chapter 8 security issues and strategies

© Paradigm Publishing, Inc. 8-1

Chapter 8 Security Issues and Strategies

Chapter 8Security Issues and Strategies


Presentation Overview

• Risk Assessment• Network and Internet Security Risks• Computer Viruses• Hardware and Software Security Risks• Security Strategies for Protecting Computer

Systems and Data


Risk Assessment

Why is risk assessment important when defining security strategies?

– In order to protect their systems adequately, organizations need to assess the level of security risk that they face.

– The two factors that determine the level of security risk are• Threat – the severity of a security breach• Vulnerability – the likelihood of a security breach


Risk Assessment

The higher the level of vulnerability and threat, the higher the level of risk.


Risk Assessment

Companies today face security problems in three broad areas:

– Network and Internet security risks– Computer viruses– Hardware and software security risks


Network and Internet Security Risks

What are the security risks on networks and the Internet?

– Unauthorized access– Denial of service attacks– Information theft



Unauthorized Access– A hacker is a computer expert that seeks

programming, security, and system challenges.– A cracker is a hacker with malicious or

criminal intent.– A cyberwar occurs when a group of hackers

attacks a site in a competing country when news events between two potential foes cause a flare-up of tensions.



Annual Percentage of Unauthorized Access to Computers



Unauthorized Access– User IDs and passwords – hackers gain entry

by finding a working user ID and password– System backdoor – a test user ID and

password that provides the highest level of authorization



Unauthorized Access– Spoofing –fooling another computer by

pretending to send packets from a legitimate source

– Online predator – an individual who uses the Internet to talk young people into meeting or exchanging photos with him or her



In a denial of service (DoS) attack, one or more hackers run multiple copies of a program that asks for the same information from a Web site over and over again, flooding the system and essentially shutting it down.



Information Theft– Stealing corporate information is easy to do and

difficult to detect.– The limited security of wireless devices has

made it even easier.Wired Equivalent Privacy (WEP) is a security protocol that makes it more difficult for hackers to intercept wireless data transmissions.

– Data browsing is when workers invade the privacy of others by viewing private data.


Computer Viruses

• A computer virus is a program, written by a hacker or cracker, that is designed to perform some kind of trick upon an unsuspecting victim.

• A worm doesn’t wait for a user to execute an attachment or open a file with a macro; instead, it actively attempts to move and copy itself.


Computer Viruses

Viruses are often transmitted over the Internet and through shared devices such as flash drives.


Computer Viruses

Virus Symptoms


Computer Viruses

Impact of Viruses– A nuisance virus usually does no real damage,

but is rather just an inconvenience.– An espionage virus does not inflict immediate

damage, but it allows the hacker or cracker to enter the system later to steal data or spy.

– A data-destructive virus is designed to erase or corrupt files so that they are unreadable.


Computer Viruses

Methods of Virus Operation– A macro virus is written specifically for one

program, such as Microsoft Word.• If the user activates macros, infecting the program,

every file created or edited using that program will become infected too.

– A variant virus is programmed to change itself to fool programs meant to stop it.

– A stealth virus tries to hide from software designed to find and destroy it.


Computer Viruses

Methods of Virus Operation– A boot sector virus is designed to alter the

boot sector of a disk (which contains a variety of information) so that whenever the operating system reads the boot sector, the computer will become infected.

– A Trojan horse virus hides inside another legitimate program or data file.


Computer Viruses

Methods of Virus Operation– A multipartite virus utilizes several forms of

attack.– A logic bomb virus sits quietly dormant,

waiting for a specific event or set of conditions to occur before it infects the computer.


Hardware and Software Security Risks

Systems FailureA power spike is a sudden rise or fall in the power level that can cause poor performance or permanently damage hardware.

• A surge protector can guard against power spikes.• An uninterruptible power supply (UPS) is a more

vigorous power protection system which provides a battery backup and can keep computers running during a blackout.



Employee Theft– Businesses lose millions of dollars a year in

stolen computer hardware and software. – The costs involved include

• The cost of the stolen software and hardware• The cost of replacing lost data• The cost of the time lost while the machines are

gone• The cost of installing new machines and training

people to use them



Cracking Software for Copying– A crack is a method of circumventing a

security scheme that prevents a user from copying a program.• For example, copying a CD with a burner

– Some companies are trying to make duplication difficult by scrambling some of the data on their original CDs.


Security Strategies for Protecting Computer Systems and Data

Components of Physical Security

– The location of devices

– The use of locking equipment



Firewalls– A firewall will generally allow normal Web

browser operations but will prevent many other types of communication.

– The firewall checks incoming data against a list of known, trusted sources.

If a packet does not fit the profile of anything on the firewall’s list, it is rejected.



Network Sniffers– A network sniffer is a software package that

displays network traffic data.– It shows which resources employees are using

and the Web sites they are visiting.– It can be used to monitor, prevent unauthorized

activity, or troubleshoot network connections and improve system performance.



Antivirus Software– Antivirus software detects and deletes known

viruses.– The Internet helps antivirus software to update

itself.• There are 10 to 20 new viruses reported daily.• Antivirus programs must be upgraded constantly.



Data Backups– Data should always be backed up and placed in

a safe spot.– A rotating backup involves many copies of

data which are updated on a set schedule.• This is a time-saving method of backup.• If the database is lost or corrupted, many copies

exist, some of which may predate the problem.



Disaster Recovery Plan– A disaster recovery plan is a safety system

that allows a company to restore its systems after a complete loss of data.

– A typical disaster recovery plan includes• Data backup procedures• Remotely located backup copies• Redundant systems

A mirrored hard drive is one that contains exactly the same data as the original.



Authentication– Authentication is proof that a user is who he

says he is, and that he is authorized to access an account.

– Common forms of authentication include• Personal identification numbers• User IDs and passwords• Smart cards• Biometrics



Data Encryption– Encryption scrambles information so that it is

unreadable.This unreadable text is called ciphertext.

– Data encryption schemes include an encryption key that is shared between the two computers that wish to communicate.



Monitoring and Auditing– Employers can monitor their employees at

work in a number of ways.• Keyboard loggers store keystrokes on hard drive.• Internet traffic trackers record the Web sites that

employees visit for later auditing.– Auditing involves a review of monitoring data

and systems logins to look for unauthorized access or suspicious behavior.


On the Horizon

Based on the information presented in this chapter and your own experience, what do you think is on the horizon?

chapter 8 security issues and strategies

Documents