The evolution from network security to cyber security

By Dr. Rama Abirami Karuppaia

Network Security to Cyber Security

As the digital world expands, so does the risk of cyber threats, making cyber security not just a technical discipline but a frontline defence for businesses and individuals. This field now encompasses various methods and technologies to shield systems and data against cybercriminal activities that are more sophisticated than ever. For today’s network and cybersecurity professionals, staying one step ahead is not just advisable – it is essential.

Cyber security is the process of protecting networks, computers, servers, mobile devices, electronic systems, and data from malicious intrusions. It is often referred to as electronic information security or information technology security.

There are several basic areas into which the phrase ‘cyber security’ can be subdivided and used in various contexts, including business and mobile computing:

  • Network Security: Protecting a computer network against trespassers, be they malicious viruses or intentional attackers, is known as Network Security.
  • Application Security: Application Security aims to protect devices and software against attacks. The data that an application is meant to secure could be accessed through compromise. Effective security starts long before a programme or gadget is put into use, during the design phase.
  • Information Security: Data privacy and integrity are safeguarded during storage and transmission by information security measures.
  • Operational Security: The procedures and choices made for managing and safeguarding digital assets are part of Operational Security. This includes the rights that users have while logging onto a network and the policies that dictate where and how data can be shared or stored.
  • Disaster Recovery and Business Continuity: This pertains to an organisation’s response to an event that results in the loss of operations or data, such as a cyber security incident. Disaster recovery plans specify how the company will reconstruct its data and activities to reach full operational capacity following an incident. Business continuity refers to the strategy that an organisation uses to try to function in the absence of specific resources.
  • End-User Education: This focuses on the most unpredictable aspect of cyber security – human behaviour. Failing to follow recommended security practices can inadvertently introduce a virus into an otherwise secure system. It is crucial to educate users on the importance of actions such as avoiding suspicious email attachments, refraining from inserting unknown USB drives, and learning other essential security practices to ensure the safety of any organisation.

Despite their similarities, the domains of network security and cyber security have distinct goals and approaches. The primary goals of network security are to safeguard data availability, integrity, and secrecy during transmission across or via networks. On the other hand, cyber security is a more comprehensive field that covers safeguarding digital assets against cyber attacks, including networks, systems, apps, and data.

Network security in the early days of the Internet was primarily concerned with making sure that data could flow freely between locations without being intercepted or altered. Network administrators primarily employed antivirus software, firewalls, and intrusion detection systems (IDS) to secure their environments. Premises security – keeping unauthorised users out of the network – was the main priority.

Cyber threats become more sophisticated as technology advances. The diversity and complexity of cyber attacks have significantly increased as a result of the expanding number of Internet-connected devices, the development of cloud computing, and the rising value of digital information. This made a more comprehensive approach to security necessary, which prompted the development of cyber security as a separate field of study.

The growth of cyber threats has also fuelled the necessity for a more comprehensive security strategy. Cyber criminals are much more skilled, employing cutting-edge methods to go beyond established security protocols. As a result, increasingly sophisticated cyber security techniques and technologies have been created and adopted.

Cyber threats refer to malicious activities aimed at compromising the availability, confidentiality, or integrity of data, networks, and information systems. These threats can take various forms and may be executed by hackers, or cyber criminals. These are a few typical categories of online threats:

  • Malware: Malicious software like ransomware, worms, and spyware, designed to disrupt, damage, or gain unauthorised access.
  • Phishing: Fake emails or messages that trick individuals into revealing sensitive data.
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS) Attacks: Overloading systems to make them inaccessible.
  • Man-in-the-Middle (MitM) Attacks: Third party surreptitiously recording and modifying conversations between two parties.
  • SQL Injection: Inserting malicious SQL code into applications, exploiting software vulnerabilities.
  • Zero-Day Exploits: Targeting newly discovered, unpatched security holes.
  • Insider Threats: Risks posed by individuals with inside access to company systems and data.
  • Social Engineering: Coercing others into disclosing private information, frequently through deceit or trickery.

