Computer security/computer protection
Computer security, also known as cyber security or IT security, is the protection of computer systems from the theft or damage to the hardware, software or the information on them, as well as from disruption or misdirection of the services they provide.
It includes controlling physical access to the hardware, as well as protecting against harm that may come via network access, data and code injection, and due to malpractice by operators, whether intentional, accidental, or due to them being tricked into deviating from secure procedures.
Security is the ability of a system to protect information and system resources with respect to confidentiality, availability and integrity.
Therefore these elements of security must be considered 🙁 CIA triaged
- Confidentiality is a set of rules that limits access to information or Confidentiality is the concealment of information or resources. The need for keeping information secret arises from the use of computers in sensitive fields such as government and industry.
- Integrity refers to the trustworthiness of data or resources, and it is usually phrased in terms of preventing improper or unauthorized change. Integrity includes data integrity (the content of the information) and origin integrity (the source of the data, often called authentication).
- Availability refers to the ability to use the information or resource desired. Availability is an important aspect of reliability as well as of system design because an unavailable system is at least as bad as no system at all.
Importance of computer security
- Computer security is important, primarily to keep your information protected.
- It’s also important for your computer’s overall health
- Helping to prevent viruses and malware and helping programs run more smoothly.
- To help curb the increasing volume and sophistication of cyber security threats – Threats of this nature include targeting phishing scams, data theft, and the exploitation of other vulnerabilities in the network.
Purpose of Data Security
- Controlling access to machine and data resources.
- Controlling the way access rights are passed from user to user.
- person to person
- program to program
- Preventing maliciousness and errors from subverting the controls.
- Understanding the challenges/Risks involved and providing solutions.
Potential Security Threats To Computer Systems
A computer system threat is anything that leads to loss or corruption of data or physical damage to the hardware and/or infrastructure.
Knowing how to identify computer security threats is the first step in protecting computer systems. The threats could be intentional, accidental or caused by natural disasters.
What is a Security Threat?
Security Threat is defined as a risk that which can potentially harm computer systems and organization. The cause could be physical such as someone stealing a computer that contains vital data. The cause could also be non-physical such as a virus attack.
There are two types of threats
- Physical threat
- Non physical threat
(A) Physical Threats
What are Physical Threats?
A physical threat is a potential cause of an incident that may result in loss or physical damage to the computer systems.
Employees are responsible for more successful intrusions than outsiders. It becomes very difficult to find the source of internal attacks without alerting the attacker that you suspect him of wrong-doing.
The following list classifies the physical threats into three (3) main categories;
- Internal: The threats include fire, unstable power supply, humidity in the rooms housing the hardware, etc.
- External: These threats include Lightning, floods, earthquakes, etc.
- Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.
To protect computer systems from the above mentioned physical threats, an organization must have physical security control measures.
The following list shows some of the possible measures that can be taken:
- Fire threats could be prevented by the use of automatic fire detectors and extinguishers that do not use water to put out a fire.
- The unstable power supply can be prevented by the use of voltage controllers. Power backups, power regulators.
- An air conditioner can be used to control the humidity in the computer room.
- Lightning protection systems can be used to protect computer systems against such attacks. Lightning protection systems are not 100% perfect, but to a certain extent, they reduce the chances of Lightning causing damage.
- Housing computer systems in high lands are one of the possible ways of protecting systems against floods.
o Threats such as theft can be prevented by use of locked doors and restricted access to computer rooms.
What are Non-physical threats/Technical threats
A non-physical threat is a potential cause of an incident that may result in;
- Botnets. Botnets are networks of compromised computers used by hackers for malicious purposes, usually criminal in nature.
- Cloud computing (delegating the task of protection to a third party usually through shared resources, or remote storage and host.
- Disrupt business operations that rely on computer systems
- Illegal monitoring of activities on computer systems
- Loss of sensitive information
- Loss or corruption of system data
- Nonexistent security architecture (usually due to lack of qualified IT Administrators). Inadequate network protection results in increased vulnerability of the data, hardware, and software, including susceptibility to malicious software malware, viruses, and hacking.
