Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Security Risks

Published byErick Harmon Modified over 8 years ago

Similar presentations

Presentation on theme: "Computer Security Risks"— Presentation transcript:

1

2 Computer Security Risks
What is a computer security risk? Any event or action that could cause a loss of or damage to a computer system (hardware, software, data, information, or processing capability)

3 Computer Security Myths
Myth 4: I can protect my PC if I disconnect from the Internet or turn it off when not using it. Myth 5: Mac & Linux computers are safe from viruses/attacks. Myth 6: Security threats only come from outside your network or company. Myth 1: I have anti-virus software so my PC wont get infected. Myth 2: Anti-virus software protects against spyware. Myth 3: My network is behind a firewall, I am safe from hackers. Myth 7: Cellphones and other mobile devices aren’t susceptible to viruses and other security risks.

4 Computer Security Risks
A cybercrime is an online or Internet-based illegal act. An example of cybercriminals include: Hackers Crackers Script Kiddies Corporate Spies Unethical Employees Cyberextortionists Cyberterrorists

5 Computer Security Risks: Hackers
The term hacker was originally used for people that write code (programmers) and other computer enthusiasts. Later adapted to people that crack the security of computer systems. Methods of Attack: Malware Key-logging Packet-sniffing Port-scanning DoS (denial of service) Social engineering Dumpster diving

6 Computer Security Risks: Malware
What is a Malware? Short for malicious software. Software designed for a malicious purpose. Used to intrude or damage a computer system. Examples of Malware: Viruses, Worms, Trojans Rootkit Spyware

7 Attacks: Viruses Virus Trojan Horse Worms
A program that attaches itself to a file. Spreads to other files, and delivers a destructive action called a payload. Trojan Horse Appears to be a harmless program. When they run, install programs on the computer that can be harmful. Used to open a backdoor for hackers to gain control of your computer. Worms Acts as a free agent, replicating itself numerous times in an effort to overwhelm systems.

8 Attacks: Spyware Spyware Adware
A program that is installed on your computer without your knowledge or consent. Their purpose is to collect information about you. They can be a pain! Keep you from visiting certain sites Very difficult to remove. Anti-spyware programs indentify and remove spyware programs from your computer. Adware A program that displays online advertisements.

9 Internet and Network Attacks
Computer Virus Affects a computer negatively by altering the way the computer works Worm Copies itself repeatedly, using up resources and possibly shutting down the computer or network Trojan Horse A malicious program that hides within or looks like a legitimate program Rootkit Program that hides in a computer and allows someone from a remote location to take full control

10 Attacks: Viruses How can a virus spread?
Using infected removable media. USB flash-drives, CDs/DVDs, floppy disks. From the Internet. Downloading an infected file or program. File sharing networks. Websites that contain harmful script. Through attachments.

11 Attacks: Viruses

12 Attacks: Viruses An infected computer has one or more of the following symptoms: Operating system runs much slower than usual Available memory is less than expected Files become corrupted Screen displays unusual message or image Music or unusual sound plays randomly Existing programs and files disappear Programs or files do not work properly Unknown programs or files mysteriously appear System properties change Operating system does not start up Operating system shuts down unexpectedly

13 Video: Attack of the Mobile Viruses
CLICK TO START

14 Preventing Virus Attacks
An anti-virus program is software that identifies and removes viruses. This software looks for a virus signature, which is a specific pattern of virus code. Also called a virus definition.

15 Preventing Malware Attacks

16 Internet and Network Attacks
A denial of service attack (DoS attack) disrupts computer and network communications. A computer system or network is bombarded with so many requests, such that it cannot handle legitimate requests and eventually renders it useless. Usually disrupts the computer or network’s access to the Internet. Distributed DoS (DDoS). A botnet is a group of compromised computers connected to a network. A compromised computer is known as a zombie. A back door is a program or set of instructions in a program that allow users to bypass security controls. It is simply a security hole or exploit that allows access to a computer system.

17 Scam in which a perpetrator sends an official looking
Attacks: Phishing Scam in which a perpetrator sends an official looking and/or uses a fake website in an attempt to obtain your personal and financial information. What is phishing?

18 Internet and Network Attacks
Spoofing is a technique used by intruders to make their network or Internet transmission appear legitimated. Types of Spoofing IP Spoofing Used by a hacker to gain access into a network or computer. Webpage Spoofing Makes a website look and feel like a legitimate website used in phishing attacks. CalledID Spoofing Used to lie about the caller’s phone number and name. Spoofing Used by spammers to hide the origin of an . DNS cache poising is used to redirect a person away from a legitimate site to a fake one.

19 Video: Bluetooth Hacking

20 Preventing Internet and Network Attacks
A firewall is a security system consisting of hardware and/or software that protects a network and computer from intrusion.

21 Preventing Internet and Network Attacks
What is a honeypot? A trap set to detect and counteract network intrusions. Typically a vulnerable computer that is set up to entice an intruder to break into it. A honeynet is two or more honeypots setup on a network.

