Page 137 - DCAP306_DCAP511_E-COMMERCE_AND_E-BUSINESS
P. 137
E-Commerce and E-Business
Methods of Attacks
The most popular weapon in cyber terrorism is the use of computer viruses and worms. The attacks on
the computer infrastructure can be classified into three different categories:
1. Physical Attack: In this type, the computer infrastructure is damaged by using conventional
methods like bombs, fire, and so on.
2. Syntactic Attack: In this type of attack, computer viruses and Trojans are used to modify the logic
of the system in order to introduce delay or make the system unpredictable.
3. Semantic Attack: In this type of attack, the information keyed in the system during entering and
exiting the system is modified without the user’s knowledge in order to induce errors.
The use of computers, Internet, and information gateways to support the traditional
forms of terrorism like suicide bombings is also a form of cyber terrorism. Most
common usage of the Internet is designing and uploading Web sites through which
false information is propagated. This can be considered as using technology for
psychological warfare.
Did you know? Attackers use JavaScript, Perl, PHP, and many other scripts to redirect the user to a site
that is similar in appearance to the original Web site. The script requests the user to
enter authentication information, credit card number or social security number and
from the entered information the attacker can steal the user’s money.
Cyber Security Initiatives in India
National Informatics Centre (NIC): NIC is a premier organization which provides network backbone
and e-governance support to the Central Government, State Governments, Union Territories, Districts,
and other Governments bodies. NIC helps in the improvement of government services, provides wider
transparency in government functions and facilitates improvements in decentralized planning and
management. The cyber security group in NIC is responsible for providing cyber security to
Information and Communications Technology (ICT) infrastructure created for e-governance.
Indian Computer Emergency Response Team (CERT-In): CERT-In is the most important constituent of
India's cyber community. It aims to ensure the security of cyber space in the country by enhancing the
security communications and the information infrastructure through proactive actions and effective
collaboration. They aim at providing security incident prevention and response, and security assurance.
National Information Security Assurance Program (NISAP): This program is for the Government and
critical infrastructures. The highlights of this program are:
1. Government and critical infrastructures should have a security policy and create a point of
contact.
2. It is mandatory for organizations to implement security control and report any security incident to
CERT-In.
3. CERT-In will create a panel of auditors for IT security. All organizations need to have a third party
audit from this panel once a year.
4. All organizations have to report about the security compliance on a periodic basis to CERT-In.
130 LOVELY PROFESSIONAL UNIVERSITY
