Cyber ​​Security Mystery –


By DC Pathak

Sometimes the roots of a problem are obscured by discussions about the “severity” of its potential impact – some of which happens in the way experts prepared their comprehensive analysis of cybersecurity threats.

The success of the information technology revolution – 1991 is considered the key date for this transition, since that was the year investment in the IT sector exceeded investment in the industrial sector in the US for the first time – marked the beginning of the information age when the Internet brought instant communication, created borderless markets and made way for globalization, giving rise to the new phenomenon called the knowledge economy.

Internet-based products and services—from cell phones to Twitter to home delivery—held the upper hand. The fact that information is transmitted and stored over the Internet poses the problem of protecting it from adversary attempts to break into it or data theft committed for other undesirable purposes.

However, the first point of clarity about using the internet is that it is a public platform and therefore the user should be aware that he or she should not say on it what would not be allowed on such a platform.

Section 66 of the IT Act punishes calls for violence, targeted threats to people or a brazen attack on the sovereignty of the state. The “public” nature of the Internet makes it illogical that you should expect the information you put there to be kept confidential – until you, the user, or the organization receiving information from you online, take specific steps to protect it against exposure. So much of the noise raised about the “privacy” of information loaded on the web made no sense.

The second fundamental thing about using the Internet is that security in any field – cyber, industrial or governmental – revolves around the threats to a target organization’s three assets: material, human resources and protected information.

Accordingly, there are concepts of physical security, personal security and information security to protect against what is known in technical terms as sabotage, subversion or espionage.

Looking first at the topic of “information security” – in the context of the Internet – it must be mentioned that espionage, by definition, maneuvers “unauthorized access to protected information”. If the organization has not protected its information, it cannot complain that its security has been breached – this protection begins with the ‘security rating’ of the information in question in terms of whether it is marked as ‘Restricted’, ‘Secret’ or ‘Top Secret’. and determining who among employees would have access to it.

The security of information at the “virtual” layer begins with “access control” techniques to restrict access to authorized users – these include firewalls, passwords and biometric devices. Security policy must be clearly articulated in order to achieve effective firewall design and implementation.

Cryptography converts plaintext into undecipherable cybertext. The key size of the encryption process reflects the strength of the algorithm. Encryption is the best means to ensure the “confidentiality” or privacy of messages and also to check unauthorized access to data. It should be noted that multiple encryptions can increase security, but can have a negative impact on efficiency. It is logical that passwords should be stored in encrypted form. Finally, extensive use must be made of biometrics to establish the identity of the legitimate user.

There is a strong physical security side to cyber operations. Specific access controls are required at the physical layer, which represents the data communication interface with the hardware. This is the layer that performs the physical transmission of data to the transmission medium.

Floppy disks, magnetic tapes, USB sticks, optical data carriers and any other backup material for hard drives should always be kept safe. Printed, uncollected and sensitive documents must be destroyed by “shredding”.

The IT Act of India provides detailed guidelines also for secure site design for a data center or main computer. All openings of this center should be monitored by video surveillance cameras around the clock.

Physical security begins with installing a secure perimeter—which isn’t always a brick-and-mortar structure—and immediately detecting any attempt to breach it. One of its goals is to prevent sabotage, which by definition is “the threat to cause unacceptable physical harm to the target organization”.

Data destruction also falls under this description. All strategic sectors of the economy operate on cyber systems, the security of which is a must to avert a disruptive attack that would affect national stability. Code cracking can be done by the enemy using brute force, which involves trying to decode the code using every possible key combination.

Launching a direct stealth attack from the outside can lead to a “denial of service” where the target’s ports are clogged and the network resource is degraded. Data destruction can be caused by virus injection through fake news. A malicious website can be used to download a virus.

Unfortunately, any “hacking” or unauthorized intrusion into the system is only detected after it is successful, and therefore an emergency response to such an event was important to mitigate the damage.

The human security component of the cyber domain is often underestimated because one does not understand how the threat got into play without being detected. In all systems directly related to national security, the threat angle of subversion, which by definition is rooted in the enemy’s ability to alter the allegiance of an employee of the target organization, is given high priority.

Personnel security standards – aimed at preventing this subversion – are more stringent in sensitive areas of national security. The enemy can either recruit an employee already on the role, by managing to reach the person and then exploiting a vulnerability of the latter to effect a switch in allegiance – from the organization to the entity outside – or alternatively, “plant “. ‘ its agents under ‘cover’ in the target organization, exploiting a vulnerability in the prescribed entry process.

The importance of background checks and investigation of character and background before employment is confirmed is obvious. In sensitive organizations there is also a periodic review. It is clear that a compromised employee is used by the attacker for various purposes such as securing access to protected information and performing acts of sabotage.

The third fundamental characteristic of cybersecurity relates to the general recognition that almost half of the breaches there were due to an insider. One of the responsibilities of a sensitive company’s security organization is to take note of any “suspicious” behavior by an employee and to investigate this to determine that the individual has not previously worked for an outsider.

At a deeper level, the security facility looks for any “vulnerability” an employee exhibits, such as greed, addiction, or upset, and examines it to provide the individual with a warning for that “vulnerability” – after all, this would be noticed by employees as well Opponent.

In addition, the practice of the “need-to-know” principle is intended to enforce a “restrictive security” by which the employee is only granted access to that part of the organizational knowledge that was essential to the individual’s own performance – this reduces the subversive Potential of a Compromised Member.

For this reason, internal firewalls are also used in the sense of “restrictive security” in order to shield one company area from another. In an intelligence organization where the “need-to-know” principle is fully followed, members understand what part of operational knowledge must not be shared with colleagues. They also know that restrictive security measures didn’t work vertically.

A fourth key point about cybersecurity is that its framework rests on certain premises—legal, operational, and managerial—and, like any other area of ​​security, conforms to the principle that security is an “integral” concept that is not subject to any divisibility, which is nice.

Security is a mainstream function as it requires extensive knowledge of the company and derives its authority from the top man. Training on all security aspects is required and a culture of security awareness needs to be established to avoid preventable failures.

A cybersecurity regime relies on its ability to take care of the details to be successful. A system administrator must be appointed, this is a legal requirement whose responsibilities are solely for creating, classifying, retrieving, deleting and archiving information, establishing arrangements for password management, authorizing access for users when needed and “need to do ” basis with full documentation of this authorization to ensure that all security breaches are recorded, investigated and submitted for review by top management and finally to ensure that the security policies are understood by all members of the organization. For this purpose, an audit trail must be logged of security-related access and actions taken.

Finally, cyberspace is an instrument of development and facilitates the welfare function of the democratic state, but it is also a license for anti-national forces to wreak havoc against it. Higher defense weapons, including nuclear missiles, work with complex cyber security systems that are failsafe.

In a new phenomenon, social media – a product of the internet – is already becoming an instrument of struggle and “proxy warfare”. We live in times where a minimal understanding of cyber security issues is an integral part of the requirement to “be well informed” – that is the dictate of the times to succeed in any field of work.


About Author

Comments are closed.