22 Unauthorized Access and Use
Unauthorized access is the use of a computer or network without permission Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities

23 Unauthorized Access and Use
Organizations take several measures to help prevent unauthorized access and use. Acceptable use policy User policies and privileges Firewalls Intrusion detection software

24 Unauthorized Access and Use
Make stronger passwords. Longer passwords provide greater security. Mix letters (uppercase and lowercase), numbers, and symbols.

25 Unauthorized Access and Use
A possessed object is any item that you must carry to gain access to a computer or computer facility. Often are used in combination with a personal identification number (PIN). Smartcards contain embedded circuitry that allow it to process data. Provide greater security.

26 Unauthorized Access Tips for protecting your computer:
Disable file and printer sharing on Internet connection File and printer sharing turned off

27 Unauthorized Access and Use
A biometric device authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer. Facial Recognition Uses mathematical technique to measure the distances between 128 points on the face. Retinal Scanner Analyzes the pattern of blood vessels at the back of the eye.

28 Video: Future of Facial Recognition

29 Unauthorized Access and Use
Digital forensics is the discovery, collection, and analysis of evidence found on computers and networks. Many areas use digital forensics Law enforcement Criminal prosecutors Military intelligence Insurance agencies Information security departments

30 Hardware Theft and Vandalism
Hardware theft is the act of stealing computer equipment Hardware vandalism is the act of defacing or destroying computer equipment

31 Hardware Theft and Vandalism
To help reduce the of chances of theft, companies and schools use a variety of security measures Physical access controls Alarm systems Cables to lock equipment Real time location system Passwords, possessed objects, and biometrics

32 Software Theft Software theft occurs when someone:
Steals software media Intentionally erases programs Illegally copies a program Illegally registers and/or activates a program

33 Software Theft A single-user license agreement typically contains the following conditions: Permitted to Install the software on one computer Make one copy of the software Remove the software from your computer before giving it away or selling it Not permitted to Install the software on a network Give copies to friends or colleagues while continuing to use the software Export the software Rent or lease the software

34 Software Theft There are some safeguards against software theft: Product activation allows user to input product identification number online or by phone and receive unique installation identification number Business Software Alliance (BSA) promotes better understanding of software piracy problems

35 Information Theft Information theft occurs when someone steals personal or confidential information. Financial Information Banking information, credit cards, e-cash, etc.. Personal Information SSN, medical info, occupational info, etc… Business & Government Information Top-secret military information Industrial secrets Identity Theft is the criminal act of using stolen information about a person to assume that person’s identity. In 2008, over 10 million people were affected (22% increase over 2007).

36 Information Theft What is encryption?
The process of converting readable data (plaintext) into unreadable characters (ciphered text). A safeguard against information theft. An encryption key is a mathematical formula used to convert data into ciphered text. To read the data, the recipient must decipher or decrypt the data.

37 Information Theft Example of an encrypted file:

38 Information Theft

39 Information Theft How to encrypt files & folders in Windows Vista & Windows 7: Right-click the folder or file you want to encrypt, and then click Properties. Click the Advanced button. Select the Encrypt contents to secure data check box, and then click OK. *** To decrypt the folder, just remove the check from the checkbox.

40 Information Theft What is BitLocker Drive Encryption in Windows?
Software used to encrypt an entire hard drive. Helps keep data safe in the event your computer is lost, stolen, or intruded by a hacker.

41 Information Theft How to encrypt files & folders in MAC OS X:

42 Information Theft A digital signature is an encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the sender. Often used to ensure that an impostor is not participating in an Internet transaction. Used to authenticate the source of messages. A certificate authority (CA) is a company or organization that issues and authorizes digital certificates. These certificates contain a digital signature and the issuing CA.

43 Information Theft What is Secure Sockets Layer (SSL)?
Provides encryption for all data that passes between client and Internet server. Web addresses begin with “https” to indicate secure connections.

44 Information Privacy What is a cookie?
Small file on your computer that contains data about you Some Web sites sell or trade information stored in your cookies Set browser to accept cookies, prompt you to accept cookies, or disable cookies User preferences How regularly you visit Web sites Interests and browsing habits

45 Ethics and Society

46 Information Theft Are cookies a security risk? First party cookies
Usually don’t contain information that present a risk to your privacy. They contain data like your username, preferences, shopping cart products, info about your visit to their website. The information is only for their website and contains no data about previous websites. Disabling these may keep you from viewing many websites. Third part cookies These contain information that present a risk to your privacy. They collect information about the websites you visit, web searches, and other private information, which can be sold to companies. You should disable these!

