24
1 Computer Security and Safety, Ethics, and Privacy Presented By: Adeel Khurram Supervised By: Engr.Zahra Noor Presentation

Computer Security risks Shelly

Embed Size (px)

DESCRIPTION

Computer Security Risks ,Viruses,Worms,Trojans

Citation preview

Page 1: Computer Security risks Shelly

1

Computer Security andSafety, Ethics, and Privacy

Presented By:Adeel Khurram

Supervised By:Engr.Zahra Noor

Presentation

Page 2: Computer Security risks Shelly

Computer Security Risks

• A computer security risk is any event Or action that could cause a loss of or damage to computer hardware, Software , data, information , or processing capability. While some breachesto computer security are accidental, many are intentional.

Page 3: Computer Security risks Shelly

Computer Security Risks

• An intentional breach of computer Security often involves a deliberate act that is against the law.• Any illegal act involving a computergenerally is referred to as aComputer Crime/Cyber Crime.

Page 4: Computer Security risks Shelly

Cyber Crimes

Page 5: Computer Security risks Shelly

Categories Of Cyber Criminals

• There are following 7ven Categories of These Perpetrators.1. Hackers2. Crackers3. Script Kiddies4. Corporate Spies5. Unethical Employees6. Cyber Extortionist7. Cyber Terrorists

Page 6: Computer Security risks Shelly

Who They Are?

Page 7: Computer Security risks Shelly

7

A computerenthusiast, refers to someone who accesses a computer or network illegally.

CrackersAccesses a computer or networkillegally but has the intent of destroying data, stealing information, or other malicious action.

Hacker

Page 8: Computer Security risks Shelly

8

Corporate Spies

Excellent Computer skills and are hired to break into a specific computer and steal its proprietary data and information.

A script kiddie has the same intent as a cracker but does not have the technical skills and knowledge. Script kiddies often use prewritten hacking and cracking programs

ScriptsKiddies

Page 9: Computer Security risks Shelly

9

Unethical Employees

break into theiremployers’ computers for a variety of reasons.. Others seek financial gains from selling confidential information.

Cyber Extortionists

Who uses e-mail as a vehicle for extortion. These perpetrators send an organization a threatening e-mail message indicating they will expose confidential information, or launch an attack if they are not paid a sum of money.

Page 10: Computer Security risks Shelly

10

Cyber terrorist

A cyber terrorist is someone who uses the Internet or network to destroy or damage computers for political reasons. The Cyber terrorist might target the nation’s Air traffic control system, electricity-generatingcompanies, or a telecommunications infrastructure.

Page 11: Computer Security risks Shelly

11

Cyber warfare

The term, cyberwarfare, describesan attack whose goal ranges fromdisabling a government’s computer network to cripplinga country. Cyber terrorism and Cyber warfare usually require a team of highly skilled individuals, millions of dollars, and several years of planning.

Page 12: Computer Security risks Shelly

Computer Viruses, • A computer virus is a potentially damagingcomputer program that affects, or infects, acomputer negatively by altering the waythe computer works without the user’sknowledge or permission.

Page 13: Computer Security risks Shelly

Worms, Trojan Horses, and Rootkits• A worm is a program that copies itselfRepeatedly, cause files damages.• A Trojan horse that hides within or looks like a

legitimate program. A certain condition triggers it.• A rootkit is a program that hides in a computer and allows someone from a remote location to take full control of the computer.

Page 14: Computer Security risks Shelly

Safeguards against Computer Virusesand Other Malware

• Do not start a computer with removable media inserted in the drives or plugged in the ports.

• Never open an e-mail attachment unless you are expecting the attachment and it is from a trusted source.

• Should set the macro security so that the application software warns users that contains viruses in Micros.• Should install an antivirus program and update it frequently.

Page 15: Computer Security risks Shelly

BOT/Bot Net• A botnet is a group of

compromisedcomputers connected to a network attacks other networks, usually for wicked purposes. A bot is a program that performs a repetitive task on a network.

DoS attackDoS attack, is an assault whose purpose is to disrupt computer access to an Internet service such as the Web or e-mail. DDoS attacks have been able to stop operations temporarily at numerous Web sites,including powerhouses such as Yahoo!, eBay,Amazon.com, and CNN.com

Page 16: Computer Security risks Shelly

Back Doors• A back door is a program or set of instructions in a program

that allow users to bypass security controls when accessing a program, computer, or network. Root Kit is a Backdoor.

SpoofingSpoofing is a technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network. Several types of spoofing schemes exist. One type, called e-mail spoofing, occurs when the sender’s address or other components of the e-mail header are altered so that it appears the e-mail originated from a different sender.

Page 17: Computer Security risks Shelly

Safeguards against Botnets, DoS/DDoSAttacks, Back Doors, and Spoofing

• A firewall is hardware and/or software that protects a network’s resources from intrusion by users on another network such as the Internet.

Firewall

HoneyPots and Intrusion detection softwaresA honeypot is a vulnerable computer that is set up to entice an intruder to break into it. These computers,which appear real to the intruder, actually are separated safely from the organization’s network.

Page 18: Computer Security risks Shelly

Unauthorized Accessand Use

• Unauthorized access is the use of a computer or network without permission. Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities.

Safeguards against UnauthorizedAccess and Use

1. Passwords And User Names 2. CAPTCHA(completely auto mated public turning test to

tell computers and humans apart) 3. PIN 4. Biometric Devices 5. . Possesed objects(cards,Badges)

Page 19: Computer Security risks Shelly

Hardware Theft And Vandalisms• Hardware theft is the act of stealing computer equipment.• Hardware vandalism is the act of defacing or destroying computer

equipment.

Safeguards against Hardware Theftand Vandalism

Physical access controls, such as locked doors and windows.Installing Alarms, cables that lock the equipment to a desk, Small locking devices also exist that require a key to access a hard disk or optical disc drive. real time location system (RTLS) to track and identify the location ofhigh-risk or high-value items. One implementation of RTLS places RFID tags in items to be tracked.

Page 20: Computer Security risks Shelly

Software theft occurs when someone (1) steals software media, (2) intentionally erases programs, (3) illegally copies a program, or (4) illegally registers and/or activates a program.

Software Theft

Safeguards against Software Theftkeep original software boxes and media in a secure location. should back up their files and disks regularly, A license agreement is the rightto use the software.

Page 21: Computer Security risks Shelly

• Information theft occurs when someone steals personal or confidential information. If stolen, the loss of information can cause as much damage as (if not more than) hardware or software theft.

Information Theft

Safeguards against Information Theft•Apply user identification and authentication controls. usevariety of encryption techniques.

Page 22: Computer Security risks Shelly

Encryption• Encryption is a process of converting

readable data into unreadable characters to preventunauthorized access. To read the data, the recipient must decrypt, or decipher, it into a readable form. An encryption algorithm, or cypher, is a set of steps that can convert plaintext into unreadable ciphertext.

Page 23: Computer Security risks Shelly

System Failure• A system an electrical power variation due to Overvoltage ,

undervoltage and Noise. It also can cause loss of data , in formation and hardwares.

Safeguards against System Failure• Use surge protector, to smooth out minor noise, • Use uninterruptible power supply (UPS), • Fault-tolerant computer• Use RAID to Full Backup.

Page 24: Computer Security risks Shelly

Thank you