What is Cybersecurity Basics?
Cybersecurity basics word can be categorized into two different words viz cyber means “stuffs directly or indirectly related to computers” and security means “protecting kinds of stuff from getting misused”. The terminologies such as Computer Security or IT security are an alias for Cybersecurity basics.
In layman’s term, Cybersecurity basics are steps taken to protect vital information from any theft or damage to hardware, software as well as information contained in them. The vital information can be hacked (i.e. getting access without any privileges) by hacker i.e. person who carries out hacking. This hacker can be known to you or it may be someone anonymous. There is two different types of hacker i.e. white-hat and black-hat hacker.
White-hat hackers are generally people who are known to you and lets you know loophole and vulnerabilities in your system. They are also called an ethical hacker. These are generally hired by a corporate company in order to find security flaws in their system.
In Cybersecurity basics contrast, a black-hat hacker is people who carry out hacking in order to gain profit (or for fun or revenge) from vital information. This vital information can be individual confidential detail such as bank details, email access etc or company confidential details such as access to secure server etc.
The hacking carried out can be categorized into different types such as :
- Social Engineering
- Denial-Of-Service (DoS) attack
Social Engineering is a skill by which hacker gains vital information by mere having good communication with the victim. For eg., while communicating with a friend you disclose emails credentials that are heard by an unknown person right behind you (shown in screenshot 1).
In a real scenario, backdoors mean allowing secret entry and exit point to a vital resource. In terms of computer systems, a backdoor is any secret method of bypassing normal authentication or Cybersecurity basics controls. These backdoors may exist for multiple reasons such as the poor design of a system or intentional addition by a designer that is kept a secret to himself or that may have been added later by an authorized party to allow legitimate access to the system.
Denial-Of-Service (DoS) attack are those that involve no access to machines or network resources to authorized users. For eg., a hacking may enter the wrong password multiple times so that account gets locked or the machine/network may be overloaded to such an extent that all authorized users will not be able to access resources. In such case, an attack is carried out by a hacker from one machine i.e. single IP address. This can be handled by blocking specific IP address using a firewall. However, there may be a scenario that attack is carried out by a hacker from multiple machines. This is referred to as Distributed-Denial-Of-Service (DDoS) attack.
The term eavesdropping means secretly listening to a conversation. In terms of computer security, this is typically carried out between Cybersecurity basics hosts on a network (shown in screenshot 4). For eg., there is a program called Carnivore which is used by FBI (Federal Bureau of Investigation) in order to eavesdrop on the system of ISP (Internet Service Providers).
The term spoofing means to imitate something while exaggerating its characteristic features with some personal gain or profit. Spoofing of user identity can be described as a situation in which one person or program successfully masquerades (means pretending to be someone one is not) as another by falsifying data. For e.g. Making a call by a hacker (claiming to be an original user) to bank official for carrying out banking transactions.
Phishing is the fraudulent practice of sending emails purporting to be from reputable companies in order to induce individuals to reveal personal information such as username, passwords, and credit card details etc online. This is generally carried out by email spoofing or instant messaging. It usually directs users to a website that appears to be legitimate but is actually fake and is controlled by a hacker. The user enters confidential details at fake website thereby becoming a victim of phishing. Screenshot 6 shows how phishing website of Facebook is created.
The best way to stay secure from being hacked is not to use computers! This means you will be isolated from highway information called “Internet”. This seems to be a not possible approach to stay secure. There is another approach to staying secure by taking precautions while working with computers.
Personal Security Tips
Below are few personal security tips and tricks that can help you from getting hacked.
1. Wireless Home Cybersecurity Importance:
- Wi-Fi has always default password at an initial stage of installation. Change the default password of Wi-Fi. A password should be strong having an alphabet (both upper and lowercase), numeric, special characters and should be of at least eight characters.
- Always turn-on compatible WPA2 (Wireless Protected Access) / WEP (Wired Equivalent Privacy) encryption for Wi-Fi. It is better to use some encryption rather than using none.
- Change the default network name. This is because default networks are more prone to getting hacked.
- Enable MAC address filtering. This mechanism allows Wi-Fi to work only of registered MAC address.
- Do not auto-connect to open Wi-Fi network since such networks are more vulnerable to getting hacked.
- Turn off the network during extended periods of non-use.
2. Social Media Cybersecurity Importance:
- Use caution when you click on links that you receive in messages from the unknown sender. This is because links may redirect to a phishing website.
- Know what you’ve posted about yourself. Some people post confidential details such as personal contact number or address on social networks such as Facebook, Twitter etc which can be dangerous.
- Don’t trust that a message is really from who it says it’s from. It may be spoofing content that claims to be the original sender.
- Do not allow social networking services such as Facebook, Twitter, LinkedIn etc to scan your email address book. This may give door to read email content as well.
- Type the address of your social networking site directly into your browser instead of by clicking on the link since it may be phishing site waiting to gain your confidential details.
- Be selective about who you accept as a friend on a social network. If you add an unknown person on a social network then it may be the entry point of hacking.
- Choose your social networks carefully. Understand the privacy policies.
- Be careful about installing add-on applications on your sites since this add-on may be trojans that might gain access to your system.
3. Online Banking Cybersecurity Importance:
- Monitor your account regularly.
- avoid clicking through emails. Such email can be phishing trap and can land you in great trouble.
- Change your passwords regularly and make sure to use strong password always.
- Access your accounts from a secure location such as using Firefox rather than internet explorer.
- Do not be lured if you receive an email or SMS or any phone call promising reward for providing your personal information since it can be social engineering approach to hacking.
- Make sure you use only official bank sanctioned apps.]
4. Mobile Phone Cybersecurity Importance:
- Always use a pattern, PIN or passcode to lock your device. If the device is stolen and is not passcode protected then a hacker can misuse device.
- Auto-lock your phone to keep it secure.
- Data protection software should be used for device data protection.
- Keep your apps and device software up-to-date and always update from genuine website /source.
5. Kids care for cybersecurity Basics:
- Talk to your kids about, protecting their personal information, watching out for “free” stuff and using strong email passwords.
- Advise kids them to use security software to scan any programs downloaded.
- Monitor your kids P2P (Peer-2-Peer) activities or file-sharing habits.
- Teach them about phishing scams using a demonstration.
- Teach kids about apps they install.
First Image Source: pixabay.com
Here are some articles that will help you to get more detail about the Types Of Cybersecurity so just go through the link.