Computer Security and Safety, Ethics and Privacy

Chapter 11

Computer Security Risks

What is a computer security risk?

Any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.

Intentional Breach of Computer Security Computer Crime (illegal act involving a

computer) Cybercrime (Online or Internet-based

illegal acts)

Seven Basic Categories of Cybercrime

Hacker – Access a computer illegally Cracker – Access a computer illegally

but has the intent of destroying Script Kiddie – Same intent but not have

the technical skills and knowledge Corporate Spies – Hired to break into a

computer, steal data info, to help indentify security risks

Unethical employees-want to exploit a security weakness

Seven Basic Categories of Cybercrime cont..

Cyberextortionist – Use the email as a vehicle for extortion

Cyberterriorist - Destroy or damage for political reason

Both requires a team of highly skilled individuals, millions of dollars and years of planning

Common Computer Security Risks

Internet and Network Attacks Unauthorized Access and Use Hardware theft Software theft Information theft System failure

Internet and Network Attacks

What are Computer Viruses, worms, Trojan horses and Rootkits?

Computer Viruses

Potentially damaging computer program

RootkitsHides in a

computer and allows

someone from a remote

location to take full control

WormA program that copies

itself repeatedly,

using up resources and

possibly shutting down computer or

network

Trojan HorseHides within or

looks likes a legitimate

program until triggered

Computer Virus, Worms, Trojan Horse and Rootkits

What is Malware? Programs that act without a user’s

knowledge and deliberately alters the computer operation.

Unscrupulous programmer write malware and then test to ensure it can deliver it payload (destructive event or prank the program is intended to deliver)

Malware Delivers Its Payload

When a user: Opens an infected file Runs an infected program Boots the computer with an infected

removable media Connect to an unprotected computer

Most common way – email attachments

Safeguards Against Computer Virus

No guarantee methods Some ways to Prevent Viruses

Do not start computer with removable disks

Never open email attachment unless from trusted source

Install an Antivirus program Stay informed about new virus and virus

hoax

Internet and Network Attacks

What is an Antivirus program? Popular Antivirus

Programs

AVG Anti-Virusavast! Antivirus

CA Anti-VirusF-Secure Anti-Virus

Kaspersky Anti-VirusMcAfee Virus ScanNorton AntiVirus

Trend Micro AntiVirusVexira Antivirus

•Identifies and removes computer viruses

•Most also protect against worms, Trojan horses and spyware

Internet and Network Attacks

What is a virus signature?Specific pattern of virus code•Also called virus definition

Antivirus programs look for virus signatures

Internet and Network Attacks

How does an antivirus program inoculate a program file?

Attempts to remove

any detected

virus

Records information

about program

such as file s and

creation date

Uses informati

on to detect if

virus tampers with file

Quarantines

Infected files that cannot remove

Internet and Network AttacksWhat are a Botnet, denial of

service attack, back door and spoofing?A Botnet is a group of comprised

computers connected to a network that are used as part of a network that attack

other networksA denial of service attack is an assault

whose purpose is to disrupt a computer access to an Internet data

A back door is a program or set of instruction in a program that allow users

to bypass security controls when accessing a computer resource

Spoofing is a technique intruders use to make their network or Internet

transmission appear legitimate to a victim computer or network

Safegaurd against Botnet, DoS/DDoS attack, Backdoors and Spoofing

Firewalls Protects a network’s resources from intrusion by user

on another network

Intrusion Detection Software Automatically analyze all network traffic, assess

system vulnerabilities, identifies any unauthorized intrusion, and notifies network administration of suspicious behavior pattern.

Honeypots A vulnerable computer that is setup to enticed an

intruder to break into it

Unauthorized Access and Use- Section 2

What is Unauthorized Access and Unauthorized Use?

