Introduction

Cyber Crime encompasses a vast range of illegal activities facilitated through computers and the
internet, posing a significant and evolving threat in our increasingly digital world. From individual
financial loss to compromising corporate security and even threatening national infrastructure, its
impact is pervasive. Understanding the multifaceted nature of cyber crime is essential for developing
effective strategies for prevention, detection, investigation, and prosecution. In India, the
Information Technology Act, 2000 (and its amendments) provides the primary legal framework for
dealing with such offenses. This answer will explore the key dimensions of cyber crime: its
classifications, the methods employed by criminals, the forensic techniques used in investigations,
and the crucial digital security measures for protection, based on the provided structure.

1. Classifications of Cyber Crime

This section categorizes cyber crimes based on the fundamental nature of the illegal act.

 1.1 Computer Crime:

o Definition: This is often used as an umbrella term but specifically refers to illegal acts
where the computer or network is either the target of the crime or the instrument
used to commit it.

 Computer as Target: Crimes targeting the confidentiality, integrity, or

availability of computer systems or data. Examples include unauthorized
access (hacking), malware deployment (viruses, worms), Denial of Service
attacks, and damaging computer hardware or data.

 Computer as Instrument: Using a computer or network to facilitate

traditional crimes or new forms of crime. Examples include fraud, identity
theft, distributing illegal content (child exploitation material, pirated
software), cyberstalking, and coordinating terrorist activities.
o Mechanism: Involves exploiting technical vulnerabilities, manipulating users (social
engineering), or abusing authorized access.

o Impact: Can range from individual data loss and financial harm to corporate
espionage, disruption of critical infrastructure, and threats to national security.

o Example: An attacker exploiting an unpatched vulnerability in a web server (target)

to steal customer databases, which are then sold on the dark web (instrument for
further crime like identity theft).

 1.2 Fraud (Computer Fraud/Internet Fraud):

o Definition: Intentional deception committed using computer systems or the internet

for unlawful gain (usually financial) or to damage another individual or entity.

o Mechanism: Involves misrepresentation, concealment of facts, or breach of trust via

digital means. Common methods include phishing, pharming (redirecting users to
fake websites), advance-fee scams (Nigerian prince scams), online auction fraud,
investment scams (Ponzi schemes advertised online), non-delivery of merchandise,
and business email compromise (BEC).
 o Types:

 Advance-Fee Fraud: Promising a large sum of money in return for a small

upfront payment.

 Online Auction Fraud: Misrepresenting items sold or failing to deliver items

after payment.

 Investment Fraud: Promoting fake or high-risk investment opportunities

online.

 Business Email Compromise (BEC): Impersonating executives or vendors to

trick employees into making unauthorized wire transfers.

o Impact: Significant financial losses for individuals and businesses, loss of trust in
online transactions, reputational damage for affected companies.

o Example: A scammer creates a highly realistic but fake e-commerce website selling
popular electronics at very low prices. They collect payments via credit card but
never ship the goods, harvesting card details in the process.

 1.3 Identity Theft:

o Definition: The unlawful acquisition and use of someone's personal identifying

information (PII) – such as name, date of birth, address, Aadhaar number, PAN card
number, bank account details, credit card numbers, passwords – without their
knowledge or consent, typically to commit fraud or other crimes.

o Mechanism: PII can be stolen through various means: data breaches of companies,
phishing attacks, malware (keyloggers, spyware), dumpster diving (physical trash),
mail theft, shoulder surfing, or social engineering. The stolen identity is then used to
open fraudulent accounts, take out loans, make purchases, file fake tax returns, or
even commit crimes in the victim's name.
o Types: Financial identity theft (accessing funds), criminal identity theft (committing
crimes under victim's name), medical identity theft (obtaining medical services),
child identity theft (using a child's identity).

o Impact: Severe financial hardship for victims, damaged credit scores, legal
complications, emotional distress, significant time and effort required to restore
their identity.
o Example: A criminal obtains a list of names, dates of birth, and Aadhaar numbers
from a data breach. They use this information to apply for multiple credit cards
online in the victims' names, max them out, and disappear, leaving the victims with
the debt and damaged credit history.

