© 2019 ijrar march 2019, volume 6, issue 1 ...ijrar.org/papers/ijrar1aep082.pdf · whatsapp,...

© 2019 IJRAR March 2019, Volume 6, Issue 1 www.ijrar.org (E-ISSN 2348-1269, P- ISSN 2349-5138)

IJRAR1AEP082 International Journal of Research and Analytical Reviews (IJRAR) www.ijrar.org 439

CYBER SECURITIES AND SOCIAL MEDIA

Shivani Maheshvari

Social media plays a big role in our lives today. We live in a time and age where information is just a

button press away. We are swayed by information all around us. We millennials want to know, read,

understand and then speak our minds about it. That is where social media comes into play. Social media is

one of the biggest elements that we live with and cannot ignore it.

Social media is collection of websites, applications and other platforms that enable us to share or create

content and also helps us to participate in social networking. Social media is not limited to blogging and

sharing pictures, there are lots of strong tools that social media provides. It is a blessing that has connected

us to every part of the world, we can meet our loved ones that are far, we can spread awareness through it,

we can send security warnings etc. There is a lot that social media can do. But it is an unarguable fact the

presence of social media has made our lives convenient, easier and much faster. The power of social media

is very high and has its effects on each individual. It is difficult to imagine our lives without social media

today and we do pay a price for excessive use.

Social media allows the social growth of the society and also helps many businesses. It provides tools like

social media marketing that can reach a millions of potential clients. We can easily access information and

get news through social media. Social media is a great tool for creating awareness about any social cause.

Employers can reach out to potential job seekers. It can help many individuals to have social growth and

interaction with the world without having any hitch. Many people use social media to make themselves

heard to the higher authorities. It can also help you meet like-minded people.

Social media has made communication easier than ever before. Now, with a touch of a button people could

communicate with anybody anywhere in the world. Websites such as Facebook makes communication with

others an easy task. Facebook improved communication and even made communication a better experience.

Facebook allow people to share photos, post comments, and view people’s personal information. With almost

500 million users accounts, facebook is considered to be one of the most popular social media websites. Most

of the people use it as a substitute for real life human interaction.

http://www.ijrar.org/



Fig. 1 The graph shows social network users in India in the year 2019.

According to Forbes, there are about 1 billion social media accounts all over the world, these accounts makes

almost all of the countries of the world connected with each other. Today platforms like Facebook, twitter,

LinkedIn etc. are most widely used by teachers, professors and students and they have become quite

popular among them. For a student, social media plays a very important role as it makes it easier for them

to access and share information, get answers and connect with teachers. It is through the platforms of social

media that students and teachers can connect with each other and share content thereby making a good use

of these platforms. Social media comes with a lot of advantages in fact we can owe a substantial part of our

society’s growth to social media. We have witnessed a blast of information and content in last few years

and cannot deny the power of social media in our lives. Social media is widely used to create awareness for

causes that are important for the society. Social media can also help many noble causes run by NGOs and

other social welfare societies.

The popular services are:

Facebook (more than 2 billion users)

WhatsApp, YouTube, and Messenger in Facebook (more than 1 billion users)

QZone, QQ, WeChat, and Instagram (more than 500 million users)

Twitter, Tumblr, Skype, Baidu Tieba, and Sina Weibo (more than 300 million users)

Pinterest, Viber, Line, SnapChat, and Reddit (more than 175 million users).




Fig. 2 The graph shows the most popular social networking sites in the year 2018.

ADVANTAGES OF SOCIAL MEDIA

Social media platforms help its users to connect, share and give information and content to millions of

others. The importance of social media cannot be ignored since it plays a very crucial role in our lives

today.

1. Building a brand: Quality content, products and services are easily accessible online today. You can market

your product online and build a brand.

2. Customer support: Before buying and product or service customers can read the reviews and feedback and

hence make a smart choice.

3. Social media is a great education tool.

4. Through the use of social media platforms you can connect with your target audience.

5. It is also a great way to access quality information.

6. Social media can help you to get the news and happenings in just a click.

7. Social media also helps you connect with friends, relatives and helps you make new friends as well.

8. Social media is widely used to create awareness for causes that are important for the society.




DISADVANTAGES OF SOCIAL MEDIA

Social media is considered as one of the most harmful elements that we have in our lives these days.

