Computer Security and Computer Attacks
Security in information technology, security is
the protection of information assets through the use of technology, processes,
and training and According to (http://en.wikipedia.org/wiki/Security) security as a condition is the degree of resistance to, or protection
from, harm. It applies to any vulnerable and valuable asset, such as a person,
dwelling, community, nation, or organization. Establishing or maintaining a
sufficient degree of security is the aim of the work, structures, and processes
called "security."
The following statements about security below are
the following that we had learned during our discussions.
Reducing Vulnerabilities
- - Security is a combination of technology, policy and people. It requires a wide range of activities to be effective.
- - Assess threats to an organization’s computers and network
- - Identify actions that address the most serious vulnerabilities
- - Educate users
- - Monitor to detect a possible intrusion
- - Create a clear reaction plan
Risk Assessment
-
Organizations review of:
-
Risk Assessment is a process of assessing
security-related risks to an organizations computers and networks from both
internal and external threats.
-
Identify investments that can best protect an
organization from the most likely and serious threats
-
Reasonable assurance
-
Improve security in areas with:
·
Highest estimated cost
·
Poorest level of protection
Establishing a Security Policy –
it defines an organizations security requirements, controls and sanctions
needed to meet the requirements. Delineates responsibilities and expected
behavior, outlines what need to be done, not how to do it. Automated system
policies should mirror written policies.
-
Trade –off between – ease of use and increased
security
-
Areas of concern – email attachments and
wireless devices
VPN uses the internet to relay
communications but maintains privacy through security features; additional
security includes encrypting originating and receiving network addresses.
Educating Employees, Contractors,
and Part-Time Workers
Educate
users about the importance of security it motivate them to understand and
follow the security policy. Discuss recent security incidents that affected the
organization. It help protect information by; guarding passwords, not allowing
others to use passwords, applying strict access control to protect data, and
reporting all unusual activity.
Firewall – limits
network access. According to (http://en.wikipedia.org/wiki/Firewall_(computing))
A firewall can either
be software-based or hardware-based and is used to help keep a network secure.
Its primary objective is to control the incoming and outgoing network traffic
by analyzing the data packets and determining whether it should be allowed
through or not, based on a predetermined rule set. A network's firewall builds
a bridge between an internal network that is assumed to be secure and trusted,
and another network, usually an external (inter)network, such as the Internet,
that is not assumed to be secure and trusted.
Many
personal computer operating systems include
software-based firewalls to protect against threats from the public Internet.
Manyrouters that pass data between networks
contain firewall components and, conversely, many firewalls can perform basic
routing functions.
Antivirus software – scans for
specific sequence of bytes, known as the virus signature. Antivirus software
continually updated with the latest virus detection information called
definitions. Departing employees you should promptly delete computer accounts,
login ID’s and passwords. Carefully define employee roles and create roles and
user accounts. Keep track of well-known vulnerabilities, back up critical
applications and data regularly and perform security audit. Lastly, according
to (http://netforbeginners.about.com/od/a/g/antivirus.htm)
"antivirus" is protective software
designed to defend your computer against malicious software. Malicious
software, or "malware" includes: viruses, Trojans, keyloggers,
hijackers, dialers, and other code that vandalizes or steals your computer
contents. In order to be an effective defense, your antivirus software needs to
run in the background at all times, and should be kept updated so it recognizes
new versions of malicious software.
This
is the following attacks:
- . Virus
- . Worm
- Trojan horse
- Denial of Service
Virus – is a pieces
of programming code, usually disguised as something else and cause unexpected
and usually undesirable events. Often attached to files, deliver a “payload”.
It does not spread itself to computer to computer without human
intervention. It be passed on to other
users through infected e-mail document attachments, program diskettes and
shared files. Macro viruses are common and easily created viruses. It is
created in an application of macro language and infects documents and
templates. According to (http://en.wikipedia.org/wiki/Computer_virus)
A computer virus is a computer program that
can replicate itself[1] and
spread from one computer to another. The term "virus" is also
commonly, but erroneously, used to refer to other types of malware,
including but not limited to adware and spyware programs that do not have a
reproductive ability.
