Introduction to Cybersecurity and Dark Web
Dr. Erdal Ozkaya
I empower organizations to build resilient cybersecurity programs. Award-Winning Speaker | Bestselling Author| Chief Cybersecurity Strategist - Group CISO at MAVeCap,
Cybersecurity and Cybercrime
The expansion of internet has created a great opportunity among the users in different domains, for instance, academic, government, business, and industry sectors. However, this growing development has also created the opportunity to exploit vulnerabilities to attack the infrastructure and system, conduct espionage, and wage cyberwar.
Therefore, the cyberspace needs to ensure the users are secure so that they can protect their privacy and safety in the cyber world. The term cybersecurity has been adopte by government and industry, and is understood as the process by which computer networks
and databases of national interest are protected, for example, large corporations and government agencies including civilian, military, and law enforcement.
Cybersecurity
The term cybersecurity, also known as computer security and IT security, refers to the technologies, processes, and practices to safeguard from unwanted access of software, hardware, data, program, and intellectual property by cybercriminals over the internet. It is also considered to control the physical access of hardware and/or cyber-physical infrastructure. Cybersecurity also refers to protect data from exfiltration, various code injection attacks (CIA) such as SQL injection and XSS, or any type of service disruption.
According to the International Telecommunications Union (ITU), cybersecurity is defined as the collection of tools, policies, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. Organization and user’s assets include connected computing devices, users, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment.
Cybersecurity ensures the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The security properties include one or more of the following: availability, integrity, and confidentiality.
CIA (confidentiality, integrity, and availability) is the basic principles of cybersecurity.
Confidentiality means that the information which is classified or sensitive must remain so and be shared only with appropriate users. Availability means that the information and systems must be available to those who need it. Integrity means that the information must retain its reliability and not be altered from its original state.
Cybersecurity includes different elements such as application security, information security, network security, and disaster recovery. Cybersecurity includes different activities and operations aiming at the reduction and prevention of threat and vulnerabilities and having in place policies for protection, incident response, recovery, data assurance, law enforcement, and military and intelligence operations relating to cyberspace security. It defends the systems from hacking and virus attacks.
Consequently, cybersecurity has had a growing importance in the cyber world due to the increasing reliance on computer systems, smart devices, wireless networks such as Bluetooth and Wi-Fi, and the growth of the internet. Cybersecurity involves protecting the information and systems we rely on every day—whether at home, office, or business.
Cybersecurity touches practically all activities and all citizens around the globe; it provides tremendous opportunities for enhancing human development as well as achieving better integration in the information society. It also supports wider access to knowledge and education, as well as to the development of policies and strategies.
In legal and regulatory institutions, the lack of cyberspace security undermines the realization of the full potential of the IT revolution. Consequently, special attention is needed to prevent cyberspace from turning into a source of danger for states and citizens, and to prevent the appearance of a cybercrime haven. The prevention of cybercrime is a key objective of cybersecurity.
Cybercrime
According to Interpol definition, the cybercrime refers as follows:
Cybercrime is a fast‐growing area of crime. More and more criminals are exploiting the speed, convenience, and anonymity of the Internet to commit a diverse range of criminal activities that know no borders, either physical or virtual Interpol
Cybercrime is used most often by social scientists and is understood as the process by which criminals target computers or use computers as tools in the commission of a crime. The emphasis is on the offender and the victim. This focus on individual criminals and offenders means an expansive exploration of both crimes, including romance scams, online fraud schemes, cyberbullying, and online extremism.
Cybercrime or computer crimes are “offences against confidentiality, integrity and availability of computer data and systems” and “computer-related offences,” not limited to computer-related forgery, intentional illegal computer system access, intentional illegal interception of computer data transmission, intentionally interfering with data without approval, systems interference, and misuses of electronic or computer devices.
Cybercrime costs billions of dollars to business during cyberattacks that cause direct damage and continue disrupting the business operations after the attack.
Due to the financial loss and business disruption, there are more targeted efforts to control the attacks. In addition, why the efforts are becoming more targeted is because our consumer lives are mostly online and a significant portion of attacks are difficult to detect.
In recent years, the cybercrime efforts are increasingly becoming more targeted by means of the time and cost of performing an attack versus the payback.
According to Australian cybercrime online report, the term cybercrime refers to “crimes which are directed at computers or other devices, and where computers or other devices… are integral to the offence.” This definition broadly defines the types of activities performed by cybercriminals. Their operations either target specific computer networks by developing and deploying various forms of malicious software (such as viruses) or exploit these networks to further their own criminal agendas (phishing, identity theft, fraud, recruitment, etc.). The security experts are working hard to protect cyberspace from the growing cyberattacks including deliberate attempts. Therefore, cybersecurity is an important area that is needed to safeguard the details of internet users
Part 2 :
- Web and its levels
- Web Categories
- Dark Net
Part 3:
- The Implication of Dark Web
- Malicious Activities of Dark Web
Driving innovation through problem-solving and experimentation | SG PEP Holder
5 年Good Read.
Essential piece, Erdal!
PRINCE2P | CCISO | CISM | PECB ISO/IEC 27001 | ISO 20000 LI | GDPR | COBIT 5 | ITIL | CSSYB | CySA+ | SECURITY+ | CTIA | CEH | AZ-500 | VCP6-DCV | CCNA | MCSE
5 年Great post Dr. Erdal Ozkaya