Strong cyber security policies, employee education, frequent security audits, and technology solutions like firewalls, antivirus software, and intrusion detection systems are all necessary to mitigate these dangers.

Malicious Browser Extension

 In this era of digital connectedness, web browsers have become essential tools for daily life, making it simple to access services and information. However, harmful activity targeting unsuspecting users has proliferated in cyberspace as browser extensions and hyperlinks have become increasingly prevalent.

This article examines the subject of harmful detection with an emphasis on browser extensions and links, highlighting the ever-evolving risks that compromise the security and privacy of online interactions.

Behaviour of Malicious Extension

 Depending on the functionality and intended use of the browser extension, several behaviours may be displayed. Typical behaviours consist of the following:

  • Content Modification: Add-ons that alter the content of a webpage are known as content modification. This could mean removing adverts, changing website layouts, or adding new functionality.
  • Data Collectors: Extensions that collect data about user activity, browsing habits, and other private information.
  • Background Activities: Extensions that run background scripts to perform tasks like data synchronisation, update checks, and notification sending.
  • Browser Application Programming Interface (API) Access: Extensions that employ browser APIs to access and change browsing histories, bookmarks, cookies, and other browser functions.
  • Network Requests: Extensions that use network requests to send or retrieve data can interact with remote services or add scripts to webpages.

Malicious Browser Extension Threats

 Malicious browser extensions can pose a major threat to user security and privacy by exploiting specific features. These risks can be divided into the following groups:

  • Phishing Extensions: Direct users to fake websites to steal credentials.
  • Data Harvesting: Collect and transmit sensitive data like browsing history.
  • Adware: Overload pages with ads, often redirecting users to unwanted sites.
  • Browser Hijacking: Change default settings to redirect users to specific search engines or pages.
  • Keylogging: Record keystrokes to capture passwords or sensitive data.

Detection Approaches

The following are the methods used to detect harmful browser extension threats:

  • Static Analysis: The process of searching an extension’s code for known signs of malicious behaviour or potentially dangerous patterns.
  • Dynamic Analysis: This method involves running extensions in a secure environment to observe their behaviour and identify any potentially hazardous activity.
  • Machine Learning Models: Models are trained to find patterns that allow the detection of new threats using datasets of extensions that are known to be both benign and harmful.
  • Behaviour Monitoring: Continuously watching for odd behaviour from extensions, like unexpected network requests, high CPU usage, or unauthorised access to personal data.

 Prevention Approaches

The following are methods for preventing dangers from rogue browser extensions:

  • Permission Management: Ensuring that extensions are granted only the necessary information and functionalities by strictly controlling the rights they are granted.
  • Regular Patching and Updates: Keeping extensions and browsers up to date protects against known vulnerabilities and exploits.
  • Security and Sandboxing Policies: Separating extensions using sandboxing techniques to restrict their access to private information and their ability to influence other parts of the system.
  • Vetting Protocols: Strict vetting protocols, including manual inspections, automated scanning, and frequent re-evaluations, should be used for extensions submitted to authorised retailers.

The diversity and complexity of today’s cyber threats make a comprehensive cybersecurity approach indispensable. With billions of connected devices, the risk landscape is larger than ever, and the consequences of a breach can be severe—from financial losses to reputational damage.

Dr. Rama Abirami Karuppaia, a lecturer in Cybersecurity in the Department of Electrical and Computer Engineering at Curtin University Malaysia, brings over 13 years of expertise in the field. She earned her Doctorate in Computer Science and Engineering from Anna University, Chennai, and has been involved in extensive research in cybersecurity and machine learning. Dr. Rama Abirami completed a Visiting Post-Doctoral Research Fellowship in Cyber Security at the University of Western Santa Catarina, Brazil, in 2024 and is an active IEEE, ISTE, and IAENG member. She has five patent publications and a patent grant, and has published a book titled ‘The Spirit of C Programming’. She has published several research papers in refereed journals and conferences, and is an active reviewer in various Springer and Elsevier journals. For collaboration inquiries, Dr. Rama Abirami can be reached at rama.abirami@curtin.edu.my.