Malware includes computer viruses, computer worms, ransomware, trojan horses, keyloggers,
most rootkits, spyware,
dishonest adware, malicious BHOs and other malicious software. The
majority of active malware threats are usually trojans or worms rather than
viruses.
Worms – it is harmful programs
that reside in active memory of a computer it duplicate them and can propagate
without human intervention. The negative impact that worms can cause to the
computers are lost of data and programs, lost productivity and effort of IT
workers.
Trojan Horses – is a program that
a hacker secretly installs to any part of the program that they have made.
Users are tricked into installing it, can be delivered as an email attachment,
and downloaded from a web site or from a removable device as CD/DVD or USB.
Logic bomb executes under specific conditions.
Botnet – a large group of
computers controlled from one or more remote locations by hackers, w/out the
knowledge or consent by their owners. Accorind to (http://en.wikipedia.org/wiki/Botnet) a botnet is a collection of internet-connected programs communicating with other similar programs
in order to perform tasks. This can be as mundane as keeping control of an IRC
channel, or it could be used to send spam email or participate in DDOS attacks.
The word botnet stems from the two words robot and network.
Denial –of-Service (DoS) Attacks
– is a malicious hacker taker over computers on the internet and causes them to
flood a target site with demands for data and other small tasks, the computers
that are taken over are called zombies. DoS
do not involve a break-in at the target computer. Target machine is busy
responding to stream of automated requests, legitimate users cannot get in.
Spoofing generates a false return address on packets. Ingress filtering is when
internet service providers (ISPs) prevent incoming packets with false IP
addresses from being passed on. Egress filtering is ensuring spoofed packets
don’t leave a network.
Perpetrators – is an act or
motives that are the same as other criminals. It has different objectives and
access to varying resources. It also has different levels of risk to accomplish
an objective. The people who launch that kinds of computer attacks include
thrill seekers wanting to a challenge, common criminals looking for financial
gain, industrial spies trying to gain a competitive advantage, and terrorists
seeking to cause destruction.
Classifying Perpetrators of
Computer Crime
- . Hackers
- . Crackers
- . Malicious Insiders
- . Industrial Spies
- . Cybercriminals
- . Hactivist and Cyberterrorists
Hackers – test limitations of
systems out of intellectual curiosity.
Crackers – cracking is a form of
hacking clearly criminal activity.
Malicious Insiders – top security
concern for companies, estimated 85 percent of all fraud is committed by
employees. Usually due to weaknesses in internal control procedures. Collusion
is cooperation between an employee and outsider. Insiders are not necessarily
employees it can be also consultants and contractors. It is extremely difficult
to detect or stop authorized to access the very system they abuse.
Industrial Spies –illegally
obtain trade secrets from competitors. Trade secrets are protected by the
Economic Espionage Act of 1996. Competitive Intelligence uses legal techniques
and gathers information that are available to the public why Industrial
espionage uses illegal means and obtains information that are not available to
the public.
Cyber Criminals – Hack into
corporate computers and steal, engage in all forms of computer fraud. Chargeback
are disputed transactions. Loss of customer trust has more impact than fraud,
to reduce the potential for online credit card fraud sites:- - Use encryption for online credit card
- - Verify the addresses submitted online against the issuing bank
- - Request a card verification value (CVV)
- - Use transaction-risk scoring software.
Smart cards
- - Contain a memory chip
- - Are updated with encrypted data every time the card is used
- - Used widely in Europe
- - Not widely used in the U.S.
A Cyber terrorist launches
computer-based attacks against other computers or networks in an attempt to
intimidate or coerce a government in order to advance certain political or
social objectives. Cyber terrorists seek to cause harm rather than gather
information. Many experts believe terrorist groups pose only a limited threat
to information system.
Trustworthy Computing – is a
method of computing that delivers secure, private, and reliable computing
experiences based on the sound business practices. This is what organizations
worldwide are demanding today.
Detection systems can catch
intruders in the act. Intrusion detection system monitors system and network
resources and activities. Notifies the proper authority when it identifies.
Possible intrusions form outside the organization, misuse from within the
organization.
No comments:
Post a Comment