Wrong use can lead to bad conclusion. There are many disadvantages of social media like:

1. Cyber bullying: Many children have become the victims of cyber bullying that has caused them a lot of

harm.

2. Hacking: The loss of personal data that can lead to security issues. There are crimes like identity theft and

bank details theft that can harm any individual.

3. Addiction: Prolonged use of social media can lead to addiction in youth. Addiction causes to lose focus of

other important things like studying etc. People get so absorbed that they get cut off from the society and

harm their personal lives.

4. Scams: Many predators are looking for vulnerable users that they can scam and make profit off.

5. Relationship frauds: Honey-traps and MMS porn are the most caused frauds online. People are lured in to

relationships and love schemes and then they are cheated on.

6. Health issues: The excess use of social media can affect your physical and mental health in a big way.

People often complaint of becoming lazy, fat, itchy eyes, loss of vision and stress issues after excessive

use.

7. Loss of social and family life: Everyone busy on phone is one of the most common sites in a family

gathering nowadays.

Social networking websites have become platforms for cybercriminals for cybercrime. Cybercriminals

exploit sensitive and personal information through social engineering and reverse social engineering. It is

usual for the users of social websites to share information; however they lose privacy, while sharing

information with strangers, they can fall in honey trap made by them. Privacy has become an important

concern in online social networking sites. Users are unaware of the privacy risks involved when they share

their sensitive information on the social networking sites. The default settings share everything, users have

to change their default privacy setting options to make their accounts and personal information more

secure. Security attacks continue to be a major concern of all users. How to keep social networking sites

more secure and more private are the challenges that have been concern for every user. It is difficult for

social networking sites and users to make and adjust privacy setting to protect privacy without practical and

effective way to identify measure and evaluate privacy. Maximum numbers of users are not aware of the

security risk associated whenever they share sensitive data on the social sites, so that privacy concern will




be raised among those online communications if their personal data has been shared to other users. The

users should be aware of their privacy quotient and should know where they stand in the privacy measuring

scale. Unfortunately many users are not aware of this and become victim of privacy and identity breach.

Many physiatrists believe that social media is a single most factor causing depression and anxiety in

people. It is also a cause of poor mental growth in children. Increased use of social media can lead to poor

sleeping patterns. There are many other negative effects like cyber bullying, body image issues etc. as well.

There is an increased ‘Fear of Missing out’ (FOMO) at an all-time high in youth because of social media.

According to statistics average number of hours a teenager spends online is 72 hours per week. This is very

high considering that they have to give time to study, physical activities and other beneficial activities like

reading etc. It leaves very less time for other things and hence there are serious issues that arise out of this

like lack of attention span, minimum focus, anxiety and complex issues. We now have more virtual friends

than real ones and we are losing human to human connection day by day.

Fig. 3 The graph shows breakdown of age and gender of Facebook global users in Jan 2018 year.

Because of social media’s widespread popularity, it is often used for nefarious purposes that include cyber

bullying, harassment, or stalking. Teens, for example, often use social media to harass, spread rumors, or

share unflattering or illegal images of certain individuals. In extreme cases, cyber bullying and harassment

have even resulted in victims taking their own lives. Predators may use social media to contact and build a

relationship with children, or individuals may use information that a person has shared on their account to

stalk and even harm them.




Commonly, users make many risks and mistakes when using social networks services such as using

unauthorized programs, misuse of corporate computers, unauthorized network access, misuse of

passwords and transfer sensitive information between their work and personal computers when working at

homes. However, the excessive trust between users of social networks can be used to perpetrate a variety

of attacks and data leakage. Due to the fact that the number of social networks users is increasing day by

day (Ref. Figure 1), the number of attacks carried out by hackers to steal personal information is also

raised. Hacked information can be used for many purposes such as sending unauthorized messages (spam),

stealing money from victim's accounts etc. The purpose of this paper is to study and analyze the current

threats of social network and develop measures to protect the identity in cyberspace i.e., security of

personal information and identity in social networks are studied. The Internet today, unfortunately, offers

to the cybercriminals many chances to hack accounts on social network sites and the number of malicious

programs that target the social websites is very huge.

