International Journal of Law, Policy and Social Review
[Link]
Online ISSN: 2664-6838, Print ISSN: 2664-682X
Received: 10-01-2024, Accepted: 25-01-2024, Published: 09-02-2024
Volume 6, Issue 1, 2024, Page No. 73-77
Cyber security necessity and benefits
Aditya Tiwari1, Shivangi Sinha2
1
Department of Law, Bharati Vidhyapeeth University Pune, Maharashtra, India
2
Assistant Professor, Department of Law, Bharati Vidhyapeeth University Pune, Maharashtra, India
Abstract
In the digital era, cybersecurity stands as an indispensable pillar for safeguarding information systems, networks, and data
from malicious threats. This research paper delves into the imperative need and multifaceted benefits of robust cybersecurity
measures in our increasingly interconnected world.
The paper commences by elucidating the escalating cyber threats prevalent in diverse sectors, emphasizing the criticality of
proactive cybersecurity measures. It explores the evolving landscape of cyber threats, encompassing malware, phishing
attacks, ransomware, and other sophisticated intrusions that pose substantial risks to individuals, organizations, and nations.
Furthermore, the research emphasizes the crucial role of cybersecurity in preserving confidentiality, integrity, and availability
of sensitive information. It outlines the significance of implementing robust security protocols, encryption techniques, and
access controls to fortify digital infrastructures against potential breaches.
The study also examines the multifaceted benefits of cybersecurity implementation, encompassing not only risk mitigation but
also fostering trust and reliability among stakeholders. It highlights the role of cybersecurity in bolstering consumer
confidence, ensuring business continuity, and complying with regulatory standards.
In this paper highlights that cybersecurity is not merely an option but an absolute necessity in today's digital landscape. By
understanding the risks, implementing proactive measures, and recognizing the manifold benefits, individuals, organizations,
and governments can fortify their defenses and navigate the complexities of the cyber realm with confidence and resilience.
Keywords: Technology, Cyber, organizational, criminal
Introduction safeguarding national security interests. Organizations and
Cyberattacks happen frequently; as we speak, the security of individuals alike must recognize cybersecurity as an
certain organizations, no matter how big or little, is at risk. essential component of responsible digital citizenship.
For instance, we may observe all the current cyberattacks if
you go to the "threat cloud" website. It provides the scope of Objective of the Study
real-world cyberattacks that occur on a regular basis. These 1- Assessment of Cyber Threat
days, a lot of our daily tasks include the internet. However 2- Effectiveness of Cybersecurity Measures
due to this digital interconnectedness has also opened the 3- Impact on Data Protection and Privacy
door to an array of cyber threats, ranging from malicious
software and phishing attacks to sophisticated hacking Research Questions
endeavors. In response to these challenges, the field of 1. To what extent do prevailing cyber threats pose risks to
cybersecurity has emerged as a critical line of defense, the confidentiality, integrity, and availability of digital
aiming to protect digital systems, networks, and data from assets, and how does the necessity of cybersecurity
unauthorized access, exploitation, and compromise but we measures evolve in response to these threats?
must continue to be aware of the system and the 2. What is the impact of effective cybersecurity measures
notifications we get. The manner cybercriminals commit on organizational resilience, business continuity, and
crimes is also evolving daily due to the advancements in financial outcomes, and how does this contribute to
information technology. quantifiable benefits such as cost savings and reputation
There are several obstacles in the way of enforcing enhancement?
cybercrime laws in any community as the criminal scenario 3. How do user awareness and education initiatives
in cyberspace differs greatly from that of physical space. In influence the successful implementation of
contrary to the internet, where age is not as self- cybersecurity measures, and what role does user
authenticating, age is a self-authenticating component in behavior play in determining the overall effectiveness
physical space. In cyberspace, a minor under the age of of cybersecurity strategies?
eighteen can readily pass for an adult and gain access to
resources that are limited, something that would be Definition
challenging for him to achieve in physical space. There is no universally accepted definition of cybercrime.
Cybersecurity is defending data by averting, identifying, and However, the following. (1) [1] definition includes elements
countering online threats. common to existing cybercrime definitions. Cybercrime is
As our dependence on digital technologies deepens, the an act that violates the law, which is perpetrated using
importance of cybersecurity cannot be overstated. Beyond information and communication technology (ICT) to either
protecting sensitive information, cybersecurity is integral to target networks, systems, data, websites and/or technology
maintaining public trust, ensuring business continuity, and or facilitate a crime.
