3.2.1 computer security risks

4.0 COMPUTER ETHICS 4.0 COMPUTER ETHICS AND SECURITYAND SECURITY

4.2 Computer Security4.2 Computer Security

4.2.1 Computer Security Risks4.2.1 Computer Security Risks

2

LEARNING OUTCOMES:LEARNING OUTCOMES:

At the end of this topic, students should be able to:

Define computer security risks. Identify types of security risks.

Computer Security Risks Computer Security Risks

Definition : Definition : is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.

3

DEFINITIONDEFINITION

Types of Computer Security RisksTypes of Computer Security Risks

5

Internet and network attackInternet and network attack

Hardware theftHardware theft

Information theftInformation theft

Unauthorized access and useUnauthorized access and use

Software theftSoftware theft

System failureSystem failure

Types of Computer Security RisksTypes of Computer Security Risks

Internet and network attacksInternet and network attacks

• Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises.

7

1. Malware1. Malware

2. Botnets2. Botnets

5. Spoofing5. Spoofing

4. Denial of service attacks4. Denial of service attacks

3. Back Doors3. Back Doors

Internet and Internet and network attacksnetwork attacks

Malware (malicious software) – which are program that act without a user’s knowledge and deliberately alter the computer operation.

Type of malware:i. Computer virusesii. Wormsiii.Trojan Horsesiv.Rootkitv. Back doorvi.Spyware

MalwareMalware

MalwareMalware

9

Symptoms MalwareSymptoms Malware

•• Operating system runs much slower than usual

• Available memory is less than expected

• Files become corrupted

• Screen displays unusual message or image

• Music or unusual sound plays randomly

• Existing programs and files disappear

MalwareMalware

10

Symptoms MalwareSymptoms Malware

• Programs or files do not work properly

• Unknown programs or files mysteriously appear

• System properties change

• Operating system does not start up

• Operating system shuts down unexpectedly

11

1. Worm1. Worm

Definition : Worm is a program that copies itself repeatedly, for example in memory or on a network, using up resources and possibly shutting down the computer or network.

MalwareMalware

12

22. Computer Virus. Computer Virus

Definition : Computer virus is a potentially damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.

MalwareMalware

13

22. Computer Virus. Computer Virus

it can spread throughout and may damage files and system software, including the operating system.

MalwareMalware

14

33. Trojan horse. Trojan horse

Internet and network attacks

Definition : Trojan horse is a program that hides within or looks like a legitimate program. It does not replicate itself to other computers.

MalwareMalware

15

33. Trojan horse. Trojan horse

Internet and network attacks

it can spread throughout and may damage files and system software, including the operating system.

MalwareMalware

16

44. Rootkit. Rootkit

Internet and network attacks

Definition : Is a program that hides in a computer and allows someone from a remote location to take full control of the computer.

The rootkit author can execute programs, change settings, monitor activity, and access files on the remote computer

MalwareMalware

17

5. Spyware & Adware. Spyware & Adware

Internet and network attacks

Spyware is a program placed on a computer without the users knowledge that secretly collects information about the user.

Adware is a program that displays an online advertisement in a banner or pop-up window on web pages, e-mail messages or other internet services

MalwareMalware

Definition :

a group of compromised computers connected to a network such as the Internet that are used as part of a network that attacks other networks, usually for nefarious purposes.

BotnetsBotnets

Definition :

A program or set of instructions in a program that allow users to bypass security controls when accessing a program, computer, or network

Back DoorBack Door

Definition :

Denial of service attacks or DoS attack, is an assault whose purpose is to disrupt computer access to an Internet service such as the Web or e-mail.

Denial of Service Attacks Denial of Service Attacks

Definition :

A technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network.

SpoofingSpoofing

Unauthorized Access and UseUnauthorized Access and Use

Unauthorized accessUnauthorized accessThe use of a computer or network without permission.

Unauthorized useUnauthorized useThe use of a computer or its data for unapproved or possibly illegal activities.

Hardware Theft and VandalismHardware Theft and Vandalism

Hardware theftHardware theftIs the act of stealing computer equipment.

Hardware vandalismHardware vandalismThe act of defacing or destroying computer equipment.

Software TheftSoftware Theft

Information TheftInformation Theft

Occurs when someone steals personal or confidential information. If stolen, the loss of information can cause as much damage as (if not more than) hardware or software theft.

System FailureSystem Failure

A system failure is the prolonged malfunction of a computerA variety of factors can lead to system failure, including:

Aging hardwareNatural disastersElectrical power problems

Noise, undervoltages, and overvoltagesErrors in computer programs