CYBER THREATS IN SOCIAL NETWORKING WEBSITES

Cyber threat is a malignant and destructive act that tries to access a computer network through a data

communications pathway, without gaining the right authorization or consent from the owners. With the

advent of personal computers, cyber threats also came into the limelight. Cyber threats are often executed

by hackers, trying to achieve unauthorized access to an individual’s personal information for either

financial gain or to perform troublesome and mischievous acts; they hope to access private files by

infiltrating and stealing data. Cyber threats are deceiving and misleading, they hold the potential to spoil

the reputation of a company or an individual, thieve or pirate product designs and patents, manipulate

governmental outcomes and proceedings, control power grids and systems, misuse industrial control

systems, steal from payment systems, exploit civilians’ confidential data and disclose organizations’

classified intellectual property.

Cyber threats move promptly and come in many forms; they function simultaneously in different forms. It

attacks the cyber crime victim in the form of malware, phishing, authentication attacks, data leaks and

breaches, application attacks and ransomware. Cybercrime has increased every year as people try to benefit

from vulnerable business systems. Often, attackers are looking for ransom: 53 percent of cyberattacks

resulted in damages of $500,000 or more.

Cyber threats can also be launched with ulterior motives. Some attackers look to obliterate systems and

data as a form of “hacktivism.”


https://whatis.ciowhitepapersreview.com/definition/hacker/



Common types of cyber attacks

1. Malware

Malware is a term used to describe malicious software, including spyware, ransom ware, viruses, and

worms. Malware breaches a network through vulnerability, typically when a user clicks a dangerous link or

email attachment that then installs risky software. Once inside the system, malware can do the following:

Blocks access to key components of the network (ransom ware)

Installs malware or additional harmful software

Covertly obtains information by transmitting data from the hard drive (spyware)

Disrupts certain components and renders the system inoperable

Malicious software can be described as unwanted software that is installed in your system without one’s

consent. It can attach itself to legitimate code and propagate; it can lurk in useful applications or replicate

itself across the Internet.

2. Malvertising

Malvertising resembles malware a lot. The only difference is that it gets to your computer via an ad. Once a

User clicks on a malicious ad, malware is downloaded to the computer.

3. Phishing

Phishing is a type of cyber attacks that plays with you altruism and naivety. Most commonly you receive

an email from a third party, who asks you to follow the link and enter some personal data. They steal your

personal information and use it in all ways possible. Phishing is the practice of sending fraudulent

communications that appear to come from a reputable source, usually through email. The goal is to steal

sensitive data like credit card and login information or to install malware on the victim’s machine. Phishing

is an increasingly common cyber threat.

3. Man-in-the-middle attack

Man-in-the-middle (MitM) attacks, also known as eavesdropping attacks, occur when attackers insert

themselves into a two-party transaction. Once the attackers interrupt the traffic, they can filter and steal

data. A MitM attack occurs when a hacker inserts itself between the communications of a client and a

server.




Two common points of entry for MitM attacks:

1. On unsecure public Wi-Fi, attackers can insert themselves between a visitor’s device and the network.

Without knowing, the visitor passes all information through the attacker.

2. Once malware has breached a device, an attacker can install software to process all of the victim’s

information.

4. Denial-of-service attack

DoS stands for “denial of service” and the service meant is service to a network. During such attack, too

many requests are sent to the website, so the network is overloaded and can no longer function. Most

common type of DoS attack is DDoS, which stands for distributed denial of service. It uses a number of

hijacked computers to send traffic and in many cases; owners of the computers might even not suspect it.

A denial-of-service (DoS) attack floods systems, servers, or networks with traffic to exhaust resources and

bandwidth. As a result, the system is unable to fulfill legitimate requests. Attackers can also use multiple

compromised devices to launch this attack.

5. SQL injection

A Structured Query Language (SQL) injection occurs when an attacker inserts malicious code into a server

that uses SQL and forces the server to reveal information it normally would not. An attacker could carry

out a SQL injection simply by submitting malicious code into a vulnerable website search box.

