Empower Your Digital Life: Cyber Security Basics

WHAT IS CYBER SECURITY

Cyber Security is the practice of protecting and defending systems, networks, programs, data and devices from malicious digital attacks. This starts with preventing unauthorised access, which could be part of coordinated cyber attacks and other digital threats against a company. These cyberattacks are usually aimed at assessing, changing, or destroying sensitive information, extorting money from users, or interrupting normal business processes. Cyber security is essential for maintaining the privacy and integrity of personal and sensitive information, ensuring business continuity and complying with legal requirements, it protects against financial losses, legal penalties etc.

BRIEF HISTORY AND EVOLUTION OF CYBERSECURITY

Early Days (1960s-1970s):

• The 1970s saw the birth of the first malware, although not malicious. A program called “Creeper” could hop between computers, leaving a message. It sparked the creation of “Reaper,” the first antivirus program, proving the need to fight digital threats.

The Internet Age (1980s-1990s):

• The internet was in its earliest stages when the first internet worm created by Robert Morrison dug through online information and virtually shut the internet down. The massive worm spread so quickly that many people lost complete control of their computers.
• The 1990s saw a rise in online activity with the dot-com boom. This unfortunately attracted cybercriminals who targeted businesses and individuals for financial gain, making cybersecurity a growing concern.

Modern Era (2000s-Present):

• Cyber threats became more intricate in the 2000s. Phishing scams, spyware, and identity theft became widespread. Hackers’ motives also shifted, with organised crime and even nation-states getting involved.

 Common Cyber Threats

1. Malware (Viruses, Trojans, Ransomware):

• Think of it as: Malicious software that sneaks onto your device with the intent to cause harm.
• What it does: Malware comes in many forms:
  • Viruses: Spread like cold, infecting other devices and programs
  • Trojans: Disguised as legitimate software, they trick you into installing them, then steal data or damage your system
  • Ransomware: Holds your files hostage, demanding a ransom payment to unlock them.

2. Phishing Attacks:

• Think of it as: Deceptive attempts to steal your personal information.
• What it does: Phishing emails or fake websites try to trick you into revealing passwords, credit card details, or other sensitive data.

3. Denial-of-Service (DoS) Attacks:

• Think of it as: A digital traffic jam that overwhelms a website or online service.
• What it does: Hackers flood a website or service with massive amounts of traffic, making it slow or inaccessible to legitimate users. This can disrupt online businesses, government services, and even critical infrastructure. 

4. Man-in-the-Middle (MitM) Attacks:

• Think of it as: Spying on your online communication.
• What it does: Hackers intercept the communication between your device and another source and steal your data in transit. This can happen on unsecured Wi-Fi networks.

5. Zero-Day Exploits:

• Think of it as: Unidentified weaknesses in software.
• What it does: These are security holes in software that the developer isn’t even aware of yet. 

6. Insider Threats:

• Think of it as: Threats from within an organisation.
• What it does: Disgruntled employees, contractors, or even business partners with authorised access can misuse their privileges to steal data, damage systems, or commit fraud.

CENTRAL THEME OF CYBERSECURITY

1. The CIA Triad: The Cornerstone of Security

Imagine your bank statements or medical records – they should only be accessible to you and authorised personnel. This principle is captured in the CIA Triad, the foundation of cybersecurity:

• Confidentiality: Ensures information remains private and can only be accessed by those allowed.
• Integrity: Guarantees the accuracy and completeness of data and systems. Your data shouldn’t be tampered with and must be reliable.
• Availability: Makes sure authorised users can access information and systems whenever needed. A website being up and running 24/7 exemplifies this.

2. Access Control: Who Gets In?

Think of a high-security building. Access control determines who can enter specific areas. In cybersecurity, it defines who can access what information and systems:

• Authentication: Verifying a user’s identity through methods like passwords, fingerprint scanners, or security tokens. It’s like proving you’re the rightful owner with a key or ID card.
• Authorization: Determining what level of access a user has. Imagine different keycards granting access to specific floors or rooms in the building, not just the main entrance.

3. Encryption and Decryption: Keeping Secrets Safe

This acts like a password:

• Like a Complex Lock: There are two main types of encryption:
• Symmetric Encryption: Uses the same key for both encryption and decryption. 
• Asymmetric Encryption: Employs a public-private key pair. The public key is widely available for anyone, but only the private key can decrypt them.

