Cybersecurity

Concepts
Prof Nitish Kumar
 Introduction & Overview of
Cybersecurity
• Definition:-
Cyber Security is the protection of Internet connected
system including hardware, software & program or data
from cyber attacks.
 Need of Cyber Security
• To protect private data
• To protect intellectual data
• To protect banking & financial data
• National security
• Global security
• To protect sensitive data
 History of Cybersecurity
Cybersecurity has evolved alongside the development of
computers, the internet, and digital technologies. Initially,
cybersecurity focused on simple threats, but as technology
advanced, the nature and complexity of cyberattacks grew
rapidly.
 Here is a chronological development of
cybersecurity

• 1970s: The Beginning

• Mainframe era: Computers were large, isolated, and centrally
managed.
• Creeper Virus (1971):
• First known computer virus, created by Bob Thomas.
• Displayed the message: “I’m the creeper, catch me if you can!”
• Reaper Program:
• First antivirus software, developed to delete the Creeper virus.
• Marked the beginning of the arms race between malware and security tools.
• 1980s: Rise of Personal Computing and First Laws
• Emergence of personal computers (PCs) increased vulnerability.
• Elk Cloner Virus (1982):
• One of the first viruses to spread outside labs (on Apple II systems).
• Computer Fraud and Abuse Act (1986, USA):
• One of the first cybersecurity laws to criminalize unauthorized computer access.
• Morris Worm (1988):
• First major internet worm; crashed ~10% of internet-connected systems.
• Created by Robert Tappan Morris, leading to the first felony conviction under the new
law.
 What is Cybercrime?
• Cybercrime means any crime that uses a
computer, mobile device, or the internet. Most of
the time, people do cybercrimes to make money.
Sometimes, they attack computers just to harm or
break them. Other times, they use computers to
spread harmful software, illegal content, or false
information
 Definition (as per IT Act,
2000, India)
"Any unlawful act wherein a computer or
communication device or computer network
is either a tool or target or both."
 Categories of Cybercrime
1. Cybercrime Against Individuals
2. Cybercrime Against Property
3. Cybercrime Against Government or Society
 1. Cybercrime Against
Individuals
These crimes target people directly. Examples include:
• Identity Theft – Stealing someone’s personal information like Aadhaar
number, PAN card number, or passwords to misuse it.
• Cyberstalking – Repeatedly sending messages or following someone online
to threaten or scare them.
• Online Defamation – Posting false or bad things about someone on the
internet to harm their image.
• Phishing Attacks – Fooling people into giving away their personal details by
pretending to be a trusted source (like a bank or company).
• Online Scams and Frauds – Tricking people through fake job offers, fake
lottery messages, or love-related frauds.
 Cybercrime Against Property
These crimes affect computer systems, data, or digital content. Examples:
• Hacking – Breaking into someone’s computer or network without
permission.
• Data Theft – Stealing important or secret information from someone’s
device or system.
• Intellectual Property Theft – Copying or using software, music, movies,
or games illegally without paying.
• Ransomware – Locking a person’s data and demanding money to unlock it.
• Cryptojacking – Using someone’s computer secretly to generate
cryptocurrency
Cybercrime Against Government or
Society
These crimes are done to harm the government or the public. Examples:
• Cyberterrorism – Attacking important systems (like electricity, water
supply) to create fear.
• Espionage – Secretly spying or stealing important government
information.
• Cyber Warfare – Cyberattacks done by one country against another.
• Spreading Misinformation – Spreading fake news or false
information online to create confusion or trouble.
 Techniques Used in Cybercrime
Cybercriminals use many different tricks and methods to attack
people and computer systems. Here are some common ones:
A. Phishing
• Sending fake emails or showing fake websites that look real.
• The goal is to trick people into giving their personal information like
passwords or bank details.
Example: A fake Gmail login page that steals your username
and password.
 Techniques Used in Cybercrime
B. Malware Attacks
• Using harmful software such as viruses, worms, Trojans, and spyware.
• These can steal data, damage files, or make your computer act strangely.
C. Ransomware
• A type of malware that locks your files.
• The hacker demands money (often in cryptocurrency) to unlock them.
Example: The WannaCry attack, which affected many
computers worldwide.
