Cyber Security - Types of Cyber Crimes & Hackers


Cybersecurity is the practice of protecting systems, networks, and programs from digital attacks. These attacks are usually aimed at accessing, changing, or destroying sensitive information; extorting money from users; or interrupting normal business processes.

How does cybersecurity work?

A successful cybersecurity approach has multiple layers of protection spread across the computers, networks, programs, or data that one intends to keep safe. In an organization, the people, processes, and technology must all complement one another to create an effective defense from cyber-attacks.

People
Users must understand and comply with basic data security principles like choosing strong passwords, being wary of attachments in email, and backing up data. Learn more about basic cyber security principles.

Processes
Organizations must have a framework for how they deal with both attempted and successful cyber-attacks. One well respected frameworks can guide you. It explains how you can identify attacks, protect systems, detect and respond to threats, and recover from successful attacks. Watch a video explanation of the NIST cyber security framework.

Technology
Technology is essential to giving organizations and individuals the computer security tools needed to protect themselves from cyber-attacks. Three main entities must be protected: endpoint devices like computers, smart devices, and routers; networks; and the cloud. Common technology used to protect these entities include next-generation firewalls, DNS filtering, malware protection, antivirus software, and email security solutions.

Why is cybersecurity important?

In today’s connected world, everyone benefits from advanced cyber defense programs. At an individual level, a cybersecurity attack can result in everything from identity theft, to extortion attempts, to the loss of important data like family photos. Everyone relies on critical infrastructure like power plants, hospitals, and financial service companies. Securing these and other organizations is essential to keeping our society functioning.

Everyone also benefits from the work of cyber threat researchers, like the team of 250 threat researchers at Talos, who investigate new and emerging threats and cyber-attack strategies. They reveal new vulnerabilities, educate the public on the importance of cybersecurity, and strengthen open source tools. Their work makes the Internet safer for everyone.

Types of cybersecurity threats

Ransomware
Ransomware is a type of malicious software. It is designed to extort money by blocking access to files or the computer system until the ransom is paid. Paying the ransom does not guarantee that the files will be recovered or the system restored.

Malware
Malware is a type of software designed to gain unauthorized access or to cause damage to a computer.

Social engineering
Social engineering is a tactic that adversaries use to trick you into revealing sensitive information. They can solicit a monetary payment or gain access to your confidential data. Social engineering can be combined with any of the threats listed above to make you more likely to click on links, download malware, or trust a malicious source.

Phishing
Phishing is the practice of sending fraudulent emails that resemble emails from reputable sources. The aim is to steal sensitive data like credit card numbers and login information. It’s the most common type of cyber-attack. You can help protect yourself through education or a technology solution that filters malicious emails.

Black hats: The ones who find flaws, break into the system, exploit it with a malicious intent and a disregard for consequences that can be laid upon the victim. They are the real hackers. The information is usually shared which leads to a disaster! Examples include Anonymous, Ghost Squad Hackers.

White hats: The ones who work for corporations or are hired to hack into a system with an intent to find its flaws and vulnerabilities, document and report it to the seniors and developers, and remediate it. This is known as Penetration Testing (pen testing). They can be further classified between Red Teams, Blue Teams, and Purple Teams.

Red Team: White hats with a sole purpose to break into a given system.
Blue Team: White hats with a sole purpose to strengthen a system by fixing it.
Purple Team: White hats who integrate the data collected by red and blue teams. They share the collected data to both of the teams for an increased productivity and efficiency.
The Managed Security Services or the IT Security teams are involved in this.

Grey hats: The ones who can be either hackers or penetration testers, bend the rules and policies, but never exploit or share it. They can be termed as black hats without a malicious intent.

Organisations engage hackers (what we call - white hats) to perform hacking tests (called penetration test) in order to ensure their people, systems and processes are secure. Such tests are done under formal agreements and limited scope. Security weaknesses are identified, but never exploited to cause damage.

Similarly, there are red-teaming and blue-teaming exercises, where a red team (of white hat hackers) trying to penetrate in to the networks and see if the blue team (who is defending the security) is able to detect and prevent such attempts. This may be done both announced or unannounced to see the actual preparedness of the organisation.

Another category of such an activity is the bug bounty program, where the organisation gives an open invitation to all interested parties to identify the security weaknesses (again, only identify and not exploit) for a reward. Reward is usually proportional to the severity of the findings.

The offenses currently being investigated in the Cyber Crime Police Station are as follows:

Unauthorized access &Hacking
Trojan Attack
Virus and Worm attack
Denial of Service attacks
Forgery
IPR Violations
Cyber Terrorism
Banking/Credit card Related crimes
E-commerce/ Investment Frauds
Cyber Stacking
Identity Theft
Data diddling
Source code theft
Tampering with Computer Source documents
Social media abuse may result in serious consequences
Complicated Cyber offenses did through Smartphones
Breach of Privacy and Confidentiality and other computer-related crimes
E-mail related crimes: (a. Email spoofing, b. Email Spamming, c. Email bombing, d. Sending threatening emails, e. Defamatory emails, f. Email frauds)

Thanks for reading .

Comments