Cyber security is the
need of the hour
Cyber security is the state of being protected
against the criminal or unauthorized use of electronic data, or the measures
taken to achieve this.
Computer security, also known as cyber security
or IT security, is the protection of computer systems from the theft or damage
to their hardware, software or information, as well as from disruption or
misdirection of the services they provide.
Cyber security includes controlling physical
access to the hardware, as well as protecting against harm that may come via
network access, data and code injection. Also, due to malpractice by operators,
whether intentional, accidental, IT security is susceptible to being tricked
into deviating from secure procedures through various methods.
The field is of growing importance due to the
increasing reliance on computer systems and the Internet in mostly developed
(first-world) societies, wireless networks such as Bluetooth and Wi-Fi, and the
growth of "smart" devices, including smartphones, televisions and
tiny devices as part of the Internet of Things.
Large corporations are common targets. In many
cases this is aimed at financial gain through identity theft and involves data
breaches such as the loss of millions of clients' credit card details by Home
Depot, Staples, and Target Corporation. Medical records have been targeted for
use in general identify theft, health insurance fraud, and impersonating
patients to obtain prescription drugs for recreational purposes or resale.
Not all attacks are financially motivated
however; for example security firm HBGary Federal suffered a serious series of
attacks in 2011 from hacktivist group Anonymous in retaliation for the firm's
CEO claiming to have infiltrated their group, and Sony Pictures was attacked in
2014 where the motive appears to have been to embarrass with data leaks, and
cripple the company by wiping workstations and servers.
Government and military computer systems are commonly
attacked by activists and foreign powers. Local and regional government
infrastructure such as traffic light controls, police and intelligence agency
communications, personnel records, student records, and financial systems are
also potential targets as they are now all largely computerized. Passports and
government ID cards that control access to facilities which use RFID can be
vulnerable to cloning.
As with physical security, the motivations for
breaches of computer security vary between attackers. Some are thrill-seekers
or vandals, others are activists or criminals looking for financial gain.
State-sponsored attackers are now common and well resourced, but started with
amateurs.
A standard part of threat modelling for any
particular system is to identify what might motivate an attack on that system,
and who might be motivated to breach it. The level and detail of precautions
will vary depending on the system to be secured. A home personal computer,
bank, and classified military network face very different threats, even when
the underlying technologies in use are similar.
In computer security a countermeasure is an
action, device, procedure, or technique that reduces a threat, a vulnerability,
or an attack by eliminating or preventing it, by minimizing the harm it can
cause, or by discovering and reporting it so that corrective action can be
taken.
Some common countermeasures are listed in the
following sections:
A state of computer "security" is the
conceptual ideal, attained by the use of the three processes: threat
prevention, detection, and response.
No comments:
Post a Comment