Cybersecurity: Tools, Practices & Concepts for IT Security - Essay Sample

Introduction

Cybersecurity is a broad field that comprises tools, practices, and concepts that relate to the aspects of information and technological security. Cyber Security, on its own, can describe the aspect of one using information technology to prevent attacks from adversaries (Karahan, Wu & Armistead, 2019). Cybersecurity has been a common term in the military circle over a long time. Cybersecurity includes the understanding of a given environment, ten conducting cyber defense analysis on the environment on the possible threats. After proper analysis of the potential risks in the given environment, it is then easy to design defense mechanisms to counter the threats or malicious attacks (Galinec, Moznik, & Guberina, 2018).

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

The common areas that are likely to receive cyber-attacks include academic institutions, government, organizations, military, and other big businesses. The reason why they are targeted is that they store large volumes of confidential data and information on their computers, of which they are continually transmitting them over their networks to other computers or different destinations.

Why Cybersecurity

Cybersecurity involves the use of technological processes to come up with defense mechanisms to protect the computers and its hardware, software, networks, and data from unauthorized access and other vulnerabilities primarily through the Internet. Generally, cybersecurity involves you protecting your Internet and network to prevent malicious people from accessing your computers through them. Currently, the Internet has formed an integral part of our lives where we conduct most of our activities over the internet space like buying and selling, communication, and even financial transactions.

On the family levels, it is essential to protect family members and children from online fraud they are exposed to while online. Cybersecurity is vital for financial security as there is a need to secure someone's financial information as their status might be exposed online. For the various institutions that conduct their activities online, it is crucial for them to be protected from identity theft and online fraud (Bhattacharya, 2015). Business is not left out too, especially small businesses that cannot implement the expensive tools to protect their organization from external attacks.

Pillars of Internet Security

A computer is secure when it possesses four main attributes, which are privacy, integrity, confidentiality, and availability. The four factors form the pillars to a secure network, as with the four aspects, one is safe over the Internet. Confidentiality can be viewed as confidentiality. Unauthorized individuals should not have access to other information or other computer resources. Different degrees of confidentiality are possible in digital communications, as confidentiality can rely on simple passwords, safe connections, or more advanced technologies. Integrity requires software reliability. Only authorized persons are capable of creating, editing, and deleting data in an approved manner to achieve integrity. One should ensure that avoidance of tampering is included when considering this characteristic as well Availability means that software resources should be available for and open to designated persons when they need them and should not be disturbed. Privacy is the ability or right to protect your secrets; this extends to the ability or power to prevent the invasion of your personal space. This means that the data subject should be able to control the information.

Evolution of Cybersecurity

Enhanced technology, artificial intelligence, and Dark Web tools provide cyber hackers with the resources to launch advanced and harmful attacks. Reactive protections are no longer sufficient to prevent intruders from trying to infiltrate even the best frameworks of security. With the rapid adoption of cloud infrastructure and the emergence of IoT phones, environmental conditions are also evolving and undermining resilience to security (Sun, Hahn & Liu, 2018). With all of this change, organizations, as well as the techniques they have customarily come to depend on, need to reconsider their security tactics.

Changes Over the Last 20 Years in The Cybersecurity World

Attacks are becoming more complicated at the same time. Less subtle in the orchestrated phishing email breaches and even in the attacks which hit similar companies with similar patterns of attacks. Melissa was one of the viruses in 1999 that spread itself through emails, attacking over 50 addresses in the individual's outlook addresses. It was designed to attack individuals word processors in the process, causing damage. Its developer was David Lee Smith, who, when found, was sentenced for 20 months with a fine of $5000 (Dai et al., 2017). With such, they are opportunistic and focus on errors and basic misconfigurations, which contribute to a quick attack rather than being tactical. Earlier types of credit or debit card and PHI fraud attacks continue to exist but are now often followed by malware and blockchain-mining attacks in an attempt for easier and more immediate satisfaction.

In the early 90s CERTs was among the first cybersecurity player who came out to help prevent virus outbreak then. The virus was a common form of attack at then. Initially, viruses were to cause a disturbance, but soon, it went on to be malicious, as Trojans and Spywares were developed. The maliciousness of the viruses led to the development of antiviruses to curb the issue.

The first worm ever recorded was Morris Worm in 1988, convicted in the US under computer Fraud and Abuse act. In the year 2000, "I LOVE YOU" worm was developed, and it started in the Philippines and spread using the outlook address book in the process attacking over 50 million computers in 10 days. It caused damages amounting to over $5billion worldwide (Katsianis et al., 2018).

