Computer Security and Safety, Ethics and Privacy
Chapter 11
Computer Security Risks
What is a computer security risk?
Any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.
Intentional Breach of Computer Security Computer Crime (illegal act involving a
computer) Cybercrime (Online or Internet-based
illegal acts)
Seven Basic Categories of Cybercrime
Hacker – Access a computer illegally Cracker – Access a computer illegally
but has the intent of destroying Script Kiddie – Same intent but not have
the technical skills and knowledge Corporate Spies – Hired to break into a
computer, steal data info, to help indentify security risks
Unethical employees-want to exploit a security weakness
Seven Basic Categories of Cybercrime cont..
Cyberextortionist – Use the email as a vehicle for extortion
Cyberterriorist - Destroy or damage for political reason
Both requires a team of highly skilled individuals, millions of dollars and years of planning
Common Computer Security Risks
Internet and Network Attacks Unauthorized Access and Use Hardware theft Software theft Information theft System failure
Internet and Network Attacks
What are Computer Viruses, worms, Trojan horses and Rootkits?
Computer Viruses
Potentially damaging computer program
RootkitsHides in a
computer and allows
someone from a remote
location to take full control
WormA program that copies
itself repeatedly,
using up resources and
possibly shutting down computer or
network
Trojan HorseHides within or
looks likes a legitimate
program until triggered
Computer Virus, Worms, Trojan Horse and Rootkits
What is Malware? Programs that act without a user’s
knowledge and deliberately alters the computer operation.
Unscrupulous programmer write malware and then test to ensure it can deliver it payload (destructive event or prank the program is intended to deliver)
Malware Delivers Its Payload
When a user: Opens an infected file Runs an infected program Boots the computer with an infected
removable media Connect to an unprotected computer
Most common way – email attachments
Safeguards Against Computer Virus
No guarantee methods Some ways to Prevent Viruses
Do not start computer with removable disks
Never open email attachment unless from trusted source
Install an Antivirus program Stay informed about new virus and virus
hoax
Internet and Network Attacks
What is an Antivirus program? Popular Antivirus
Programs
AVG Anti-Virusavast! Antivirus
CA Anti-VirusF-Secure Anti-Virus
Kaspersky Anti-VirusMcAfee Virus ScanNorton AntiVirus
Trend Micro AntiVirusVexira Antivirus
•Identifies and removes computer viruses
•Most also protect against worms, Trojan horses and spyware
Internet and Network Attacks
What is a virus signature?Specific pattern of virus code•Also called virus definition
Antivirus programs look for virus signatures
Internet and Network Attacks
How does an antivirus program inoculate a program file?
Attempts to remove
any detected
virus
Records information
about program
such as file s and
creation date
Uses informati
on to detect if
virus tampers with file
Quarantines
Infected files that cannot remove
Internet and Network AttacksWhat are a Botnet, denial of
service attack, back door and spoofing?A Botnet is a group of comprised
computers connected to a network that are used as part of a network that attack
other networksA denial of service attack is an assault
whose purpose is to disrupt a computer access to an Internet data
A back door is a program or set of instruction in a program that allow users
to bypass security controls when accessing a computer resource
Spoofing is a technique intruders use to make their network or Internet
transmission appear legitimate to a victim computer or network
Safegaurd against Botnet, DoS/DDoS attack, Backdoors and Spoofing
Firewalls Protects a network’s resources from intrusion by user
on another network
Intrusion Detection Software Automatically analyze all network traffic, assess
system vulnerabilities, identifies any unauthorized intrusion, and notifies network administration of suspicious behavior pattern.
Honeypots A vulnerable computer that is setup to enticed an
intruder to break into it
Unauthorized Access and Use- Section 2
What is Unauthorized Access and Unauthorized Use?
