Analysis of Cyber Security Awareness on Campus

A Report
On
ANALYSIS OF CYBER SECURITY AWARENESS
ON CAMPUS

Prepared for
Prof. Sangeeta Sharma
Instructor, Technical Report Writing

By

Sonali Agrawal 2018B2PS0934P

Harmanjot Kaur 2018B1PS0779P
Garvit Sadhwani 2018B5PS0329P
Pratyush Udhani 2018B4PS0518P
Sanghati Roy 2018ABPS0472P

Birla Institute Of Technology And Science, Pilani

April 16, 2019

Technical Report Writing (BITS F112)

i
Analysis of Cyber Security Awareness on Campus

Assignment 2 Declaration
II Sem 2018-2019

This is to certify that, we, the following undersigned (Name and BITS ID Number) have worked
uniformly on the report attached herewith. Also, we assure that the report is original, with proper
citations wherever required, and the entire group is responsible for any kind of plagiarism
whatsoever.

Section Number: S5 Instructor's Name: Prof Sangeeta Sharma

Group Number: Total Number of Members: 5

ID Name Signature

1. 2018B1PS0779P Harmanjot Kaur

2. 2018B2PS0934P Sonali Agrawal
3. 2018B5PS0329P Garvit Sadhwani
4. 2018ABPS0472P Sanghati Roy
5. 2018B4PS0518P Pratyush Udhani

ii
Analysis of Cyber Security Awareness on Campus

ACKNOWLEDGEMENT

We would like to express our deep sense of gratitude to Prof A.K. Sarkar, the Director of Birla
Institute of Technology and Science, Pilani, who gave us the opportunity to draft a report on
Cyber Security Awareness on Campus.
We would also like to express our sincere gratitude to our instructor, Professor Sangeeta Sharma,
and our instructor-in-charge, Dr. Devika, for providing us their key guidance, suggestions and
keeping us motivated during this period.
We are also thankful to our Librarian, Dr. Giridhar Kunkur, for providing us the necessary
resources to complete the report on time.
Special thanks to the collective efforts of the students of BITS Pilani, who helped us by filling
out our survey.

iii
Analysis of Cyber Security Awareness on Campus

ABSTRACT

The proportion of cyber security is directly comparable to the increase in tools of communication
and information technology in our day to day life. This report entails a close examination of the
awareness of cyber security amongst the students of BITS. Internet, computers, smartphones,
whatsapp, facebook, email, all modes of digital transactions and e-governance are subject to
threats of misuse and hacking and therefore the need for cyber security arises. The study would
provide a comprehensive knowledge of the domains of cyber threats and the needful ways for
their security on campus.

iv
Analysis of Cyber Security Awareness on Campus

TABLE OF CONTENTS

Declaration ii
Acknowledgements iii
Abstract iv
1.Introduction 1
2. Importance of cybersecurity among Bitsians 2
2.1 Understanding the role of cybersecurity 2
2.2 Three principles of cybersecurity 2
2.3 Importance of cybersecurity for BITSians 3
3. Forms of cyber threats 4
3.1 Campus thefts and Scams 4
3.1.1 Using unknown infected device 4
3.1.2 Security of mobile phones and laptops on campus 5
3.2 Password weaknesses 5
3.2.1 Strength of passwords 5
3.2.2 Redundancy of passwords 6
3.2.3 Wrong storage methods of passwords 6
3.2.4 Updating old passwords 6
3.3 Vulnerability of Computers and Mobile phones 7
3.3.1 Visiting torrent websites 7
3.3.2 Formatting old devices before selling 7
3.4 Social media dangers 7
3.4.1 Effects on mental health 7
3.4.2 Privacy Issues 7
3.5 Phishing attacks 7
3.6 Sharing personal data on unsafe websites 8
4. Level of cybercrime awareness in BITSians 9
4.1 Using suitable anti-virus 10
4.2 Update the softwares 10
4.3 Payment Methods 11
5. Conclusions 12
6. Recommendations 13
Appendix 14
Bibliography 18