4. Firewalls and Intrusion Detection Systems: Building Your Digital Castle

Firewalls and Intrusion Detection Systems (IDS) work together to protect your system:

• Firewalls: The first line of defence, controlling incoming and outgoing traffic based on security rules. 
• Intrusion Detection Systems (IDS): They monitor network traffic for suspicious activity that might indicate an attack:
• Network IDS (NIDS): Keeps an eye on network traffic for anything out of the ordinary.
• Host-based IDS (HIDS): Monitors individual devices for suspicious activity happening right on your computer.

FIREWALL

A firewall is essentially a gatekeeper for your computer network. It acts as a security system that monitors incoming and outgoing traffic, deciding whether to allow or block it based on set rules.  Firewalls can be hardware devices, software programs, or even a combination of both. Firewalls are a crucial first line of defense in cybersecurity, but it’s important to remember that they’re not foolproof.  For comprehensive protection, firewalls are often used alongside other security measures like anti-virus software and intrusion detection systems..

HOW DO FIREWALL WORKS

• Traffic monitoring:  The firewall constantly analyses data packets flowing in and out of your network. These packets contain information like the sender, receiver, and type of data being transferred.

• Rule enforcement:  Based on pre-configured security policies, the firewall determines if a data packet is safe or suspicious. 

• Allowing or blocking traffic:  Safe traffic is permitted to pass through, while suspicious traffic is blocked.  This helps prevent unauthorised access and other cyber threats.

TYPES OF FIREWALL

• Packet-Filtering Firewall: This type of firewall functions as a fundamental gatekeeper by examining data packets based on predefined rules.
• Stateful Inspection Firewall: This firewall goes beyond basic packet filtering by maintaining a state table that tracks established connections. 
• Proxy Firewall: It inspects and filters data packets in-depth before they reach their destination, ensuring that harmful or unauthorized content is intercepted and blocked.
• Network Firewall: Positioned at the network’s boundary, this firewall oversees the entire traffic flow between the internal network and external sources. 
• Host-Based Firewall: It ensures that each device adheres to security protocols and prevents potential threats from affecting it.
• Next-Generation Firewall (NGFW): They provide a proactive defense by identifying and blocking sophisticated threats before they can impact the network.
• Cloud Firewall: This firewall protects cloud-based resources by scrutinizing traffic before it enters the cloud infrastructure..

WHY FIREWALL IS USED

• Keeps unwanted visitors out: A firewall checks incoming traffic on your network. 

• Stop troublemakers: A firewall can block attacks that try to exploit weaknesses in your devices or software.

• Controls who comes and goes: A firewall lets you control what kind of internet traffic is allowed in and out of your network.

• Protect your privacy: A firewall can help shield your personal information from prying eyes

BENEFITS OF FIREWALL

1. Promotes Privacy and Security: It offers enhanced security and privacy from vulnerable services. It stops unauthorised users from accessing a private network that is linked to the Internet.

2. Monitors Network Traffic: The firewall monitors the data from where it comes in and out of your system. 

3. Prevent Virus Attack: It secures your system from a phishing attack. A firewall can prevent a hacker entirely or deter them from becoming easy targets.

OEM OF FIREWALL

OEM stands for Original Equipment Manufacturer.  In the business world, it refers to a company that manufactures parts or products that are then sold by another company under their own brand name.  These companies often specialise in creating specific components and may not have the resources or desire to develop and sell finished products themselves.

Some original equipment manufacturers of firewall are:

1. Palo Alto Networks: A leader in next-generation firewalls (NGFWs) that go beyond traditional port and protocol blocking. NGFWs offer deeper inspection capabilities based on applications, users, and content.

2. Fortinet: Provides a wide range of firewall solutions, catering to various needs. Their offerings span from basic firewalls suitable for small businesses to high-performance NGFWs suited for large enterprises.

3. Cisco: A well-established player in the networking industry, Cisco also offers a variety of firewall solutions. This includes NGFWs and cloud-based firewall options.

4. Check Point: Known for their high-security firewalls, Check Point solutions are popular choices for large enterprises and government agencies requiring robust protection

5. Trend Micro: Offers a comprehensive security portfolio, including firewalls, intrusion detection and prevention systems (IDS/IPS), and endpoint security solutions.

CONCLUSION

Cybersecurity may seem like a complex topic, but by understanding the basic Cyber Hygiene principles and taking some essential steps, you can significantly improve your online safety.  Remember, even small measures can make a big difference.