 1.4 Intellectual Property (IP) Theft:

o Definition: The unauthorized theft, use, reproduction, distribution, or sale of

intangible assets protected by intellectual property laws, such as copyrights, patents,
trademarks, and trade secrets, often facilitated by digital technology.
 o Mechanism: Includes software piracy (unauthorized copying/distribution), digital
piracy (movies, music, e-books), counterfeiting (creating fake branded goods often
sold online), patent infringement (using patented inventions without permission),
and theft of trade secrets (stealing confidential business information like formulas,
designs, customer lists, source code) often through hacking or insider threats.

o Impact: Financial losses for creators and businesses, stifled innovation, potential job
losses, circulation of potentially substandard counterfeit goods, funding for
organized crime.

o Example: An employee leaving a tech company copies the source code for a
proprietary algorithm onto a USB drive and takes it to a competitor, giving them an
unfair market advantage. Or, distributing cracked versions of expensive software
online for free download.

 1.5 Terrorism (Cyberterrorism):

o Definition: The politically or ideologically motivated use of computers, networks, and

the internet to cause significant disruption, destruction, or fear, comparable to
traditional acts of terrorism. It targets critical infrastructure, government systems, or
civilian populations.

o Mechanism: Can involve hacking into critical systems (power grids, water supplies,
air traffic control, financial markets, military networks) to disrupt or disable them,
using the internet for propaganda and recruitment, coordinating attacks, fundraising,
or spreading disinformation to incite panic or violence.

o Distinction: Often distinguished from general cybercrime by its intent – to cause

widespread fear, coerce governments, or inflict mass casualties/disruption for
political/ideological ends, rather than primarily for financial gain.
o Impact: Potential for catastrophic physical damage, loss of life, economic
destabilization, erosion of public trust in government and technology, widespread
fear.

o Example: A terrorist group successfully hacks into the control systems of a nation's
railway network, causing collisions or widespread shutdowns to create chaos and
demonstrate capability.

 1.6 Other Types:

o Definition: A catch-all for various other cyber offenses not fitting neatly into the
above categories.

o Examples:

 Cyberstalking: Repeated use of electronic communications (email, social

media, messaging apps) to harass, threaten, or intimidate a specific
individual, causing fear or emotional distress.

 Cyberbullying: Using digital platforms to send, post, or share negative,

harmful, false, or mean content about someone else, causing
embarrassment or humiliation. Common among adolescents but can affect
adults too.
  Online Defamation: Spreading false information online that harms
someone's reputation.

 Illegal Online Sales: Selling prohibited items like drugs, weapons, or

endangered species online, often on the dark web.

 Cyber Extortion (excluding Ransomware): Threatening to release sensitive

data, launch a DDoS attack, or cause other harm unless a payment is made.

o Impact: Varies widely depending on the specific offense, from emotional and
psychological harm to reputational damage and physical danger (in stalking cases).

2. Kinds of Cyber Crime (Methods/Techniques)

This section details the specific methods criminals employ.

 2.1 Hacking:

o Definition: The act of identifying and exploiting vulnerabilities in computer systems

or networks to gain unauthorized access (intrusion) or control. While "ethical
hacking" involves finding vulnerabilities with permission to improve security, criminal
hacking aims to steal data, disrupt services, install malware, or use the compromised
system for further attacks.
o Mechanism: Involves various techniques like vulnerability scanning, password
cracking (brute force, dictionary attacks), exploiting software bugs (e.g., SQL
injection, cross-site scripting - XSS), exploiting misconfigurations, network sniffing, or
using social engineering.

o Types: Can be categorized by motive (e.g., black hat - malicious, white hat - ethical,
grey hat - ambiguous) or target (web server hacking, network hacking, email
hacking).

o Impact: Data breaches, system compromise, installation of malware, service

disruption, financial loss, reputational damage.

o Example: An attacker uses an automated tool to scan websites for a known

vulnerability in a popular content management system. Finding a vulnerable site,
they exploit the bug to upload a web shell, gaining control over the server to steal
user data.