73
�International Journal of Law, Policy and Social Review [Link]
Cybercrime is defined as "criminal activities carried out
through the utilization of computers, computer networks,
and digital technologies, encompassing a spectrum of illicit
actions that exploit vulnerabilities in digital systems, with
the intent of financial gain, unauthorized access, disruption,
or malicious activities".
Example
1. Stealing credit card information.
2. Breaking into the government website
3. Email and Internet fraud.
4. Identity fraud.
5. Theft and sale of corporate data.
6. Ransomware attacks.
7. Cyberextortion (demanding money to prevent a
threatened attack).
8. Cyber Spying (where hackers access government or
company data).
History
It's hard to pinpoint the precise moment when a crime was
committed via a computer network, or the morning of
cybercrime.
The first case of use of computer theft was in 1973, A teller
at a original New- York bank used a computer to embezzle
over 2 million. The first spam dispatch took place in 1978.
transferring spam emails is a cybercrime.
In certain countries, we can be behind bars if we shoot spam
emails. In the 1980’s MNC Database (pentagon and IDM)
was addressed.
The first VIRUS was installed on Apple computers in 1982.
In 2016, Kaspersky: one of the leading antivirus providers
to the world reported around 758 million malicious attacks
that occurred.
Types of Cyber Crime
Malware Attacks
Malware, or malicious software, refers to any set purposely
intended to cause harm to a computer, server, network, or
usage. It includes a variety of harmful programs such as
viruses, worms, Trojans, ransomware, and spyware.
Malware aims to compromise the confidentiality, integrity,
or availability of data and may lead to unauthorized access,
data theft, or system disruption. Preventative measures, such
as antivirus software and regular system updates, are crucial
to defending against malware attacks.
Trojans
A Trojan Horse, or simply a Trojan, is a type of malicious
software that disguises itself as legitimate or helpful
software. Unlike viruses, Trojans don't replicate but trick
users into installing them. Once inside a system, they can
perform various harmful actions, such as stealing data,
providing unauthorized access, or delivering additional
malware. Named after the ancient Greek story of a
deceptive wooden horse, Trojans deceive users by appearing
harmless while hiding malicious intent. Protective measures,
like cautious downloading and robust cybersecurity, are
crucial to defend against Trojan attacks
Worms
Worms infect entire networks of devices either locally or
across the internet by using the network interfaces. It uses
each consecutive infected machine to infect more.
74
�International Journal of Law, Policy and Social Review [Link]
Password Attack ▪ Backup and Recovery
An effort to steal or decode a user's password for illegal Regularly back up critical data and ensure backups are
activities. Hackers can utilise cracking programmes, stored securely.
dictionary assaults, and password sniffers to conduct Test data restoration processes to ensure quick recovery in
password attacks. case of a cyber attack.
Password assaults may be prevented by implementing a
password policy that includes minimum length, ▪ Phishing Protection
unrecognisable terms, and regular changes. Use email filtering tools to detect and block phishing
attempts.
Phishing Train employees to recognize phishing emails and avoid
It's a cybercrime where people are communicated through clicking on suspicious links or downloading attachments.
phone calls, dispatch, or a communication by cybercriminals
posing as a person from a legitimate institution. A phishing ▪ Mobile Device Security
crusade is when spam emails, or other forms of Implement security measures for mobile devices, including
communication, are transferred to emails, to trick donors strong passcodes, remote wipe capabilities, and mobile
into doing commodity that undermines the security or device management (MDM) solution
security of the association they work for. These
cybercriminals collect particular information like bank Cybersecurity
account details and watchwords and also steal plutocrat.
Technologies and processes designed to protect networks
dispatches transferred by phishing look authentic and
and devices from attack, damage or unauthorized access.
attempt to get victims to reveal their information.
Advantages
Cybercrime and Information Security
1. Increased productivity
▪ Firewalls and Security Software [2]
2. Protection for your customers or client
Use firewalls to monitor and control incoming and outgoing
3. Inspires customer confidence.
network traffic.
Employ antivirus and anti-malware software to detect and 4. Stops your website from crashing.
remove malicious programs. 5. Protection of our business
▪ Regular Software Updates Why do we need cyber security?
Keep all operating systems, software, and applications up to The Three main Pillars of cyber security are
date with the latest security patches. ▪ Confidentiality
Enable automatic updates whenever possible. (Data should be nonpublic) the principle of confidentiality
asserts that the information and functions can be entered
▪ Strong Authentication only by certified party.
