Workshop on Cyber Security – Part 1

Workshop on Cyber Security

Workshop on Cyber Security

Context:

The October month being observed as National Cyber Security Awareness Month, the Ministry of Coal organized a “Workshop on Cyber Security” to sensitize the PSUs and organizations under the administrative control of the Ministry about current cyber security challenges and adapt best cyber security practices to implement in their organizations.

Relevance:

GS-03 (Cyber-Security)

About:

The realm of cyber threats and attacks is becoming increasingly perplexing and relevant in today’s interconnected world. With India witnessing a surge in cyber threats, it’s imperative to delve into the intricacies of cybersecurity, motives behind cyber-attacks, and the various types of cyber threats prevalent in the country.

Cyber Security:

  • Cybersecurity encompasses the protection of cyberspace, which includes critical information infrastructure, from malicious attempts to breach, damage, misuse, or engage in economic espionage.
  • Cyberspace is a global domain within the information environment, comprising a network of interdependent information technology structures, ranging from the Internet to telecommunications networks, computer systems, and embedded processors and controllers.
  • Cyber-attacks constitute deliberate and malicious endeavors by individuals or organizations to infiltrate the information systems of others. These attacks can have diverse motives and consequences.
  • Critical Information Infrastructure:  According to the Information Technology Act, critical information infrastructure (CII) is defined as a “computer resource whose incapacitation or destruction would have a debilitating impact on national security, economy, public health, or safety.”

Motives behind Cyber Attacks:

  • Commercial Gain: Some cyber attackers aim to hack into banks and financial institutions to reap commercial benefits.
  • National Security: Others target critical assets of a nation, posing a grave threat to national security.
  • Corporate and Military Espionage: Penetrating corporate and military data servers to obtain valuable plans and intelligence remains a common motive.
  • Message Propagation: Hacking websites to convey viral messages, often linked to political and societal campaigns, is another motive behind cyber-attacks.

Types of Cyber Attacks:

  • Malware Mayhem: Malware, short for malicious software, is a broad category that includes various software types designed to damage computers or networks. This includes ransomware, spyware, worms, viruses, and Trojans.
  • Phishing Expedition: Phishing involves deceptive emails and websites aiming to collect personal information.
  • Denial of Service Dance: Denial-of-Service (DoS) attacks strive to disrupt machines or networks, rendering them inaccessible to their intended users.
  • Man-in-the-Middle (MitM) Mastery: MitM attacks occur when cybercriminals intercept a two-party transaction to filter and steal data.
  • SQL Injection Stint: SQL injection attacks focus on servers that store crucial data, manipulating servers to divulge sensitive information.
  • Cross-Site Scripting (XSS) Sagas: In XSS attacks, malicious code is injected into a website, targeting the visitor’s browser, not the website itself.
  • Social Engineering Symphony: Social engineering attacks rely on human interactions to manipulate users into breaking security procedures, thereby acquiring sensitive information.