Name:- Ravi Yadav

Class:- BA

Course:- Hindi(H)

Roll no:- 1018

Subject:- Digital empowerment

Assignment 2

Online Security vs Online Privacy

Online Security involves the technologies, processes, and measures put

in place to protect computers, networks, programs, and data from
unauthorized access, attacks, or damage. It is about safeguarding
systems and data integrity, confidentiality, and availability from external
threats such as hackers, malware, or viruses. Security measures include
firewalls, antivirus software, encryption, and secure passwords.

Online Privacy, meanwhile, focuses on the individual's control over

their personal information—what data is collected, how it is used, who it
is shared with, and how it is protected from misuse. Privacy deals with
protecting user identities, preferences, browsing habits, and personal
communications from being tracked or exploited without consent.
Privacy laws like GDPR (General Data Protection Regulation) empower
individuals to control their data.

Together, security protects the system from breaches, while privacy

protects the user’s personal data within those systems.
Privacy

Privacy in the digital context means having control over one’s personal
information in online environments. This includes data such as your
location, search history, social media activity, financial information, and
communications.

Privacy protection involves tools like:

• End-to-End Encryption: Ensures only communicating users

can read messages.
• Anonymization: Hiding user identity.
• Privacy Policies & Regulations: Laws such as the GDPR and
India’s Data Protection Bill define how organizations must
handle personal data, requiring consent and transparency.

Maintaining privacy is crucial to avoid unauthorized tracking, data

misuse, identity theft, or targeted advertising.

Threats in the Digital World

The digital world faces many threats, including:

• Malware: Malicious software like viruses, ransomware,

spyware.
• Phishing: Fraudulent attempts to obtain sensitive info by
impersonating trustworthy entities.
• Identity Theft: Stealing personal info to commit fraud.
• Ransomware: Locking victims’ data for ransom.
• Cyberbullying: Harassment via digital platforms.
• Cyberterrorism: Using cyber attacks to cause widespread
harm or panic.
These threats target individuals, businesses, and governments,
demanding constant vigilance, cybersecurity training, and strong
technical defenses.

Data Breaches

A data breach happens when sensitive information (like credit card

numbers, passwords, or health records) is accessed or leaked without
permission.

Common causes:

• Weak passwords
• Phishing scams
• Insider threats (disgruntled employees)
• Software vulnerabilities

Consequences:

• Financial loss
• Damage to reputation
• Legal penalties
• Personal privacy violations

Preventive measures include strong encryption, access controls, regular

audits, and employee training.

Cyber Attacks

Cyber attacks are intentional actions to compromise computer systems

or networks. Types include:

• Phishing: Fake emails to steal data.

 • Ransomware: Demanding ransom to restore access.
• DDoS (Distributed Denial of Service): Flooding servers to
disrupt services.
• Trojan Horses: Malware disguised as legitimate software.
• Man-in-the-Middle (MITM): Intercepting communication
between two parties.

Motivations can range from financial gain to political activism or

espionage.

Absolutely! Let’s break down each topic with detailed explanations,

examples, and impacts, so you understand the full depth of these
concepts.

Malware – Malicious software to disrupt computers

Definition: Malware refers to any software intentionally designed to

cause harm to a computer system, steal data, or spy on users. It can
spread through infected files, websites, or attachments.
Types:

• Virus: Attaches to files and spreads when opened.

• Worm: Spreads itself without user action.
• Trojan: Disguised as a legitimate file but causes harm once
installed.
• Ransomware: Locks files and demands payment for access
(e.g., WannaCry attack in 2017).
• Spyware: Monitors user activity and steals information.
Impact: Malware can slow down computers, steal financial
data, or completely lock you out of your system. It can even be
used by governments or hackers for cyber-espionage.
Hacktivism

Definition: Hacktivism combines "hacking" with "activism." Hackers

use cyberattacks as a form of protest to promote political or social
agendas.
Examples: Defacing government websites, leaking sensitive data, or
launching Distributed Denial of Service (DDoS) attacks to disrupt
services.
Case Study: The group Anonymous has targeted governments and
corporations for issues like internet freedom and human rights
violations.
Impact: Raises awareness but can also cause legal issues and disrupt
public services.

Mobile Devices and Applications and Their Associated Cyber Attacks

Definition: Smartphones, tablets, and apps are vulnerable to cyber

threats due to their widespread use and access to sensitive data.
Types of Attacks:

• Malware in apps: Fake apps that steal data.