v
Analysis of Cyber Security Awareness on Campus

1. INTRODUCTION

Cyber security refers to the body of technologies, processes, and practices designed to protect
networks, devices, programs, and data from attack, damage, or unauthorized access. It has been
prevalent since the early 1970s.
One of the most problematic elements of cybersecurity is the constantly evolving nature of
security risks. The traditional approach has been to focus resources on crucial system
components and protect against the biggest known threats, which meant leaving components
undefended and not protecting systems against less dangerous risks.
The purpose of this report is to analyze the extent of awareness of cyber security among the
bitsians and how it's negligence affects their day to day lives. It also provides us with a set data
regarding a particular demographic of people. This helps us see, how, with the changing times,
people have evolved with technology and learnt to protect themselves against it.
This has been done by information collected from an online survey circulated to all students
via email as well as data collected online showcasing the charts and trends followed in the
incorporation of cyber security among the youth. This has helped us analyze the current scenario
and draw results from the same. We have also taken express permission from the Technical
Report Writing department of BITS Pilani, Pilani Campus.
Analysis of the modes of protection undertaken by the students and the amount of data they
reveal on the internet helps us to generalize where students make an error while going about their
regular surfing. Whichever browsers they use on multiple devices, the kind of antivirus they
prefer, their regularity in changing passwords and updating their operating systems, help
understand everything in detail.
The survey has been answered by students having varying levels of experience regarding
cyber security; ranging from two years, which is the least, to the experienced ones having around
six or more years of exposure to the internet. This helps us normalize our data set and help
provide unbiased results.
Since today's students are the future of tomorrow, observing the various data that we have
collected, we can extrapolate and make educated guesses about how the next generation will
react to cyber crime. This will help strengthen our current policies and/or implement new ones.
The report offers a solid and detailed conclusion as to what kinds of cyber crimes exist, the
multifaceted aspect of it, how it can potentially harm students and put huge amounts of data at
risk. The report also outlines how the students have been taking precautionary measures against
the existing cyber crimes and how we can potentially help them to battle cyber crime more
effectively, so that students have a hassle free lives.

1
Analysis of Cyber Security Awareness on Campus

2. Importance of cybersecurity among Bitsians

With the growing advent of science and technology cyber security have become an indispensable
part of our lives. And having an understanding about its impact on BITSians is very significant.
2.1 Understanding the Role of Cyber Security
Anything that relies on the internet for communication, or is connected to a computer or
other smart device, can be affected by a breach in security. This includes:
• Communication systems, like email, phones and text messages.
• Transportation systems, including traffic control, car engines, airplane navigation
systems.
• Government databases, including Social Security numbers, licenses, tax records.
• Financial systems, including bank accounts, loans and paychecks.
• Medical systems, including equipment and medical records.
• Educational systems, including grades, report cards and research information.
Protecting your data and systems is important within any organisation, and the same rules
apply to the education system – if not more so, due to the sensitive nature of the data
held.
2.2.Three Principles of Cyber Security
There are at least three main principles behind cyber security: confidentiality, integrity
and availability.
2.2.1 Confidentiality involves any information that is sensitive and should only
be shared with a limited number of people. If your credit card information, for
example, was shared with a few criminals, your credit rating and your reputation
could suffer very quickly.
2.2.2 Integrity involves keeping information from being altered. When malware
hits a hospital’s computer systems, it can scramble patient records, lab results and
can prevent staff from accessing a patient’s allergy or drug information.
2.2.3 Availability involves ensuring those who rely on accurate information are
able to access it. Availability is often related to integrity, but can also involve
things like a cyber attack preventing people from accessing specific computers, or
from accessing the internet.

2
Analysis of Cyber Security Awareness on Campus

F
i
g
u
r
e

1
:

L
e
v
e
l

o
f

e
xperience of cyber crime (1- no experience, 2- moderately affected, 3- severely
attacked)

Our collected shows that about 76.2% of the students are moderately attacked and
10.6% of the students are severely attacked by cyber crime. It shows that there is an
urgent need for making people realise the importance of cyber security.
2.3. Importance of cyber security for BITSians
Students use online platforms for almost everything now, they unknowingly share their
lot of private data which can lead to hacking and cyber threats.
2.3.1 Lots of Sensitive information
The faculty members and students both have lots of information like exam
records, sensitive data and much more private information to be secured. If this
information is compromised due to an infection or lost, it can have a massive
impact on both the reputation of BITS and the education of the students.

