CCS340 CYBER SECURITY L T P C 2 0 2 3

https://www.studocu.com/in/document/ramco-institute-of-technology/data-and-information-
security/ccs340-cyber-security-manual/86106202

COURSE OBJECTIVES

:  To learn cybercrime and cyberlaw.

 To understand the cyber attacks and tools for mitigating them.

 To understand information gathering.

 To learn how to detect a cyber attack.

 To learn how to prevent a cyber attack.

UNIT I INTRODUCTION 6

Cyber Security – History of Internet – Impact of Internet – CIA Triad; Reason for Cyber Crime – Need
for Cyber Security – History of Cyber Crime; Cybercriminals – Classification of Cybercrimes – A Global
Perspective on Cyber Crimes; Cyber Laws – The Indian IT Act – Cybercrime and Punishment.

UNIT II

ATTACKS AND COUNTERMEASURES 6 OSWAP; Malicious Attack Threats and Vulnerabilities: Scope of
Cyber-Attacks – Security Breach – Types of Malicious Attacks – Malicious Software – Common Attack
Vectors – Social engineering Attack – Wireless Network Attack – Web Application Attack – Attack
Tools – Countermeasures.

UNIT III

RECONNAISSANCE 5 Harvester – Whois – Netcraft – Host – Extracting Information from DNS –

Extracting Information from E-mail Servers – Social Engineering Reconnaissance; Scanning – Port
Scanning – Network Scanning and Vulnerability Scanning – Scanning Methodology – Ping Sweer
Techniques – Nmap Command Switches – SYN – Stealth – XMAS – NULL – IDLE – FIN Scans – Banner
Grabbing and OS Finger printing Techniques.

UNIT IV

INTRUSION DETECTION 5 Host -Based Intrusion Detection – Network -Based Intrusion Detection –
Distributed or Hybrid Intrusion Detection – Intrusion Detection Exchange Format – Honeypots –
Example System Snort.

UNIT V

INTRUSION PREVENTION 5 Firewalls and Intrusion Prevention Systems: Need for Firewalls – Firewall
Characteristics and Access Policy – Types of Firewalls – Firewall Basing – Firewall Location and
Configurations – Intrusion Prevention Systems – Example Unified Threat Management Products
Unit – I

CIA Triad
CIA stands for :
1. Confidentiality
2. Integrity
3. Availability

These are the objectives that should be kept in mind while securing
a network.
Confidentiality
Confidentiality means that only authorized individuals/systems can view
sensitive or classified information.
The data being sent over the network should not be accessed by unauthorized
individuals.
The attacker may try to capture the data using different tools available on the
Internet and gain access to your information.
A primary way to avoid this is to use encryption techniques to safeguard your
data so that even if the attacker gains access to your data, he/she will not be
able to decrypt it.
Encryption standards include AES(Advanced Encryption Standard)
and DES (Data Encryption Standard). Another way to protect your data is
through a VPN tunnel.
VPN stands for Virtual Private Network and helps the data to move securely
over the network.

Integrity
The next thing to talk about is integrity.
Well, the idea here is to make sure that data has not been modified. Corruption
of data is a failure to maintain data integrity.
To check if our data has been modified or not, we make use of a hash
function.
We have two common types: SHA (Secure Hash Algorithm) and
MD5(Message Direct 5). Now MD5 is a 128-bit hash and SHA is a 160-bit
hash if we’re using SHA-1.
There are also other SHA methods that we could use like SHA-0, SHA-2, and
SHA-3.
Let’s assume Host ‘A’ wants to send data to Host ‘B’ to maintain integrity. A
hash function will run over the data and produce an arbitrary hash
value H1 which is then attached to the data.
When Host ‘B’ receives the packet, it runs the same hash function over the
data which gives a hash value of H2.
Now, if H1 = H2, this means that the data’s integrity has been maintained and
the contents were not modified.

Availability
This means that the network should be readily available to its users.
This applies to systems and to data.
To ensure availability, the network administrator should maintain hardware,
make regular upgrades, have a plan for fail-over, and prevent bottlenecks in a
network.
 Attacks such as DoS or DDoS may render a network unavailable as the
resources of the network get exhausted. The impact may be significant to the
companies and users who rely on the network as a business tool.
Thus, proper measures should be taken to prevent such attacks.

