UNDERSTANDING OF CYBER TERRORISM WHAT'S THE REALLY IT IS?
CYBER TERRORISM.....
After knowing about the EMPLOYEE AND ENTREPRENEUR in last post let's talk something new about CYBER CRIME (Tomorrow's terrorist may be able to do more damage with a keyboard than with a bomb) what is it's mean, what is its effect, why it happens after that How could we be safe and what precautions we can take?
First, let's know
WHAT IT'S MEAN?
>>> Cyber terrorism is a criminal who uses computer technology and the internet, especially to cause fear and disruption. Some cyber-terrorists spread computer viruses, and others threaten people electronically. Cyber terrorism is the convergence of terrorism and cyberspace. Its attack should result in violence against persons or property or at least cause enough harm to generate fear.
>>The effect of cybercrime can be extremely upsetting for victims, and not necessarily just for financial reasons. Victims may fee, that their privacy has been violated and that they are powerless.
>Also we know that as with any technological advance throughout history, whenever new
opportunities are created, there will always be those that exploit them for their own gain, hence we call it as a cyber threat.
>>The effect of cybercrime can be extremely upsetting for victims, and not necessarily just for financial reasons. Victims may fee, that their privacy has been violated and that they are powerless.
>Also we know that as with any technological advance throughout history, whenever new
opportunities are created, there will always be those that exploit them for their own gain, hence we call it as a cyber threat.
Types of cyber terrorism:-
* Attack on a computer system(Hacking)
→ Hacking in simple terms means an illegal intrusion into a computer system and network. Every act committed to breaking into a computer network is hacking.
* Distributive Denial of Service Attacks (DDOS)
→ The cyber terrorists may also use the method of distributed denial of services to overburden the Government and its agencies electronic bases. This is made possible by infecting several unprotected computers by virus attacks and taking control of them. They use these computers to send information or demand in such a large number that the server of the victim collapses.
* Cyber Stalking
→ This term is used to refer to the use of the internet, e-mail, or other electronic communications devices to stalk another person. Cyber stalking can be defined as the repeated acts of harassment or threatening behavior of the cyber-criminal towards the victim by using internet services.
→ This term is used to refer to the use of the internet, e-mail, or other electronic communications devices to stalk another person. Cyber stalking can be defined as the repeated acts of harassment or threatening behavior of the cyber-criminal towards the victim by using internet services.
* Email spam and Phishing
→ In which influencer floods the bandwidth or blocks the user's mails with spam mails and Phishers lure users to a phony website, usually by sending them an authentic appearing e-mail. Once at the fake site, users are tricked into divulging a variety of private information, such as passwords and account numbers.
* Online trading issues(Data robbery)
→ Hijacking e-mails, interference of an intermediary in the network leads to data modification or replacing an original data with duplicate and steal it.
→ Hijacking e-mails, interference of an intermediary in the network leads to data modification or replacing an original data with duplicate and steal it.
* Cyber warfare
→ It is an Internet-based conflict involving politically motivated attacks on information and information systems. Cyber warfare attacks can disable official websites, steal or alter classified data, and cripple financial systems.
→ It is an Internet-based conflict involving politically motivated attacks on information and information systems. Cyber warfare attacks can disable official websites, steal or alter classified data, and cripple financial systems.
What is it's effect?
Everyone knows that what happens if anyone steals someone personal data or uses it in a wrong way.
→ Loss of future customers revenues for an individual or groups of companies.
→ Simple hacking and computer viruses to causing of terror war using a computer.
→ It affects these fields Defense industry, Energy, Finance, Telecommunications, Transportation, because all depends on Networks to relay data, for communication purposes and for commercial transactions etc.
→ Loss of future customers revenues for an individual or groups of companies.
→ Simple hacking and computer viruses to causing of terror war using a computer.
→ It affects these fields Defense industry, Energy, Finance, Telecommunications, Transportation, because all depends on Networks to relay data, for communication purposes and for commercial transactions etc.