Unauthorized Access – use of a computer in a network without permission

Unauthorized Use – the use of a computer or its data for unapproved or possibility illegal activities

Safeguard Against Unauthorized Access and Use

Use Written Acceptable Use Policy (AUP)

Disable file and printer sharing on your Internet connection

Use Firewalls Use Intrusion detection software Identify and authenticate users

Identifying and Authentically Users

Access controls (security measure that defines who can access a computer)

Maintain an audit trail (records in a file both successful and unsuccessful access attempt)

Two – Phase Process Identification – verifies individual is a

valid user Authentication – verifies the individual is

the person he/she claims to be

Three Methods of Identifying and Authenticating

User Names and Passwords Possessed Objects Biometrics Devices

Three Methods of Identifying and Authenticating

What are User Names and Passwords? User ID – a unique combination of character

that identifies on specific user Password – a private combination of character

associated the user name Longer passwords provides greater

security CAPTCHA (Completely Automated Public

Turing Test to Tell Computer and Humans Apart) Display a series of distorted characters

Three Methods of Identifying and Authenticating

What is a Possessed Object? Any items you must carry to gain access

to a computer or a computer facility▪ Examples: badges, cards, smart cards and

keys Often used with Personal Identification

Number (PIN)

Three Methods of Identifying and Authenticating

What is a Biometric Devices? Authenticated a person’s identify by translating

a personal characteristics into digital codes

Examples: Fingerprint readers, hand geometry systems, face recognition system, voice verification system, signature verification system, iris recognition system and retinal scanner

Digital Forensics

What is Digital Forensics?

Discovery, collection, and analysis of evidence found on computers and networks

Involves – examination of computer media, programs, data and log files

Hardware Theft and Vandalism

What are hardware theft and hardware vandalism?

Hardware Theft – act of stealing computer equipment

Vandalism – act of defacing or destroying a computer

Safeguards against Hardware Theft and Vandalism

Physical Access Controls Locked doors Install alarms Use cables that lock the equip Real time location system▪ Track and Identify the location of high risk or

high value items)

Software Theft -Section 3

What is software theft?

Occurs when someone Steals software media Intentionally erases programs Illegally copies a program (piracy) Illegally register and/or activates a

program

Safeguards Against Software Theft

Keep original software box in a secure location

Backup files Protect from software piracy

License agreement (right to use software)▪ Don’t own the software▪ Most common type of license – single-use

license agreement/end-user license agreement (EULA)

End-User License Agreement (EULA)

Permitted to: Install the software

on one computer Make one copy –

Backup Give or sell only if

the software is removed

Not Permitted to: Install the software

on a network Gives copies to

friends Export the software Rent or lease the

software

Software Theft

What are some other safeguards against software theft?

Business Software Alliance (BSA) promotes better understanding of software piracy problems

Product activation allows user to input product identification number online or by telephone and receive

unique installation identification number

Information Theft

Occurs when someone steals personal or confidential information

Safeguards Use user identification and

authentication Use encryption techniques

Safeguard against Information Theft

What is Encryption?

Process of converting readable data into unreadable characters to prevent unauthorized access

Encryption Process▪ Readable data – plaintext▪ Scramble data – ciphertext▪ Encryption key – use to encrypt the plaintext

Two Basic Types of Encryption Keys

Private Key (symmetric) Both the originator and recipient use the

same secret key to encrypt and decrypt data Public Key (asymmetric)

Two encryption keys (public and private) A message is encrypted with a public key

must be decrypted along with the corresponding private key

Popular encryption program – Pretty Good Privacy (PGP)

Safeguards Against Information Theft

Digital Certificates- notice that guarantees a user on a web site is legitimate

Transport Layer Security- provides encryption of all data that pasts between a client and a Internet server

Safeguards Against Information Theft

Secure HTTP – allows users to choose an encryption scheme for data that passes between a client and a Internet server

VPN-Virtual Private Network Provide the mobile users with a secure

connection to the company network server

System Failure

What is a system failure?Prolonged

malfunction of computer

Can cause loss of hardware, software , or

data

Caused by aging hardware, natural

disaster, or electrical power

disturbances

Noise-unwanted electrical

signal

Undervoltage-drop in electrical

supply

Overvoltage or power surge-

significant power increase

in electrical power

Safeguards

What is a surge protectors? Absorb small overvoltage Not 100% effective

Uninterruptible Power Supply A device that contains surge

protection circuits and more batteries that can provide power during a temporary or permanent loss of power

Backing up – The Ultimate Safety

What is a backup?

Full backup all files in computer

Selective backup Select which files

to back up

Three-generation backup

Preserves three copies of important

files

Store in a fireproof and heat proof safe or vault, offsite

Duplicate of file, program, or disk