- Phishing attempt to acquire information such as usernames, passwords, credit card details by masquerading as a trustworthy member of an organization.
- Poor Configuration Management.
- Removable media: provide a pathway for malware to move between networks or hosts.
- Un-patched Client Side Software and Applications.
- Use of mobile devices; such as laptops or handheld devices, smart phones outside organizations.
The non-physical threats are also known as logical threats. The following list is the common types of non-physical threats;
- Key loggers
- Denial of Service Attacks
- Distributed Denial of Service Attacks
- Unauthorized access to computer systems resources such as data
- Other Computer Security Risks
- To protect computer systems from the threats, an organization must have logical security measures in place.
The following list shows some of the possible measures that can be taken to protect cyber security threats
- To protect against viruses, Trojans, worms, etc. an organization can use antivirus software. In additional to the anti-virus software, an organization can also have control measures on the usage of external storage devices and visiting the website that is most likely to download unauthorized programs onto the user’s computer.
- Unauthorized access to computer system resources can be prevented by the use of authentication methods. The authentication methods can be, in the form of user ids and strong passwords, smart cards or biometric, etc
- Intrusion-detection/prevention systems can be used to protect against denial of service attacks. There are other measures too that can be put in place to avoid denial of service attacks.
- A threat is any activity that can lead to data loss/corruption through to disruption of normal business operations.
- There are physical and non-physical threats
- Physical threats cause damage to computer systems hardware and infrastructure. Examples include theft, vandalism through to natural disasters.
- Non-physical threats target the software and data on the computer systems.
- Errors and Omissions
It becomes difficult to protect our systems from the people who need to use it day in and day out.
- Fraud and Theft
Computer fraud is the act of using a computer to take or alter electronic data, or to gain unlawful use of a computer or system.
Computer theft refers to the stealing of the physical parts of the computer. v Malicious Hackers
Several groups of Internet users out there that will attack information systems.
They are hackers, Crackers or phreaks.
- A computer hacker is a person who, with their technical knowledge, uses bugs or exploits to break into computer systems.
- Hacking is the process of gaining unauthorized access into a computer system, or group of computer systems. This is done through cracking of passwords and codes which gives access to the systems.
- A cracker is someone who breaks into someone else’s computer system, often on a network; bypasses passwords or licenses in computer programs; or in other ways intentionally breaches computer security. A cracker can be doing this for profit, maliciously, for some altruistic purpose or cause, or because the challenge is there.
- Cracking is the act of breaking into a computer system, often on a network.
- A phreak is someone who breaks into the telephone network illegally, typically to make free long-distance phone calls or to tap phone lines. The term is now sometimes used to include anyone who breaks or tries to break the security of any network.
- Malicious Code is software/code that is designed to make a system perform any operation without the knowledge of the system owner.
- Denial-of-Service Attacks is an attempt to make a machine or network resource unavailable to its intended users.
- Social Engineering is the name given to a category of security attacks in which someone manipulates others into revealing information, that can be used to steal data, access to systems, access to cellular phones, money, or even your own identity.
Computer crimes also commonly referred to as cybercrimes refers to any crime that involves a computer and a network.
To commit a cyber crime a user takes advantage of a computer to take or alter data, or to gain unlawful use of computer services.
The crimes include but not limited to;
- A root kit
- Autorun worms
- Boot sector malware
- Email spoofing
- Key logging
- Parasitic viruses
- Privacy and Fraud
- Ransom ware
- Social engineering
- Social networking websites
- Spear phishing
- A root kit is a piece of software that hides programs or processes running on a computer. It can be used to conceal computer misuse or data theft.
- Alteration: When a system is compromised, the data stored in it can be compromised. For example. When students break into a system and alter exam results. Bank accounts can too be altered.
- An exploit takes advantage of a vulnerability in order to access or infect a computer.
- Auto run worms are malicious programs that take advantage of the Windows Auto Run feature. They execute automatically when the device on which they are stored is plugged into a computer.
- Boot sector malware spreads by modifying the program that enables your computer to start up.
- Cookies are files placed on your computer that allow websites to remember details.