 Techniques Used in Cybercrime
D. Denial-of-Service (DoS) / Distributed DoS (DDoS)
• Flooding a website or server with too many requests.
• This makes the site slow or completely unavailable for real users.
E. Social Engineering
• Tricking people instead of hacking computers.
• The attacker may act like a trusted person to get secret information.
Example: Pretending to be from IT support and asking for your
password.
 Techniques Used in Cybercrime
F. SQL Injection
• Entering harmful code into a website’s input fields (like login
forms).
• This helps hackers to access or change the data stored in the
website’s database.
G. Cross-Site Scripting (XSS)
• Putting harmful scripts (code) into trusted websites.
• When users visit the site, their data can be stolen.
 Techniques Used in Cybercrime
H. Keylogging
• Using software to record everything a person types on their
keyboard.
• This can be used to steal passwords, PINs, or other private
information.
I. Zero-Day Exploits
• Taking advantage of a new security problem in software before it’s
fixed.
• Since it’s not known to the software makers yet, it’s very
dangerous.
Cybersecurity Goals (CIA Triad and
Extended Goals)
The primary goals of cybersecurity revolve around
protecting information and information systems from
unauthorized access, disruption, modification, or
destruction. These are often summarized using the CIA
Triad and its extended goals.
 A. CIA Triad
i. Confidentiality
Definition: Ensuring that data is only accessible to authorized users and systems.
Goal: Prevent unauthorized disclosure of information.
Examples:
Encrypting sensitive emails or files.
Using strong passwords and access controls.
Techniques:
Access Control Lists (ACLs)
Data Encryption (AES, RSA)
Multi-Factor Authentication (MFA)
 A. CIA Triad
ii. Integrity
Definition: Ensuring the accuracy, consistency, and trustworthiness of data.
Goal: Prevent unauthorized modification of data.
Examples:
Hashing files to verify they haven't been tampered with.
Database integrity constraints.
Techniques:
Cryptographic Hash Functions (SHA-256, MD5)
Digital Signatures
Checksums
 A. CIA Triad
iii. Availability
Definition: Ensuring reliable and timely access to data and systems for authorized users.
Goal: Prevent downtime and denial of access.
Examples:
Server load balancing.
Backup and disaster recovery.
Techniques:
Redundancy and failover mechanisms
DDOS protection
Cloud storage and CDN services
 B. Extended Goals of
Cybersecurity
iv. Authentication
Definition: Verifying the identity of users, systems, or entities before granting access.
Examples:
Logging into a system using a username and password.
Biometric verification (fingerprint, retina scan).
v. Authorization
Definition: Granting users specific levels of access and privileges based on their identity
and role.
Examples:
A user can view records but not delete them.
Admin rights vs. guest access.
 B. Extended Goals of
Cybersecurity
vi. Non-Repudiation
Definition: Ensuring that a party in a communication cannot deny the authenticity of their
signature or message.
Examples:
Digital signatures in legal documents.
Email tracking mechanisms.
vii. Accountability
Definition: Keeping track of user activities and system usage.
Examples:
Log files showing which users accessed which data.
Intrusion detection system (IDS) logs.
 2. Importance of Cybersecurity
In today's hyper-connected digital world, cybersecurity is
not just an IT issue; it's a strategic business imperative,
essential for national security, personal privacy, and the
functioning of society.
 2. Importance of Cybersecurity
A. Protection of Sensitive Data
Personal data (Aadhaar, SSN, credit card details)
Health records
Intellectual property
B. Preventing Financial Loss
Cybercrime cost businesses globally over $10 trillion annually (as per 2024 estimates).
Ransomware attacks often demand high payouts.
C. Safeguarding National Security
Protection of government and military data from foreign or terrorist attacks.
Cyber warfare and espionage have become real threats.
D. Maintaining Trust
Consumers, clients, and citizens expect secure services.
Data breaches damage company reputation and trust.
 2. Importance of Cybersecurity
E. Business Continuity
Cyberattacks like DDoS can shut down websites and applications.
Proper cybersecurity ensures availability and minimal downtime.
F. Legal and Regulatory Compliance
Many regulations now mandate data protection (e.g., GDPR, HIPAA, IT Act 2000 in
India).
Non-compliance can lead to heavy fines and legal actions.
G. Protecting Infrastructure
Includes critical systems: water supply, power grids, transportation, telecommunications.
Cybersecurity ensures these systems are not sabotaged or disrupted.