GS-3: Challenges to internal security through communication networks, basics of cyber security;
Key words: cyber security, malware, Log4shell, Ramsomeware, IoT, Trojan,
Why in News:
- A critical vulnerability called Log4Shell, detected last week in widely used open-source logging software Apache Log4J, is now being exploited by attackers to target organizations all over the world, including India.
What is the Cyber Security?
- Cyber security is the application of technologies, processes and controls to protect systems, networks, programs, devices and data from cyber-attacks.
- It aims to reduce the risk of cyber-attacks and protect against the unauthorised Types of cyber security threats
Types of Cyber Security threats:
There are dozens of types of cyber security threats, but the following are some of the most common ones:
- DDoS Attack: A DDoS or Distributed Denial of Service Attack is when cyber-criminals overwhelm a network or its servers by sending too much traffic. This prevents the network from handling valid requests and makes the entire system unusable. It can completely stop organizations
- Malware: This malicious software can include computer viruses, spyware, Trojan horses, worms, and any other program or file that can harm the computer. Malware is commonly spread by downloads that seem legitimate or attachments in emails.
- Botnets are numerous computers infected with malware that form a network. Cyber-criminals use them to perform online tasks without the permission of the devices’ owners.
- Ransomware will lock data and files and threaten to leave the files locked or delete them unless the victim sends payment.
- Spyware records the actions of a user, such as gathering credit card information.
- Trojans are malware but disguised to appear as legitimate software. After being uploaded, they collect data or cause damage
- Man-in-the-Middle Attack: This type of attack involves the cyber-criminal intercepting conversations or data transmissions between multiple people. An example would be a cyber-attack using an unsecured Wi-Fi network to intercept the data that the victim sends from their computer to the network.
- Phishing: This type of cyber security threat involves sending fake emails from seemingly legitimate sources to get information such as credit card details or passwords.
- Social Engineering: This type of attack tricks users to break security procedures by using human interactions. Cyber criminals commonly combine social engineering attacks with others, such as phishing, to increase the chances of the victim clicking on a link or downloading a file.
- SQL Injection: SQL stands for Structured Query Language. A SQL injection aims to perform actions on data in a database and potentially steal it. It involves inserting malicious code via SQL statements, taking advantage of data-driven applications’ vulnerabilities. Exploitation of systems, networks and technologies.
Log4Shell
- Log4Shell is a zero-day vulnerability in Log4j, a popular Java logging framework, involving arbitrary code execution. The vulnerability was privately disclosed to Apache by Alibaba's Cloud Security Team on 24 November 2021 and publicly disclosed on 9 December 2021.
Why is Cyber Security Important for Companies Today?
- Rise of Cyber Crimes: Be it a large scale or a small scale firm, hackers and cyber criminals spare no one. Rather, they lookout for opportunities to exploit data and get money out of these firms.
- Cyber-attacks continue to grow in sophistication, with attackers using an ever-expanding variety of tactics. These include social engineering, malware and ransomware).
- Growth of IoT Devices: With the mission to create smart cities with smart devices, our dependency to connect everything to the internet has increased too. The introduction of IoT technology i.e. Internet of Things, has not only simplified and speed up our tasks but has also created a pit of new vulnerabilities for hackers to exploit.
- Bridge to Security Gap: Human resources and IT resources have always been one of the most important aspects of any organization. Regardless of their dependency on each other, there has always been a security gap between both aspects.
- Security of Data: When it comes to data security, it can be clearly seen how organizations are getting highly comfortable in keeping their information online. With the alarming number of data breaches and information leaks making news headlines almost every day, it can be seen how vulnerable the data left is online.
Cyber Attacks in India
- According to Kaspersky’s telemetry, when the world went into lockdown in March 2020, the total number of brute force attacks against remote desktop protocol (RDP) jumped from 93.1 million worldwide in February 2020 to 277.4 million 2020 in March—a 197 per cent increase.
- The numbers in India went from 1.3 million in February 2020 to 3.3 million in March 2020. From April 2020 onward, monthly attacks never dipped below 300 million, and they reached a new high of 409 million attacks worldwide in November 2020. In July 2020, India recorded its highest number of attacks at 4.5 million.
- In February 2021—nearly one year from the start of the pandemic—there were 377.5 million brute-force attacks—a far cry from the 93.1 million witnessed at the beginning of 2020. India alone witnessed 9.04 million attacks in February 2021. The total number of attacks recorded in India during Jan & Feb 2021 was around 15 million.
Why Do We Still Face Cyber Attacks?
- The Indian digital space is not driven by strict regulation as compared to other foreign countries like USA, Europe and Canada. It becomes comparatively an easier task for attackers to exploit security loopholes against exposed network devices and addresses.
- India’s cyber footprint is huge, to say the least. This adds to the probability of getting hacked too. And when it comes to phishing attacks, cyber awareness and cyber hygiene are indispensable in maintaining a strong defensive posture against attacks of this kind
- There are several reasons why companies often find themselves in troubled waters like when they keep their databases behind single, exploitable layers of security, and do not have enough measures in place to prevent a breach.
- When customers/employees start accessing enterprise resources from unsecured networks or personal devices, it puts the entire network at risk. In most cases, the point of entry / access is the target and once credentials are stolen, the chances of protecting the data is very low as the intent of cyber-attack may vary from espionage, stealing IP or just ransomware.
- Since the pandemic has driven institutions and individuals to expose their applications, devices and data over the internet to collaborate, this has resulted in an opportunity for cyber threats.
Cyber Attacks in India
- According to Kaspersky’s telemetry, when the world went into lockdown in March 2020, the total number of brute force attacks against remote desktop protocol (RDP) jumped from 93.1 million worldwide in February 2020 to 277.4 million 2020 in March—a 197 per cent increase.
- The numbers in India went from 1.3 million in February 2020 to 3.3 million in March 2020. From April 2020 onward, monthly attacks never dipped below 300 million, and they reached a new high of 409 million attacks worldwide in November 2020. In July 2020, India recorded its highest number of attacks at 4.5 million.
- In February 2021—nearly one year from the start of the pandemic—there were 377.5 million brute-force attacks—a far cry from the 93.1 million witnessed at the beginning of 2020. India alone witnessed 9.04 million attacks in February 2021. The total number of attacks recorded in India during Jan & Feb 2021 was around 15 million.
Government initiatives for Cyber security:
- National Cyber Security Strategy 2020
- Cyber Surakshit Bharat Initiative.
- Cyber Swachhta Kendra.
- Online cybercrime reporting portal.
- National Cyber Policy, 2013
- Indian Cyber Crime Coordination Centre (I4C).
- National Critical Information Infrastructure Protection Centre (NCIIPC).
- Information Technology Act, 2000.
Source: LiveMint
Mains Question:
Q. What is cyber security? How India is vulnerable to cyber threats? Explain it with example.