SQL injection has become a common issue with database-driven websites. It occurs when a malefactor

executes a SQL query to the database via the input data from the client to server. A successful SQL

injection exploit can read sensitive data from the database, modify (insert, update or delete) database data,

execute administration operations (such as shutdown) on the database, recover the content of a given file,

and, in some cases, issue commands to the operating system.

6. Drive-by attack

Drive-by download attacks are a common method of spreading malware. Hackers look for insecure

websites and plant a malicious script into HTTP or PHP code on one of the pages. This script might install

malware directly onto the computer of someone who visits the site, or it might re-direct the victim to a site

controlled by the hackers. Drive-by downloads can happen when visiting a website or viewing an email

message or a pop-up window. Unlike many other types of cyber security attacks, a drive-by doesn’t rely on

a user to do anything to actively enable the attack — you don’t have to click a download button or open a

malicious email attachment to become infected. A drive-by download can take advantage of an app,




operating system or web browser that contains security flaws due to unsuccessful updates or lack of

updates.

7. Password Attack

Because passwords are the most commonly used mechanism to authenticate users to an information

system, obtaining passwords is a common and effective attack approach. Access to a person’s password

can be obtained by looking around the person’s desk, ‘‘sniffing’’ the connection to the network to acquire

unencrypted passwords, using social engineering, gaining access to a password database or outright

guessing. A password stolen can open for thieves many doors on the Internet. Usually, it is bots that

perform password attack. If they succeed they either enquire some ransom for an account held hostage or

use it for spamming other accounts.

Fig. 4 The graph shows the percentage of victims by cyberattacks.

According to McAfee’s Economic Impact of Cyber Crime (February 2018) cyber criminals adapt at a fast pace.

The scale of malicious activity across the internet is quite astounding. The figures are frightening on a monthly

or yearly scale. Cyber criminals are constantly finding new technologies to target victims. With the introduction

of Bitcoin, payment and transfers to/from cyber criminals is untraceable. By 2020, CSO Online predicts

ransomware attacks will be quadruple. The healthcare industry gets attacked more than most

industries. Phishing emails are particularly common and often where cyber attacks originate from. In the

2017 Official Annual Cybercrime Report, it’s estimated that cyber crime will cost $6 trillion annually by 2021.

In 2015, that figure was $3 trillion. Individual earnings from cyber crime are on an average 10-15% higher


https://www.mcafee.com/content/dam/enterprise/en-us/assets/reports/restricted/economic-impact-cybercrime.pdf

https://www.weststeincard.com/private/blog/avoid-internet-scams/?utm_source=vpngeeks&utm_medium=article&utm_campaign=21-terrifying-cyber-crime-statistics-in-2018

https://www.csoonline.com/article/3237674/ransomware/ransomware-damage-costs-predicted-to-hit-115b-by-2019.html

https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/



than the most traditional crimes. Unfortunately, with technology on the rise, there’s more room for cyber

crime in 2019. According to the Cyber Security Breaches Survey 2018, 43% of businesses were a victim of a

cyber security breach in the last 12 months

Present Trends of Cyber Crime in India

In India, at least one cyber attack was reported every 10 minutes in the year 2017. Cyber crimes cases

registered in the country have grown in the last three years, with the number rising from 9,622 and 11,592

to 12,317 during 2014, 2015 and 2016 respectively. The number of cybercrime cases across India has risen

drastically by more than 44 percent between 2013 and 2017 from about 2,400 to approximately 3,474.

Police responsible for cyber crime in India blame the ease at which online information can be accessed as

well as technological advancement for the drastic rise in the number of cases.

Most of the cybercrimes across India are related to online banking. There were about 2,095 cases of online

banking fraud reported in 2017. Due to the increasing number of cases, policy makers across the country

have emphasized digital security as the key issue with regard to the government's push towards a cashless

economy.

Fig. 5 List of top 20 countries with cyber crime registered.


https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/702074/Cyber_Security_Breaches_Survey_2018_-_Main_Report.pdf

https://www.ey.com/Publication/vwLUAssets/ey-confronting-the-new-age-cybercriminal/$FILE/ey-confronting-the-new-age-cybercriminal.pdf

https://www.ey.com/Publication/vwLUAssets/ey-confronting-the-new-age-cybercriminal/$FILE/ey-confronting-the-new-age-cybercriminal.pdf

https://timesofindia.indiatimes.com/city/gurgaon/cybercrime-up-most-on-e-banking/articleshow/61634852.cms



Fig.6 Number of cyber crime cases in India From the year 2011-2015.