Anyway here is some examples of cyber terrorism:-
# Middle East Sparks Cyber Attacks: Pro-Palestinian and Pro-Israel Cyber Groups have been launching an offensive against websites and mails services used by the political sectors the opposing groups show support for, which included volley of email floods, DOS attacks, and ping flooding of such sites as the Israel Foreign Ministry, Israeli Defense Forces, and in reverse, sites that belonged to groups such as Hamas and Hezbollah.
# ISIS: Recent activities of ISIS in the Middle East and a series of videos released by them are potential cyber terrors. They are using Cyber space for their propaganda and for influencing vulnerable people to join ISIS.
Federal investigators were able to follow a digital trail linking Ferizi with known terrorist Tariq Hamayun and two Arizona men who attempted an attack on attendees at the "Draw Mohammad Contest" held in Garland, Texas in May 2015. Investigators leveraged this into an indictment, leading Malaysian officials to arrest Ferizi and extradite him to the U.S.
# India is the third-largest generator of spam worldwide, accounting for 35% of spam zombies and 11% of phishing hosts in the Asia-Pacific-Japan region. Over 6,000,000 computers were part of bot Networks (Botnet is a number of Internet-connected devices, each of which is running one or more bots. It can be used to perform DDOS attack.). India ranked first in the Asia-Pacific region and contributed 21% to the regional total.
In May 2016, the personal data of about 1 Cr IRCTC users was feared to have been leaked from the website's server.
# Middle East Sparks Cyber Attacks: Pro-Palestinian and Pro-Israel Cyber Groups have been launching an offensive against websites and mails services used by the political sectors the opposing groups show support for, which included volley of email floods, DOS attacks, and ping flooding of such sites as the Israel Foreign Ministry, Israeli Defense Forces, and in reverse, sites that belonged to groups such as Hamas and Hezbollah.
# ISIS: Recent activities of ISIS in the Middle East and a series of videos released by them are potential cyber terrors. They are using Cyber space for their propaganda and for influencing vulnerable people to join ISIS.
# A 20-year-old Kosovo hacker pleaded guilty in U.S. federal court on June 15 to providing material support to the Islamic State terrorist group by hacking into a U.S. company's networks and releasing names, address and financial information on hundreds of government employees and active military personnel.
Ferizi admitted to stealing the personally identifiable information of over 1000 U.S. service members and federal employees and providing it to ISIS with the understanding that they would incite terrorist attacks against those individuals.Federal investigators were able to follow a digital trail linking Ferizi with known terrorist Tariq Hamayun and two Arizona men who attempted an attack on attendees at the "Draw Mohammad Contest" held in Garland, Texas in May 2015. Investigators leveraged this into an indictment, leading Malaysian officials to arrest Ferizi and extradite him to the U.S.
# India is the third-largest generator of spam worldwide, accounting for 35% of spam zombies and 11% of phishing hosts in the Asia-Pacific-Japan region. Over 6,000,000 computers were part of bot Networks (Botnet is a number of Internet-connected devices, each of which is running one or more bots. It can be used to perform DDOS attack.). India ranked first in the Asia-Pacific region and contributed 21% to the regional total.
In May 2016, the personal data of about 1 Cr IRCTC users was feared to have been leaked from the website's server.
Why it happens?
Before knowing why people do this type of crime let's talk about what are the categories of cyber crimes:-
1) Cyber crimes against persons.
→ Cyber crimes committed against persons include various crimes like transmission of child pornography, harassment (it can be sexual, racial, religious or other) using e-mails and Cyber-stalking. Posting and distributing obscene material is one of the most important Cyber crimes known today.
Example:- Here is one of the example why this type of crimes happen go through below link-
https://www.hindustantimes.com/pune-news/rejected-man-uploads-ex-lover-s-illicit-video/story-mZ6hPQ5jsQ4OwhOOASi34I.html
Example:- Here is one of the example why this type of crimes happen go through below link-
https://www.hindustantimes.com/pune-news/rejected-man-uploads-ex-lover-s-illicit-video/story-mZ6hPQ5jsQ4OwhOOASi34I.html
2) Cyber crimes against property.
