Potential Security Threats To Your Computer

Systems
A computer system threat is anything that leads to loss or corruption of data or
physical damage to the hardware and/or infrastructure. Knowing how to identify
computer security threats is the first step in protecting computer systems. The threats could
be intentional, accidental or caused by natural disasters.

In this article, we will introduce you to the common computer system threats and how you
can protect systems against them.

Topics covered in this tutorial

 What is a Security Threat?
 What are Physical Threats?
 What are Non-physical Threats?

What is a Security Threat?

Security Threat is defined as a risk that which can potentially harm computer systems and
organization. The cause could be physical such as someone stealing a computer that contains
vital data. The cause could also be non-physical such as a virus attack. In these tutorial
series, we will define a threat as a potential attack from a hacker that can allow them to gain
unauthorized access to a computer system.
What are Physical Threats?
A physical threat is a potential cause of an incident that may result in loss or physical
damage to the computer systems.

The following list classifies the physical threats into three (3) main categories;

 Internal: The threats include fire, unstable power supply, humidity in the rooms
housing the hardware, etc.
 External: These threats include Lightning, floods, earthquakes, etc.
 Human: These threats include theft, vandalism of the infrastructure and/or hardware,
disruption, accidental or intentional errors.

To protect computer systems from the above mentioned physical threats, an organization
must have physical security control measures.

The following list shows some of the possible measures that can be taken:

 Internal: Fire threats could be prevented by the use of automatic fire detectors and
extinguishers that do not use water to put out a fire. The unstable power supply can be
prevented by the use of voltage controllers. An air conditioner can be used to control
the humidity in the computer room.
 External: Lightning protection systems can be used to protect computer systems
against such attacks. Lightning protection systems are not 100% perfect, but to a
 certain extent, they reduce the chances of Lightning causing damage. Housing
computer systems in high lands are one of the possible ways of protecting systems
against floods.
 Humans: Threats such as theft can be prevented by use of locked doors and restricted
access to computer rooms.

What are Non-physical threats?

A non-physical threat is a potential cause of an incident that may result in;

 Loss or corruption of system data

 Disrupt business operations that rely on computer systems
 Loss of sensitive information
 Illegal monitoring of activities on computer systems
 Cyber Security Breaches
 Others

The non-physical threats are also known as logical threats. The following list is the
common types of non-physical threats;

 Virus
 Trojans
 Worms
 Spyware
 Key loggers
 Adware
 Denial of Service Attacks
 Distributed Denial of Service Attacks
 Unauthorized access to computer systems resources such as data
 Phishing
 Other Computer Security Risks

To protect computer systems from the above-mentioned threats, an organization must

have logical security measures in place. The following list shows some of the possible
measures that can be taken to protect cyber security threats

To protect against viruses, Trojans, worms, etc. an organization can use anti-virus
software. In additional to the anti-virus software, an organization can also have control
measures on the usage of external storage devices and visiting the website that is most likely
to download unauthorized programs onto the user’s computer.
Unauthorized access to computer system resources can be prevented by the use of
authentication methods. The authentication methods can be, in the form of user ids and
strong passwords, smart cards or biometric, etc.

Intrusion-detection/prevention systems can be used to protect against denial of service

attacks.There are other measures too that can be put in place to avoid denial of service
attacks.

Summary
 A threat is any activity that can lead to data loss/corruption through to disruption of
normal business operations.
 There are physical and non-physical threats
 Physical threats cause damage to computer systems hardware and infrastructure.
Examples include theft, vandalism through to natural disasters.
 Non-physical threats target the software and data on the computer systems.

Examples of Online Cybersecurity

Threats
Computer Viruses
Perhaps the most well-known computer security threat, a computer virus is a program written to alter
the way a computer operates, without the permission or knowledge of the user. A virus replicates and
executes itself, usually doing damage to your computer in the process. 
Carefully evaluating free software, downloads from peer-to-peer file sharing sites, and emails from
unknown senders are crucial to avoiding viruses. Most web browsers today have security settings
which can be ramped up for optimum defense against online threats. But, as we'll say again and
again in this post, the single most-effective way of fending off viruses is up-to-date antivirus
software from a reputable provider. 
Learn more about how to combat computer virus threats and stay safe online. 

Spyware Threats
A serious computer security threat, spyware is any program that monitors your online activities or
installs programs without your consent for profit or to capture personal information. We’ve amassed a
wealth of knowledge that will help you combat spyware threats and stay safe online.
While many users won't want to hear it, reading terms and conditions is a good way to build an
understanding of how your activity is tracked online. And of course, if a company you don't recognize
is advertising for a deal that seems too good to be true, be sure you have an internet security
solution in place and click with caution.
We’ve amassed a wealth of knowledge that will help you combat spyware threats- learn more about
the dangers of spyware and stay safer online

Hackers and Predators
People, not computers, create computer security threats and malware. Hackers and predators are
programmers who victimize others for their own gain by breaking into computer systems to steal,
change, or destroy information as a form of cyber-terrorism. These online predators can compromise
credit card information, lock you out of your data, and steal your identity. As you may have
guessed, online security tools with identity theft protection are one of the most effective ways to
protect yourself from this brand of cybercriminal.
What scams are hackers using lately? Learn more about the dangers of hacking how to combat
protect yourself against dangerous malware attacks online.

Phishing
Masquerading as a trustworthy person or business, phishers attempt to steal sensitive financial or
personal information through fraudulent email or instant messages. Phishing attacks are some of the
most successful methods for cybercriminals looking to pull off a data breach. Antivirus solutions with
identity theft protection can be "taught" to recognize phishing threats in fractions of a second. 

