Showing posts with label CYBER SECURITY. Show all posts
Showing posts with label CYBER SECURITY. Show all posts

Tuesday, 19 May 2015

CYBER SECURITY :CRYPTOGRAPHY

CRYPTOGRAPHY

Crypto means Secret and Graphy means writing so cryptography means secret-writing 

                                                           or 
Cryptography is an art of transforming Plain-text (meaningful message) into Cipher-text (not meaningful message) and then re-transforming that message back to protect it from third party that can be hacker, cracker anyone.


As it is possible that encrypted message can sometimes be broken by Crypt-analysis, on the other hand cryptography techniques are virtually unbreakable. 



Some Basic concepts which are useful for Cryptography are:-
  1. Cryptanalysis - Code-breaking but without knowledge of key.
  2. Cipher - An Algo used to transform plain-text to cipher-text by transposition or substitution.
  3. Key - Secret information known to the sender and receiver only.
  4. Encode - Process of converting plain-text to cipher-text.
  5. Decode - Process of converting cipher-text to plain-text.
  6. Cryptology - Cryptography + Cryptanalysis.
As the use of Internet and other forms of electronic communication becoming handy day-by-day so the security of such communication is also becoming more important. Cryptography is used to protect e-mails, credit card information bank transactions corporate data governmental information. one of the most popular cryptography system used on the internet is Pretty Good Privacy because of its effectiveness.


Modern Cryptography concerns with following main objectives :-

  • Authentication of legitimate entities 
  • Confidentiality
  • Integrity
  • Non Repudiation(denial of service) 


Sunday, 17 May 2015

CYBER SECURITY - CYBER THEFT

What is Cyber Theft?


Cyber theft occurs when your financial or personal information is stolen via computers or smart phones. They are criminal offences committed via the Internet, online networks or any social media sites.

Cyber thieves can target both corporations and individuals. One cyber theft example happened with adobe as well when their intercepted message was got stolen that is another thing that they worked on it and nothing big happened and they said actually hash message got stolen so no need to worry big.

How to prevent from cyber theft?

  • Shop on secure websites.
  • Monitor your bank accounts or other personal sites.
  • Update your password with interval of time.
  • Smartly open your web-mails or electronic-mail.
  • Smartly use PC, Tablets and mobile of others.

The abuse of computers has also given birth to a gamut of new age crimes that are addressed by the Information Technology Act, 2000.

                             Cyber law in INDIA....


  
   The Indian Government has in 2003 announced plans on a comprehensive law for cyber crimes.

THE INFORMATION TECHNOLOGY ACT, 2000
                (No. 21 of 2000)

 CHAPTER XI
OFFENCES
66. Hacking with computer system.
1.  Whoever with the intent to cause or knowing that he is likely to cause wrongful loss or damage to          the public or any person destroys or deletes or alters any information residing in a computer                  resource or diminishes its value or utility or affects it injurious by any means, commits hack.


2.  Whoever commits hacking shall be punished with imprisonment up to three years, or with fine                 which may extend up to two Lakh rupees, or with both.

Sunday, 3 May 2015

Shoulder Surfing Attack






                                           Shoulder Surfing Attack

Shoulder Attack is comes under Cyber Security which is highly used. It refers to direct observation technique, such as looking over someones'shoulder to capture someone's personal information like Security codes,  PINs like ATM PIN number or Credit Card Information,  Passwords and Similar data.

Criminals often use used this technique to gain access to your personal accounts or read personal information, such as e-mails.

It is one of the effective way to get information in public places (Crowded areas) where the enforcer is not as likely to be caught because its quite easy to stand next to someone and watch as they fill out a form or enter any private information like use of calling card at a public pay phone, enter PIN number at an ATM machine or when you are entering your computer password.




Sometimes shoulder surfing is done for no reason other then to get an answer or just for fun or to irritate someone but in other instances it may constitute a security breach.

Shoulder surfing can also be done long distance with the aid of binoculars or cameras from a more remote location. 









To prevent shoulder surfing you must Shield paperwork or your keypad from view by using your body or cupping your hand.

CYBER SECURITY




Very first Question about Cyber security is, What is Cyber Security and Second one is Why do we need it???????

Cyber security is a step which has been taken to protect computer, network, program, data from unauthorized, unintended access, cyber threats take aim at secret, political, military, or infrastructural assets of a nation, or its people. Cyber security is therefore a critical part of any governments’ security strategy. The U.S. federal government for example, has allotted over $13 billion annually to cyber security since late 2010.

                                          

There are millions of reasons that why do we need cyber security.
In present scenario as internet is key of communication and education but has been misused for personal gain or sometime for fun as well, which resulted in cyber attack and unrivaled rise in cyber crime rate.
These rates are expected to increase, more rapidly in the coming years if cyber security is not put in place.

Basically attacks are classified into 2 types:--

  1. Active attack 
  2. Passive attack
  • In active attack third party not only reads data as well as modifies data
  • In passive attack third party only reads no modification of data.


 Some goals of security:--
  1. To protect from cyber theft.
  2. Protection from Viruses, Spyware, Phishing, Trojan, Integrity.
  3. Confidentiality of sensitive information.
  4. Provide access control.
  5. Non-repudiation.
  6. Ensure availability of system.
  7. Proper services to the legitimate user.
  8. Enable more trusted transaction online.
  9. Building of comprehensive cyber security plan.
  10. Authenticate legitimate entities.