CYBER SECURITY

It is the protection of internet connected systems which include hardware,

software and data from cyber-attack. It is made up of two words cyber and security.
Cyber is related to technology which contain systems, networks, programs and
data. Whereas, security is related to the protection which include system security,
network security, application and information system.

WHY CYBER SECURITY IS IMPORTANT

• Cyber-attack can be extremely expensive for businesses to endure.
• The financial damage suffered by the businesses as regards to data breech can
inflict untold reputational damages.
• Cyber-attacks these days are becoming progressively destructive whereby cyber
criminals are using sophisticated ways to initiate cyber-attack.

FUNDAMENTALS OF CYBER SECURITY

1. CONFIDENTIALITY – this is about preventing the disclosure of data to
unauthorized party. It also means trying to keep the identity of authorized party
involved in sharing and holding data private and anonymously. Often times
confidentiality is compromised by cracking poorly encrypted data, man-in-the-
middle and disclosing of sensitive data.
Measures to establish confidentiality
- Data encryption
- Two factory authentications
- Biometry authentication
- Security tokens.
Assignment
Write a note on term-paper of 150 words on the first ever cybercrime that occur,
the year, name, method used and how it was done.
2. INTEGRITY
This refer to protecting the information from being modified by unauthorized
party.
Measures to establish integrity
- Cryptography checksums
- Using file permission
- Uninterrupted power supply
- Data backups.

3. AVAILABILITY
This is making sure that authorized parties are able to access information when
needed.
Measures to establish availability
- Backing up data to external drives
- Implementing firewalls
- Having backup power supplies
- Data redundancy.

TYPES OF CYBER ATTACK

A cyber-attack is an exploitation of computer system and networks. It uses
malicious codes to alter computer codes, logic and data and lead to cybercrimes
such as information and identity theft. There are two types of cyber-attacks, which
are;
- Web-based attacks.
- System-based attacks.

1. WEB-BASED ATTACKS occur on the web site or web applications.

Examples/classification of web-based attacks are as follows;

- Injection attack – it is an attack where some data will be injected into a web
application to manipulate the application and fetch the required information.
Eg SQL injection, code injection, log injection, xml injection.
- DNS spoofing – it is a type of security attacking whereby a data is introduced
into the DNS resolver cache causing the main server to return an incorrect IP
address diverting traffic to attacker’s computer or any other computer.

- Session hijacking – it is a security attack on a user session over a protected

network. Web application creates cookies to store the state and user session by
stealing the cookies, and attacker can have access to all the user data.

- Phishing – it is a type of attack which attempt to steal user login and credit card
number. It occurs when an attacker is masquerading as a trustworthy entity in
electronic communication.

- Brutheforce
- Denial-of-service
- URL interpretation
- File inclusion attack.
- Man-in-the-middle attack.

2. SYSTEM-BASED ATTACK – these are intended to compromise the user’s

computer or network. Such attacks include;
- Virus
- Worms
- Backdoor
- Bots

TYPES OF CYBER ATTACKERS

1. ACTIVE ATTACKER – an active attack is a network exploit in which a hacker
attempts to make changes to data on the target or data en-route to the target.

2. PASSIVE ATTACKER – these are relatively scarce, but can be carried out if the
traffic is not encrypted.
CYBER SPACE
A cyber space can be defined as an intricated environment that interaction
between people, software and services. It is maintained by the World Wide
Distribution of Information and Communication Technology Devices and Networks.
Cyber space is cramped with data, text, images, sound and videos from priceless
gems of information knowledge and reasoning, these data is not stored or
presented with any order or structure. There are no global editors, data checkers
or barriers.
The rule of cyber space is the emergent order arising from data chaos. Cyber space
is “everyware” it is an information driven environment mediated by artificial
intelligence of a growing number of computational techniques. The Center for
Internet Security defines cyber ethic as a code of responsible behavior on the
internet.
The basic rule is “do not do something in cyber space that you would consider
wrong or illegal in everyday life”

RULES OF CYBER SPACE

- Do not use rude or offensive languages
- Do not cyber bully
- Do not plagiarize
- Do not break into someone’s else computer
- Do not use someone’s else password
- Do not attempt to inflict or in any way try to make someone else’s unusable
- Adhere to copy right restriction when downloading materials from the internet
including software, games, movies or music.

INTELLECTUAL PROPERTY RIGHT

Intellectual property is a term referring to creation of an intellect. It’s a term used
in the study of the human mind, for which a monopoly is assigned to a designated
owner by law.
Although many of the legal principles governing intellectual property and
intellectual property right have evolved over the century. It was not until in the 19th
century that the term intellectual property began to be used an not until in the 20th
century it became a common place in the majority of the world.
Intellectual Property Right are themselves a form of property called intangible
property.
TYPES OF INTELLECTUAL PROPERTY
- Trade marks
- Copy rights
- Patents
- Trade secrets

➢ Trade mark or service mark – this is a word, a name, a symbol or a device used
to indicate the source, the quality and the ownership of a product or service. A
trade mark is used in marketing as a recognizable sign, design or expression
which identifies a product or service from those of others.

A trade mark owner can be an individual, a business organization or an entity.

In addition trademarks can consists of slogans, designs or sound.

➢ Copy Right – it is a form of protection provided by the Us law (17 U.SC101 et sq)
to the authors of original works or authorship fixed in any tangible medium of
expressions. Creative expressions may be captured in words, numbers, notes,
sounds, pictures or any graphics or symbolic medium.