 2.2 Phishing:

o Definition: A form of social engineering where attackers impersonate legitimate

individuals or organizations (e.g., banks, tech companies, government agencies,
colleagues) in electronic communications (email, SMS - 'smishing', voice calls -
'vishing', social media messages) to trick recipients into revealing sensitive
information or clicking malicious links/attachments.

o Mechanism: Relies on creating a sense of urgency, fear, or curiosity.

Emails/messages often contain plausible stories (e.g., "unauthorized login detected,"
"account suspension," "tax refund available") and direct users to fake login pages or
 websites designed to harvest credentials, or prompt them to open attachments
containing malware.

o Types:

 Spear Phishing: Targets specific individuals or organizations with

personalized messages.

 Whaling: Spear phishing aimed at high-profile targets like CEOs or senior

executives.

 Smishing: Phishing via SMS text messages.

 Vishing: Phishing via voice calls.

o Impact: Identity theft, financial loss, account compromise, malware infection, data
breaches (if corporate credentials are stolen).

o Example: Receiving an SMS message pretending to be from a popular courier

service, stating a package delivery failed and asking the user to click a link to
reschedule, which leads to a site asking for personal details and a small "redelivery
fee" (capturing card details).

 2.3 Ransomware:

o Definition: A type of malicious software (malware) that prevents users from

accessing their system or personal files (by encrypting them) and demands a ransom
payment in exchange for regaining access (providing the decryption key).

o Mechanism: Typically spreads through malicious email attachments, infected

software downloads, or by exploiting security vulnerabilities. Once executed, it
encrypts files (documents, photos, databases) on the victim's computer and
connected network drives. A ransom note is displayed with instructions on how to
pay (usually in untraceable cryptocurrency like Bitcoin) and a deadline. Some
modern ransomware also involves "double extortion" – stealing sensitive data before
encryption and threatening to leak it publicly if the ransom isn't paid.

o Impact: Significant data loss (if backups aren't available or decryption fails), costly
downtime for businesses, financial loss due to ransom payment (not guaranteed to
work), reputational damage, potential data breach fines if sensitive data is
exfiltrated.
o Example: A hospital's computer systems are infected with ransomware, encrypting
patient records and scheduling systems. Critical operations are disrupted, surgeries
postponed, and the hospital faces a dilemma: pay a large ransom or risk
weeks/months of recovery from backups (if available and intact), potentially
endangering patient care.

 2.4 Malware (Malicious Software):

o Definition: An umbrella term for any software intentionally designed to cause

damage to a computer, server, client, or computer network, disrupt operations, steal
information, or gain unauthorized access.
 o Types:

 Viruses: Attach themselves to legitimate programs/files and spread when the

host file is executed. Require human action to spread.

 Worms: Self-replicating malware that spreads across networks without

human intervention, exploiting vulnerabilities.

 Trojans (Trojan Horses): Disguise themselves as legitimate software but

contain malicious payloads that execute once the software is run.

 Spyware: Secretly monitors user activity (keystrokes, Browse habits,

credentials) and sends the information to attackers.

 Adware: Displays unwanted advertisements, often in pop-ups, and may track

Browse behavior.

 Rootkits: Designed to gain administrative-level control over a system while

hiding their presence.

 Keyloggers: Record keystrokes entered by the user, often to steal passwords

or financial information.

 Bots/Botnets: Compromised computers controlled remotely by an attacker

(bot-herder) to perform malicious tasks like DDoS attacks or sending spam.
o Mechanism: Spreads via email attachments, malicious downloads, infected websites
(drive-by downloads), infected removable media (USB drives), or network
propagation (worms).

o Impact: Data theft, system slowdown or crashes, unauthorized access, financial loss,
identity theft, use of the system in botnets.

o Example: A user downloads a "free screen saver" from an untrusted website. The
program installs a Trojan that includes a keylogger, silently capturing the user's
online banking credentials the next time they log in.