Implement multi-factor authentication (MFA) to add an
extra layer of security beyond usernames and passwords. ▪ Integrity
(Data Integrity should be complete) the principles of
▪ Employee Training and Awareness integrity assert that information and functions can be added,
Conduct regular cybersecurity awareness training for altered, or removed only by sanctioned people and means.
employees to recognize and avoid common threats like
phishing. ▪ Availability
Emphasize the importance of strong password practices. (Data should be available) the principles of availability
assert that systems, functions, and data must be available on
▪ Access Control demand according to agreed- upon parameters grounded on
Restrict access to sensitive data and systems based on the situations of service.
principle of least privilege.
Regularly review and update user permissions. India's cybersecurity law
India has enacted several laws and regulations related to
▪ Network Segmentation cybersecurity to address the challenges posed by cyber
Divide the network into segments to limit the potential threats.
impact of a cyber attack. This can help contain and isolate Information Technology Act, 2000
malicious activity. The Information Technology (IT) Act, 2000 is the primary
legislation in India that addresses various aspects of
▪ Incident Response Plan [3] electronic governance and electronic commerce. It contains
Develop and regularly update an incident response plan provisions related to unauthorized access, hacking, data
outlining the steps to be taken in the event of a cyber attack.
protection, and the punishment for cybercrimes.
Conduct drills to ensure a quick and effective response.
Amendments to the IT Act in 2008
▪ Data Encryption
The IT Act was amended in 2008 to address emerging cyber
Encrypt sensitive data, both in transit and at rest, to protect
threats more comprehensively. The amendments introduced
it from unauthorized access.
new offenses, including unauthorized interception, identity
theft, and the publication of sexually explicit material.
75
�International Journal of Law, Policy and Social Review [Link]
National Cyber Security Policy, 2013 Secure and decentralized authentication and authorization
While not a law per se, the National Cyber Security Policy mechanisms
provides a framework for enhancing the security posture of
the country in cyberspace. It aims to protect information Ransomware Defense Strategies
infrastructure, build capabilities to prevent and respond to Developing and executing efficient defense techniques
cyber threats, and foster a resilient cyberspace ecosystem. against ransomware attacks. Improving incident reaction
and recovery plans.
The Aadhaar (Targeted Delivery of Financial and Other
Subsidies, Benefits and Services) Act, 2016 Biometric Authentication
The Aadhaar Act is significant for its role in managing the Increasing the usage of biometrics for user authentication.
Aadhaar biometric identity system. It contains provisions Addressing confidentiality and safety concerns about
related to the security and confidentiality of identity biometric data.
information.
Challenges and Future Directions in Cyber Security
Data Protection Laws and Regulations Challenges
India is in the process of formulating a comprehensive data Complex Cyber Threats [5]
protection law. As of my last update, the Personal Data Cyber dangers are becoming increasingly complex,
Protection Bill, 2019, was introduced in the Indian including advanced persistent threats (APTs) and state-
Parliament. The bill aims to regulate the processing of sponsored assaults.
personal data, including data related to cybersecurity.
Rapidly Evolving Technology
Indian Penal Code (IPC) observing up with the rapid-fire pace of technological
The IPC includes sections that can be applicable to advancements, similar as IoT, 5G, and AI, which introduce
cybercrimes, such as sections dealing with fraud, forgery, new vulnerabilities.
and identity theft. When cybercrimes involve traditional
offenses, the IPC may be invoked. Insider hazards
Dealing with insider threats, purposeful or unintentional,
Banking Regulations from workers or individuals with access to sensitive
The Reserve Bank of India (RBI) issues guidelines and information.
regulations to ensure the cybersecurity of banks and
financial institutions. These guidelines focus on securing Supply Chain Vulnerabilities
online transactions, customer data protection, and incident Challenges relating to and securing supply chain
reporting. vulnerabilities to prevent attacks similar as software supply
chain negotiations.
Emerging Trends in Cybersecurity
Cybersecurity is dynamic and constantly evolving to address Deficit in Cybersecurity Skills
new threats and challenges. Here are some emerging trends A global shortage of professed cybersecurity professionals,
in cybersecurity that are relevant: making it challenging for associations to make and keep up
Artificial Intelligence in Cybersecurity [4] effective security teams.
Using AI and ML to enhance threat detection and response
capabilities. Outdated Software [6]
Predictive analytics for identifying and preventing potential If you don’t keep your apps and software updated, they can
security incidents. be exploited and hacked with ransomware, or as we’ve seen
from the Bluekeep attacks in 2019, your unpatched software
Zero Trust Architecture can be exploited to install cryptocurrency miner
Moving away from traditional perimeter-based security
models to a model that assumes no trust, even within the Future Directions
network. Quantum-Safe Cryptography [7]
Continuous authentication and authorization are crucial Creation and implementation of cryptography methods that
components. can withstand assaults from quantum computers.