3
Analysis of Cyber Security Awareness on Campus

3. Forms of cyber threats

Cyber crime can be done in many ways. Let us discuss how BITSians are getting affected by
various types of cyber crimes.

3.1 Campus thefts and Scams

We can never say we are protected anywhere. The dangers surround us everywhere even
when we are in BITS campus. There may not be any physical threats but the network and
devices are enough to threaten us.

3.1.1 Using unknown infected device

It is a common practice among students to use each others USB sticks without
having any prior knowledge of the device. The consequence can be as soon as you
plug in some random device on your system it can inject certain keystrokes in
your system that will eventually give a hacker remote access to his computer. It
can install malware such as backdoor Trojans, information stealers and much
more. It can install browser hijackers that will redirect you to the hacker’s website
of choice, which could host more malware, or inject adware, spyware or greyware
onto your computer. According to our survey, approximately 77% of the students
do this without paying any attention to the threats it can impose.

Figure 2: Connecting unknown devices with personal devices

4
Analysis of Cyber Security Awareness on Campus

3.1.2 Security of Mobile phones and Laptops on Campus

It includes leaving your personal devices unprotected in public places or
otherwise. It takes seconds for thieves to grab a mobile off a table or a laptop
from a library desk. This can become a serious issue when your data and private
information get stolen. Survey regarding the same shows that it is not at all
prevalent in BITS Campus. About 89% students leave their devices in public
places on campus without any fear.

Figure 3: Notions regarding different aspects

3.2 Passwords Weaknesses

Passwords are a fact of life in today’s online world. Students use them for everything
from sending emails and online banking to even registering for an online course.
3.2.1 Strength of passwords
Easy passwords made it easy for the hackers to breach your security. According to
our survey, 67.2% students keep easy passwords which are easy for them to
remember. In fact, experts recommend that your password for financial and
sensitive sites be at least 12 digits, with a mixture of capital & lowercase letters,
numbers, and symbols.

5
Analysis of Cyber Security Awareness on Campus

3.2.2 Redundancy of passwords

It is a very important thing to use different passwords on different websites. If a
hacker was able to access your account details on a digital realm, he will be able
to access all of your private information on all the websites. We found this very
common BITS students.Almost everyone keep same passwords everywhere
3.2.3 Wrong storage methods of passwords
We all have done this once or twice in our lifetime. Contacts are completely
unprotected.They are synced between our digital devices. It is an easy source to
steal our information.But according to survey, most of the students are aware of
not storing their sensitive information in contacts list. About 85.5% of the
students responded positively on this.
3.2.4 Updating old passwords
Stats show that most of the students change their passwords only when they forget
their last passwords. This is highly insecure as when you do not forget your
password for a long time, there are high chances of them being vulnerable.