• Phishing: Fake messages tricking users into revealing personal
information.
• Man-in-the-middle (MITM) attacks: Intercepting data on
public Wi-Fi.
Example: Fake banking apps that mimic real ones and steal
login credentials.
Impact: Identity theft, financial loss, and invasion of privacy.
Social Engineering

Definition: Social engineering manipulates people into giving up

confidential information by exploiting human emotions like fear,
urgency, or trust.
Methods:

• Phishing emails: Fake emails from "banks" asking for

passwords.
• Pretexting: Pretending to be someone trustworthy (e.g., IT
support).
• Baiting: Leaving infected USB drives for people to plug in.
Impact: People, not technology, become the weak link in
cybersecurity.

Spear Phishing

Definition: A highly targeted phishing attack aimed at a specific person

or organization.
Example: An attacker sends a fake email to a company's HR manager
pretending to be the CEO, asking for employee records.
Impact: More dangerous than regular phishing because it uses detailed
personal info (like your name, role, and company details) to trick you.

Domain Name System (DNS) Attacks

Definition: DNS translates website names into IP addresses. Attacking

DNS can redirect users to malicious websites or disrupt services.
Types:

• DNS Spoofing/Cache Poisoning: Fake DNS info redirects

users.
 • DNS Amplification Attack: Flooding a DNS server to crash it.
Impact: Users think they’re visiting a safe website but are sent
to a malicious one. It can lead to data theft and service
outages.

Router Security

Definition: Routers control network traffic. If not secured, hackers can

access entire networks.
Risks:

• Default passwords (easy to guess).

• Outdated firmware (unpatched vulnerabilities).
• Weak encryption (e.g., using WEP instead of WPA2 or WPA3).
Impact: Attackers can intercept your internet traffic, install
malware, or control your smart devices.

Denial of Service (DoS)

Definition: A cyberattack that floods a server or network with traffic,

making it slow or completely unavailable.
Distributed DoS (DDoS): Multiple systems attack at once.
Example: The 2016 DDoS attack on Dyn servers took down major sites
like Twitter and Netflix.
Impact: Loss of services, reputation damage, and financial loss.
Blockchain

Definition: A decentralized, distributed ledger system that records

transactions securely.
Features:

• Immutable (cannot be altered).

• Transparent (visible to all participants).
• Secure through cryptography.
Applications:
• Cryptocurrencies like Bitcoin.
• Smart contracts (self-executing contracts).
• Supply chain tracking. Impact: Reduces fraud, increases
transparency, but still faces challenges like scalability and
energy consumption.

CSK (Cyber Swachhta Kendra)

Definition: A government initiative in India under CERT-In to promote

cybersecurity hygiene.
Functions:

• Provides free security tools (like antivirus).

• Offers alerts about new cyber threats.
• Spreads awareness about safe online practices.
Impact: Helps individuals and businesses protect themselves
from malware and other cyber threats.
. CyberDost

Definition: An awareness initiative by the Indian Ministry of Home

Affairs to educate citizens about online safety.
Functions:

• Shares tips on social media platforms.

• Informs users about the latest scams and cyber threats.
• Encourages reporting cyber crimes.
Impact: Empowers people to stay vigilant and safe online.

Netiquettes

Definition: A set of rules for proper behavior on the internet.

Examples:

• Be respectful in online conversations.

• Avoid using all caps (which looks like shouting).
• Do not spam.
• Give credit for others’ work.
Impact: Helps maintain a healthy and respectful online
community.

. Ethics in Digital Communication

Definition: Refers to moral principles while communicating digitally—

via emails, social media, or messaging.
Key Principles:

• Honesty (avoiding fake information).

• Privacy (not sharing others' data without permission).
 • Respect (no abusive language or trolling).
Impact: Builds trust, prevents harm, and promotes a safe
digital space.

Ethics in Cyberspace

Definition: Broader than communication ethics, covering all online

behavior.
Includes:

• Following laws (not hacking into systems).

• Respecting intellectual property (not pirating software).
• Protecting privacy and data rights.
Impact: Promotes a safe and ethical digital environment,
discouraging cybercrime and abuse.

Communication

Definition: The exchange of information over digital channels—emails,

chats, video calls, etc.
Effective communication online:

• Be clear and concise.

• Use proper language.
• Be mindful of cultural differences.
• Protect sensitive information.
Impact: Miscommunication can lead to misunderstandings,
while good communication builds relationships and trust.