Computer Security and Safety, Ethics and Privacy Chapter 11
Computer Security Risks What is a computer security risk? Any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability. Intentional Breach of Computer Security Computer Crime (illegal act involving a computer) Cybercrime (Online or Internet-based illegal acts)
Seven Basic Categories of Cybercrime Hacker – Access a computer illegally Cracker – Access a computer illegally but has the intent of destroying Script Kiddie – Same intent but not have the technical skills and knowledge Corporate Spies – Hired to break into a computer, steal data info, to help indentify security risks Unethical employees-want to exploit a security weakness
Seven Basic Categories of Cybercrime cont.. Cyberextortionist – Use the email as a vehicle for extortion Cyberterriorist - Destroy or damage for political reason Both requires a team of highly skilled individuals, millions of dollars and years of planning
Common Computer Security Risks Internet and Network Attacks Unauthorized Access and Use Hardware theft Software theft Information theft System failure
Internet and Network Attacks What are Computer Viruses, worms, Trojan horses and Rootkits? Computer Viruses Potentially damaging computer program Worm A program that copies itself repeatedly, using up resources and possibly shutting down computer or network Trojan Horse Hides within or looks likes a legitimate program until triggered Rootkits Hides in a computer and allows someone from a remote location to take full control
Computer Virus, Worms, Trojan Horse and Rootkits What is Malware? Programs that act without a user’s knowledge and deliberately alters the computer operation. Unscrupulous programmer write malware and then test to ensure it can deliver it payload (destructive event or prank the program is intended to deliver)
Malware Delivers Its Payload When a user: Opens an infected file Runs an infected program Boots the computer with an infected removable media Connect to an unprotected computer Most common way – email attachments
Safeguards Against Computer Virus No guarantee methods Some ways to Prevent Viruses Do not start computer with removable disks Never open email attachment unless from trusted source Install an Antivirus program Stay informed about new virus and virus hoax
Internet and Network Attacks What is an Antivirus program? Popular Antivirus Programs AVG Anti-Virus avast! Antivirus CA Anti-Virus F-Secure Anti-Virus Kaspersky Anti-Virus McAfee Virus Scan Norton AntiVirus Trend Micro AntiVirus Vexira Antivirus Identifies and removes computer viruses Most also protect against worms, Trojan horses and spyware
Internet and Network Attacks What is a virus signature? Specific pattern of virus code Also called virus definition Antivirus programs look for virus signatures
Internet and Network Attacks How does an antivirus program inoculate a program file? Records information about program such as file s and creation date Uses information to detect if virus tampers with file Quarantines Infected files that cannot remove Attempts to remove any detected virus
Internet and Network Attacks What are a Botnet, denial of service attack, back door and spoofing? A Botnet is a group of comprised computers connected to a network that are used as part of a network that attack other networks A denial of service attack is an assault whose purpose is to disrupt a computer access to an Internet data A back door is a program or set of instruction in a program that allow users to bypass security controls when accessing a computer resource Spoofing is a technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network
Safegaurd against Botnet, DoS/DDoS attack, Backdoors and Spoofing Firewalls Protects a network’s resources from intrusion by user on another network Intrusion Detection Software Automatically analyze all network traffic, assess system vulnerabilities, identifies any unauthorized intrusion, and notifies network administration of suspicious behavior pattern. Honeypots A vulnerable computer that is setup to enticed an intruder to break into it
Unauthorized Access and Use- Section 2 What is Unauthorized Access and Unauthorized Use? Unauthorized Access – use of a computer in a network without permission Unauthorized Use – the use of a computer or its data for unapproved or possibility illegal activities
Safeguard Against Unauthorized Access and Use Use Written Acceptable Use Policy (AUP) Disable file and printer sharing on your Internet connection Use Firewalls Use Intrusion detection software Identify and authenticate users
Identifying and Authentically Users Access controls (security measure that defines who can access a computer) Maintain an audit trail (records in a file both successful and unsuccessful access attempt) Two – Phase Process Identification – verifies individual is a valid user Authentication – verifies the individual is the person he/she claims to be