→ Cyber crime against property is a very wide topic, So I give you a brief idea about how this cyber crime happens
(i) Cyber Squatting (also known as domain squatting because its primary purpose is to steal or misspell a domain name in order to profit from an increase in website visits)
(ii) Software Piracy (It means the protected software is copied and modified it then distributed or sold it in a market)
It happens to obtain money, property, or for some other benefit also.
→ Cyber crime against property is a very wide topic, So I give you a brief idea about how this cyber crime happens
(i) Cyber Squatting (also known as domain squatting because its primary purpose is to steal or misspell a domain name in order to profit from an increase in website visits)
(ii) Software Piracy (It means the protected software is copied and modified it then distributed or sold it in a market)
It happens to obtain money, property, or for some other benefit also.
3) Cyber crimes against the government.
→ Cyber terrorism comes under this category. The growth of the internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international governments as also to terrorize the citizens of a country.
If you want to know more about it then Click here.
→ Cyber terrorism comes under this category. The growth of the internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international governments as also to terrorize the citizens of a country.
If you want to know more about it then Click here.
How could we be safe and what precautions we can take?
Prevention is always better than cure. It is always better to take certain precautions while working on the net. We have to follow the 5P mantra for online security:-
( Precaution, Prevention, Protection, Preservation, and Perseverance.)
PRECAUTION:-
* Always use latest antivirus software to guard against virus attacks.
* Use Firewall (firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and the untrusted external network, such as the Internet.)
* Use pop up blocker, Backup system & Intrusion detection system.
* Change passwords frequently.
* Uninstall unnecessary software.
PREVENTION:-
* Never send your credit card number to any site which is not secured.
* Avoid disclosing your identity to any strangers.
PROTECTION:-
* Digital signature:-It is a technique by which it is possible to secure electronic information, as well as the integrity of the information, can be verified.
* Encryption:- Encrypting sensitive records and messages, in transit and in storage using cryptography. The message or data to be encrypted, also known as the plain-text, is transformed by a function that is parameterized by a KEY. The output of the encryption process (cryptography), known as the ciphertext, is then transmitted through the insecure communication channel which is again broken down (crypt-analysis). It is done with the help of algorithms, few of them are- The secret-Key Algorithm, Data Encryption Standard(DES), Public Key Algorithms, RSA Algorithm, etc
* Security Audit:- A Security audit is a systematic evaluation of the security of a company's information system by measuring how well it conforms to a set of established criteria. It is to find out the vulnerabilities that an organization is facing with its IT infrastructure. A thorough audit typically assesses the security of the system's physical configuration and environment, software, information handling processes, and user practices.
* E-discovery investigation:- It includes areas like corruption, financial frauds, cyber crimes, serious frauds, and white collar crimes investigation, etc. Presently E-discovery services in India are in the infancy stage and this is the reason why many cases of corporate frauds and cyber crimes remain unreported.
PRESERVATION:-
* It is better to use security programs by the body corporate to control information on sites.
* IT department should pass certain guidelines and notifications for the protection of the computer system and should also bring out with some more strict laws to break down the criminal activities relating to cyberspace.
* As Cyber Crime is the major threat to all the countries worldwide, certain steps should be taken at the international level for preventing the cyber crime.
PERSEVERANCE:-
Agencies involved in cyber security:-
* Computer Emergency Response Team (Cert-In):- Cert-In operates under the authority of Department of Electronics and Information Technology, Ministry of Communications and Information Technology, Government of India. Cert-In is the national nodal agency for responding to computer security incidents as and when they occur.
* National Critical Information Infrastructure Protection Centre (NCIIPC)
* Defense Information Assurance and Research Agency (DIARA)
It is the nodal agency for cyber security related issues of the Tri-Services and Ministry of Defense.
