What is Cybersecurity Basics?
Cybersecurity basics word can be categorized into two different words viz cyber means “stuffs directly or indirectly related to computers” and security means “protecting kinds of stuff from getting misused”. The terminologies, such as Computer Security or IT security, are an alias for Cybersecurity basics.
In layman’s term, Cybersecurity basics are steps taken to protect vital information from any theft or damage to hardware, software, and information contained in them. The vital information can be hacked (i.e. getting access without any privileges) by a hacker, i.e. person who carries out hacking. This hacker can be known to you, or it may be someone anonymous. There is two different types of hacker, i.e. white-hat and black-hat hacker.
White-hat hackers are generally known to you and let you know loophole and vulnerabilities in your system. They are also called an ethical hacker. A corporate company generally hires these in order to find security flaws in their system.
In Cybersecurity basics contrast, a black-hat hacker is people who carry out hacking in order to gain profit (or for fun or revenge) from vital information. This vital information can be individual confidential detail such as bank details, email access, etc. or company confidential details such as access to a secure server, etc.
The hacking carried out can be categorized into different types, such as:
- Social Engineering
- Denial-Of-Service (DoS) attack
Social Engineering is a skill by which hacker gains vital information by mere having good communication with the victim. For, e.g., while communicating with a friend, you disclose emails credentials that an unknown person hears right behind you (shown in screenshot 1).
<lang=”EN-IN”>In a real scenario, backdoors mean allowing secret entry and exit points to a vital resource. A backdoor is any secret method of bypassing normal authentication or Cybersecurity basics controls in terms of computer systems. These backdoors may exist for multiple reasons, such as the poor design of a system or intentional addition by a designer that is kept a secret to himself or that may have been added later by an authorized party to allow legitimate access to the system
< lang=”EN-IN”>Denial-Of-Service (DoS) < lang=”EN-IN”>attacks are those that involve no access to machines or network resources to authorized users. For, e.g., hacking may enter the wrong password multiple times so that the account gets locked, or the machine/network may be overloaded to such an extent that all authorized users will not be able to access resources. In such a case, an attack is carried out by a hacker from one machine, i.e. single IP address. This can be handled by blocking a specific IP address using a firewall. However, there may be a scenario that a hacker carries out an attack from multiple machines. This is referred to as Distributed-Denial-Of-Service (DDoS) attack.
<lang=”EN-IN”>The term eavesdropping means secretly listening to a conversation. In terms of computer security, this is typically carried out between Cybersecurity basics hosts on a network (shown in screenshot 4). For, e.g., there is a program called Carnivore used by the FBI (Federal Bureau of Investigation) to eavesdrop on the system of ISP (Internet Service Providers).
<lang=”EN-IN”>The term spoofing means to imitate something while exaggerating its characteristic features with some personal gain or profit. Spoofing of user identity can be described as a situation in which one person or program successfully masquerades (means pretending to be someone one is not) as another by falsifying data, e.g. Making a call by a hacker (claiming to be an original user) to bank official for carrying out banking transactions.
< lang=”EN-IN”>Phishing <lang=”EN-IN”> is the fraudulent practise of sending emails purporting to be from reputable companies to induce individuals to reveal personal information such as username, passwords, credit card details, etc., online. This is generally carried out by email spoofing or instant messaging. It usually directs users to a website that appears to be legitimate but is actually fake and is controlled by a hacker. The user enters confidential details at a fake website, thereby becoming a victim of phishing. Screenshot 6 shows how the phishing website of Facebook is created.
The best way to stay secure from being hacked is not to use computers! This means you will be isolated from highway information called “Internet”. This seems to be a not possible approach to stay secure. There is another approach to staying secure by taking precautions while working with computers.
Personal Security Tips
Below are a few personal security tips and tricks that can help you from getting hacked.
1. Wireless Home Cybersecurity Importance
- Wi-Fi has always default password at an initial stage of installation. Change the default password of Wi-Fi. A password should be strong, having an alphabet (both upper and lowercase), numeric, special characters, and at least eight characters.
- Always turn-on compatible WPA2 (Wireless Protected Access) / WEP (Wired Equivalent Privacy) encryption for Wi-Fi. It is better to use some encryption rather than using none.
- Change the default network name. This is because default networks are more prone to getting hacked.
- Enable MAC address filtering. This mechanism allows Wi-Fi to work only on the registered MAC addresses.
- Do not auto-connect to open Wi-Fi networks since such networks are more vulnerable to getting hacked.
- <lang=”EN-IN”>Turn off the network <lang=”EN-IN”> during extended periods of non-use.
2. Social Media Cybersecurity Importance
- Use caution when you click on links that you receive in messages from the unknown sender. This is because links may redirect to a phishing website.
- Know what you’ve posted about yourself. Some people post confidential details such as personal contact number or address on social networks such as Facebook, Twitter etc. which can be dangerous.
- Don’t trust that a message is really from who it says it’s from. It may be spoofing content that claims to be the original sender.
- Do not allow social networking services such as Facebook, Twitter, LinkedIn, etc., to scan your email address book. This may give a door to read email content as well.
- Type the address of your social networking site directly into your browser instead of by clicking on the link since it may be a phishing site waiting to gain your confidential details.
- Be selective about who you accept as a friend on a social network. If you add an unknown person to a social network, it may be the hacking entry point.
- Choose your social networks carefully. Understand the privacy policies.
- Be careful about installing add-on applications on your sites since this add-on may be trojans that might gain access to your system.
3. Online Banking Cybersecurity Importance
- Monitor your account regularly.
- Avoid clicking through emails. Such an email can be a phishing trap and can land you in great trouble.
- Change your passwords regularly, and make sure to use a strong password always.
- Access your accounts from a secure location, such as using Firefox rather than internet explorer.
- Do not be lured if you receive an email or SMS or any phone call promising a reward for providing your personal information since it can be a social engineering approach to hacking.
- Make sure you use only official bank sanctioned apps.]
4. Mobile Phone Cybersecurity Importance
- Always use a pattern, PIN or passcode to lock your device. If the device is stolen and is not passcode protected, then a hacker can misuse the device.
- Auto-lock your phone to keep it secure.
- Data protection software should be used for device data protection.
- Keep your apps and device software up-to-date, and always update from a genuine website /source.
5. Kids care for cybersecurity Basics
- Talk to your kids about protecting their personal information, watching out for “free” stuff and using strong email passwords.
- Advise kids to use security software to scan any programs downloaded.
- Monitor your kid’s P2P (Peer-2-Peer) activities or file-sharing habits.
- Teach them about phishing scams using a demonstration.
- Teach kids about the apps they install.
First Image Source: pixabay.com
This has been a guide to the Cybersecurity Basics. Here we have discussed the basic concept, five Personal Security Tips, respectively. You may also have a look at the following articles to learn more –