Figure 4: Statistics for faults with passwords

6
Analysis of Cyber Security Awareness on Campus

3.3 Vulnerability of Computers and Mobiles phones:

3.3.1 Visiting Torrent websites
For the student who loves and music and movies, it is a very common way of
injecting malware in a device while using torrent websites. This can even infect
the whole university system which can cause a lot of trouble. Our survey shows
that because of the free resources available about 77% students regularly use
torrent websites.
3.3.2 Formatting old devices before selling
Most of the students believe that resetting the device will erase their data but this
is not the case every time. There exists many of the softwares which can restore
our data back. It is observed from our survey that about 67% of the students are
not aware of this.
3.4 Social Media Dangers
With so many computer applications out there and data available at the touch of a
screen, people may not realise all the potential dangers of social media, they
face. People nowadays, have documented their whole lives online. The
ramifications of this can be far-reaching, which is why it's good to educate
yourself and set some guidelines.
3.4.1 Privacy Issues
Another way of being a victim of privacy invasion can be performing actions like
opening unknown links, performing online transactions, downloading stuff with
unknown clients can also lead to information leak or virus installation on the
system. Hackers might access their personal files or even the information that
they have stored on their systems. The issue with this is that this sensitive data
might be leaked. This data might be accessed by hackers and if they get to know
your card details, you may face some financial problems. Or if they get to know
your passwords, they might access your social media and use it to blackmail you
or falsify your image.
3.5 Phishing attacks
Phishing is a type of social engineering attack often used to steal user’s data, including
login credentials and credit card numbers. It occurs when an attacker, imposing as a
trusted entity, tricks a victim into opening an email, an instant message, or a text
message. The recipient then clicks a malicious link, which can lead to the installation of
malware or the revealing of sensitive information. An attack can have devastating results.
For individuals, this includes unauthorized purchases, stealing of funds, or identify theft.
An organization succumbing to such an attack faces severe financial losses, in addition to
decreased reputation and consumer trust. Depending on scope, a phishing attempt might

7
Analysis of Cyber Security Awareness on Campus

escalate into a security incident. Some people might fall for such an attack unknowingly.
They might submit sensitive information to a malicious organization via spam emails, or
might fall for clickbait on some websites and end up downloading an unwanted browser
plugin or worse, a virus. About 27% people on campus don’t know what phishing is and
are susceptible to falling for such attack attempts. The most common way is opening
unknown links received via text or some other medium. 47% people have agreed that
they open unknown links they receive. A fraud organization might steal an individual’s
data via the credentials they provide them, or they might misuse their card details. This
generally happens with non- trustworthy organizations. If someone tends to open
unknown links on social media, perform online transactions or download stuff on
unknown websites, they make themselves vulnerable to phishing attacks. They might end
up installing a virus or a worm on their personal computers. Or a hacker might gain
access to their computers. According to the survey, most people download documents
from unknown websites through which their systems can easily get affected.

Figure 5: Unsafe actions performed by people on campus on unknown platforms

3.6 Sharing personal data on unsafe websites

Sharing information like medical history, home addresses, phone numbers and bank
details may lead to cyber threats. If a virus penetrates the system then this information is

8
Analysis of Cyber Security Awareness on Campus

at risk, and could be encrypted, stolen or sold and used by the criminals. Unsafe websites
include sites that are designed to abuse, exploit or bully the students that have an access
to them or the website itself is infected with a virus that can infiltrate your systems once
entered. It’s important to be aware of the security you have in place to avoid harmful
sites. If people are not aware of the cyber threats, they tend to submit their sensitive
information like card details or password to non- trustworthy platforms. From our survey
it can be conveyed that people give away their email-IDs most easily to more or less
every website. This can be harmful because it makes an individual a member of
spamming list. People open their emails frequently and may fall for a spam email and end
up corrupting their systems.

Figure 6: Details submitted by people on campus to websites

4. Level of cybercrime awareness in BITSians

It is very necessary to be alert and pay proper attention while using online sites. According to our
survey, the following measures are taken by BITSians to be aware of such threats.

9
Analysis of Cyber Security Awareness on Campus

4.1. Using suitable anti-virus

Using a suitable antivirus is the first step taken by them to save their data and devices
from malicious malware. Only 12.2% of the BITSians think that using an antivirus is not
useful. Right now there are numerous antivirus softwares available in the market. The
following are the results of the survey showing different brands of antiviruses used by
the students. Survey shows that majority, 34.7% of BITSians prefer McAfee antivirus for
protection of their data.

Figure 7: Use of Antivirus

4.2 Update of softwares

Updating to the latest software is beneficial in a lot of ways in utility and security both.
Minor bugs in a software can corrupt it and hence it is quite necessary to get rid of them.
All the operating systems and anti-viruses make sure of removing these harmful elements
in their new patches. Survey shows the trends of students and their preference in updating
the software.

