Abstract

The world has become more advanced in communication, especially

after the invention of the Internet. A key issue facing today’s society is
the increase in cybercrime or e-crimes (electronic crimes), another
term for cybercrime. Thus, e-crimes pose threats to nations.
Organizations and individuals across the globe. It has become
widespread in many parts of the world and millions of people are
victims of e-crimes. Given the serious nature of e- crimes, its global
nature and implications, it is clear that there is a crucial need for a
common understanding of such criminal activity internationally to deal
with it effectively. This research covers the definitions, types, and
intrusions of e-crimes. It has also focused on the laws against e-crimes
in different countries. Cyber security and searching methods to get
secured are also part of the study.

Introduction:
Cyber security is a critical aspect of modern society as more and more
of our daily lives become reliant on technology. The increasing uses of
the internet, mobile devices, and other connected technologies have
led to an increased risk of cyber attacks, data breaches, and other
malicious activities. In this report, we will discuss some of the key
issues related to cyber security, including the current threat landscape,
common attack vectors, and strategies for preventing cyber attacks.

Cyber resiliency:
Cyber resiliency is the ability to Anticipate, withstand, recover from,
and adapt to adverse conditions, stresses, attacks, or compromises on
systems that use or are enabled by cyber resources. Conceptually,
Cyber Security is shaped by a series of measures focused on reacting to
threats that your IT systems are facing. Whilst implementing basic
cyber security best practice could prevent the great majority of attacks,
even with your cyber defenses up, hackers will find holes when the
landscape changes.

2
CYBER SECURITY:
It is the body of technologies, processes, and practices designed to
protect networks, devices, programs, and data from attack, theft,
damage, modification or unauthorized access. The field is becoming
more important due to increased reliance on computer systems, the
Internet and wireless network standards such as Bluetooth and Wi- Fi
and due to the growth of smart devices including smart phones,
telephones, and the various devices that constitute the “Internet of
things”..

Why do we need cyber security?

• With an increasing amount of people getting connected to internet,
the security threats that cause massive harm are increasing also . Cyber
security is necessary since it helps in securing data from threats such as
data theft or misuse, also safeguards your system from viruses.

CYBERCRIME:
Cybercrime, or computer-oriented crime, is a crime that involves a
computer and a network. The computer may have been used in the
commission of a crime, or it may be the target. Cybercrime may
threaten a person, company or nation’s security and financial health.
Cybercrime also called computer crime, the use of a computer as an
instrument to further illegal ends, such as committing fraud, trafficking
in child pornography and intellectual property, stealing identities, or
violating privacy. Cybercrime, especially through the Internet, has

3
grown in importance as the computer has become central to
commerce, entertainment, and government.

Categories of Cybercrime:
We can categorize cyber crime into two ways:
The computer as a target: Using a computer to attack other
computers e.g. Hacking, Virus/Worms attack, Dos attack etc.
The computer as a weapon: Using a computer to commit real
world crime e.g. Credit card fraud etc.

4
CHALLENGES OF CYBER SECURITY
NETWORK SECURITY:
Network security is a broad term that covers a multitude of
technologies, devices and processes. In its simplest term, it is a set of
rules and configurations designed to protect the integrity,
confidentiality and accessibility of computer networks and data using
both software and hardware technologies.

APPLICATION SECURITY:

Application security is the process of making apps more secure by

finding, fixing, and enhancing the security of apps. Much of this
happens during the development phase, but it includes tools and
methods to protect apps once they are deployed. This is becoming
more important as hackers increasingly target applications with their
attacks.

DATA SECURITY:
Data security refers to the process of protecting data from
unauthorized access and data corruption throughout its lifecycle. Data
security includes data encryption, hashing, tokenization, and key
management practices that protect data across all applications and
platforms.

5
IDENTITY SECURITY:

Identity security describes the proactive approach to safely controlling

user and system information that is used to authenticate and authorize
user identities for access to secure resources.

CLOUD SECURITY:

Cloud security, also known as cloud computing security, consists of a

set of policies, controls, procedures and technologies that work
together to protect cloud- based systems, data, and infrastructure.
These security measures are configured to protect cloud data, support
regulatory compliance and protect customers’ privacy as well as setting
authentication rules for individual users and devices.