Introduction about Cyber-crime:

Cyber-crime is nothing but all illegal activities which are carried out
using technology.
Cyber-criminals hack user’s personal computers, smartphones,
personal details from social media, business secrets, national
secrets, important personal data, etc with the help of internet and
technology.
Hackers are the criminals who are performing these illegal,
malicious activities on the internet.
Though some agencies are trying to tackle this problem, it is
growing regularly and many people have become victims of
identity theft, hacking, and malicious software.

REASON of Cyber Crime:

To earn a huge amount of money, Cyber-criminals always choose
an easy way. Banks, casinos, companies, and, financial firms are
the prosperous organizations and their target centers where an
enormous amount of money runs daily and has diplomatic
information.
It’s very difficult to catch those criminals. Hence, the number of
cyber-crimes are increasing day-by-day across the globe.
We require so many laws to protect and safeguard them against
cyber-criminals since the devices we use everyday for businesses
and communication might have vulnerabilities that can be
exploited.

We have listed some of the reasons :

 1. Easy to access computers – Since technology is
complex, it has become very difficult to protect the
computer from viruses and hackers. There are so many
possibilities of hacking when we safeguard a computer
system from unauthorized access. Hackers can steal access
codes, retinal images, advanced voice recorders, etc that
can mislead the bio-metric systems easily and can be
utilized to get past many security systems by avoiding
firewalls.
2. Size to store computer data in comparatively small
space – The computer has got a distinctive feature of
storing data in a very small space. Due to this, the people
can steal data very easily from any other storage and are
using this for their purpose.
3. Complexity of Code – The computers can run on
operating systems and these operating systems are
programmed with millions of codes. There might be
mistakes in the code. The human brain is defective so that
they can commit mistakes at any stage. The cyber-
criminals take advantage of these loopholes.
4. Negligence of the user – Human beings always neglect
things. So, if we make any negligence in protecting our
computer system which leads the cyber-criminal to the
access and control over the computer system.
5. Loss of evidence – Hackers always make sure to clear
any evidence i.e log data related to the attack. So, Loss of
evidence has turned into an evident problem that disables
the law enforcement to go beyond the investigation of
cyber-crime.
6.
Types of Cyber Security
There are many types of cyber-crimes which are explained below:
1. Hacking: It defines that sending illegal instruction to any
other computer or network. In this case, a person’s
computer is hacked so that sensitive information can be
retrieved. The criminal uses a variety of software to break
into a person’s computer and the person may not be
knowing that his computer is being accessed from a
remote location. The government websites are strong prey
for hackers. Ethical hacking is different from this and is
used by many organizations to check their Internet security
protection.
2. Children pornography and their Abuse: The internet is
being enormously used to abuse children. This is a type of
cyber-crime where criminals exploit minors through chat
 rooms for the intention of child pornography. The Cyber-
security sector of each nation is spending an excess of time
supervising chat rooms frequently visited by children with
the belief of minimizing and preventing child abuse and
soliciting.
3. Plagiarism or Piracy or Theft: This crime happens when
a person disobeys copyrights and downloads music,
movies, games, and software. There are even peer sharing
websites that stimulate software piracy and many of the
other websites are now being aimed by the FBI. Nowadays,
the judicial system is addressing the cyber-crime and there
are so many laws that stop people from illegal
downloading. Film producers and directors frequently
become a martyr of this crime.
4. Cyber Stalking: This is an online harassment where the
victim is exposed to a cascade of online messages and
emails. Typically, these stalkers know their victims and
instead of offline stalking, they will use the Internet to
stalk. Although, if they notice that cyber-stalking is not
having the effect which they have desired, then they begin
offline stalking along with cyber-stalking to make sure that
victim’s survival is more depressed.
5. Cyber Terrorism: Cyber terrorism is also known as
information wars and can be defined as an act of Internet
terrorism which contains cautious and large-scale strikes
and disturbances of computer networks using computer
viruses or the physical attacks using malware to strike
individuals, governments and other organizations. The aim
of terrorists is to produce a sense of terror in the brains of
the victims. Maintaining this idea in mind, it enhances a
simple way to modify the cyber-attacks for a financial or
egotistical and achieve from acts of cyber terrorism. Cyber
terrorists drive with the aim of harm and demolition at the
forefront of their activities like a vanguard.
