What is Cyber Security and Different Types of Cyber Security?
October 21st, 2022
In the last decade, Cyber crime has only increased with innumerous cyber attacks taking place every day on individuals and large corporations alike. Considering the digital age that we live in, it's important to answer the question - What is Cyber Security and why does it matter? In the simplest terms, Cyber Security is our internet's very own army against the malicious cyber threats our systems are constantly subjected to. It is defined as any practice, technology, process or control that defends our electronic devices, programs, systems and networks and the data on these from cyber attacks. Most people assume cyber attacks don't affect them in any way, but that's not true. Cyber crime affects everyone, and it is Cyber Security that is keeping our mobiles, laptops, softwares and networks free of hackers and other cyber criminals.
Why is Cyber Security Important?Cyber Security safeguards all kinds of information from theft and misuse. This includes sensitive information, personal details of individuals, medical records, intellectual property along with highly confidential government and industry related data. There is nothing stopping cyber criminals from targeting you, so throw out the notion that cyber crime does not concern you or isn't a big deal for an individual entity. Without any kind of precaution, your information or your company would be completely at the mercy of cyber threats and cyber attacks. In fact, the need for Cyber Security has increased tenfold as traditional Cyber Security practices like antiviruses and firewalls are no longer effective in holding cyber threats at bay. Since cyber crime can catch you off guard at any point from anywhere, it is important to cover all bases and ensure the highest level of security is maintained for all confidential and sensitive information.
Evolution of Cyber SecurityThe evolution of Cyber Security has gone hand in hand with the rise of cyber crime. All the way from 1971, when the first virus called the 'Creeper' affected systems on Tenex (an operating system). The virus was relatively harmless and displayed the words "I'm the Creeper. Catch me if you can!" across the screens of the affected computers. The Creeper led the world's first antivirus to be made, effectively called the 'Reaper'. The Reaper was a self-replicating version of the Creeper that moved through the net, deleting copies of the Creeper. There have been innumerable cyber attacks and counter attacks since the 70's, and we've come a long way from the relatively harmless Creeper. A few notable milestones in the history of Cyber Security have been:
- The inauguration of the Department of Homeland Security in 2002, by then U.S President George W Bush..
- The passing of the General Data Protection Regulation, in the EU (circa, 2018). This bill gave users more control over their personal data and mandated the protection of such data by the organisations.
The Internet of Things (IoT)Cytelligence recently reported that hackers are more likely to make use of individual mobile devices or IoT devices like Smart Home devices, Smart TV , etc. All it takes is getting access to one of these devices, for the hacker to then infiltrate all the devices connected on that common network. This leads the hacker to gain possession of sensitive data including the victims' medical records, personal information and bank statements.
Exponential Amounts of DataThe surplus of data flowing through the world concerns Cyber Security specialist and former Secretary of Homeland Security, Michael Chertoff. He claims that storing large amounts of data, especially when the data is confidential, can be an entryway for hackers to take over entire databases, which is why continuous efforts have to be made to safeguard these systems. Cyber crime has risen far beyond the harmless Creeper and become far more dangerous for the systems as well the users involved in the hack. In fact, cyber crime can now be categorised in several distinct categories, each one with different targets and remedies.
Types of Cyber ThreatsWe can grossly categorise the different types of cyber threats into these 7 sections:
MalwareAs the name suggests, Malware is a malicious software that gains access when a malicious link or attachment is clicked by the host. When activated by the user, the malware can:
- Block access to the device or account unless certain conditions are met (like a ransome being paid)
- Obtain confidential information directly from the hard drive (spyware)
- Install harmful software without the permission of the host
- Play havoc on individual components of the device, making the whole system unstable
EmotetEmotet was a banking trojan that evolved into one the most go-to malwares used to access the user's private information including bank statements. At one point, it was known as the most costly malwares to affect the world. Emotet was usually transmitted via downloadable links in spam mails. Once the victim clicked the link, the malware would get installed directly.
Denial of servicesA DoS is a type of attack where the computer network is overwhelmed with requests, which eventually leads the targeted computer unable to accept requests. Hackers sometimes use a botnet, which is also known as 'zombie systems', that are used to affect millions of computers at the same time.
Man in the MiddleMan in the Middle (MITM) refers to an attack where the hacker positions themselves in the middle of a conversation between the victim and the computer device. The hacker usually impersonates the system, making the user believe a normal exchange is taking place, and steals the personal information of the user.
PhishingAlmost all of us have one way or the other fallen for a phishing scam. Phishing attacks usually make use of fake communication (fake emails, messages, phone calls) to deceive the users into carrying out certain instructions (submitting bank details, log in credentials for websites), leading them to access the personal information of the user.
SQL InjectionSQL stands for Structured Query Language. An SQL injection is a type of cyber attack that infects servers using SQL with malicious code. Once infected the SQL server leaks out information.
Password AttacksMost systems are only one password away from being vulnerable to a host of attacks. Social Engineering is a type of attack where the perpetrator causes the victim to break standard protocol and reveal their passwords. In other cases, hackers directly hack into password databases and steal the information of millions of users in one swoop. Apart from this hackers just use plain ol' guessing. Keep 1234 as a password and it's just natural selection at this point 😜 Cyber crime has definitely risen to unimaginable heights in the last decade. However, not all is lost. With the rise of crime, the amount of security has risen too. Let's take a look at the types of Cyber Security in place that protects our systems from malicious attacks.
What are the three different types of Cyber Security?Just like cyber crime, Cyber Security too can be broadly categorised into several sections. Let's look at the 3 most prominent examples.
Database and Infrastructure securityDatabase and Infrastructure security is usually implemented for a cyber physical system, which includes everything from computers to water purifying systems and even electrical grids. Since all the networks we use include a physical counterpart, it would make sense to safeguard these first.
Network SecurityNetwork Security is a set of rules, protocols and techniques made to protect the accessibility and confidentiality of data using both software and hardware technologies. There are 3 types of Network Security:
Physical Network Securitystops unwanted access to the physical components part of the network (routers, cable cupboards, etc). Precautions like biometric scanners, physical locks, etc. are implemented as the first layer of security.
Technical Network Securitytakes care of all the data and information on the network as well as all the data getting transferred in and out of the network. TechSec makes use of various methods like network authentication management and IT security strategy.
Administrative Network Securitycontrols user behaviour, including deciding what kind of authentication will be required from the user, the level of control each user has as well as how the IT staff implement changes.
Application SecuritySince the entirety of the Tech world is running on applications, it is critical that we safeguard these softwares from malevolent attacks. Application security uses software and hardware for protection against threats that may appear during the development stage of an application life cycle. Application Security makes use of measures like firewalls, antivirus programs, encryption, etc. There are many other types of Cyber Security measures taken (Cloud security, Information security, etc.) that you'll learn about if you choose to become a Cyber Security specialist.
Careers in Cyber SecurityWith cyber crime at an all-time high, the demand for Cyber Security professionals has increased exponentially. And with the rising level of crimes also comes never-ending opportunities in this field. Some of the most in demand jobs for freshers in this field are:
- Cybersecurity Engineer
- Cybersecurity Analyst
- Network Engineer
- Cyber Security Consultant
- Cybersecurity Manager
- Systems Engineer
- Vulnerability Analyst
- Software Developer
- Cybersecurity Specialist
- Ethical Hacker