Code Red worm was developed in 2001, and it attacked over 350000 computers running on the Microsoft IIS web server. It was estimated to be attacking about 2000 computers per minute. The latest recorded virus is Stuxnet, and it targeted Microsoft Windows operating systems primarily, the other two are Heartbleed attacking web servers and Shellshock attacking Unix shell both recorded in 2014 (Teece, Peteraf & Leih, 2016). Over time antiviruses have evolved and developed and are there to counter and identify more issues apart from malicious programs. Initially, in the 1990s, big cybersecurity firms were enjoying the privilege of developing antiviruses such as Kaspersky, but as from 2014, more companies had joined (Hatfield, 2018). The new companies were coming up with new and better technologies.

Frequent Internet Attacks Recorded Under Cybersecurity

Viruses

Viruses are self-replicating programs that infect and propagate across files. Usually, they will bind themselves to a folder, which will trigger them to run when the file is opened. Viruses often have additional properties, other than being an infector or a macro virus. The virus may also be multipart, hidden, encrypted, or polymorphic. Multipart viruses are hybrid viruses that infect system files or boot-records.

Many viruses can change themselves as time passes, or as they reproduce themselves. Such viruses are considered polymorphic viruses. Polymorphic viruses will usually avoid being eradicated longer than other forms of viruses when their signature changes. Macro viruses are macros for popular programs, such as Microsoft Word, that are malicious. We can, for instance, delete information from a report or insert phrases into it. Propagation is usually done by contaminated files.

Eavesdropping

Eavesdropping requires the capture or connection by an unauthorized party to communications. Passive eavesdropping occurs when an unauthorized person secretly listens to a networked email. On the other hand, active eavesdropping means that the intruder not only listens to but also injects something into the communication channel to distort or create false messages. It can occur through changing part or all of the content of messages, reusing old messages, removing messages, or altering the origin of messages. Thus, messages sent back and forth in a communication line are subject to eavesdropping. When intruders break into the network, they will secretly inspect messages during transmission and get the sensitive information they needed. Messages need protection to maintain confidentiality so that unauthorized persons cannot scan them.

Worms

A computer worm is a self-replicating computer program that spreads over a network mostly through emails or downloaded content from the Internet. Unlike viruses, worms do not require the spread of an infected file. There are two main types of worms, mass-mailing worms, and network conscious worms. Mass-mailing worms are an interesting classification, as many attacks in this category may easily be categorized as worms, or/and viruses.

Hacking

Hacking is the process of getting access to another person's computer without access. Hackers can be people who have a criminal career who are knowledgeable and highly skilled in the use of computers. When they examine and locate a flaw in the target system, they can find ways to access and attack the system. They can use a variety of attacks or even develop their means of attacking the computer system.

IP Spoofing

IP spoofing is the development of Internet Protocol (IP) packets with a changed origin address to either conceal the sender's identity, impersonate a different computer network, or both. Invoking DDoS attacks against a target device or the surrounding network is a tactic often used by bad actors. Sending and receiving IP packets is a primary means of communication between networked computers and other devices and is the basis of the modern Internet. All IP packets have a header that precedes the packet's body and includes essential routing information, including the source address. The source IP address in a standard packet is the address of the packet's sender. If the packet has been spoofed, it will forge the source address.

Phishing

Phishing is defined by an attempt by a third party to request confidential information from a person, team, or organization, often for financial gain. Phishers are organizations or individuals that try to trick users into sharing personal data, such as credit card numbers, online banking passwords, and other sensitive information (Bokefode, Ubale, Apte & Modani, 2014). They can then use the information to commit fraudulent.

Ransomware

Ransomware is a growing threat encrypting the files of a user and holding the key to decryption until the victim pays a ransom. This form of malware is responsible for the annual theft of tens of millions of dollars. Worse yet, the development of new versions is trivial, enabling the avoidance of many detection systems for antivirus and invasion. We present Crypto-Drop in this project, an early-warning detection system that warns a client during a suspicious activity of the folder. Crypto-Drop can use a series of activity indicators to avoid a system that appears to be exploiting a large amount of user data.

Ways to Prevent External Internet Attacks (Ways to Improve Security)

The technology is rapidly growing, and with it, more challenges towards the security of the computer arise. Many organizations and people are very concerned with the security threats they are exposed to while on their networks, as the tools to penetrate their systems are readily available. However, with the implementation of some tools like encryption, user authentication, and packet filtering, and blocking, the companies can secure their systems to some point. The companies can use two main access control mechanisms, such as Discretionary Access Control ( DAC) and Manda...