2 Discuss techniques to prevent unauthorized computer access and use Objectives OverviewDefine the term, digital security risks, and briefly describe the types of cybercriminalsDescribe various types of Internet and network attacks, and explain ways to safeguard against these attacksDiscuss techniques to prevent unauthorized computer access and useExplain the ways that software manufacturers protect against software piracyDiscuss how encryption, digital signatures, and digital certificates workDiscovering Computers 2014: Chapter 5
3 Objectives OverviewIdentify safeguards against hardware theft, vandalism, and failureExplain the options available for backing upIdentify risks and safeguards associated with wireless communicationsRecognize issues related to information accuracy, intellectual property rights, codes of conduct, and green computingDiscuss issues surrounding information privacyDiscovering Computers 2014: Chapter 5for Detailed ObjectivesSee Page 202
4 Digital Security Risks A digital security risk is any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capabilityAny illegal act involving the use of a computer or related devices generally is referred to as a computer crime.A cybercrime is an online or Internet-based illegal act.Software used by cybercriminals is called crimeware.While some breaches to computer security are accidental, many are intentional. Some intruders do not damage, they merely access data, information, or programs on the computer before logging off. Other intruders indicate some evidence of their presence either by leaving a message or by deliberately altering or damaging data.Discovering Computers 2014: Chapter 5
5 Cybercrime is one of the FBI’s top three priorities
7 HackerOriginally a complimentary word for a computer enthusiast, now has a derogatory meaningRefers to someone who accesses a computer or network illegally.Some hacker claim the intent of their security breaches is to improve security.
8 CrackerAlso is someone who accesses a computer or network illegally, but has the intent of destroying data, stealing information, or other malicious action.Both Hackers and Crackers have advanced computer and network skills
9 Script KiddieHas the same intent as a cracker but does not have the technical skills and knowledge.Script Kiddies often use prewritten hacking and cracking programs to break into computers
10 Corporate SpyHave excellent computer and networking skills and are hired to break into a specific computer and steal data and informationOr could be hired to identify security risks in their own organization.Unscrupulous companies hire corporate spies, a practice know as corporate espionage to gain a competitive advantage.
11 Unethical EmployeesBreak into employer’s computers for a variety of reasonsExploit a security weaknessSeek financial gain – sell confidential informationDisgruntled employees may want revenge
12 Cyberextortionist Someone who uses email as a vehicle for extortion. Send an organization a threatening message indicating they will expose confidential information, exploit a security flaw, of launch an attack on their networt… if they are not paid a sum of money.
13 CyberterroristUses the internet or network to destroy or damage computers for political reasons.Might target the nation’s air traffic control system, energy – generating companies, or a telecommunications infrastructure.Cyberwarfare describes an attack whose goal ranges from disabling a government’s computer network to crippling a country.Cyberterrorism and cyberwarfare require highly skilled individuals, millions of dollars, and a few years of planning.
15 Internet and Network Attacks Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premisesMalware, short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devicesTable 5-1PagesDiscovering Computers 2014: Chapter 5
16 Internet and Network Attacks To determine whether your computer if vulnerable to an Internet or Network attack. You could use an online security service.An online security service is a web site that evaluates your computer to check for vulnerabilities. Then it provides recommendations of how to address them.Popular Online Security Services for PCAudit my PCMcAfee FreeScanSymantec Security CheckTrend Micro House CallDiscovering Computers 2014: Chapter 5
17 Internet and Network Attacks viruswormTrojan HorseRootkitEvery unprotected computer is susceptible to this first type of security risk
18 VirusPotentially damaging computer program that affect, or infects a computer negatively by altering the way the computer works without the user’s knowledge or permissionOnce the virus infects the computer, it can spread throughout and may damage files and system software, including the operating system.
19 WormProgram that copies itself repeatedly, or example in memory or on a network, using up resources and possibly shutting down the computer or network.
20 Trojan Horse (named after the Greek Myth) Program that hides within or looks like a legitimate program.A certain condition or action usually triggers the Trojan Horse.Unlike a virus or worm, a Trojan horse does NOT replicate itself to other computers
21 RootkitProgram that hides in a computer and allows someone from a remote location take full control of the computerOnce installed, the author can execute program, change setting, monitor activity, and access files.Although rootkits can have legitimate uses, such as law enforcement, their use for in illegal activities is growing rapidly.
22 Malware Short for malicious software Computer Viruses, worms, Trojan horses, and rootkits – act without users knowledgeOthers are backdoors and spyware – laterSome malware is combination of two or more classesMyDoom and Blaster are wormsMelissa has elements of virus, worm and Trojan Horse
23 PayloadThe destructive event or prank the program is intended to deliver.Symptoms –Operating System runs much slower than usualAvailable memory is less than expectedFiles become corruptedScreen displays unusual message or imageMusic or unusual sound plays randomly.Existing programs and file disappearPrograms or files do not work properlyUnknown files or programs mysteriously appearSystem properties changeOperating System does not start upOperating System shuts down unexpectedly
24 PayloadMalware delivers its payload on a computer in a variety of ways…When user opens an infected file,Runs an infected programStarts (boots) the computer with an infected removable media inserted in a a drive or plugged in a port.Connect an unprotected computer to a networkWhen a particular event occur (clock changing to a specific date.
26 SafeguardsChecking latest virus statistics:Media sharing – Over half a million people download virusesNo guarantee existsDon’t start computer with media in drivesNever open attachment unless you know the sender – deleteCarefully check spelling that looks likes a trusted sourse.
27 SafeguardsSome viruses are hidden in MACROS – instructions saved in software such as word processing or spreadsheets. – In programs that allow macros, you should set the macro security level so that the application software warns the user that the document they are trying to open contains macros. Only allow from a trusted source.INSTALL AN ANTIVIRUS PROGRAM AND UPDATE IT FREQUENTLY. Identifies and remove any computer viruses found in memory, on storage media, or incoming files. Most antivirus programs protect against other malware. They also check for programs that try to modify the boot program.
28 How do Virus Programs Work? Look for virus signature (also called a virus definition) – a known specific pattern of virus code. – update your antivirus program’s signature files regularly. Protects against viruses written since the virus program was released or updates. AUTOMATIC UPDATE. (ONCE A WEEK)Inoculate existing program files. Records size and creation date in separate inoculation file, checks for changes.When virus is detected, it attempts to remove the infection, quarantines it into a separate place on hard drive until it can be removed – so other files will be not be infected.Users can quarantine files.May need to reformat your hard drive – important to have BACK UP.Firewalls will be discussed later.
29 Internet and Network Attacks A botnet is a group of compromised computers or mobile devices connected to a networkA compromised computer or device is known as a zombieA denial of service attack (DoS attack) disrupts computer access to Internet servicesDistributed DoS (DDoS)A back door is a program or set of instructions in a program that allow users to bypass security controlsSpoofing is a technique intruders use to make their network or Internet transmission appear legitimateDiscovering Computers 2014: Chapter 5Pages