 2.5 Social Engineering:

o Definition: The art of manipulating people psychologically to circumvent security

measures and gain access to systems, data, or physical locations. It exploits human
trust, helpfulness, fear, or curiosity rather than technical vulnerabilities.

o Mechanism: Involves techniques like:

 Pretexting: Creating a fabricated scenario (pretext) to gain trust and obtain

information (e.g., pretending to be IT support needing a password).
 Baiting: Offering something enticing (e.g., a free movie download on a USB
stick left in a public place) to lure victims into executing malware or divulging
information.

 Quid Pro Quo: Offering a small service or benefit in exchange for information
(e.g., offering "help" with a computer problem in exchange for login
credentials).
  Tailgating/Piggybacking: Following an authorized person into a restricted
area without proper credentials.

 Phishing/Vishing/Smishing: As described earlier, these are also forms of

social engineering.

o Impact: Can lead to any type of cyber crime outcome – data breaches, malware
infection, financial fraud, unauthorized access – often serving as the initial entry
point for larger attacks.

o Example: An attacker calls a company's receptionist, pretending to be a senior

executive who urgently needs a file emailed to their "personal account" because
they are locked out of their corporate account. Playing on urgency and authority,
they trick the receptionist into sending sensitive data to an attacker-controlled email
address.

 2.6 Denial of Service (DoS) / Distributed Denial of Service (DDoS):

o Definition: An attack aimed at making a machine or network resource (like a

website, server, or application) unavailable to its intended users by temporarily or
indefinitely disrupting services. A DoS attack originates from a single source, while a
DDoS attack uses multiple compromised systems (a botnet) distributed across the
internet to flood the target with traffic.

o Mechanism: Overwhelms the target's resources (bandwidth, processing power,

memory) with a flood of illegitimate requests or malformed packets.

 Volume-based attacks: Flood the target with massive amounts of traffic (e.g.,
UDP floods, ICMP floods).

 Protocol attacks: Exploit vulnerabilities in network protocols (e.g., SYN

floods, Ping of Death).

 Application layer attacks: Target specific applications or services with

requests that consume resources (e.g., HTTP floods, Slowloris).

o Impact: Website/service unavailability, loss of revenue for online businesses,

disruption of communication or critical services, reputational damage, can be used
as a diversion for other malicious activities.

o Example: A disgruntled gamer rents a botnet to launch a massive DDoS attack

against the servers of an online game they were banned from, making it impossible
for other players to connect and play for several hours.

3. Cyber Forensics

This discipline focuses on the recovery, investigation, examination, and analysis of material found in
digital devices, often in relation to cybercrime or computer crime investigations.

 3.1 Computer Forensics:

 o Definition: The specific branch of digital forensics concerned with identifying,
preserving, collecting, analyzing, and reporting on evidence found on computers
(desktops, laptops) and associated storage media (hard drives, SSDs, external drives).

o Process: Follows a strict methodology:

 Identification: Locating potential sources of digital evidence.

 Preservation: Protecting the integrity of the original evidence (e.g., creating

bit-for-bit forensic images/clones of drives).

 Collection: Documenting and acquiring the evidence using forensically sound

methods.

 Analysis: Examining the collected data (including hidden files, deleted files,
system logs, registry entries, internet history, emails) using specialized
software tools.

 Reporting: Documenting the findings in a clear, concise, and legally

admissible format.

o Techniques: File carving (recovering deleted files), timeline analysis, registry analysis,
log file analysis, keyword searching, steganography detection.

o Application: Used in investigating fraud, IP theft, hacking incidents, employee

misconduct, child exploitation cases, and more.

o Example: After a company suspects an employee of stealing trade secrets, a

computer forensics expert creates a forensic image of the employee's work laptop.
Analysis reveals deleted emails negotiating with a competitor and fragments of
copied design documents hidden in unallocated disk space.