Three Methods of Identifying and Authenticating User Names and Passwords Possessed Objects Biometrics Devices
Three Methods of Identifying and Authenticating What are User Names and Passwords? User ID – a unique combination of character that identifies on specific user Password – a private combination of character associated the user name Longer passwords provides greater security CAPTCHA (Completely Automated Public Turing Test to Tell Computer and Humans Apart) Display a series of distorted characters
Three Methods of Identifying and Authenticating What is a Possessed Object? Any items you must carry to gain access to a computer or a computer facility Examples: badges, cards, smart cards and keys Often used with Personal Identification Number (PIN)
Three Methods of Identifying and Authenticating What is a Biometric Devices? Authenticated a person’s identify by translating a personal characteristics into digital codes Examples: Fingerprint readers, hand geometry systems, face recognition system, voice verification system, signature verification system, iris recognition system and retinal scanner
Digital Forensics What is Digital Forensics? Discovery, collection, and analysis of evidence found on computers and networks Involves – examination of computer media, programs, data and log files
Hardware Theft and Vandalism What are hardware theft and hardware vandalism? Hardware Theft – act of stealing computer equipment Vandalism – act of defacing or destroying a computer
Safeguards against Hardware Theft and Vandalism Physical Access Controls Locked doors Install alarms Use cables that lock the equip Real time location system Track and Identify the location of high risk or high value items)
Software Theft -Section 3 What is software theft? Occurs when someone Steals software media Intentionally erases programs Illegally copies a program (piracy) Illegally register and/or activates a program
Safeguards Against Software Theft Keep original software box in a secure location Backup files Protect from software piracy License agreement (right to use software) Don’t own the software Most common type of license – single-use license agreement/end-user license agreement (EULA)
End-User License Agreement (EULA) Permitted to: Install the software on one computer Make one copy – Backup Give or sell only if the software is removed Not Permitted to: Install the software on a network Gives copies to friends Export the software Rent or lease the software
Software Theft What are some other safeguards against software theft? Business Software Alliance (BSA) promotes better understanding of software piracy problems Product activation allows user to input product identification number online or by telephone and receive unique installation identification number
Information Theft Occurs when someone steals personal or confidential information Safeguards Use user identification and authentication Use encryption techniques
Safeguard against Information Theft What is Encryption? Process of converting readable data into unreadable characters to prevent unauthorized access Encryption Process Readable data – plaintext Scramble data – ciphertext Encryption key – use to encrypt the plaintext
Two Basic Types of Encryption Keys Private Key (symmetric) Both the originator and recipient use the same secret key to encrypt and decrypt data Public Key (asymmetric) Two encryption keys (public and private) A message is encrypted with a public key must be decrypted along with the corresponding private key Popular encryption program – Pretty Good Privacy (PGP)
Safeguards Against Information Theft Digital Certificates- notice that guarantees a user on a web site is legitimate Transport Layer Security- provides encryption of all data that pasts between a client and a Internet server
Safeguards Against Information Theft Secure HTTP – allows users to choose an encryption scheme for data that passes between a client and a Internet server VPN-Virtual Private Network Provide the mobile users with a secure connection to the company network server
System Failure What is a system failure? Prolonged malfunction of computer Can cause loss of hardware, software , or data Caused by aging hardware, natural disaster, or electrical power disturbances Overvoltage or power surge-significant power increase in electrical power Noise-unwanted electrical signal Undervoltage-drop in electrical supply
Safeguards What is a surge protectors? Uninterruptible Power Supply Absorb small overvoltage Not 100% effective Uninterruptible Power Supply A device that contains surge protection circuits and more batteries that can provide power during a temporary or permanent loss of power
Backing up – The Ultimate Safety What is a backup? Duplicate of file, program, or disk Three-generation backup Preserves three copies of important files Full backup all files in computer Selective backup Select which files to back up Store in a fireproof and heat proof safe or vault, offsite