Technology is growing every day, and as it grows, it transforms our digital world. Internet use is increasing exponentially, making us correspondingly more vulnerable to cyber-attacks. By learning how cybercriminals attack and how to secure our systems and data against those attacks, you will be able to minimize the risk of data breaches and the devastation they bring with them.
Computer security deals with the protection of computer systems and information from harm, theft, and unauthorized use. The main reason users get attacked frequently is that they lack adequate defenses to keep out intruders, and cybercriminals are quick to exploit such weaknesses. Computer security ensures the confidentiality, integrity, and availability of your computers and their stored data.
The following topics will be covered in this computer security article:
Before we learn about computer security, let us understand why users get attacked.
Learn to manage information security with more clarity with the Ethical Hacking Certification Training. Enroll today.
Before getting into how to secure data from breaches, we must try to understand the motives behind these attacks. By knowing the motives behind the attacks, it’s easy for cybersecurity professionals to secure the systems. The main motives for attacking an organization’s or individual’s computer are:
We will next look at the types of attacks before understanding all about computer security.
There are many kinds of attacks available to the dedicated hacker. These are among the most famous and frequent types of attacks.
This is an attack used to restrict the user’s access to the system resources by flooding the server with useless traffic. The botmaster commands all the bots to access a resource at the same time so that the resource gets hopelessly jammed up. Then, if a legitimate user wants to access that same resource, they will not be able to do so. This is illustrated below:
Fig: Denial of service illustration
This is a malicious program that disrupts or damages the computer. There are four main types of malware:
Say, for example, you want to do an online transaction. You connect to your bank and conduct the payment. Simple, right? This is illustrated in the below image:
Fig: Man in the middle attack (1)
Now, while you are doing a transaction, you have to enter the details of your card and the PIN. The cyber attacker spoofs you and monitors your transaction. As soon as you enter your details, he will have access to all of that information, as shown in the below image:
Fig: Man in the middle attack (2)
The attacker sends bait, often in the form of an email. It encourages people to share their details. For example, you get an email like this:
If someone is a customer of ABC bank, he would probably open the link and enter the details. But these kinds of emails are always phishing. Banks do not send emails like this.
Attacker observes traffic on your system and the work you are doing. The attacker can monitor you in three ways:
As the name suggests, an SQL injection vulnerability allows an attacker to inject malicious input into a SQL statement. This type of attack happens only on websites. The best example would be www.facebook.com. There is a database stored on the Facebook website. The hackers get into that database and sign in using someone else's username and password.
To crack a password or find a password, hackers employ the following techniques:
Attackers create social situations that encourage you to share your password. For example, let’s say that you are out of your office, and you get a call. The person says that he is from the IT department and they have found out that your system has been compromised. He asks you to share your password. You might believe him and share your password. However, the caller was, in fact, a hacker, and how he has your password. Now that he has access, he can compromise your organization's data. The best way to avoid the effects of social engineering is to learn your organization’s protocol regarding password sharing.
So now that we have the why’s and the how’s let’s explore the what’s - Of computer security.
The security of any organization starts with three principles: confidentiality, integrity, and availability. This is called CIA (no relation to the American spy organization!). CIA has served as the industry standard for computer security since the advent of the first mainframes.
Fig: CIA triad
We’ve covered the why’s, how’s, and what’s. Now let’s put that information into action and get a better understanding of computer security.
Two-factor authentication adds a layer of security to the authentication process by making it harder for attackers to gain access to a person's devices or online accounts. For example, when you make online payments, you first have to confirm your card’s cvv number, then you undergo a second confirmation by providing your mobile number.
Create strong passwords so that no one will be able to hack or guess your password. The best passwords include:
Always keep your system and all its software updated. Many updates contain additional defenses against cyber attacks.
Antivirus is a computer program used to prevent, detect, and remove malware. Examples of antivirus include Norton, Quickheal, and McAfee.
Firewalls prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets.
When you get an email that looks suspicious or has no relation to you, then do the following:
This is the process of converting ordinary plain text into unintelligible text and vice-versa. Encryption is used in many applications like:
Unfortunately, cybercrime is increasing daily, so it’s imperative to have a solid grasp of the best cybersecurity practices. While the internet is transforming and improving our lives, the vast network and its associated technologies have become a lucrative hunting ground for a growing number of cybercriminals, agents from which individuals and businesses must protect themselves.
The consequences of these attacks can range from the ruin of a business to the crashing of a national economy. Confidential or sensitive data can be lost, privacy violated, and reputations ruined. Your computer could even be used by a hacker to attack other computers, which in turn could send the authorities looking for you!
If you’d like to learn more about cybersecurity, check out Simplilearn’s Introduction to cybersecurity Course for cybersecurity Beginners. The course is designed to give you a foundational look at today’s cybersecurity landscape and provide you with the tools to evaluate and manage security protocols in information processing systems.
If you’re already proficient with the basics, consider Simplilearn’s Post Graduate Program in Cyber Security or the Cybersecurity Expert Master’s program. This program will equip you with the skills needed to become an expert in this rapidly growing domain. You will learn comprehensive approaches to protecting your infrastructure, including securing data and information, running risk analysis and mitigation, architecting cloud-based security, achieving compliance, and much more with this best-in-class program.
Not only do these courses empower you with greater cybersecurity skills, but they can also be the foundation for a whole new career! Check out Simplilearn today, and get started.
Name | Date | Place | |
---|---|---|---|
CEH (v11)- Certified Ethical Hacker | 15 Mar -9 Apr 2021, Weekdays batch | Your City | View Details |
CEH (v11)- Certified Ethical Hacker | 26 Mar -24 Apr 2021, Weekdays batch | Atlanta | View Details |
CEH (v11)- Certified Ethical Hacker | 3 Apr -2 May 2021, Weekend batch | Washington | View Details |
Lakshay Mor is a Research Analyst at Simplilearn who specializes in the cybersecurity field. He has in-depth knowledge of ethical hacking and penetration testing and passionately writes about these hot topics. He loves playing basketball and a big-time fan of gaming.
CEH (v11)- Certified Ethical Hacker
Introduction to Cyber Security
*Lifetime access to high-quality, self-paced e-learning content.
Explore Category