 3.2 Digital Forensics:

o Definition: A broader field than computer forensics, encompassing the forensic

analysis of all types of digital devices and systems that can store electronic data.
o Scope: Includes computer forensics, mobile device forensics (smartphones, tablets),
network forensics (analyzing network traffic logs, firewall logs, intrusion detection
system alerts), cloud forensics (investigating data stored in cloud services), IoT
forensics (smart devices), database forensics, and multimedia forensics (authenticity
of images/videos).

o Process: Similar principles to computer forensics (identification, preservation,

collection, analysis, reporting) but adapted to the specific challenges and
technologies of different device types and environments (e.g., volatile memory
capture for live systems, cloud API interactions, mobile data extraction).

o Application: Investigating virtually any crime where digital devices might hold
evidence, from terrorism and organized crime to corporate espionage and civil
litigation.

o Example: In a kidnapping investigation, digital forensics experts analyze the victim's

and suspect's smartphones (mobile forensics) for location data, call logs, messages,
 and app usage. They also examine CCTV footage (multimedia forensics) and cell
tower logs (network data) to track movements.

 3.3 Challenges in Smart Devices (IoT Forensics):

o Definition: Addresses the difficulties encountered when applying digital forensic

principles to the Internet of Things (IoT) – the vast network of physical devices
embedded with sensors, software, and connectivity (e.g., smartwatches, fitness
trackers, smart home assistants, connected cars, industrial sensors).

o Challenges:

 Diversity: Huge variety of hardware, operating systems, and communication

protocols with little standardization.

 Data Volume & Volatility: IoT devices often generate vast amounts of data,
much of which may be transient or stored temporarily in volatile memory.

 Resource Constraints: Devices often have limited processing power, storage,

and battery life, making traditional forensic imaging difficult or impossible.

 Data Location: Data might be stored on the device, a connected mobile app,
a manufacturer's cloud server, or distributed across all three, complicating
acquisition.

 Encryption & Security: Increasing use of encryption and proprietary data

formats hinders analysis.

 Legal & Privacy Issues: Questions around data ownership, jurisdiction (data
stored in the cloud across borders), and user privacy.

o Example: Investigating a smart speaker suspected of recording conversations

relevant to a crime. Challenges include accessing the encrypted data stored on
Amazon's or Google's servers (requiring legal process), analyzing proprietary audio
formats, and correlating timestamps with device activity logs, which might be
minimal.

 3.4 Social Media Marketing (Misplaced Item):

o Note: As mentioned previously, Social Media Marketing is generally not considered a

core topic within Cyber Forensics itself. However, forensic investigators do frequently
analyze social media data.

o Forensic Relevance: Investigators examine social media profiles, posts, messages,

connections, metadata, and advertising logs as evidence. This can help establish
timelines, relationships, motives, location, and communication related to criminal
activities (e.g., tracking gang activity, identifying individuals involved in riots,
investigating online harassment or fraud promoted via social ads). Social media
marketing platforms and techniques can also be abused by criminals for scams,
spreading disinformation, or targeting victims, making the analysis of these
campaigns relevant in certain investigations.
4. Digital Security (Prevention and Protection)

This section covers the measures, tools, and practices used to protect digital assets.

 4.1 Password Manager:

o Definition: A software application designed to securely store and manage user

credentials (usernames, passwords, and sometimes other sensitive information like
credit card numbers or secure notes) for various online accounts and applications.

o Mechanism: Users create one strong "master password" to unlock the password
manager's encrypted database (vault). The manager can generate highly complex,
unique passwords for each website/service, store them securely, and often
automatically fill login forms in web browsers via extensions. Many also offer
features like password security audits (checking for weak or reused passwords),
breach monitoring (alerting if stored credentials appear in known data breaches),
and secure sharing options.

o Benefits: Eliminates the need to remember multiple complex passwords, prevents

password reuse (a major security risk), encourages the use of strong passwords,
streamlines the login process.

o Examples: Popular password managers include Bitwarden (often recommended for

being open-source), LastPass, 1Password, Dashlane, and KeePass (offline/self-
hosted).

o Importance: A fundamental tool for personal and corporate digital hygiene.