MOBILE SECURITY:

Mobile security is the protection of Smartphone, tablets, laptops and

other portable computing devices, and the networks they connect to,
from threats and vulnerabilities associated with wireless computing.
Mobile security is also known as wireless security.

END-USER SECURITY:
The end-user is usually the weakest link when it comes to cyber
security and that is what attackers are counting on. This is why
phishing is such a popular technique for spreading ransomware.

6
CYBER THREATS:
1. HACKING:
Hacking in simple term means an illegal intrusion in a computer system
or network. It is also known as cracking. Govt. And MNC’s websites are
the hot targets of hackers due to press coverage it receives. Hacking is
an attempt to exploit a computer system or a private network inside a
computer. Simply put, it is the unauthorized access to or Control over
computer network security systems for some illicit purpose.
How can we prevent ourselves from being getting hacked?
Update regularly
Passwords: don’t re-use them
Download from authorized sources
‘Administrator’ shouldn’t be your default setting
Turn off when you’re done Encrypt to keep your stuff unreadable

2. PHISHING:
Phishing is fraudulent attempt, usually made through email, to steal
your personal information. Phishing is the attempt to obtain sensitive
information such as username, password and credit card details often
for malicious reasons through an electronic communication (such as E-
mail). A common online phishing scam starts with an email message
that appears to come from a trusted source (legitimate site) but
actually directs recipients to provide information to a fraudulent
website.

7
3. DENIAL of SERVICE (DoS):

This is an act by the criminals who floods the bandwidth of the victim’s
network. In the Dos attack, a hacker uses a single internet connection
to either exploit a software vulnerability or flood a target with fake
request with fake request usually I an attempt to exhaust server
resources. On the other hand, DDoS attacks are launched from multiple
connected devices that are distributed across the internet.

DOS :
When a single host attacks.

DDoS:
When multiple hosts attack simultaneously and continuously.

4. SPAM EMAIL:
Email Spam is the electronic version of junk mail. It involves sending
unwanted messages often unsolicited advertising, to a large number of
recipents. Spam is a serious security concern as it can be used to
deliver Trojan horses viruses, worms, spyware, and targeted phishing
attacks.

8
5. MALWARE:
It’s malicious software (such as virus, worms and Trojan) which
specifically designed to disrupt or damage computer system or mobile
device. Hackers use malware for any number of reasons such as,
extracting personal info. Or passwords, stealing money, or preventing
owners from accessing their device. Viruses are programs that attach
themselves to a computer or file and then circulate themselves to
other files and to other computers on a network. They either alter or
delete the data. Malware has actually been a threat to individuals and
organizations since the early 1970s when the Creeper virus first
appeared. Since then, the world has been under attack from hundreds
of thousands of different malware variants, all with the intent of
causing the most disruption and damage as possible.

ATM Skimming and Point of Scale Crimes:

It is a technique of compromising the ATM machine by installing a

skimming device a top the machine keypad to appear as a genuine
keypad or a device made to be affixed to the card reader to look like a
part of the machine. Additionally, malware that steals credit card data
directly can also be installed on these devices. Successful
implementation of skimmers cause in ATM machine to collect card
numbers and personal identification number codes that are later
replicated to carry out fraudulent transaction.

HOW TO AVOID CYBER ATTACKS?

9
• Uninstall unnecessary softwares.
Install, use and regularly update antivirus and antispyware software
on every computer

• Use a firewall for your Internet connection

Make backup copies of important business data and information.

• Control physical access to your computers and network

components.