Unauthorized Access – use of a computer in a network without permission
Unauthorized Use – the use of a computer or its data for unapproved or possibility illegal activities
Safeguard Against Unauthorized Access and Use
Use Written Acceptable Use Policy (AUP)
Disable file and printer sharing on your Internet connection
Use Firewalls Use Intrusion detection software Identify and authenticate users
Identifying and Authentically Users
Access controls (security measure that defines who can access a computer)
Maintain an audit trail (records in a file both successful and unsuccessful access attempt)
Two – Phase Process Identification – verifies individual is a
valid user Authentication – verifies the individual is
the person he/she claims to be
Three Methods of Identifying and Authenticating
User Names and Passwords Possessed Objects Biometrics Devices
Three Methods of Identifying and Authenticating
What are User Names and Passwords? User ID – a unique combination of character
that identifies on specific user Password – a private combination of character
associated the user name Longer passwords provides greater
security CAPTCHA (Completely Automated Public
Turing Test to Tell Computer and Humans Apart) Display a series of distorted characters
Three Methods of Identifying and Authenticating
What is a Possessed Object? Any items you must carry to gain access
to a computer or a computer facility▪ Examples: badges, cards, smart cards and
keys Often used with Personal Identification
Number (PIN)
Three Methods of Identifying and Authenticating
What is a Biometric Devices? Authenticated a person’s identify by translating
a personal characteristics into digital codes
Examples: Fingerprint readers, hand geometry systems, face recognition system, voice verification system, signature verification system, iris recognition system and retinal scanner
Digital Forensics
What is Digital Forensics?
Discovery, collection, and analysis of evidence found on computers and networks
Involves – examination of computer media, programs, data and log files
Hardware Theft and Vandalism
What are hardware theft and hardware vandalism?
Hardware Theft – act of stealing computer equipment
Vandalism – act of defacing or destroying a computer
Safeguards against Hardware Theft and Vandalism
Physical Access Controls Locked doors Install alarms Use cables that lock the equip Real time location system▪ Track and Identify the location of high risk or
high value items)
Software Theft -Section 3
What is software theft?
Occurs when someone Steals software media Intentionally erases programs Illegally copies a program (piracy) Illegally register and/or activates a
program
Safeguards Against Software Theft
Keep original software box in a secure location
Backup files Protect from software piracy
License agreement (right to use software)▪ Don’t own the software▪ Most common type of license – single-use
license agreement/end-user license agreement (EULA)
End-User License Agreement (EULA)
Permitted to: Install the software
on one computer Make one copy –
Backup Give or sell only if
the software is removed
Not Permitted to: Install the software
on a network Gives copies to
friends Export the software Rent or lease the
software
Software Theft
What are some other safeguards against software theft?
Business Software Alliance (BSA) promotes better understanding of software piracy problems
Product activation allows user to input product identification number online or by telephone and receive
unique installation identification number
Information Theft
Occurs when someone steals personal or confidential information
Safeguards Use user identification and
authentication Use encryption techniques
Safeguard against Information Theft
What is Encryption?
Process of converting readable data into unreadable characters to prevent unauthorized access
Encryption Process▪ Readable data – plaintext▪ Scramble data – ciphertext▪ Encryption key – use to encrypt the plaintext
Two Basic Types of Encryption Keys
Private Key (symmetric) Both the originator and recipient use the
same secret key to encrypt and decrypt data Public Key (asymmetric)
Two encryption keys (public and private) A message is encrypted with a public key
must be decrypted along with the corresponding private key
Popular encryption program – Pretty Good Privacy (PGP)
Safeguards Against Information Theft
Digital Certificates- notice that guarantees a user on a web site is legitimate
Transport Layer Security- provides encryption of all data that pasts between a client and a Internet server
Safeguards Against Information Theft
Secure HTTP – allows users to choose an encryption scheme for data that passes between a client and a Internet server
VPN-Virtual Private Network Provide the mobile users with a secure
connection to the company network server
System Failure
What is a system failure?Prolonged
malfunction of computer
Can cause loss of hardware, software , or
data
Caused by aging hardware, natural
disaster, or electrical power
disturbances
Noise-unwanted electrical
signal
Undervoltage-drop in electrical
supply
Overvoltage or power surge-
significant power increase
in electrical power
Safeguards
What is a surge protectors? Absorb small overvoltage Not 100% effective
Uninterruptible Power Supply A device that contains surge
protection circuits and more batteries that can provide power during a temporary or permanent loss of power
Backing up – The Ultimate Safety
What is a backup?
Full backup all files in computer
Selective backup Select which files
to back up
Three-generation backup
Preserves three copies of important
files
Store in a fireproof and heat proof safe or vault, offsite
Duplicate of file, program, or disk