Types of Computer Security Risks and Security Measure

computer security risks

 Definition of computer security risk:

Any event or action that could cause a loss of or damage to computer hardware, software, data, information or processing capability.

•      Perpetrators of cybercrime and other intrusions fall into seven basic categories:

q  Hacker, refers to someone who accesses a computer or network illegally. Some hackers claim the intent of their security breaches is to improve security.

q  Cracker also is someone who accesses a computer or network illegally but has the intent of. destroying data, stealing information, or other malicious action

q  Script kiddie has the same intent as a cracker but does not have the technical skills and knowledge. Often use prewritten hacking and cracking programs to break into computers.

q  Corporate spies have excellent computer and networking skills.

ü  hired to break into a specific computer and steal its proprietary data and information.

ü  to help identify security risks in their own organization.

                          q Unethical employees may break into their employers’ computers for a                                 variety of reasons:

                                         ü  want to exploit a security weakness,

                                         ü  seek financial gains from selling confidential information

                                         ü  disgruntled employees may want revenge.

                        q  Cyber extortionist is someone who uses e-mail as a medium for                              extortion.

                                         ü  They will send an organization a threatening e-mail message                                        indicating they will expose confidential information if they are                                        not paid a sum of money.

                        qCyberterrorist is someone who uses the Internet or network to destroy or                  damage computers for political reasons. They might targets:

                                         ü  the nation’s air traffic control system,

                                         ü  electricity-generating companies,

                                         ü  a telecommunications infrastructure.

Malicious code

•         Malicious code is code causing damage to a computer or system. It is code not easily or solely controlled through the use of anti-virus tools.

•         Malicious code can either activate itself or be like a virus requiring user to perform an action, such as clicking on something or opening an email attachment.

Computer virus

•         Definition : A computer virus is a potentially damaging computer program that affects or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.

•         A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels

•         It may damage files and system software, including the operating system.

         •         Almost all viruses are attached to an executable file.

         •         The virus may exist on your computer but it actually cannot infect yourcomputer         unless you run or open the malicious program.

         •         A computer virus by sharing infecting files or sending emails with viruses as           attachments in the email.

         •         Even such a simple virus is dangerous because it will quickly use all available           memory and bring the system to a halt.

         •         Examples: Melissa, Tequila, Cascade, Invader  

Worm

•         A worm is a program that copies itself repeatedly.

•         For example in memory or on a network, using up resources and possibly shutting down the computer or network.

•         Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action.

•         A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided.

•         The biggest danger with a worm is its capability to replicate itself on your system.

•         It will causing Web servers, network servers and individual computers to stop responding.

•         Examples: Jerusalem, Sobig,   Nimda, Morris Worm

Trojan horse

•         A program that hides within or looks like a legitimate program. It does not replicate itself to other computers.

•         At first glance will appear to be useful software but will actually do damage once installed or run on your computer.

•         Examples: It can change your desktop, adding silly active desktop icons or they can cause serious damage by deleting files and destroying information on your system.

•         Examples: Netbus, Back Orifice, Subseven, Beast

Unauthorized access & use

Unauthorized access

·        - The use of a computer or network without permission.

Unauthorized use

·         -The use of a computer or its data for unapproved or possibly illegal activities

•         To help prevent unauthorized access and use, they should have a written acceptable use policy (AUP) that outlines the computer activities for which the computer and network may and may not be used.

•         An access control is a security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer.

•         Many systems implement access controls using a two-phase process called identification and authentication.

•         Identification verifies that an individual is a valid user.

              •       Authentication verifies that the individual is the person he or she claims to be.

         •         Three methods of identification and authentication include user names and               passwords, possessed objects, and bio metric devices.

         •         A user name or user ID (identification), is a unique combination of characters,         such as letters of the alphabet or numbers, that identifies one specific user.

         •         A password is a private combination of characters associated with the user               name that allows access to certain computer resources.

             •         Most multiuser (networked) operating systems require that users correctly                        enter a user name and a password before they can access the data, information                    and programs stored on a computer or network.

•         A possessed object is any item that you must carry to gain access to a computer or computer facility.

•         Examples of possessed objects are badges, cards, smart cards and keys.

•         The card you use in an automated teller machine (ATM) is a possessed object that allows access to your bank account.

•         Possessed objects often are used in combination with personal identification numbers.

•         A personal identification number (PIN) is a numeric password, either assigned by a company or selected by a user.

•         A biometric device authenticates a person’s identity by translating a personal characteristic, such as a fingerprint into a digital code.

Hardware theft

•         Hardware theft is the act of stealing computer equipment.

•         Hardware vandalism is the act of defacing or destroying computer equipment.

•         Companies, schools, and other organizations that house many computers, however, are at risk of hardware theft.

•         Safeguards against Hardware Theft and Vandalism:

•         physical access controls, such as locked doors and windows

•         install alarm systems in their buildings

•         physical security devices such as cables that lock the equipment to a desk.

Software theft

 •Software theft occurs when someone:

q  Steals software media

q  Intentionally erases programs

q  Illegally copies a program

q  Illegally registers and/or activates a program.

•Steals software media involves a perpetrator physically stealing the media that contain the software or the hardware that contains the media.

•Intentionally erases programs can occur when a programmer is terminated from, or stops working for a company.

•Although the programs are company property, some dishonest programmers intentionally remove or disable the  programs they have written from company computers.

•         Illegally copies a program occurs when software is stolen from software manufacturers.

•         This type of theft, called piracy, is by far the most common form of software theft.

•         Illegally registers and/or activates a program involves users illegally obtaining registration numbers and/or activation codes.

•         A program called a keygen, short for key generator, creates software registration numbers and sometimes activation codes.

•         Some individuals create and post keygens so that users can install software without legally purchasing it.

Safeguards against Software Theft

•         To protect software media from being stolen, owners should keep original software boxes and media in a secure location, out of sight of prying eyes.

•         All computer users should back up their files and disks regularly.

•         To protect themselves from software piracy, software manufacturers issue users license agreements.

  Information theft

•         Information theft occurs when someone steals personal or confidential information.

•         If stolen, the loss of information can cause as much damage as (if not more than) hardware or software theft.

•         An unethical company executive may steal or buy stolen information to learn about a competitor.

•         A corrupt individual may steal credit card numbers to make fraudulent purchases.

Safeguards against Information Theft

•         Protecting information on computers located on an organization’s premises.

•         To protect information on the internet and networks, organizations and individuals use a variety of encryption techniques.

Encryption is a process of converting readable data into unreadable characters to prevent unauthorized access

 System failure

•         A system failure is the prolonged malfunction of a computer

•         Can cause loss of hardware, software, data, or information.

•         These include aging hardware; natural disasters such as fires, floods, or hurricanes; random events such as electrical power  problems; and even errors in computer programs.

•         Electrical power variations can cause loss of data and loss of equipment.

•         If the computer equipment is networked, a single power disturbance can damage multiple systems.

•         Electrical disturbances include noise (any unwanted signal), undervoltages (electrical supply drops), and overvoltages (incoming electrical power increases).

Safeguards against System failure

•         To protect against electrical power variations, use a surge protector.

A surge protector, also called a surge suppressor, uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment

•         For additional electrical protection, some users connect an uninterruptible power supply to the computer.

•         An uninterruptible power supply (UPS) is a device that contains surge protection circuits and one or more batteries that can provide power during a temporary or permanent loss of power.

•         A UPS connects between your computer and a power source.