The subject matter of copy right is extremely broad including grammatic,

musicals, artistic, audio visuals and architectural works. Copy right protection is
available to both published and unpublished work. Copy right basically means
the owner of the particular work.

➢ A Patent of an invention – this is a grant of a property right to the inventor.

What is granted is not the right to make use, own, sell or import but the right to
exclude others from making, using, offering for sale or importing the invention.
 Once a patent is issued the patentee must enforce the patent without the aid
of the United State Patent and Trade Mark Office (USPTO).
There are three (3) types of patent
- Utility patent
- Design patent
- Plant patent

➢ Trade secret – a trade secret consists of any valuable in business organization.

The business secrets are not to known by the competitors. There is no limit in
the type of information that can be protected as a trade secret. Eg recipe,
marketing plans, financial projections.
AGENCIES THAT PROTECT INTELLECTUAL PROPERTY
• International Trade Mark Association (INTA)
• World Intellectual Property Organization (WIPO)
• Berne Convention for the Protection of Literal and Artistic Works
• Madrid Protocol
• Paris convention
• North American Free Trade Agreement.
• The General Agreement on Traffic and trades.

ONLINE CONTRACT
Online contract refers to contract that created and signed over the internet. Also,
it is referred to as electronic contract or e-contract. This contract provides a fast
and convenient ways for individual and organization to enter into legal binding
agreement with other parties. For instance, you create a contract on the computer
and send it to a business associate via email, then the business associates send it
back to you with an electronic signature to indicate acceptance.
There is also a kind of e-contract called “click-to-agree” contract commonly found
in downloaded software. It requires the user to click the “I agree” at the bottom of
the page then continue the license terms and conditions. The transaction is
completed when he/she clicks the button. If a contract is not properly accepted its
not valid and enforceable by law.
TYPES OF ONLINE CONTRACT
1. Browse Wrap Agreement – this agreement is considered to be a search cover
agreement meant to be binding on the contracting party through the use of the
website. This include website access policy and terms of service such as eBay
and are in the form of used terms, a user agreement or service terms.

2. Shrimk Wrap Agreement – such contract are the licensing agreement by which
the contract terms and conditions are imposed on the contracting party and are
commonly present on the plastic or in the manual that accompany the software
product that the customer purchases.

3. Click Wrap Contract – this refers to those contract familiar and long blocks of
texts that nobody reads, detailing the terms and conditions for using a web-
based server etc. eg CD ROMs.

They are called click wrap contract because the user typically has to click a
button or check a box for them to accept the contract. You will notice that click
wrap contract are less negotiable than shrimk wrap contract i.e they must be
accepted before the user can proceed to the next webpage or game access to
an application.

4. Emails – emails are not something you except in the list of electronic contracts,
but they are used in several cases to constitute a legally binding contract. Emails
can also be signed electronically which is an important criterium for dealing
when an agreement becomes a contract.

5. Electronic signature – this refers to the digital and verifiable counterpart of

regular wet signature. It is used to sign document online which can typically be
in two ways.
- Aadhaar-based signature – using OTPs
- Digital signature – these are used as asymmetry public keys and harsh (#)
algorithm which allows user to sign documents with a password.

BENEFITS OF ONLINE CONTRACT

- Saves time
- Save operational cost
- There are less chances of errors
- Documents are more secured
- You can be more resilient

INTERNET LAW
Internet law refers to the legislature and legal principles that are in place regarding
the use of the internet in all forms. Unlike other law fields, internet law can not be
identified as a specific stable and a solid field of practice. It instead applies
principles and incorporate rules from a number of different traditional fields
including contract law and privacy law.
Internet law can include specific topics likes;
- How to link webpages
- How to resolve conflicts over domain names
- How trade marks are used across the web
- Governing internet service providers, and website creation.
When you consider the fact that the internet is revolving at a rapid pace, common
law or precedents is enough to create laws. This means that there is a greater
amount of uncertainty.
WHY IS INTERNET LAW A SPECIAL CASE?
Internet laws needs to be flexible enough to cover a huge amount of theoretical
possibilities because of the complexity and breath of the internet phase as the
internet is a global platform. So this means that a single country government is not
able to enforce the law that governs the web.
A lot of people believe, therefore, that the internet should have independent set
of legislatures and to govern as if it was a land of its own.
DIFFERENT TYPES OF INTERNET REGULATIONS
The internet is greatly censored in a number of countries around the world. Good
examples include; Iran, Saudi Arabia and China. Aside from censorship, there are
four ways the internet tends to be govern. These are as follows;
1. MARKET – the online market place and the fluctuation within it have an impact
on what happens online, unpopular behaviors or concept eventually disappear
because they are not in demand, plus if there is a demand but there is lack of
supply, sellers must provide more unique or distinctive options. These can be
self-regulations, creativity and ethical behavior.

2. NORMS – as in the case of all areas of life, cultural norms will govern our human
behavior when there are gaps that have been left because of insufficient former
regulations, our cultural norms can help. A good example of this is when you see
an unacceptable or offensive comment posted online, you delete it.

3. ARCHITECTURE – this is the term used to describe the internet limitations when
it comes to technology. It relates to everything that has an impact on how data
is transmitted over the internet including; coding, encryption, filters and search
engines.

4. LAWS – legislature is needed to manage policy, shape behaviors and handle all
sort of common issues relating to internet use. Internet law is particularly
important when it comes to the likes of frauds, child pornography and gambling.
However, when determining how to prosecute for such offenses becomes the
main issues. This is because it is hard to enforce offenses when all the country
using the internet operate by different rules and regulations.