Cybersecurity
what that mean? why its important for us?
Due to growth of technology in today's life we all work mostly on internet. as in today's life there is no work without internet. we do all our necessary works on internet whether its government or private company, though its important for users to make sure that their every information is safe on internet. so for that prospective we use cybersecurity.
The word itself explains many things "cyber" means computer data, and "security" means to protect that data. so it means to protect all our computer data or information we giving to different websites for our daily work. we give our each and every information to some different websites, even if you fill a form on internet it asks atleast for your email id, and its dangerous too to give your email to any fraud website did you just now that if you enter your information to any unknown form or website it can make you trouble.
The hackers who are mainly involved in this activity, to stole your data or information and make it a source of money from you. i had given you an example of unknown link and give every information to them. some companies are as their own are frauds or you can say hackers. they send this link and get your every information. but hackers and frauds both are different because hackers hack our data means its not in our hand to save that data. but frauds are something we can control on our own. That can be possible only when you don't allow anyone to take your information until it needed for some special purpose.
now why we use cybersecurity, ofcourse for the protection of our information on websites. we need cybersecurity due to cyberattacks. learn more.
Now we discuss the types of cyberattack:-
1. Computer virus: its a malware program designed to destroy a computer or any digital device. to destroy its every data which is important for that user. Malware is intrusive software that is designed to damage and destroy computers and computer systems. Malware is a contraction for malicious software. In more technical terms, a computer virus is a type of malicious code or program written to alter the way a computer operates and is designed to spread from one computer to another. A virus operates by inserting or attaching itself to a legitimate program or document that supports macros in order to execute its code. In the process, a virus has the potential to cause unexpected or damaging effects, such as harming the system software by corrupting or destroying data. There are many types of viruses, I names few here,
- ● Polymorphic Virus
- ● File Infector Virus
- ● Multipartite Virus
- ● Macro Virus
2. Man-in-the-Middle(MitM) Attacks: A man-in-the-middle (MitM) attack is when an attacker intercepts communications between two parties either to secretly eavesdrop or modify traffic traveling between the two. Attackers might use MitM attacks to steal login credentials or personal information, spy on the victim, or sabotage communications or corrupt data. so basically it acts like a mediator between a person and a website. means you will think that you're talking to a website but a mediator is talking to you to stole your every data that you think you have given to the website.
3.SQL Injections: SQL injection, also known as SQLI, is a common attack vector that uses malicious SQL code for backend database manipulation to access information that was not intended to be displayed. This information may include any number of items, including sensitive company data, user lists or private customer details.
Types of SQL injections;
● In-band SQLI: The attacker uses the same channel of communication to launch their attacks and to gather their results. In-band SQLI’s simplicity and efficiency make it one of the most common types of SQLI attack.
● Inferential (Blind) SQLI: The attacker sends data payloads to the server and observes the response and behavior of the server to learn more about its structure. This method is called blind SQLI because the data is not transferred from the website database to the attacker, thus the attacker cannot see information about the attack in-band.
● Out-of-band SQLI: The attacker can only carry out this form of attack when certain features are enabled on the database server used by the web application. This form of attack is primarily used as an alternative to the in-band and inferential SQLI techniques.
these are most common attacks, in which malicious actors try to compromise account through login portals. there is another set of attack to go after password storage. as attackers often choose the path of least resistance it's critical to protect against both types.
why it matters- password attacks perennially to the list of data breach attack vectors. while ther are relatively easy and low cost to mitigate, many organizations do not have properly implemented safeguards. even when organization implement multi-factor authentication (MFA), passwords typically serve as one of the factors.
conclusion: in this i just want to say that please don't trust any website without verifying it. and please don't give your personal information on any link specially if you recieved link via messages. these are some fraud links which can easily stole your data with the help of your entered information in it. Fauds are very common today.