Introduction

As we are advancing in technology , we are using more and more devices and along with it comes the internet connectivity which has become inseparable. With this level of functionality comes many security issues. The termed coined for this is cyber crime.

Reference:

https://ieeexplore.ieee.org/document/8833829

What is cyber crime?

Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device. Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is carried out by individuals or organizations.

Background

Cyber attacks are on their rise and they are increasing exponentially but why so? It’s because of the fact that it is easier, cheaper and convenient than physical attacks. You need a laptop and internet connection to do this crime. Also the range of the audience is global. It affects not only a common person but also big organizations, political parties etc.

Top Cyber Security Threats

1) Ransomware
Ransomware is malicious software that infects your computer and displays messages demanding a fee to be paid in order for your system to work again. This class of malware is a criminal moneymaking scheme that can be installed through deceptive links in an email message, instant message or website.

Ways to avoid:

• Data backups:
  Let’s say the attack was successful and the company loses all the data. This could be very expensive for a company as databases are the most important asset of a company. Therefore companies should take frequent database backups.
• Malware protection:
  Good ani-virus needs to be installed to void malware
• Awareness:
  In general everyone should be made aware of this kind of attacks so that they can be cautious.

2) Hacking
Hacking is an attempt to exploit a computer system or a private network inside a computer. Simply put, it is the unauthorised access to or control over computer network security systems for some illicit purpose.

Traditionally hackers attempt to gain access to financial data, bank account, credit card information.

It’s not always through coding. They also try staff to trick staff into giving out passwords.

Ways to avoid:

• Staff training:
  Provide staff with minimum access to system as much as they require and make them aware about what information they should out and what they should not.
• Data access security:
  Protect the system from hackers by setting up access security .
• Efficient access control:
  If access control is not done properly the system threat is very high. — 
• Right firewalls:
  To protect the network from hacking setup the right network firewalls.

3) Data Leakage
Data leakage is the unauthorized transmission of data from within an organization to an external destination or recipient. The term can be used to describe data that is transferred electronically or physically. Data leakage threats usually occur via the web and email, but can also occur via mobile data storage devices such as optical media, USB keys, and laptops.

It is right said “Data is the new oil” because using your data they can manipulate you and breach your privacy.

Ways to avoid:

• Lock:
  Make sure that all your devices have passwords in some or the other form like pin,face lock,fingerprint lock etc.
• Encrypt software:
  Encrypt all your important data rather than saving it directly to local storage.
• Don’t share data online:
  If a website/app asks for your personal data like Aadhar card number etc make sure that you trust the website/app otherwise don’t share it.

4) Phishing Attack
Phishing is a cyber attack that uses disguised email as a weapon. The goal is to trick the email recipient into believing that the message is something they want or need — a request from their bank, for instance, or a note from someone in their company — and to click a link or download an attachment.

Ways to avoid:

• Be Suspicious:
  Don’t believe in every mail you receive. Make sure do some research about it before giving out any details,downloading attachments,clicking on links.
• Increase awareness:
  We need to create awareness about this kind of attacks and the fact that sensitive information are not asked by companies.
• Anti-malware:
  Use antimalware softwares .

5) Insider Threat
We can not overlook the possibility that an insider (staff) could leak an organization’s data by mistake or maliciously. This could cost the company a lot.

Ways to avoid:

• Educate staff:
  Educate staff about the permissions and alerts to minimize careless mistakes.
• Access management:
  The amount of control given to a particular member of staff should be only enough to do his/her job and not more than that.
• Policy for external storage use:
  This should be done to control use of devices like portable hard drives, media players, USB memory keys etc.

6) Computer Viruses and Worms
A computer virus is a type of malware that propagates by inserting a copy of itself into and becoming part of another program. It spreads from one computer to another, leaving infections as it travels. Viruses can range in severity from causing mildly annoying effects to damaging data or software and causing denial-of-service (DoS) conditions. Almost all viruses are attached to an executable, which means the virus may exist on a system but will not be active or able to spread until a user runs or opens the malicious host file or program.

Computer worms are similar to viruses in that they replicate functional copies of themselves and can cause the same type of damage. In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate. To spread, worms either exploit a vulnerability on the target system or use some kind of social engineering to trick users into executing them. A worm enters a computer through a vulnerability in the system and takes advantage of file-transport or information-transport features on the system, allowing it to travel unaided.

Ways to avoid:

• Misleading popups:
  Avoid misleading popups
• Clearing cache:
  Clear all the cache at regular intervals.
• Don’t click unsafe links :
  Make sure you only click links which seem safe to use.

Cyber security challenges in modern society

1) Ransomware Evolution
Ransomware is on its rise and it’s popularity is increasing day by day. This technique provides huge monetary benefits for the hackers. It’s very difficult to protect the system after the ransomware attack.

2) Internet of things (IoT)
The Internet of Things (IoT) refers to a system of interrelated, internet-connected objects that are able to collect and transfer data over a wireless network without human intervention. The personal or business possibilities are endless. With an enormous amount of sensors and devices connected to internet backbone there is a clear possibilities of a lot of security issues.

3) Artificial intelligence (AI) Expansion
As AI is expanding a lot of human jobs are converting into machine jobs and which can be said the be equivalent to saying that it will give rise to a lot of security issues.

4) Blockchain Revolution
Blockchain is used to create cryptocurrency and this technology has rising demand. Without proper security protection , the cryptocurrencies can be misplaced and security of the monetary system can be collapsed.

5) Serverless Apps Vulnerability
Using serverless apps may introduce security issues as they are not hosted on server , they experience complexity in securing their vulnerability.

Conclusion:

Technology is expanding and along with the benefits comes some disadvantages too. Here we have discussed the major security threats and vulnerabilities and also learnt about how to avoid them.