 4.2 Windows Firewall with Advanced Security:

o Definition: An integrated, host-based, stateful firewall component of Microsoft

Windows operating systems. It monitors and filters incoming and outgoing network
traffic based on a defined set of rules, providing a critical layer of defense against
unauthorized network access and certain types of malware.

o Mechanism: Operates at the network stack level, inspecting data packets based on
rules that specify criteria like IP addresses, protocols (TCP, UDP, ICMP), port numbers,
and application programs. "Stateful" means it tracks the state of active network
connections, allowing expected return traffic while blocking unsolicited incoming
connections. The "Advanced Security" interface allows granular configuration of
inbound, outbound, and connection security rules.
o Features: Profile-based rules (Domain, Private, Public networks), support for IPsec
(see below), detailed logging, integration with Windows security ecosystem.
o Importance: Provides essential protection, especially against network worms and
direct connection attempts from attackers scanning the internet. Needs proper
configuration for optimal effectiveness.

o Example: Configuring the firewall to block all incoming traffic on the Remote
Desktop Protocol (RDP) port from the public internet, allowing it only from specific
trusted IP addresses within the company network, significantly reduces the risk of
brute-force RDP attacks.
 4.3 Connection Security Rules (IPsec):

o Definition: Specific rules, often configured within advanced firewalls (like Windows
Firewall with Advanced Security) or dedicated network devices, that enforce secure
communication channels using the Internet Protocol Security (IPsec) suite of
protocols. IPsec provides authentication, integrity, and confidentiality for IP
communications.

o Mechanism: IPsec operates at the network layer (Layer 3). Connection Security Rules
define when and how IPsec should be used between two endpoints (computers,
servers, networks). They specify requirements like:
 Authentication: Verifying the identity of the communicating parties (using
certificates or pre-shared keys).

 Data Integrity: Ensuring data hasn't been tampered with in transit (using
hashing algorithms).

 Data Confidentiality (Encryption): Encrypting the data payload to prevent

eavesdropping (using encryption algorithms like AES).

o Application: Commonly used to create Virtual Private Networks (VPNs) for secure
remote access or site-to-site connections, secure server-to-server communication
within a domain (e.g., protecting domain controller traffic), or isolate sensitive
systems by requiring authenticated and encrypted connections.

o Example: Implementing Connection Security Rules on Windows servers within a

corporate network to require that all communication between domain controllers
and member servers must be authenticated and encrypted using IPsec, protecting
sensitive Active Directory replication traffic from sniffing or tampering within the
internal network.

 4.4 Safe Internet Browse:

o Definition: A set of practices and precautions users should take while navigating the
World Wide Web to protect themselves from various online threats like malware,
phishing, scams, and privacy violations.

o Practices:

 Verify HTTPS: Ensure websites handling sensitive data use HTTPS (padlock
icon in address bar), encrypting data between browser and server.

 Beware of Links/Downloads: Avoid clicking suspicious links or downloading

attachments from unknown/untrusted sources (emails, pop-ups, social
media). Hover over links to preview the actual URL.

 Keep Software Updated: Regularly update web browsers, operating systems,

and browser plugins (like Java, Flash - though Flash is largely deprecated) to
patch known security vulnerabilities.

 Use Security Software: Maintain up-to-date antivirus/anti-malware software

and a firewall.
  Be Skeptical: Critically evaluate online offers, news, and requests for
information. If it seems too good to be true, it probably is.

 Manage Cookies & Privacy Settings: Understand and configure browser

privacy settings, clear cookies/cache periodically, consider using privacy-
focused browsers or extensions (e.g., tracker blockers, ad blockers like
uBlock Origin).