As the technological advancement is growing by leaps and bounds in India, the vulnerabilities associated

with this burgeoning cyberspace is surfacing and its repercussions in the recent times have been witnessed

far and wide. Looking at the levitating statistics of cybercrime incidences in India, it cannot be denied that

the computer technology poses innumerable internal and external threats.

In the case of cyber crime, large numbers of suitable targets may emerge through increasing time spent

online, and the use of online services such as banking, shopping and file sharing making users prone to

phishing attacks or fraud. The major cyber crimes reported in India are denial of web services,

hacking of websites, computer virus and worms, pornography, cyber squatting, cyber stalking and

phishing. India has to go a long way in protecting the vital information.

According to Symantec’s (American Global Computer Security Software Corporation) internet security

threat report (volume 18) on April 29, 2013, India has seen a 280 percent increase in bot infections that

is continuing to spread to a larger number of emerging cities in India. India has the highest ratio in the

world of outgoing spam or junk mail of around 280 million per day worldwide. India's home PC owners

are the most targeted sector of cyber attacks. Maharashtra and Uttar Pradesh are the top two states for cyber

crime.

According to Indian Ministry of Communications & Information Technology, around 78 government

websites were hacked and 16,035 security incidents related to scanning, spam, malware infection, denial of

service and system break-in including that of Government, Defense and public sector undertakings were

reported up to June, 2013. The number of security breach incidents stood at 13,301 in 2011 and 22,060 in

2012.




Because of the above mentioned factors which cause threats, we recommended the following strategies for

circumventing threats associated with social websites:

CYBER SECURITY

In today’s era of Smartphone and computers the internet has changed the idea of communication. Due to

lack of security, various cyber-crimes have emerged in the past decade. Cyber security plays a significant

role in the current development of information technology and services. Cyber security is thus an attempt

by users to keep their personal and professional information intact from the attacks on the internet. The

main function of cyber security is to protect networks, computers, and programs from unauthorized access

and loss. Maximum numbers of users are not aware of the risks and share their information unknowingly

and their lack of knowledge makes them vulnerable to cyber-attacks. So cyber security is the main

concern in today’s world of computing.

CYBER SECURITY IN INDIA

As the internet usage has increased in India, cyber-crimes have also increased respectively. More than

32000 cyber-crimes were reported between 2011 and 2015, across India and more than 24000 of these

cases have been registered under the IT Act and the remaining cases under the different sections of IPC and

other State Level Legislations (SLL). Cyber-crimes are registered under three broad heads in India, the

Indian Penal Code (IPC), the IT Act and other State Level Legislations. The cases registered under

the IT Act include

A. Tampering with computer source documents (Section 65 IT Act)

B. Loss /damage to computer resources (Section 66 (1) IT Act)

C. Attempt Hacking (Section 66 (2) IT Act)

D. Accessing Digital Signature Certificate by misrepresentation of facts (Section 71 IT Act)

E. Publishing false Digital Signature Certificates (Section 73 IT Act)

F. Fraud Digital Signature Certificate (Section 74 IT Act)

G. Breaking of confidentiality or privacy (Section 72 IT Act)

H. Failure to aid in decrypting the information intercepted by Government Agency (Section 69 IT Act)

Cyber-crimes have increased more than 3 times in 5 years. "As per the data maintained by National Crime

Records Bureau (NCRB), a total of 9,622, 11592 and 12,317 cyber crimes cases were registered during the

years 2014, 2015 and 2016, respectively," The cases registered under the IT act increased by more than

350% from 2011 to 2015. The cases registered under the IPC increased by more than 7 times from the time

interval of 2011 and 2015. The government also is taking steps to curb the increase in the number of such




cyber-crimes. Maximum numbers of cases under cyber-crimes were reported in Uttar Pradesh (2,639 cases)

(21.4%) followed by Maharashtra (2,380 cases) (19.3%) and Karnataka (1,101cases) (8.9%) during 2016.

