Data Structure
Networking
RDBMS
Operating System
Java
MS Excel
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
What are the different types of Cyber Security Threats?
The technique of protecting computers, servers, mobile devices, electronic systems, networks, and data against hostile intrusions is known as cyber security. It's also known as electronic information security or information technology security. Cyber attackers can utilize sensitive data to steal information or get access to a person's or company's bank accounts, among other potentially devastating acts, which is why cyber security specialists are so important for keeping private data safe.
Types of Concerns in Cyber Security
The following types of cyber security risks should be well understood by cyber security experts.
Viruses and Malware
Malevolent software includes spyware, ransomware, viruses, and worms. Malware is activated, and hazardous software is deployed when a user clicks on a malicious link or attachment. Once malware is introduced, according to Cisco, it can −
Critical network components have limited access (ransomware)
Increase the number of potentially dangerous applications installed.
Send data from the hard disc to obtain information without being discovered (spyware)
Individual components become faulty, rendering the system unusable.
The Emotet
Emotet is a "clever, modular banking Trojan that primarily works as a downloader or dropper of other banking Trojans," according to the Cybersecurity and Infrastructure Security Agency (CISA). One of the most expensive and hazardous illnesses is Emotet."
Service Disruption
A denial of service (DoS) attack floods a computer or network, making it impossible for it to reply to inquiries. A distributed DoS (DDoS) attack achieves the same result, except it does it across a computer network.
Cyber thieves typically use a flood attack to disrupt the "handshake" protocol and carry out a DoS. Additional ways may be employed, and some cyber thieves take advantage of the downtime to launch further attacks.
A botnet, which is a type of DDoS in which millions of devices are infected with malware and controlled by a hacker, is an information technology security software company. Botnets sometimes referred to as zombie systems, are computer networks that are designed to attack and overwhelm a single computer.
Man in the Middle Attack
A man-in-the-middle (MITM) attack occurs when hackers insert themselves into a two-party transaction. Cisco claims that after stopping transmission, they can filter and collect data. MITM attacks are frequent when a visitor uses an unsecured public Wi-Fi network. After erecting a barrier between the visitor and the network, the attackers employ malware to install software and steal data.
SQL Injection
SQL injection is a sort of cyber-attack that occurs when malicious code is injected into a SQL server. When a server is infected, it leaks information. Typing the malicious code into a search field on a vulnerable website is all it takes.
Attacks on Passwords
With the right password, a cyber-attacker can get access to a wide range of information. Data Insider describes social engineering as a "tactic cyber attackers utilize that depends primarily on human contact and frequently entails luring individuals into breaching simple security standards." Password attacks can also include gaining access to a password database or guessing a password.
The CIA Trinity of Cyber Security
There are three areas of concern in cyber security. This is known as the CIA trinity, which stands for data confidentiality, integrity, and availability. Information technologists frequently consider data confidentiality to be the most crucial of these. This is due to the fact that IT departments frequently deal with personally identifiable information (PII).
The necessity of secrecy is soon overwhelmed by the integrity and availability of data in smart pumping applications. Information availability to and from an application may be the most critical factor in terms of safety. That is, if data becomes unavailable as a result of an attack, such as a denial of service, the application's intelligence may be lost. The integrity of the data is also critical. The data would be compromised if it was altered in transit or at rest. As a result, any data analysis, whether conducted in real-time or afterward, would be suspect and potentially dangerous.
587 Views
