Professional Documents
Culture Documents
SECURITY ISSUES OF IT
Subject Code:111
Course: BCOM(HONS.)
Semester: FIRST SEMESTER
CONTENT
• INTRODUCTION
• OBJECTIVE
• SECURITY ISSUES IN IT
1. RANSOMWARE
2. PHISHING
3. MALVERTISING
4. BRUTE FORCE ATTACKS
5. SOCIAL ENGINEERING
6. DRIVE-BY DOWNLOADS
• RECOMMENDED SOLUTIONS FOR SECURITY ISSUES
• CONCLUSION
• BIBLOGRAPHY
INTRODUCTION
A security issue is any unmitigated risk or vulnerability in your system that hackers can use
to do damage to systems or data. This includes vulnerabilities in the servers and software
connecting your business to customers, as well as your business processes and people.
OBJECTIVE
The proliferation and the increasing complexity of computer networks and systems have
made security an important issue for modern societies. Security of computer networks and
systems is almost always discussed within information security that has three fundamental
objectives, namely confidentiality, integrity, and availability.
SECURITY ISSUES OF IT
1. RANSOMWARE ATTACKS
Few cyber threats are as common and as destructive as ransomware. Over the years,
ransomware has swept across the world, taking business and personal data and plundering
companies’ bank accounts.
So, what does ransomware do? Well, this special malware reaches into a company’s system,
encrypts important data, and then forces the company to pay for the decryption code.
Ransomware can cripple your business financially, cause downtime, and severely hurt your
professional reputation.
2. PHISHING ATTACKS
Phishing is one of the most common cybercrimes. Phishing attacks are unassuming.
However, they can devastate your company.
Typically, a phishing attack comes in the form of a malicious email. The sender pretends to
be a co-worker, a business partner, a friend, or an acquittance and asks for something.
Because the sender seems like someone you know, you probably won’t suspect anything and
will hand over what they asked on a silver platter.
3. MALVERTISING ATTACKS
Malvertising typically targets highly reputable websites, such as The New York Times.
4. BRUTE FORCE ATTACKS
A brute force is a simple yet effective attack that hackers use to get your login credentials.
Also known as an exhaustive search, this attack relies on the perpetrator guessing possible
combinations of your password until they discover the correct one. The longer your
password, the more the combinations the hacker will need to test.
It’s the reason you need to be careful when creating your passwords. Creating a password
like ‘password12345’ is putting yourself at risk of a brute force attack. With a simple online
tool and some time to spare, an attacker can run through a few thousand possible
combinations and probably crack your password.
Drive-by downloads hideout on other websites, waiting for unsuspecting users to click on by.
Once a user clicks on these downloads, they immediately execute a code-driven attack on
their system.
Just like in malvertising, the websites where these downloads hide don’t have to be
malicious. Drive-by downloads can hijack any site because no software is flawless. And
once you get infected, you’re infected.
RECOMMENDED SOLUTIONS FOR SECURITY ISSUES
You should also always keep your software and systems up-to-date. Another effective way to
prevent ransomware attacks is by using a professional, multi-layered security solution.
Interestingly, phishing attacks are easy to spot and avoid. All you need is to know what to
look for in an email before trusting it. Here are some best practices to remember:
As long as you observe these practices, you’re less likely to become a phishing victim.
The primary objective of malvertising is to inject ransomware into your system. The
malicious ad thus relies on vulnerabilities in your system to achieve the perpetrator’s goal. If
your components are outdated, then you are particularly at risk of this attack.
The best solution is to continually install updates and patches. You can also layer on your
security.
▪ How to Avoid Brute Force Attacks
To overcome password-hacking tools, you need to enforce a strong password policy across
all systems and users in your organizations. Here are some password creation best-practices:
Make the life of a hacker difficult by securing your system with strong passwords.
Address social engineering threats as you would phishing emails. Always analyse all
situations carefully before you hand over any personal or business information. For instance,
if someone comes to your company claiming to be from your internet company, verify their
credentials and employment before believing them.
Train your staff on how to handle social engineering. Everyone in your organization needs to
remain suspicious. It’s the best defence against social engineering.
Be sure to keep all your systems up-to-date. Avoid allowing any vulnerabilities to exist. If an
update needs to be performed, never postpone it.
We’ve already mentioned that malicious code can exist in any site, but it’s best to always
perform your browsing activity on protected sites. Always look for the lock while opening a
site.
CONCLUSION
Though not all people are victims to cyber-crimes, they are still at risk. Crimes by computer
vary, and they don't always occur behind the computer, but they executed by computer. The
hacker's identity is ranged between 12 years young to 67years old.
https://netdepot.com/8-common-it-security-issues-and-how-to-avoid-them/