According to CERT-In, 1,44,496 cyber security attacks were observed in the country between 2014 and

2016. According to a report of National Association of Software and Services Companies (NASSCOM)

and Data Security Council of India (DSCI), which was quoted in the parliament, India’s domestic cyber

security market was estimated to be nearly $1.06 billion in 2015. The NASSCOM report predicted that

Indian should aspire to build a cyber-security product and services industry of $35 billion by the year 2025,

and generate a skilled workforce of one million in the security sector, to cater to the rise in global demand.

National Security Policy 2013 was developed to secure and strong the cyberspace for citizens, businesses

and for the government. The policy tries to protect personal information, financial and banking

information. Ministry of Communications and Information Technology (India) is working to create a

secure cyber ecosystem in the country and to protect information in process, handling, storage and transit

so as to shield the privacy of citizen's information and reducing economic losses due to cyber-crime or data

theft.

The Ministry has also defined the strategies of the policy as-

1) To create a safe cyber ecosystem.

2) To create a guaranteed framework.

3) To encourage open standards.

4) To secure e-Governance services.

CONCLUSION

This study highlights the need of improvement of default privacy setting of social media, to prevent cyber-

attacks and disclose of personal information publically. The growing popularity of these sites has become

target for cybercrime and attacks. As per survey report, 92% of users are student, and maximum numbers

of users belong to age group 15 -25years.

It is true that in the coming days you should expect a revolution in the world of social media. Some of the

things to expect are that businesses will be keen to align their strategies in accordance with social media

trends. The other thing that businesses will do is train their call center, staff. That will be in line with

responding to Twitter, WhatsApp, and Messenger questions directly sent from clients. This will ensure

prompt responses and better customer service for enhanced productivity.




Government, print media should educate unwary persons about the dangerous areas of the cyber-world

because prevention is better than cure. Cyber Space Security Management has already become an

important component of National Security Management, Military Security Management, Scientific

Security Management and Intelligence Management all over the world.

Yet India has taken a lot of steps to stop cyber crime but the cyber law cannot afford to be static, it has

to change with the changing time.

Social media has become part of our lives and we need to embrace it. However, it is important to set

boundaries on the extent to which we should allow it to control our lives. Users should be more aware and

more concerned about the security setting of social sites. One must carefully weigh the positives and the

negatives before engaging excessively in social media. If used in the correct way social media can be a

boon for mankind.

REFRENCES

[1] http://www.ic3.gov/ “Internet Crime Report 2015”

[2] Most number of cyber crime reports. Available: https://factly.in/cyber-crimes-in-india-which-state-

tops-the-chart/

[3] National Cyber Security Policy 2013. Available:

https://en.wikipedia.org/wiki/National_Cyber_Security_Policy_2013

[4] Security, Privacy and Trust in Social Networking Sites. Richa Garg, Ravi Shankar Veerubhotla,

Ashutosh Saxena. CSI Communications ISSN 0970-647X|

Volume No. 39| Issue No. 2| May 2015.

[5] Exploiting Vulnerability to secure user Privacy on a social networking site. Pritam Gunecha,

Geoffrey Barbier, Huan Lui. ACM, SIGKDD International

conference on knowledge Discovery and Data Mining, August 2011.

[6] Latest in phishing 2016. Available: https://info.wombatsecurity.com/blog/the-latest-in-phishing-

first-of-2016

[7] Malware statistics. Available: https://www.av-test.org/en/statistics/malware/

[8] Dolvara Gunatilaka “A Survey of Privacy and Security Issues in

SocialNetworks”www.cse.wustl.edu/~jain/cse571-11/ftp/social/index.

[9] “Facebook Privacy Basics”, [Online]. Available: https://www.facebook.com/about/basics.

[10] Crime in India: 2011-Compendium (2012), National Crime Records Bureau, Ministry of Home

Affairs, Government of India,

New Delhi, India.

[11] Cyber Law & Information Technology (2011) by Talwant Singh, Additional District & Sessions

Judge, New Delhi, India.

[12] http://en.wikipedia.org/wiki/Computer_crime

[13] http://www.internetworldstats.com/stats.htm


© 2019 ijrar march 2019, volume 6, issue 1 ...ijrar.org/papers/ijrar1aep082.pdf · whatsapp,...

Documents