computer security threats & prevention
TRANSCRIPT
Computer
Security Threats
& PreventionBy: M.Jawad & Adnan
What is a Threat?In computer security a threat is a possibledanger that might exploit a vulnerability tobreach security and thus cause possible harm.
A threat can be either "intentional" (i.e.,intelligent; e.g., an individual cracker or acriminal organization) or "accidental" (e.g., thepossibility of a computer malfunctioning, or thepossibility of a natural disaster such as anearthquake, a fire, or a tornado) or otherwise acircumstance, capability, action, or event
History of computer security
threats.
1986 The first virus for PCs
The first virus for IBM PCs, Brain, was written by twobrothers in Pakistan, when they noticed that peoplewere copying their software. The virus put a copy ofitself and a copyright message on any floppy diskcopies their customers made.
1971 The first worm
Bob Thomas, a developer working on ARPANET, a
precursor to the Internet, wrote a program called
Creeper that passed from computer to computer,
displaying a message.
1988 The Internet Worm
Robert Morris, a 23-year-old student, released aworm on the US DARPA Internet. It spread tothousands of computers and, due to an error, keptre-infecting computers many times, causing them tocrash.
1999 Email viruses
Melissa, a virus that forwards itself by email, spreadworldwide. Bubbleboy, the first virus to infect acomputer when email is viewed, appeared.
2000 Denial-of-service attacks
“Distributed denial-of-service” attacks by hackersput Yahoo!, eBay, Amazon and other high profilewebsites offline for several hours.
Love Bug became the most successful email virusyet.
Threats and their typesThere are so many types of threats but we will discus here today about software threats.
Malware
Trojans
Virus
Firewall breech
Computer Policy Disturbance
Bugs and Flaws
Adware
Backdoors
Email Trojans
DDOS
Cookies
Keylogging
ect….
Definitions and theory Virus:
Perhaps the most well known computersecurity threat, a computer virus is a program writtento alter the way a computer operates, without thepermission or knowledge of the user. A virusreplicates and executes itself, usually doing damageto your computer in the process.
Spyware:A serious computer security threat, spyware is
any program that monitors your online activities orinstalls programs without your consent for profit or tocapture personal information.
Backdoors:
A backdoor Trojan allows someone totake control of another user’s computer via theinternet without their permission.
A backdoor Trojan may pose as legitimatesoftware, just as other Trojan horse programs.
Cookies:
Cookies are fi les on your computer thatenable websites to remember your details.
When you visit a website, it can place a fi lecalled a cookie on your computer. This enablesthe website to remember your details and trackyour visits. Cookies can be a threat toconfidentiality, but not to your data.
DDOS (Denial-of-service attack):A denial-of-service (DoS) attack prevents
users from accessing a computer or website. Ina DoS attack, a hacker attempts to overload orshut down a computer, so that legitimate userscan no longer access it. Typical DoS attackstarget web servers and aim to make websitesunavailable. No data is stolen or compromised,but the interruption to the service can be costlyfor a company.
Email Trojans:Many of the most prolific viruses distribute
themselves automatically by email. Typically, email-aware viruses depend on the user double-clicking on an attachment.
This runs the malicious code, which will then mail itself to other people from that computer.
Boot Sector Malware:
When you turn on a computer, the hardwarelooks for the boot sector program, which is usually onthe hard disk (but can be on a CD/DVD orFlashDrive), and runs it. This program then loads the
rest of the operating system into memory.
Boot sector malware replaces the original bootsector with its own, modified version (and usuallyhides the original somewhere else on the hard disk).The next time you start up, the infected boot sector isused and the malware becomes active.
Autorun worm:
Autorun worms are malicious programs thattake advantage of the Windows AutoRun feature.They execute automatically when the device onwhich they are stored is plugged into a computer.
Keylogging:
Keylogging is the proces of secretly
recording keystrokes by an unauthorized
third party. Keylogging is often used by
malware to steal usernames, passwords,
credit card details and other sensitive data.
Threats Ratio
Statics and Reports from all
over the Globe. (2013)
Targeted operating systems and softwares
By countries
Computer Infection level TOP 20
World Map
PreventionIdentify your weaknesses. Like a fort that surrounds a castle, your protection isonly as strong as your weakest point. Review how your company and your clientsaccess your network. Make sure every entry point is secured with passwords andencryption.
Install anti-virus software on your computers. Many Internet service providerssupply these with your agreement. But if they don’t, invest in an anti-virusprogram to prevent malware attacks on your system.
Install perimeter security solutions. There are three types of network perimetersecurity:
1) Firewall – Prevents unauthorized Internet users from accessing your privatenetwork via the Internet
2) Intrusion Detection System – Monitors and reports on threats to your network
3) Intrusion Prevention Program – Stops threats as well as reports on them
Use a spam filter. You can either install spam filtering software on your computer or network server, buy a dedicated appliance or outsource spam filtering to an online service provider. The software option is typically more budget-friendly, but online services may be more effective and more suitable for higher volumes of emails.
Backup your important data. Identify the vital data you need to protect - accounting information, business plans, customer databases, vendor information, marketing documents, etc. Then, choose from offline and online data backup solutions to ensure the security and availability of your critical business information. Set a backup schedule and test your solutions regularly.
Encrypt your files, hard drives and backup disks. By encrypting your hardware and data, only people with a valid password will have access. It’s a necessary step.
Set up a virtual private network (VPN). By creating a VPN, team members working from home or on the road using Wi-Fi in public won’t be exposing your business to security threats.
Automate security updates. By enabling auto updates, your computer will always have the most recent form of software and anti-virus programs installed.
Restrict total access. Don’t give all team members universal access to every part of your network. Protect sensitive files and databases with passwords that only your key people know.
Monitor network traffic. Install software or hardware that keeps an eye on who’s visiting which sites and which of your computers they’re using.
Review your security periodically. Stay aware of new security threats and improved solutions by visiting your security software/service vendor websites. As your business grows, you may need to take new security measures.
Don’t host your business website. Consider using a website hosting service that will take care of your website’s security needs and provide redundancy, which will allow your website to be properly restored if attacked.
Add example video from
YouTube
Web and Document
References
Wikipedia
Kaspersky Lab
Kaspersky Security Bulletin (2013)
Security Magazine (2013)
Webroot
Sophos
Norton
ESET NOD 32
Securelist
Youtube