* National Information Board (NIB):-It is an apex agency with representatives from relevant Departments and agencies that form part of the critical minimum information infrastructure in the country.
* National Crisis Management Committee (NCMC):-Dealing with major crisis incidents that have serious or national ramifications.
* National Security Council Secretariat (NSCS):-It is apex agency looking into the political, economic, energy and strategic security concerns of India and acts as the secretariat
to the NIB
* REMME:- It is a decentralized authentication system which aims to replace logins and passwords with SSL certificates stored on a blockchain.
* Guard time:- This company is creating "Keyless" signature systems using blockchain which is currently used to secure the health records of one million Estonian citizens.
Prevention is always better than cure. It is always better to take certain precautions while working on the net. We have to follow the 5P mantra for online security:-
( Precaution, Prevention, Protection, Preservation, and Perseverance.)
( Precaution, Prevention, Protection, Preservation, and Perseverance.)
PRECAUTION:-
* Always use latest antivirus software to guard against virus attacks.
* Use Firewall (firewall is a network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules. A firewall typically establishes a barrier between a trusted internal network and the untrusted external network, such as the Internet.)
* Use pop up blocker, Backup system & Intrusion detection system.
* Change passwords frequently.
* Uninstall unnecessary software.
* Uninstall unnecessary software.
PREVENTION:-
* Never send your credit card number to any site which is not secured.
* Avoid disclosing your identity to any strangers.
PROTECTION:-
* Encryption:- Encrypting sensitive records and messages, in transit and in storage using cryptography. The message or data to be encrypted, also known as the plain-text, is transformed by a function that is parameterized by a KEY. The output of the encryption process (cryptography), known as the ciphertext, is then transmitted through the insecure communication channel which is again broken down (crypt-analysis). It is done with the help of algorithms, few of them are- The secret-Key Algorithm, Data Encryption Standard(DES), Public Key Algorithms, RSA Algorithm, etc
* Security Audit:- A Security audit is a systematic evaluation of the security of a company's information system by measuring how well it conforms to a set of established criteria. It is to find out the vulnerabilities that an organization is facing with its IT infrastructure. A thorough audit typically assesses the security of the system's physical configuration and environment, software, information handling processes, and user practices.
* E-discovery investigation:- It includes areas like corruption, financial frauds, cyber crimes, serious frauds, and white collar crimes investigation, etc. Presently E-discovery services in India are in the infancy stage and this is the reason why many cases of corporate frauds and cyber crimes remain unreported.
PRESERVATION:-
* It is better to use security programs by the body corporate to control information on sites.
* IT department should pass certain guidelines and notifications for the protection of the computer system and should also bring out with some more strict laws to break down the criminal activities relating to cyberspace.
* As Cyber Crime is the major threat to all the countries worldwide, certain steps should be taken at the international level for preventing the cyber crime.
PERSEVERANCE:-
Agencies involved in cyber security:-
* Computer Emergency Response Team (Cert-In):- Cert-In operates under the authority of Department of Electronics and Information Technology, Ministry of Communications and Information Technology, Government of India. Cert-In is the national nodal agency for responding to computer security incidents as and when they occur.
* National Critical Information Infrastructure Protection Centre (NCIIPC)
* Defense Information Assurance and Research Agency (DIARA)
It is the nodal agency for cyber security related issues of the Tri-Services and Ministry of Defense.
* National Information Board (NIB):-It is an apex agency with representatives from relevant Departments and agencies that form part of the critical minimum information infrastructure in the country.
* National Crisis Management Committee (NCMC):-Dealing with major crisis incidents that have serious or national ramifications.
* National Security Council Secretariat (NSCS):-It is apex agency looking into the political, economic, energy and strategic security concerns of India and acts as the secretariat
to the NIB
* REMME:- It is a decentralized authentication system which aims to replace logins and passwords with SSL certificates stored on a blockchain.
* Guard time:- This company is creating "Keyless" signature systems using blockchain which is currently used to secure the health records of one million Estonian citizens.
Comments
Post a Comment