We’ve compiled a list of the different types of threats that are out there along with some
recommended steps you can take to reduce your susceptibility to these threats, using information
from Symantec, a global leader in infrastructure software that helps consumers to protect their
infrastructure, information and interactions.

Computer Threat #1: Vulnerabilities

How they attack: Vulnerabilities are flaws in computer software that create weaknesses in your
computer or network’s overall security. Vulnerabilities can also be created by improper computer or
security configurations. Threats exploit the weaknesses of vulnerabilities, resulting in potential
damage to the computer or its data.

How do you know? Companies announce vulnerabilities as they are discovered and quickly work to
fix them with software and security "patches."

What to Do

 Keep software and security patches up to date.

 Configure security settings for your operating system, Internet browser and security
software.
  Companies should develop personal security policies for online behavior, and individuals
should be sure to adopt their own policies to promote online safety.
 Install a proactive security solution like Norton Internet Security to block threats targeting
vulnerabilities.

Computer Threat #2: Spyware

How it attacks: Spyware can be downloaded from Web sites, email messages, instant messages and
direct file-sharing connections. Additionally, a user may unknowingly receive spyware by accepting an
End User License Agreement from a software program.

How do you know? Spyware frequently attempts to remain unnoticed, either by actively hiding or
simply not making its presence on a system known to the user.

What to Do

 Use a reputable Internet security program to proactively protect from spyware and other
security risks.
 Configure the firewall in the reputable Internet security program to block unsolicited requests
for outbound communication.
 Do not accept or open suspicious error dialogs from within the browser.
 Spyware may come as part of a "free deal" offer -- do not accept free deals.
 Always carefully read the End User License agreement at Install time and cancel if other
“programs” are being installed as part of the desired program.
 Keep software and security patches up to date.

Computer Threat #3: Spam

How it attacks: Email spam is the electronic version of junk mail. It involves sending unwanted
messages, often unsolicited advertising, to a large number of recipients. Spam is a serious security
concern, as it can be used to deliver email that could contain Trojan horses, viruses, worms, spyware
and targeted attacks aimed at obtaining sensitive, personal identification information.

How do you know? Messages that do not include your email address in the TO or CC fields are
common forms of spam. Some spam can contain offensive language or links to Web sites with
inappropriate content. Also, some spam may include hidden text that only becomes visible if you
highlight the content -- a common trick spammers use to get their email to pass through spam filters
without detection.

What to Do

 Install Spam filtering/blocking software.

 If you suspect an email is spam, do not respond -- just delete it.
 Consider disabling your email’s preview pane and reading emails in plain text.
 Reject all Instant Messages from people who are not on your Buddy list.
  Do not click on URL links within IM unless they are from a known source and expected.
 Keep software and security patches up to date.

Computer Threat #4: Malware

How it attacks: Malware is a category of malicious code that includes viruses, worms and Trojan
horses. Destructive malware will use popular communication tools to spread, including worms sent
through email and instant messages, Trojan horses dropped from Web sites and virus-infected files
downloaded from peer-to-peer connections. Malware will also seek to exploit existing vulnerabilities
on systems making their entry quiet and easy.

How do you know? Malware works to remain unnoticed, either by actively hiding or by simply not
making its presence on a system known to the user. You might notice your system is processing at a
slower rate than what you are used to.

What to Do

 Only open email or IM attachments that come from trusted sources and are expected.
 Have email attachments scanned by a reputable Internet security program prior to opening.
 Delete all unwanted messages without opening.
 Do not click on Web links sent by someone you do not know.
 If a person on your Buddy list is sending strange messages, files or Web site links, terminate
your IM session.
 Scan all files with a reputable Internet security program before transferring them to your
system.
 Only transfer files from well-known sources.
 Use a reputable Internet security program to block all unsolicited outbound communication.
 Keep security patches up to date.

Computer Threat #5: Phishing

How it attacks: Phishing is essentially an online con game, and phishers are nothing more than tech-
savvy con artists and identity thieves. They use spam, malicious Web sites, email messages and
instant messages to trick people into divulging sensitive information, such as bank and credit card
information or access to personal accounts. For more detail on what phishing is as well as to review
examples of phishing email, please visit the Email Scam section of Monster’s Security Center.

How do you know? Here are four ways to identify phishing scams:

 Phishers, pretending to be legitimate companies, may use email to request personal

information and instruct recipients to respond through malicious Web sites. They may also
claim that an urgent action is needed to lure recipients into downloading malicious programs
onto their computers.
 Phishers tend to use emotional language like scare tactics or urgent requests to entice
recipients to respond.
  Phish sites can look remarkably like legitimate sites, because the criminals tend to use the
copyrighted images from genuine sites.
 Requests for confidential information via email or Instant Message tend to not be legitimate.

After you open and run an infected program or attachment, you might not notice the impacts to your
computer right away. Here are a few indicators that might indicate your computer has been infected:

 Your computer runs more slowly than normal.

 Your computer stops responding or locks up often.
 Your computer crashes and restarts every few minutes.
 Your computer restarts on its own and then fails to run normally.
 You see unusual error messages.
 You see distorted menus and dialog boxes.

What to Do

If you believe you received a phishing email, were lured to click on the link or download a program
and are concerned you may have some type of malicious program installed on your computer, here
are some things you may want to check:

 Is your virus scan running?

 Are your virus definitions up to date (less than a week old)?
 Did you perform full disk/memory virus scan.
 Are you running anti-spyware programs such as Adaware and/or SpybotSD?
 Once you run your scans and have positive results or remove programs, ensure your online
accounts are secure -- modify your account passwords.
 Make sure that you have enabled your Phishing Filter, a feature of Windows Internet
Explorer 7.
 Contact your anti-spyware/virus vendor to find out other steps you can take.