Computer Security Risks
- Computer security risk is any event or action that could cause a loss of or damage to computer or mobile device hardware, software, data, information or processing capability
- Cybercrime refers to online or Internet-based illegal acts such as distributing malicious software or committing identity theft
- Perpetrators of cybercrime:
Hacker refers to someone who accesses a computer or network illegally
Cracker is someone who accesses a computer or network illegally but has the intent of destroying data, stealing information or other malicious action
Script kiddie has the same intent as a cracker but does not have the technical skills and knowledge. Script kiddies often use prewritten hacking and cracking programs to break into computers and networks
Corporate spies have excellent computer and networking skills and are hired to break into a specific computer and steal its proprietary data and information, or to help identify security risks in their own organisation
Unethical employees may break into their employer's computers for a variety of reasons
Cyberextortionist is someone who demands payment to stop an attack on an organisation's technology infrastructure
Cyberterrorist is someone who uses the Internet or network to destroy or damage computers for political reasons
Internet and Network Attacks
- Information transmitted over networks has a higher degree of security risk than information kept on an organisation's premises
- An online security service is a website that evaluates your computer to check for Internet and e-mail vulnerabilities
- Types of malware:
Virus - It affects, or infects, a computer or mobile device negatively by altering the way it works
Worm - It copies itself repeatedly using up resources and possibly shutting down the computer, device or network
Trojan horse - A program that hides within or looks like a legitimate program
Rootkit - A program that hides in a computer or mobile device and allows someone from a remote location to take full control of the computer or device
- Symptoms of infected computer:
OS runs much slower than usual
Available memory is less than expected
Files become corrupted
Screen displays unusual message or image
Music or unusual sound plays randomly
Existing programs and files disappear
Programs or files do not work properly
Unknown programs or files mysteriously appear
System properties change
OS does not start up
OS shuts down unexpectedly
- Botnet is a group of compromised computers or mobile devices connected to a network
- Denial of service attack (DoS attack) disrupt computer access to an Internet service
- Back door is a program or set of instructions in a program that allows users to bypass security controls
- Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate
- Firewall is hardware and/or software that protects a network's resources from intrusion
- Intrusion detection software:
Analyses all network traffic
Assesses system vulnerabilities
identifies any unauthorized intrusions
Notifies network administrators of suspicious behavior patterns or system breaches
- Honeypot is vulnerable computer that is set up to entice intruder to break into it
- Unauthorized access is the use of a computer or network without permission
- Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities
- Safeguards against unauthorized access or use:
Have a written acceptable use policy (AUP)
Disable file and printer sharing
Use a firewall
Have an intrusion detection software
- Access control is a security measure that defines who can access a computer, device or network; when they can access it; and what actions they can take while accessing it
- Examples of access control:
User names and passwords
Passphrase
PIN
CAPTCHA
- Possessed object is any item that you must carry to gain access to a computer facility
- Biometric device authenticates a person's identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer
- Digital forensics is the discovery, collection and analysis of evidence found on a computers and networks
- Areas use digital forensics including:
Law enforcement
Criminal prosecutors
Military intelligence
Insurance agencies
Information security departments
Hardware Theft and Vandalism
- Hardware theft is the act of stealing computer equipment
- Hardware vandalism is the act of defacing or destroying computer equipment
- Safeguards:
Physical access controls (locked doors and windows)
Alarm systems
Physical security devices (cables and locks)
Device-tracking app
Password, possessed objects and biometrics
Software Theft
- Software theft occurs when someone:
Steals software media
Intentionally erases programs
Illegally registers and/or activities a programs
Illegally copies a program
- Typical conditions of a Single-User License Agreement:
Permitted to install the software on one computer; make one copy of the software as a backup; remove the software from the user's computer before give or sell the software to another individual
Not permitted to install the software on a network; give copies to friends and colleagues while continuing to use the software; export the software; rent or lease the software
Information Theft
- Information theft occurs when someone steals personal or confidential information
- Encryption is the process of converting data that is readable by humans into encoded characters to prevent unauthorized access
- Back up a file means to make a copy of it
- Off-site backups are stored in a location separated from the computer site. Eg. cloud storage
- Backup methods:
Full backup - Copies all of the files on a media in the computer
Differential backup - Copies only the files that have changed since the last full backup
Incremental backup - Copies only the files that have changed since the last full or incremental backup
Selective backup - Users choose which folders and files to include in a backup
Continuous data protection (CDP) - All data is backed up whenever a change is made
Cloud backup - Files are backed up to the cloud as they change
- Three-generation backup policy preserve three copies of important files
Grandparent - The oldest copy of the file
Parent - The second oldest copy of the file
Child - The most recent copy of the file
Wireless Security
- Wireless access poses additional security risks
- Safeguards:
A wireless access point should not broadcast an SSID
Change the default SSID
Configure a WAP so that only certain devices can access it
Use WPA or WPA2 security standards
Ethics and Society
- Computer ethics are the moral guidelines that govern the use of computers and information systems
- Information accuracy is a concern today. Do not assume the information on the Web is correct
- Intellectual property rights are the rights o which creators are entitled for their work
- Code of conduct is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed
- Spam is an unsolicited e-mail message or newsgroup posting
- E-mail filtering blocks e-mail messages from designated sources
- Anti-spam programs attempt to remove spam before it reaches your inbox
- Phishing is a scam which a perpetrator sends an official looking email message that attempts to obtain your personal and/or financial information
- Pharming is a scam where a perpetrator attempts to obtain your personal and financial information via spoofing
- Social engineering is defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others
- Employee monitoring involves the use of computers to observe, record and review an employee's use of a computer
- Content filtering is the process of restricting access to certain material
- Web filtering software is a program that restricts access to specified websites
No comments:
Post a Comment