Cloud Security AI-Driven Security
Addressing security challenges associated with cloud Increased usage of artificial intelligence and machine
adoption. learning for proactive threat identification and response.
Implementing robust cloud security strategies and tools.
Zero Trust Architecture
IoT Security Broad adoption of a trustless security model where trust is
Securing the growing number of connected devices on the never expected, and continuous authentication is
Internet of Things. implemented.
Managing vulnerabilities in IoT devices and networks.
Blockchain for Security [8]
Blockchain Technology Exploring the use of blockchain technology to improve
Exploring the use of blockchain for enhancing security and security, particularly in areas such as identity management
transparency in various applications. and secure transactions.
76
�International Journal of Law, Policy and Social Review [Link]
Automation and Orchestration Privacy-Preserving Technologies
Increasing automation of information security processes and Examine cutting-edge tools and techniques that protect user
orchestrating incident response for greater efficiency. privacy while guaranteeing cybersecurity, particularly
International Cooperation considering the rise in data collecting and analysis.
Strengthen international cooperation on cyber security Discover the role of AI in improving threat intelligence
standards and information sharing against global threats. capabilities and explore how AI-powered analytics can
improve the speed and accuracy of cyber threat detection
User-Centric Security and mitigation.
Designing security measures with a focus on user
experience to encourage better adoption of security Legal and Regulatory Impact on Cybersecurity
practices. Explore the impact of current and evolving legal and
regulatory frameworks on cybersecurity and explore how
Case Law compliance can contribute to an organization's security and
Notable cybersecurity Incidents overall cyber resilience.
Bharat Interface for Money (BHIM) App Data Leak (2020)
The BHIM app, a government- supported digital payments Conclusion
operation, faced a data leak in 2020. information of millions Cyber security is a broad issue that is growing increasingly
of users was allegedly available for trade on the dark web. vital as the world becomes more linked, with networks
Wipro Data Breach (2019) IT services company Wipro felt utilized to carry out critical activities. With each New Year,
a data breach in 2019 [9]. bushwhackers reportedly used cybercrime diverges into new directions, as does
phishing emails to compromise hand accounts and launch information security. The most recent and disruptive
attacks on Wipro's customers. technologies, as well as new cyber tools and attacks that
UIDAI Data Breach (2018) There were reports of contended emerge daily, are presenting organizations with new
Aadhaar data breaches, the unique identification number challenges in not just securing their infrastructure, but also
issued by the Unique Identification Authority of India requiring new platforms and intelligence to do so. There is
(UIDAI). The authority denied any breach, but enterprises no perfect answer to cybercrime, but we should do our
were raised about the security of the Aadhaar system. utmost to minimize it to have a safe and secure future in
Ransomware Attacks on Kerala Government Websites cyberspace.
(2017) Several government websites in the state of Kerala
were targeted by ransomware in 2017. The attackers References
demanded a ransom in bitcoin to restore access to the 1. [Link]
affected websites. 2. [Link]
Indian Railways E-ticketing Portal Hacked (2016) [10] guide
The Indian Railways' online ticketing portal faced a cyber- 3. [Link]
attack in 2016, affecting the booking and payment systems. services/
The website was temporarily taken down for security 4. [Link]
measures. he-10-biggest-cyber-security-trends-in-2024-everyone-
Cosmos Bank Cyber Attack in Pune A cyber-attack in India must-be-ready-for-now/?sh=255192395f13
in 2018 was deployed on Cosmos Bank in Pune. This daring 5. [Link]
attack shook the whole banking sector of India when challenges-for-businesses
hackers siphoned off Rs. 94.42 crores from Cosmos 6. [Link]
Cooperative Bank Ltd. in Pune. news/cybercrime/attackers-attempt-large-scale-
bluekeep-exploit-to-spread-cryptominer/
Recommendation 7. [Link]
Certainly, exploring future research topics in cybersecurity automation-wha....
is crucial as the field continues to evolve. Here are some 8. [Link]
recommendations for research topics focusing on the article
necessity and benefits of cybersecurity: 9. [Link]
cybersecurity-data-breaches-in-
Human-Centric Cybersecurity 2023/[Link]
Examine how human behaviour affects cybersecurity, with a 10. [Link]
focus on user awareness, education, and how human factors india/
affect the security posture
Cybersecurity for Emerging Technologies
Examine the advantages and need for cybersecurity
precautions for cutting-edge technology including artificial
intelligence, quantum computing, and the Internet of Things
(IoT).
Cybersecurity Awareness Program
Examine how well cybersecurity awareness programmes
work in various settings and investigate how learning efforts
can create a safer online world.
77