 Avoid Unsecured Wi-Fi: Refrain from conducting sensitive transactions

(banking, shopping) on public, unsecured Wi-Fi networks. Use a VPN if
necessary.
o Importance: Forms the first line of defense for users against many common web-
based attacks.

o Example: Before entering login details on a bank's website, a user checks that the
address starts with "https://" and the domain name is correct, ignoring a pop-up ad
warning them their computer is infected and urging them to download a "cleaner"
tool (which is likely malware).

 4.5 Buying Online Safely:

o Definition: Specific precautions and practices focused on ensuring security and

avoiding scams when making purchases over the internet.

o Practices:

 Shop on Reputable Sites: Stick to well-known, trusted online retailers or

brands. Research unfamiliar sites before buying (check reviews, contact
information, physical address).

 Look for Secure Connections: Always ensure the payment page uses HTTPS.

 Use Secure Payment Methods: Credit cards generally offer better fraud
protection than debit cards (liability limits). Payment services like PayPal add
another layer of security by not exposing card details directly to the
merchant. Avoid wire transfers or direct bank transfers for unknown sellers.

 Strong Passwords for Accounts: Use strong, unique passwords for shopping
accounts.

 Monitor Statements: Regularly check bank and credit card statements for
unauthorized transactions.

 Beware of Phishing Scams: Be cautious of emails or messages about order

problems or special deals asking for login or payment details. Go directly to
the merchant's website instead of clicking links.

 Read Privacy Policies & Return Policies: Understand how your data will be
used and what the return/refund process is.

 Secure Your Device: Ensure the device used for shopping is protected with
security software.
 o Importance: Protects financial information, prevents fraud, ensures legitimate
transactions.

o Example: A user wants to buy a popular smartphone. They compare prices on the
official manufacturer site, major electronics retailers (like Croma, Reliance Digital
online), and large marketplaces (Amazon, Flipkart). They avoid clicking on social
media ads offering the phone at an unbelievably low price from an unknown
website, opting to purchase from a well-established retailer using a credit card
through the secure checkout page (HTTPS).

 4.6 Wireless Security:

o Definition: Measures taken to secure wireless networks (primarily Wi-Fi networks)
from unauthorized access, eavesdropping, and other attacks.

o Mechanism & Practices:

 Strong Encryption: Use WPA3 (Wi-Fi Protected Access 3) if available, or at

least WPA2 with AES encryption. Avoid outdated and insecure protocols like
WEP and WPA (TKIP).

 Strong Network Password (Pre-Shared Key): Set a long, complex, unique

password for accessing the Wi-Fi network. Avoid default or easily guessable
passwords.

 Change Default Router Credentials: Change the default administrator

username and password for the router's configuration interface. Default
credentials are often publicly known.

 Disable WPS (Wi-Fi Protected Setup): While convenient, WPS (especially the
PIN method) has known vulnerabilities and should generally be disabled.

 Network Name (SSID): Change the default SSID to something unique (though
hiding the SSID offers minimal security benefits against determined
attackers).

 Enable Router Firewall: Ensure the router's built-in firewall is enabled.

 Keep Router Firmware Updated: Regularly check for and install firmware
updates from the manufacturer to patch security vulnerabilities.

 Guest Network: If the router supports it, set up a separate guest network for
visitors, isolating them from your main network and devices.

 MAC Address Filtering (Limited Security): Can restrict access to only devices
with specific MAC addresses, but MAC addresses can be spoofed, so this is
not a primary security measure.

o Importance: Prevents unauthorized users from accessing your internet connection,

potentially accessing shared files on your network, launching attacks from your
network, or eavesdropping on unencrypted traffic.

o Example: When setting up a new home Wi-Fi router, the user immediately logs into
the router's admin panel, changes the default admin password, sets the wireless
security mode to WPA2/WPA3-Personal (AES), creates a strong, long passphrase for
the Wi-Fi network, and changes the default network name (SSID).