47 Surfing Anonymously Surfing the Web anonymously means your browsing habits and identity is hidden from “snoopers”. You need to use a Web proxy. A Web proxy is a Web server or service that acts like a middle-man for all communications between your browser and the websites you visit. Also called an anonymizer. Besides hiding your IP address, a good proxy will remove traffic such as cookies, pop-ups, and scripts. Make sure the proxy you chose uses SSL or TLS security measures for transmitting your information. Best Commercial Anonymizers: Anonymizer Ghostsurf Free Anonymizer: The Cloak There are several risks involved with using a proxy. The proxy my be harvesting your information to provide to companies. Personal information like usernames, passwords, and PINs may be leaked or used by the proxy administrator for their own malicious purposes. They don’t protect you from Internet threats

48 Surfing Anonymously Beware of false protection!
There are several risks involved with using a proxy: They do not protect you from Internet threats The proxy may be harvesting your information to provide to companies. Personal information (usernames, passwords, PINs, etc…) may be leaked or used by the proxy’s administrator for their own malicious purposes. There are several risks involved with using a proxy. The proxy my be harvesting your information to provide to companies. Personal information like usernames, passwords, and PINs may be leaked or used by the proxy administrator for their own malicious purposes. They don’t protect you from Internet threats

49 Information Privacy & Security
Preventing information theft and violations to privacy requires a few security measures. Use of encryption for important information. Keep operating system and all programs up-to-date. Surf the Web anonymously.

50 System Failure A system failure is the prolonged malfunction of a computer. A variety of factors can lead to system failure, including: Aging hardware. Natural disasters. Errors in computer programs. Electrical power problems noise – unwanted electrical signals. undervoltages – a drop is electrical supply. overvoltages – a significant increase in electrical power.

51 System Failure Protection against system failures caused by electrical disturbances: A surge protector provides protection from an overvoltage that can destroy a computer and other electronic equipment. An uninterruptable power supplies (UPS) is a surge protector that provides power during a power loss.

52 Backing Up – The Ultimate Safeguard
A backup is a duplicate of a file, program, or disk that can be used if the original is lost, damaged, or destroyed To back up a file means to make a copy of it Offsite backups are stored in a location separate from the computer site Cloud Storage

53 Wireless Security Wireless access poses additional security risks.
About 80 percent of wireless networks have no security protection. War Driving Driving through neighborhoods with a wireless notebook or handheld computer looking for unsecured Wi-Fi networks.

54 Wireless Security In additional to using firewalls, some safeguards to improve security of wireless networks: A wireless access point should not broadcast an SSID Change the default SSID Configure a WAP so that only certain devices can access it Use WPA or WPA2 security standards

55 Ethics and Society Computer ethics are the moral guidelines that govern the use of computers and information systems Information accuracy is a concern Not all information on the Web is correct

56 Protecting Personal Information

57 Fun Thought… Is the problem ignorance or apathy? I don’t know and I don’t care.

58 The End… The Last Lecture…HOORAY!!!

59 For More Information… Guard Privacy & Online Security
Lots of really good information about privacy and online security. Gibson Research Corporation Some tools to protect your computer.

Download ppt "Computer Security Risks"

Similar presentations

Your Interactive Guide to the Digital World Discovering Computers 2012 Chapter 9 Computer Security and Safety, Ethics and Privacy.

Your Interactive Guide to the Digital World Discovering Computers 2012 Chapter 9 Computer Security and Safety, Ethics and Privacy.
Computer Security and Safety, Ethics and Privacy

Computer Security and Safety, Ethics and Privacy
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Crime and Security in the Networked Economy Part 4.

Crime and Security in the Networked Economy Part 4.
Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network.

Objectives Overview Define the term, digital security risks, and briefly describe the types of cybercriminals Describe various types of Internet and network.
Discovering Computers & Microsoft Office 2010 Discovering Computers Chapter 5.

Discovering Computers & Microsoft Office 2010 Discovering Computers Chapter 5.
Objectives Overview Describe various types of network attacks, and identify ways to safeguard against these attacks, including firewalls and intrusion.

Objectives Overview Describe various types of network attacks, and identify ways to safeguard against these attacks, including firewalls and intrusion.
Your Interactive Guide to the Digital World Discovering Computers Part 10 Manage Computing Securely, Safely and Ethically.

Your Interactive Guide to the Digital World Discovering Computers Part 10 Manage Computing Securely, Safely and Ethically.
1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.

1 COMPUTER SECURITY AND ETHICS Chapter Five. Computer Security Risks 2.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.

Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
Chapter 9: Privacy, Crime, and Security

Chapter 9: Privacy, Crime, and Security
Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy

Chapter 8 Chapter 8 Digital Defense: Securing Your Data and Privacy
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Computer Security & Safety

Computer Security & Safety
Living in a Digital World Discovering Computers 2010.

Living in a Digital World Discovering Computers 2010.
Discovering Computers Fundamentals, 2012 Edition Living in a Digital World.

Discovering Computers Fundamentals, 2012 Edition Living in a Digital World.
Chapter 9 Information Systems Ethics, Computer Crime, and Security

Chapter 9 Information Systems Ethics, Computer Crime, and Security
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Similar presentations

Ads by Google