- Email spoofing is when the sender address of an email is forged for the purposes of social engineering
- Hoaxes are reports of non-existent viruses or threats are software add-ons designed to fix software bugs, including security.
- Key logging is when keystrokes are secretly recorded by an unauthorized third party.
- Malware is a general term for malicious software including viruses, worms, Trojans and spyware. Many people use the terms malware and viruses interchangeably.
- Parasitic viruses, also known as file viruses, spread by attaching themselves to programs.
- Patch operating systems or applications.
- Phishing refers to the process of tricking recipients into sharing sensitive information with an unknown third party.
- Ransom ware is software that denies you access to your files until you pay a ransom
- Sabotage is a computer crime which involves deliberate attacks intended to disable computers or networks
- Social engineering refers to the tricks attackers use to fool victims into performing an action. Typically, these actions are opening a malicious webpage or running an unwanted file attachment.
- Social networking websites allow you to communicate and share information. But they can also be used to spread malware and to steal personal information.
- Spamming is the use of electronic messaging systems like e-mails and other digital delivery systems and broadcast media to send unwanted bulk messages indiscriminately. An unsolicited messages is what we call spam
- Spear phishing is targeted phishing using spoof emails to persuade people within a company to reveal sensitive information or credentials.
- Spyware is software that permits advertisers or hackers to gather sensitive information without your permission.
- Tapping: when someone gains access to information that is being transmitted via a transmission/communication link. Users should note that any information passed over a network is vulnerable provided security measures are not appropriate.
- Tracking: Monitoring computer usage in a real time environment. This is either done remotely or during a physical session, usually used on internet users.
- Trespass: when someone is able to access your computer and able to see or use your files illegally.
- Worms are viruses that create copies of themselves across the Internet or local networks.
- Educate users
- Encrypt all important data
- Use secure passwords
- Implement additional security checks (fingerprint, Eye scanners)
- Encrypt all important data
- Restrict Plug and Play
How to Buy Online Safely
- Research retailers online to make sure they’re legitimate.
- Make sure the website is secure.(https)
- Know your rights and the company’s returns policy.
- Keep software and virus protection up-to-date and use strong passwords for online accounts.
- Don’t use public Wi-Fi. Your standard data connection is more secure.
- Pay using a credit card. You will have more protection. Alternatively, online services like PayPal mean scammers will not be able to get hold of your bank details.
- Be smart. If a deal looks too good to be true, it probably is not worth taking.
How to Be Safe On the Internet
- Create Complex Passwords. We know you’ve heard it before, but creating strong, unique passwords for all your critical accounts really is the best way to keep your personal and financial information safe.
- Use a Firewall. Even if your network is secure, you should still use a firewall.
- Click Smart. Now that you’ve put smart tech measures into place, make sure that you don’t invite danger with careless clicking. Many of today’s online threats are based on phishing or social engineering.
- Be a Selective Sharer. These days, there are a lot of opportunities to share our personal information online. Just be cautious about what you share, particularly when it comes to your identity information. This can potentially be used to impersonate you, or guess your passwords and logins.
- Protect Your Mobile Life. Our mobile devices can be just as vulnerable to online threats as our laptops. In fact, mobile devices face new risks, such as risky apps and dangerous links sent by text message.
- Practice Safe Surfing & Shopping. When shopping online, or visiting websites for online banking or other sensitive transactions, always make sure that the site’s address starts with “https”, instead of just “http”, and has a padlock icon in the URL field.
- Keep up to date. Keep all your software updated so you have the latest security patches. Turn on automatic updates so you don’t have to think about it, and make sure that your security software is set to run regular scans.
- Lookout for the latest scams. Online threats are evolving all the time, so make sure you know what to look out for.
- Keep your guard up. Always be cautious about what you do online, which sites you visit, and what you share. Use comprehensive security software, and make sure to backup your data on a regular basis in case something goes wrong.
How To Avoid Viruses, Trojans, Worms And Spyware
- Use updated antivirus or endpoint security software
- Block file types that often carry malware
- Subscribe to an email alert service
- Use a firewall on all computers
- Stay up to date with software patches
- Back up your data regularly
- Disable Auto Run functionality