4.2.1 computer security risks
DESCRIPTION
TRANSCRIPT
4.0 COMPUTER ETHICS AND SECURITY
4.2 Computer Security
4.2.1 Computer Security Risks
2
LEARNING OUTCOMES:
At the end of this topic, students should be able to:
Define computer security risks. Identify types of security risks.
3
• Computer Security Risks is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.
DEFINITION
Types of Computer Security Risks
5
Internet and network attackInternet and network attack
Hardware theftHardware theft
Information theftInformation theft
Unauthorized access and useUnauthorized access and use
Software theftSoftware theft
System failureSystem failure
Types of Computer Security Risks
1. Internet and network attacks
• Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises.
7
1. Malware1. Malware
2. Botnets2. Botnets
5. Spoofing5. Spoofing
4. Denial of service attacks4. Denial of service attacks
3. Back Doors3. Back Doors
Internet and network attacks
• Malware (malicious software) – which are program that act without a user’s knowledge and deliberately alter the computer operation.
• Type of malware:i. Computer virusesii. Wormsiii. Trojan Horsesiv. Rootkitv. Back doorvi. Spyware
1a.Malware
9
Malware
Symptoms Malware
• Operating system runs much slower than usual
• Available memory is less than expected
• Files become corrupted
• Screen displays unusual message or image
• Music or unusual sound plays randomly
• Existing programs and files disappear
10
Malware
Symptoms Malware
• Programs or files do not work properly
• Unknown programs or files mysteriously appear
• System properties change
• Operating system does not start up
• Operating system shuts down unexpectedly
11
1. Worm
Is a program that copies itself repeatedly, for example in memory or on a network, using up resources and possibly shutting down the computer or network.
Malware
12
2. Computer Virus
is a potentially damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.
Malware
13
2. Computer Virus
it can spread throughout and may damage files and system software, including the operating system.
Malware
14
3. Trojan horse
Internet and network attacks
Is a program that hides within or looks like a legitimate program. It does not replicate itself to other computers.
Malware
15
3. Trojan horse
Internet and network attacks
it can spread throughout and may damage files and system software, including the operating system.
Malware
16
4. Rootkit
Internet and network attacks
• Is a program that hides in a computer and allows someone from a remote location to take full control of the computer.
• The rootkit author can execute programs, change settings, monitor activity, and access files on the remote computer
Malware
17
5. Spyware & Adware
Internet and network attacks
• Spyware is a program placed on a computer without the users knowledge that secretly collects information about the user.
• Adware is a program that displays an online advertisement in a banner or pop-up window on web pages, e-mail messages or other internet services
Malware
• a group of compromised computers connected to a network such as the Internet that are used as part of a network that attacks other networks, usually for nefarious purposes.
1b.Botnets
• A program or set of instructions in a program that allow users to bypass security controls when accessing a program, computer, or network
1c.Back Door
Denial of service attacks or DoS attack, is an assault whose purpose is to disrupt computer access to an Internet service such as the Web or e-mail.
1d.Denial of Service Attacks
• A technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network.
1e.Spoofing
2.Unauthorized Access and Use
Unauthorized accessThe use of a computer or network without permission.
Unauthorized useThe use of a computer or its data for unapproved or possibly illegal activities.
3.Hardware Theft and Vandalism
Hardware theftIs the act of stealing computer equipment.
Hardware vandalismThe act of defacing or destroying computer equipment.
4.Software Theft
Steals software media
Intentionally erases
programs
Illegally copies a program
Illegally registers and/or
activates a program
5.Information Theft
Occurs when someone steals personal or confidential information.
If stolen, the loss of information can cause as much damage as (if not more than) hardware or software theft.
System Failure
A system failure is the prolonged malfunction of a computer
A variety of factors can lead to system failure, including:
• Aging hardware• Natural disasters• Electrical power problems
• Noise, undervoltages, and overvoltages• Errors in computer programs