10
Analysis of Cyber Security Awareness on Campus

Figure 8: Statistics of regularity in updation

4.3 Payment methods

With the exponential increase in the online market, the payment methods have also
evolved. There are a lot of payment methods available right now, for example
netbanking, e-wallets, credit/debit cards etc. The question that arises is that is it safe to
link your bank account to one of these internet based methods which can be hacked or
hijacked. Survey shows that 69.4% of bitsians prefer using cash on delivery which
implies that they feel safer making transactions with something physical as money.
inferred that around 37% people save their passwords and/or card details on their web
browsers.

Figure 9 : Preferred payment methods of people on campus for e-commerce

11
Analysis of Cyber Security Awareness on Campus

CONCLUSIONS

Cyber security is catching attention towards itself at a very high rate as almost everyone has an
access to internet today. In the present report, the following conclusions have been drawn by the
responses of the students who filled the survey.
● Majority of the surveyed students are using the internet. Almost 65% students are using it
for more than 6 years now.
● 77 % of the students are randomly connecting unknown devices to their personal devices
which leads to hacking of the personal device.
● Nearly 85% students prefer using smart phone to PC.
● It is very important for BITSians to be alert against cyber crime. The various tools they
use for communication, information and entertainment, all is somewhere or the other
linked to cyber security. BITS Pilani being an educational institution, requires a high
security of the personal data of students and faculty members, so that it is not being
misused.
● Cyber security also provides a promising career as skilled manpower will be the need of
the future.
● There are high chances of the devices getting stolen, if left by mistake and the personal
data and private information being misused. Although the same is not pervasive inside
the campus.
● The use of easy and same passwords of various sites increases the risk of hacking. The
main reason behind it is that they forget their passwords.
● Students frequently visit torrent sites which injects malware in their devices and it is a
great threat to the university network as well.
● 67% of the students are unaware of the fact that resetting their old devices before selling
does not permanently delete their data, but can be restored.
● At times, social media causes high level of depression and anxiety.
● According to our survey, 35% of the students save their passwords and card details on
web browsers. This may lead to the leakage of the private data and hence, privacy issues
arise.
● Around 27% students on campus have no idea about phishing. 47% of the students open
unknown links sent to them, this leads to the data being stolen by fraud organizations.

So, there are lots of pros and cons attached with cyberspace. Our journey into cyberspace opens
the gate of entertainment, sharing information, easily getting things done from home and
refreshing our mind. But, with all this also comes responsibility and proper management while
surfing the web.

12
Analysis of Cyber Security Awareness on Campus

RECOMMENDATIONS

There are many students who are unaware of cybercrime and hence, the need for cyber security
arises. BITSians have to go by the dictum “Prevention is better than cure” so far cyber security is
concerned. Based on the aforementioned analysis, here are some recommendations for the
BITSians which they should follow.

● In our survey, we found students connecting their devices randomly to any device. So,
the students should not connect any random device to their personal devices, this prevents
the leakage of their personal data. Also, they should not leave their devices anywhere and
keep them safe.
● Students should not share their personal details like name, home address, mobile number,
institute name in any unauthorized site. They should avoid chatting with unknown people
in social networking sites. They should not share their photographs to anyone and avoid
responding to such things.
● There should always be a backup of files and data to avoid data loss during virus
injection.
● A prestigious institution like BITS Pilani should develop access control system using
firewalls to secure communication between internal and external network.
● Students should have the latest version of antivirus software and keep updating it from
time to time.
● As per our analysis, many students share their cards details on online platforms. They
should never share their credit card details with others.
● Students should avoid visiting torrent sites.
● They should keep their passwords strong, difficult and different for various sites. Also,
repetitive passwords should be avoided. And they should keep them changing from time
to time.
● Students should be alert and cautious, if they wish to meet an online introduced person.
They should meet in a public place along with a friend and keep a record of the whole
conversation for future purpose.
● They should not get into heated arguments with anyone. In case of threats, take the help
of police.
● Students should avoid opening unknown links to prevent phishing.
● Students union should organize awareness camps and talks regarding cyber threats, and
its security to keep BITSians awake and alert.

