Module 1: Cybersecurity Fundamentals

Many people believe that hackers try to figure out passwords by typing random words, such as "password123," until they find the correct one.

This is incorrect. Hackers use special computer programs that automatically try many password combinations at very high speeds. These programs can test billions of possibilities every second. Research shows that 80% of passwords can be broken within a few minutes because many people choose simple and predictable passwords, such as birthdays, pet names, "123456," or "qwerty."

Many places provide free WiFi, such as coffee shops, airports, and buses. However, free WiFi can be unsafe. On open networks, hackers can use a method called a "man-in-the-middle attack." In this method, the hacker's computer acts as a bridge between the user and the internet. This allows the hacker to secretly view information such as messages, emails, and credit card details. Hackers may also create fake WiFi networks with names that seem trustworthy, such as Airport_FreeWiFi. When people connect to these fake networks, their data can be stolen.

Many online attacks begin with a single email or message. It may appear to come from a bank: "Your account is locked, click here to secure it." Or from a streaming service: "Payment failed, update your card details now." The logos may appear correct, and the links may look genuine, but clicking the wrong link can give attackers access to your login information.

Attackers use several techniques to make these messages appear real. They may include your name, use familiar wording, or make the sender's address appear legitimate. Sometimes, they create websites that look identical to the real ones. Always verify the sender, hover over links to check the actual web address, and never enter passwords from messages that seem suspicious. This is similar to a fake store: it appears real, but anything you give them is lost.

Every time a person likes a post, searches online, or shares content, small traces are left behind. Photos that are deleted may still be stored elsewhere. Even using "incognito mode" does not prevent internet providers, schools, or advertisers from seeing activity.

Companies gather and exchange this information. By examining a few social media interactions, artificial intelligence can predict personality traits more accurately than a close friend.

When a person downloads software from an unknown source, such as a free photo editor or cracked program, it may contain hidden malware. Once the program runs, the malware becomes active. First, it hides within the system to avoid detection. Next, it copies itself to other files and devices on the same network. Finally, it contacts the attacker, sending private information. Some malware spreads quickly, affecting thousands of devices in minutes, similar to how a biological virus spreads in humans. Certain malware can even change itself to avoid antivirus programs, making removal more difficult.

Hackers do not always rely on computer code. Frequently, they exploit human psychology. Social engineering is the practice of deceiving people into performing actions that benefit the hacker without their awareness. A hacker may call, posing as "technical support," to request your WiFi password. Alternatively, they may send a message: "Hello, I am your friend's cousin—can you help me reset your account?" In cybersecurity, the most vulnerable element is not the computer but the human mind.

Not all applications and links are as safe as they appear. For instance, a free flashlight app may request access to the microphone, contacts, or camera. These permissions are often unrelated to the app's stated function; the actual purpose may be data collection or surveillance. Research indicates that over fifty percent of free applications gather unnecessary information, and some may even install hidden trackers or malware.

Links shared online can also be dangerous. Messages claiming "Win a free iPhone" or "Claim your reward now" may direct users to adware, counterfeit websites, or attempts to steal personal information. The safest practices include reviewing app permissions carefully, installing apps only from trusted sources, and avoiding suspicious links. While free apps and offers may seem appealing, in many cases, the user becomes the product.

Cybersecurity is the practice of protecting computers, devices, and digital information from unauthorized access, theft, damage, or misuse. It can be compared to securing a house by locking doors, setting alarms, and storing valuable items safely. Cybersecurity provides similar protection for the digital environment.

For example, when an individual makes purchases online, cybersecurity safeguards financial information such as credit card details. When an organization stores customer information, cybersecurity prevents unauthorized access. Even basic measures, such as using strong passwords and avoiding suspicious links, contribute to maintaining digital security.

Bangladesh is experiencing rapid growth in digital technology, but its cybersecurity framework is still developing. As more businesses, government institutions, and educational organizations operate online, the risk of cyberattacks increases. A notable example occurred in 2016 when attackers exploited vulnerabilities in the SWIFT system to steal $81 million from Bangladesh Bank, illustrating the seriousness of cyber threats.

Banks and e-commerce platforms are enhancing security measures; however, phishing, malware, and online fraud remain prevalent. Bangladesh is currently ranked 66th globally in the National Cyber Security Index and has been recognized as a 'Role Model' in the 2024 Global Cybersecurity Index. These rankings indicate progress while highlighting the continued need for stronger regulations, professional training, and public awareness.

Module 2: Cyber Attacks → Step into the hacker's mind. See exactly how they break in.

Module 3: Cyber Defense → Build your armor—learn the tricks to protect yourself.

Module 4: Cybersecurity in Action → Real-life stories, hands-on cases, and a roadmap to turn knowledge into skill.