covering the
clean-up
2. Critical infrastructure security
2. Critical infrastructure security is the area of concern surrounding the
protection of systems, networks and assets whose continuous
operation is deemed necessary to ensure the security of a given
nation, its economy, and the public’s health and/or safety.
Although the elements of critical infrastructure vary to some extent
on the country in question, there are many commonalities among
nations. In the United States, the Department of Homeland Security
(DHS) has identified 16 sectors involving critical infrastructure,
including energy, communications, transportation, financial services,
food and agriculture.
With the ongoing trends to M2M networking and the Internet of Things
(IoT), devices in industrial environments are increasingly connected
to the internet and capable of exchanging data. Despite the
importance of these systems, for those that aren’t involved in IT
(information technology), security is often inadequate.
Industrial control systems (ICS) are ubiquitous in many areas of
critical infrastructure, controlling everything from nuclear power
plants and other utilities to HVAC installations, robotics and even
prison cell doors. When many such systems were built -- even in
environments that were somewhat automated -- computing resources
and connectivity were limited. As such, cybersecurity was not
considered a very serious concern.
3. 3. Application security
DoS security: DDoS stands for Distributed Denial for Service
attack. In this digital attack, the attacker uses multiple numbers
of devices to keep the web server engaged in accepting the
requests sent by him from the multiple devices. It creates fake
website traffic on the server. To deal with this, Cybersecurity
helps to provide a DDoS mitigation service to help cope with it
which diverts the traffic to the other cloud-based servers and the
situation gets resolved.
Web Firewall: A web application server-based firewall gets
applied on a large area network and it checks all the incoming
and outgoing traffic on the server and it automatically tracks and
removes fake and malicious website traffic. This Cybersecurity
measure helps to determine and enable auto-traffic monitoring
by reducing attack risk.
4. Network security
Network security is a broad term that covers a multitude of
technologies, devices and processes. In its simplest term, it is a set of
rules and configurations designed to protect the integrity,
4. confidentiality and accessibility of computer networks and data using
both software and hardware technologies. Every organization,
regardless of size, industry or infrastructure, requires a degree of
network security solutions in place to protect it from the ever-growing
landscape of cyber threats in the wild today.
Today's network architecture is complex and is faced with a threat
environment that is always changing and attackers that are always
trying to find and exploit vulnerabilities. These vulnerabilities can
exist in a broad number of areas, including devices, data,
applications, users and locations. For this reason, there are many
network security management tools and applications in use today
that address individual threats and exploits and also regulatory
non-compliance. When just a few minutes of downtime can cause
widespread disruption and massive damage to an organization's
bottom line and reputation, it is essential that these protection
measures are in place
5. (IoT) security
The Internet of Things (IoT) is a network of connected
devices, each with a unique identifier that automatically
collects and exchanges data over a network.
IoT devices are used in multiple sectors and industries,
including:
5. Consumer applications – IoT consumer products include
smartphones, smart watches and smart homes, which
control everything from air conditioning to door locks,
all from a single device.
Business applications – Businesses use a wide range of
IoT devices, including smart security cameras, trackers
for vehicles, ships and goods, as well as sensors that
capture data about industrial machinery.
Governmental applications – Governmental IoT
applications include devices used to track wildlife,
monitor traffic congestion and issue natural disaster
alerts.
6. Denial of service attack
A Denial-of-Service (DoS) attack is an attack meant to shut down a
machine or network, making it inaccessible to its intended users. DoS
attacks accomplish this by flooding the target with traffic, or sending it
information that triggers a crash. In both instances, the DoS attack
deprives legitimate users (i.e. employees, members, or account holders)
of the service or resource they expected.
Victims of DoS attacks often target web servers of high-profile
organizations such as banking, commerce, and media companies, or
government and trade organizations. Though DoS attacks do not
6. typically result in the theft or loss of significant information or other
assets, they can cost the victim a great deal of time and money to
handle.
There are two general methods of DoS attacks: flooding services or
crashing services. Flood attacks occur when the system receives too
much traffic for the server to buffer, causing them to slow down and
eventually stop.
7. (MITM) Attacks
A MITM attack is a form of cyber-attack where a user is introduced
with some kind of meeting between the two parties by a malicious
individual, manipulates both parties and achieves access to the data
that the two people were trying to deliver to each other. A
man-in-the-middle attack also helps a malicious attacker, without any
kind of participant recognizing till it's too late, to hack the
transmission of data intended for someone else and not supposed to
be sent at all. In certain aspects, like MITM, MitM, MiM or MIM, MITM
attacks can be referred.
7. If an attacker puts himself between a client and a webpage, a
Man-in-the-Middle (MITM) attack occurs. This form of assault comes
in many different ways.