13
Analysis of Cyber Security Awareness on Campus
Analysis of Cyber Security Awareness on Campus

APPENDIX

QUESTIONNAIRE

The purpose of this questionnaire is to analyse the awareness of cyber security among
people on campus.

1. What is your year of study? *

o 1st Year
o 2nd Year
o 3rd Year
o 4th Year
o 5th Year
2. Have you ever been a victim of cybercrime ?*
o Yes
o No
3. If yes, rate the level of cybercrime you have been exposed to on a level of 1 to
3.
Mark only one box per row: Not much affected Moderately affected Severely
affected Choose � �
�

4. What do you feel about the following inside the campus? Mark the ones you
agree to. * Check all that apply.
o Enough safety of mobile phones
o Enough safety of laptops
o Fear of theft
o Fear of mischievous activities by friends
5. . What do you feel about the strength of your password? Check all that apply
o Keep easy passwords to remember
o Keep one strong password for everything
o Take thee effort to remember multiple strong passwords
6. Do you use random devices like USB sticks, drives without checking them
with a trusted security software? Mark only one

o Yes 14
o No
Analysis of Cyber Security Awareness on Campus

o Yes
o No
o Maybe

7. Which Device do you use most frequently? *

o PC
o Mobile Phone
o Tablet
o Other:

8. When did you start using the internet? * Mark only one oval
o A year ago
o 2-4 years ago
o 4-6 years ago
o More than 6 years ago

9. Which is your most preferred web browser on pc? *

o Google Chrome
o Mozilla Firefox
o Microsoft edge
o Safari
o Opera
o Other:

10. Which is your most preferred web browser on mobile phone? *

o Google Chrome
o UC Browser
o Opera
o Microsoft Edge
o Tor
o Other:

11. Which is your preferred anti-virus? *

o Avast
o Norton
o Avira
o Kaspersky
o McAfee
o Other:

12. Which of the following makes more sense to you? *

o purchasing an anti-virus software
o keep switching between trial versions of different anti-virus softwares
o not using anti-virus at all

13. Check the terms you have heard of? *

15
Analysis of Cyber Security Awareness on Campus

o Phishing
o Spyware
o Adware
o Botnets

14. Which of the following are your preferred modes of payment for E-commerce? *
o Debit Card/ Credit Card
o Paytm/ other e-wallets
o Cash on Delivery
o net banking
o Other:

15. Do you save your passwords and/or card details on your web browser? *
o Yes
o No

16. Which of these have you done? *

o Opening unknown links on social media
o Performing online transactions on unknown websites
o Downloading stuff from unknown websites

17. Which of these details do you give away more or less to every website? *
o Name
o Phone Number
o Email ID
o Age
o Home address

18. If you have been a victim of virus infection/ unwanted plug-ins download, what
was the action taken by you? *
o Installed anti-virus plugin
o Filed a report against the website
o Simply uninstall the plugin
o Format Computer
o No serious action taken
o Never been affected like this

19. How safe do you feel on the internet? (1 stands for least safe and 5 stands for most)

  1  2  3  4  5 

 Least safe       Most safe

16
Analysis of Cyber Security Awareness on Campus

20. How often do you do the following

 As soon as the  whenever you are not  once a  once a 
install update prompt busy with your device week month never
appears

 Update     
Operating
System
 Update anti-     
virus software

21. What do you think is the most pressing threat that people fall for? *

17
Analysis of Cyber Security Awareness on Campus

BIBLIOGRAPHY

● Cyber Security Information for Students.(2015, Jan 16) Retrieved from:

https://its.ucsc.edu/security/student.html
● Internet Safety and Cyber Security Awareness for College Students. (2012, March 24).
Retrieved,from:https://www.cyberdegrees.org/resources/internet-safety-for-college-students/
● Friedman, A. (2015). Cybersecurity and Cyberwar: What everyone needs to know. New York, NY:
Simon and Schuster
● Mitnick, K. (2001). The Art of Deception. New York, NY: John Wiley and Sons

18