6. Identity Theft: This is a major problem with the people
who are using the Internet and technology for cash
transactions and banking services. In this cyber-crime, a
criminal retrieves data about a person’s bank account,
credit cards, Social Security, debit card and the other
diplomatic information to drain money or to purchase
things online in the victim’s name. This can result in vital
economic losses for the victim and even in damaging the
victim’s credit history.
7. Computer Vandalism: This is a type of malicious action
that involves the destruction of computers and data in
different ways and certainly disrupting businesses. The
 computer vandalism involves the installation of malicious
programs which are designed to perform damaging tasks
such as deleting hard drive data or remove login
credentials. Computer vandalism differs from viruses which
hold themselves to the existing programs.
8. Malicious Software: This software based on the Internet
or programs that are used to disturb a network. The
software is used to acquire access to a system to loot
diplomatic information or data or causing destruction to the
software which is present in the system.
How to prevent Cyber-Crime?
To prevent cyber-crime successfully, set up multidimensional
public-private collaborations between law enforcement
organizations, the information technology industry, information
security organizations, internet companies, and financial
institutions.
A far apart from the real world, Cyber-criminals do not combat one
another for predominance or authority.
Rather, they do their tasks together to enhance their abilities and
even can help out each other with new opportunities.
Therefore, the regular ways of fighting the crime cannot be used
against these cyber-criminals.
There are some ways to prevent cyber-crimes are explained below:
1. By Using Strong Passwords: Maintaining different
password and username combinations for each of the
accounts and withstand the desire to write them down.
Weak passwords can be easily broken. The following
password combinations can make password more prone to
hacking:
 Using keyboard patterns for passwords. e.g. –
wrtdghu
 Using very easy combinations. e.g. – sana1999,
jan2000
 Using Default passwords. e.g. – Hello123,
Madhu123
 Keeping the password the same as the username.
e.g. – Madhu_Madhu
2. Keep social media private: Be sure that your social
networking profiles (Facebook, Twitter, YouTube, etc.) are
set to be private. Once be sure to check your security
settings. Be careful with the information that you post
online. Once if you put something on the Internet and it is
there forever.
3. Protect your storage data: Protect your data by using
encryption for your important diplomatic files such as
related to financial and taxes.
4. Protecting your identity online: We have to be very
alert when we are providing personal information online.
You must be cautious when giving out personal ids such as
your name, address, phone number, and financial
information on the Internet. Be sure to make that websites
are secure when you are making online purchases, etc.
This includes allowing your privacy settings when you are
using social networking sites.
5. Keep changing passwords frequently: When it comes
to password, don’t stick to one password. You can change
your password frequently so that it may be difficult for the
hackers to access the password and the stored data.
6. Securing your Phones: Many people are not knowing
that their mobile devices are also unsafe for malicious
software, such as computer viruses and hackers. Make sure
that you download applications only from trusted sources.
Don’t download the software /applications from unknown
sources. It is also pivotal that you should keep your
operating system up-to-date. Be sure to install the anti-
virus software and to use a secure lock screen as well.
Otherwise, anybody can retrieve all your personal
information on your phone if you lost it. Hackers can track
your every movement by installing malicious software
through your GPS.
7. Call the right person for help: Try not to be nervous if
you are a victim. If you come across illegal online content
such as child exploitation or if you think it’s a cyber-crime
or identity theft or a commercial scam, just like any other
crime report this to your local police. There are so many
websites to get help on cyber-crime.
8. Protect your computer with security software: There
are many types of security software that are necessary for
basic online security. Security software includes firewall
and antivirus software. A firewall is normally your
computer’s first line of security. It controls that who, what
and where is the communication is going on the internet.
So, it’s better to install security software which is from
trusted sources to protect your computer.
Importance of cyber security
Cyber security is important because it safeguards individuals and
organizations against cyber attacks and theft or loss of sensitive
and confidential information. Cybersecurity can monitor
systems to protect personal data (PII, PHI, financial details etc.),
trade secrets, intellectual property and any sensitive government
information.

Obtaining a cybersecurity certification can help you protect

yourself against fraud and online assaults!

