What is Cyber Security?

Cyber Security is that the major concern these days. Cyber Security, Computer Security is that the Protection of a computing system, information, and networks from disclosure, theft, and Damage to their Hardware, software, and electronic the sector is becoming increasingly significant thanks to the increased reliance on computer systems, the Internet and wireless network standards like Bluetooth and Wi-Fi, and thanks to the expansion of "smart" devices, including smartphones, televisions, and therefore the various devices that constitute the "Internet of things". due to its complexity, both in terms of politics and technology, cybersecurity is additionally one of the main challenges within the times

A vulnerability may be a weakness in design, implementation, operation, or control. Most of the vulnerabilities that are discovered are documented within the Common Vulnerabilities and Exposures (CVE) database. An exploitable vulnerability is one that a minimum of one working attack or "exploit" exists. Vulnerabilities are often researched, reverse-engineered, hunted, or exploited using automated tools or customized scripts. To secure a computing system, it's important to know the attacks which will be made against it, and these threats can typically be classified into one among these categories below:

Backdoor-A backdoor during a computing system, a cryptosystem, or an algorithm, is any secret method of bypassing normal authentication or security controls. they'll exist for several reasons, including by original design or from poor configuration. they'll are added by a licensed party to permit some legitimate access, or by an attacker for malicious reasons; but no matter the motives for his or her existence, they create a vulnerability. Backdoors are often very hard to detect, and detection of backdoors is usually discovered by someone who has access to application ASCII text file or intimate knowledge of the OS of the pc.

Denial-of-service attack -Denial of service attacks (DoS) is designed to form a machine or network resource unavailable to its intended users.[14] Attackers can deny service to individual victims, like by deliberately entering a wrong password enough consecutive times to cause the victim's account to be locked, or they'll overload the capabilities of a machine or network and block all users directly. While a network attack from one IP address is often blocked by adding a replacement firewall rule, many sorts of Distributed denial of service (DDoS) attacks are possible, where the attack comes from an outsized number of points – and defending is far harder. Such attacks can originate from the zombie computers of a botnet or from a variety of other possible techniques, including reflection and amplification attacks, where innocent systems are fooled into sending traffic to the victim.

Direct-access attacks- An unauthorized user gaining physical access to a computer is presumably ready to directly copy data from it. they'll also compromise security by making OS modifications, installing software worms, keyloggers, covert listening devices, or using the wireless microphone. Even when the system is protected by standard security measures, these could also be bypassed by booting another OS or tool from a CD-ROM or other bootable media. Disk encryption and Trusted Platform Module are designed to stop these attacks.

Eavesdropping is that the act of surreptitiously taking note of a personal computer "conversation" (communication), typically between hosts on a network. as an example, programs like Carnivore and Narus InSight are employed by the FBI and NSA to pay attention to the systems of internet service providers. Even machines that operate as a closed system (i.e., with no contact to the surface world) are often eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware; TEMPEST may be a specification by the NSA about these attacks. Multi-vector, polymorphic attacks. Surfacing in 2017, a replacement class of multi-vector, polymorphic cyber threats combined several sorts of attacks and altered form to avoid cybersecurity controls as they spread.

By: Renu

Content: https://www.cisco.com/c/en_in/products/security/what