Secure your Wi-Fi networks. If you have a Wi-Fi network for your
workplace make sure it is secure and hidden.
Regularly change passwords.
Employee personal accounts
ANTIVIRUS AND FIREWALLS

ANTIVIRUS:
Antivirus software, sometimes known as anti-malware software, is
designed to detect, prevent and take action to disarm or remove
malicious software from your computer such as viruses, worms and
Trojan horses. It may also prevent or remove unwanted spyware and

10
adware in addition to other types of malicious programs. The first
versions of antivirus software can be traced as far back as the 1980s.
Antivirus software will begin by checking your computer programs and
comparing them to known types of malware. It will also scan your
computer for behaviors that may signal the presence of a new,
unknown malware. Typically, antivirus software uses all three scanning
detection processes:

Specific Detection-
This works by looking for known malware by a specific set of
characteristics.
Generic Detection-
This process looks for malware that are variants of known “families,” or malware
related by a common codebase.

Heuristic Detection-
This process scans for previously unknown viruses by looking for known
suspicious behavior or file structures.

FIREWALL:
A firewall is a system that provides network security by filtering
incoming and outgoing network traffic based on a set of user-defined
rules. In general, the purpose of a firewall is to reduce or eliminate the
occurrence of unwanted network communications while allowing all
legitimate communication to flow freely. In most server
11
infrastructures, firewalls provide an essential layer of security that,
combined with other measures, prevent Firewalls use one or a
combination of the following three methods to control traffic flowing
in and out of the network:

Packet filtering:
The most basic form of firewall software uses pre- determined security
rules to create filters – if an incoming packet of information (small
chunk of data) is flagged by the filters, it is not allowed through.
Packets that make it through the filters are sent to the requesting
system and all others are discarded.

Proxy service:
A firewall proxy server is an application that acts as an intermediary
between systems. Information from the internet is retrieved by the
firewall and then sent to the requesting system and vice versa. Firewall
proxy servers operate at the application layer of the firewall, where
both ends of a connection are forced to conduct the session through
the proxy. They operate by creating and running a process on the
firewall that mirrors a service as if it were running on the end host, and
thus centralize all information transfer for an activity to the firewall for
scanning. Attackers from accessing your servers in malicious ways.
When your computer has firewall protection, everything that goes in
and out of it is monitored. The firewall monitors all this information
traffic to allow ‘good data’ in, but block ‘bad data’ from entering your
computer.

12
13
Stateful inspection:
The most modern method of firewall scanning, that doesn’t rely on the
memory-intensive examination of all information packets is ‘stateful
inspection’. A ‘stateful’ firewall holds significant attributes of each
connection in a database of trusted information, for the duration of the
session. These attributes, which are collectively known as the ‘state’ of
the connection, may include such details as the IP addresses and ports
involved in the connection and the sequence numbers of the packets
being transferred. The firewall compares information being transferred
to the copy relevant to that transfer held in the database if the
comparison – yields a positive match the information is allowed
through, otherwise it is denied.

ADVANTAGES AND DISADVANTAGES

The advantages and disadvantages of Cyber Security are listed below:

ADVANTAGES:
1) Protects system against viruses, worms, spyware and other
unwanted programs.
2) Protection against data from theft.
3) Protects the computer from being hacked.
4) Minimizes computer freezing and crashes.
5) Gives privacy to users

14
DISADVANTAGES:
1) Firewalls can be difficult to configure correctly.
2) Incorrectly configured firewalls may block users from performing
certain actions on the Internet, until the firewall configured
correctly.
3) Makes the system slower than before.
4) Need to keep updating the new software in order to keep security
up to date.
5) Could be costly for average user.

CONCLUSION:
We can say that Cyber Security is one of the most important issues that
we have faced with the increase advancements, anything in
technological advancements, anything and everything that exists on
the internet isn’t completely safe. With the increase in Cyber crimes in
India the government of India took a major step and introduced an act
in the year 2000 which is called as (IT act 2000) which states that it is
the primary law in India dealing with cybercrime and electronic
commerce. The Act provides a legal framework for electronic
governance by giving recognition to electronic records and digital
signatures. It also defines cyber crimes and prescribes penalties for
them.
Cybersecurity is a never-ending battle. A permanently decisive solution
to the problem will not be found in the foreseeable future, even Mark
Zukerberg the creator of one of the most used social networking sites
Facebook is seen covering his laptop’s front camera with a duct tape so
that the camera might not be accessed by anyone else then what else
can we expect from our security.

15
16