Here are the 11 key advantages of Cyber Security for business:

 Protects personal data

 Helps preserves reputation
 Enhances productivity
 Assists the remote workspace
 Regulation compliance
  Improves cyber posture
 Better data management
 Helps educate and train the workforce
 Helps maintain trust and credibility
 Streamline access control
 Supports the IT team

Protects personal data

For businesses or individual users, personal data is the most
valuable commodity. Malware can collect personal information
and may jeopardize employees, customers’ privacy, or
organizations.

Cybersecurity protects data against internal as well external

threats, whether accidental or with malicious intent helping
employees access the internet as and when required
without cyber attacks threats.

Helps preserves reputation

Customer retention and brand loyalty, for any organization, take
years to build. Business reputation is damaged severely in case of
data breaches. With a cyber security system in place,
organizations can avoid sudden setbacks.

Technologies such as network security and cloud security can

strengthen access and authentication. This can open the pathway
to future recommendations, ventures, and expansions.
Enhances productivity
As technology evolves, cybercriminals are employing
sophisticated ways to breach data.

Viruses negatively impact productivity by affecting networks,

workflows, and functioning. The organization may come to a
standstill due to the firm’s downtime. With measures such as
automated backups and improved firewalls, firms can improve
their productivity, making it one of the most promising
cybersecurity benefits.

Assists the remote workspace

The remote working model has led employees working from
different locations to access multiple remote models for their
workflows. It may be unsettling for organizations to circulate their
sensitive data across the globe, where cybercrimes can occur
through IoT, Wi-Fi, and personal devices.

It is substantial for businesses to protect sensitive data as remote

work has led to an increase in the average data breach cost by
$137,000.

Sensitive data, strategies, and analytics are always vulnerable to

being hacked and leaked. However, cyber security serves as a
secure centre to store data and can also protect home Wi-Fi from
tracking users’ data.
Regulation compliance
Regulatory bodies such as HIPAA, SOC, PCI DSS, and GDPR play a
substantial role in protecting individual users and organizations.
Failure to comply with these regulations attracts heavy penalties.

Improves cyber posture

Cybersecurity provides organizations with comprehensive digital
protection giving employees flexibility, liberty, and safety to
access the internet.

Sophisticated cyber security technology tracks all systems in real-

time on a single dashboard with one click. This strategy allows
businesses to act and respond in the event of a cyber-attack with
automation for smoother operations, strengthening cybersecurity
protocols against threats.

Better data management

Data forms the crux of marketing and product strategies. Losing it
to hackers or competitors may result in laying the groundwork
from scratch, giving a competitive edge to other companies.

Hence, to ensure that data security regulations are implemented

perfectly, organizations must consistently monitor their data. In
addition to security, cybersecurity assists in operational efficiency
as well.

Helps educate and train the workforce

You can add a layer of safety to your organization’s daily
operations by educating the workforce about potential risks such
as ransomware, data breaches, spyware, and more.
The employees will be less vulnerable to phishing attacks and
know the right course of action in case anything goes wrong.

Helps maintain trust and credibility

Cyber security helps lay the foundation of trust and credibility
amongst customers and investors. Breaches impact the
reputation of an organization resulting in a dwindling audience
base drastically. In contrast, the customer base increases when
the organization has a history of safeguarding business and
customer data.

Streamline access control

Organizations feel under control of all the tasks by controlling the
internal and external processes.

Companies can focus on other meaningful tasks enabling them to

establish accountability for strategic management. Access to
systems, computers, and resources is streamlined, hence
reducing cybercrime threats.

Supports the IT team

Cyber-attacks attract fines from regulators and customers’ claims,
resulting in low sales and revenue, affecting crucial aspects of
continuity. Additionally, cybercrimes can halt daily operations.

With the advancement of technology, sophisticated hacking

practices have evolved. The IT team should stay up to date with
the rapidly evolving changes in cyberspace.
A skilled IT team equipped with tools, techniques, and assistance,
as well as comprehensive knowledge, can skillfully handle even
the most advanced cybercrime.

Also check out: Cyber security compliance guide

What are the disadvantages of

cybersecurity?
While the benefits of cybersecurity are unparalleled,
implementing it can be both costly and complex. There’s also a
lack of skilled professionals which makes it challenging.
Additionally, human errors make it difficult to achieve a robust
security posture.