ABSTRACT:-At present growing word cyber security is very necessary because,As technology provides many services to it, also some effect like security threats and cyber attacks.To secure the information from hacker and the cyber attacks we will require the cyber security. Cyber security is an process to secure the networks, computer program and data from the unwanted access or users that goal to access users data for personal uses and benefits.For protection of data many organizations develop a software. These software help us to protect the data and information.Cyber security playing a huge role in developing a technology and additional services like internet.we only think about ‘cyber security’ whenever we listen about the cyber crimes.This paper describe the cyber security ,cyber attacks,types of cyber attacks, and major area in cyber security.INTRODUCTION:-Cyber merge form relating to information,the internet & virtual reality.cyber security is necessary it helps in securing data from threats such as data theft or misuse,also safe our system from viruses. The term cyber security is used to refer to the security offered through online services to secure our online information.with an increasing amount of people getting connect the internet, security threats that cause massive harm are increase also.In india we went straight from no telephones to the latest in mobile technology said Cherian samuel to the Institute for Defence studies and Analysis in new delhi and the same with internet connected computer. Cyber security was designed to help learners develop a deeper understanding of modern information and system secure technology and functions..In information technology data security or information security is one of the great challenge for the world.Cyber crime has led to the loss of billions of dollars,malfunctioning of computer system, destruction of complex information, the compromise of network integrity and confidentiality. Major areas of cyber security:-Cyber crime:-cyber crime and computer oriented crime, is crime that involve a computer and a network.cyber crime also called computer crime, any illegal activity that involves a computer or network connected device, such a mobile phone.The Department of justice divide cybercrime into three categories:crimes in which the computing devices is the target,for example to gain network access.crimes in which the computer is used as a weapon.for example to launch a denial of service (DoS) attacks; and crime in which the computer is used as an accessory to a crime, example,using a computer to store illegally-obtained data. Application security:- Application security is hold within the measures that are taken in the development of the life cycle to prevent the application from threats and frouds .Application types are:-a)user Authentication.b)auditing and logging.c)input parameter validation.Information security :- Information security protects the information from unauthorized access to avoid identity theft and privacy protection.Major techniques are used to prevent this:-a)identification.b)authentication.c)cryptography.Disaster recovery:- Disaster recovery is a process that involves performing risk estimate,establishing the priorities, developing recovery strategies in any type of disaster. Network security:- Network security involves the activities to protect and save the integrity,reliability usability and safety of the network.the effective network security targets a variety of issues and threats and stop them spreading and entering into the network.Factors of network security area)Anti virus.b)firewall,to block and stop unauthorized access to our networkc)intrusion prevention systemd)for secure remote access there are (VPN) virtual private network. Cyber Attacks:-A cyberattack is carefully using of computer system, technology depends on the networks and activity. Cyber attacks use the damaging code for changing the data or codes, that may results the disturbing in the importance arrangements and leads the cyber crimes,like identity and information frauds(theft). Cyber Attacks are also called computer network attack (CNA).Types of attacks in cyber securityIdentity theft:-Identity theft is process of obtaining the information illegally about someone else. Thieves and hackers try to stole the information like name, number ,address, password credit card number and email address etc.When hacker stole your personal information then use this information for different purpose like Financial frauds, such as a bank fraud, credit card fraud and the tax rebate fraud.They can use your information for other crimes like entering a country illegally, trafficking drugs, smuggling etc.Prevention from identity theft 1.whenever you are writing or entering any personal information on the server and internet,make sure that connection is secure and private.2.whenever you are purchasing anything from internet, never store your personal information and credit card number on that server and websites.3.A good antivirus is always active in your system.4.Be aware from the fake sites and services. Malware:- Malware is a combination of mal and ware from the (malicious and software)Malware is a term used for variety of hazards such as worms, trojans and viruses.malware is defined as a malicious code that theft data or destroy data and information from the system. Malware mostly entered in the system through downloading the software and files online and attachments in the email. Types of malwareVirus:-Damages the personal files and information.Spyware:-Software that will collect the personal informationWorms:-Malware that can repeat itself across the networks.Trojans horse:-Malware that looks and operates as a real program and software.Browser hijacker:-Software that modifies the web browser and sevices.Prevention from this:- The one of the best way to prevent malware is to avoid clicking on links or downloading attachments from unknown senders.Spyware:- Spyware is a term used used to describe the software and files that is intentionally installed on a computer which is used to monitor what other users of the same computer are doing. It is term designed for get the information secretly about the user activity. Spyware programs are used to track users’ habits to better target them with advertisements. Spyware is usually installed onto the user’s machine without them knowing when a link is followed by them which redirects the user to a malicious website.PREVENTION FROM THE SPYWAREThe system is affected with the spyware by visiting the infected website, downloading inected software etc.Download from well-known and reputable sites only.Use a firewall for enhanced security.Maintain anti-virus and anti-spyware updates.Phishing:- phishing attacks are attacks that are sent through email or pop messages and ask users to click on a link and enter their personal data.It will attract the user according to their interest and when user click on the link then the hanker will able to enter the system and stole the data and personal information from the system.Denial-of-service A DoS attack focuses on disrupting the service of a network. Attackers send high volumes of data or traffic through the network, until the network becomes overloaded and can no longer function and stop functioning.The common DOS attacks is DDOS (distributed-denial-of-service ) it will also send the high volume data and traffic on services until server and network stop working.There are two types of DOS attacks :- flooding services and the crashing services. flooding servicesFlood attacks are occur when the system finde too much traffic for the server to buffer, causing them to slowing down and ultimately stop. The most Popular flooding attacks are:Buffer overflow attacksICMP flood SYN flood crashing servicesDoS attacks simply blame that cause the target system or service to get crash. In these attacks, input is sent that takes advantage of bugs in the target that subsequently crash or severely destabilize the system, so that it can’t be accessed or used.Password sniffingWhen hankers not able to guess your password then they try they another method called Password sniffing. In this the attacker use the software and try to access you data and information but the software is running on their own machinen,they are trying to get your password and username when they get the access in it they are able to get access in your system and network.Website defacementWebsite defacement are the attacks usually done on the websites. These attack on a website that changes the visual appearance of the site or a webpage. This is basically done by hackers and destroyers ,they will replace the webpage and server with their own webpage and site. There are different desaires of attackers which lead to deface the website,one of them is a political motivation.the attackers who do this type of activities are called hacktivists they may change the content of the website with message picture and another text of their own choice.CONCLUSIONCyber threats and crimes are bigger problem to solve especially when they are hidden malicious activities and files. These files not only affect the system and data but also the reputation of the organization and individual, so to prevent the system from illegal activities and theft of personal information, the cyber security is designed. In this paper we have studied the cyber security, and the areas of the cyber security. As we know there are many cyber threats so we also learn about the cyber security attacks and the prevention from them.