Computer Security

Computer Security is the protection of computing systems and the data that they store
or access.

Computer Security allows the user to carry out their mission by:

• Enabling people to carry out their jobs, education, and research

• Supporting critical business processes
• Protecting personal and sensitive information
90% of computer security rely on the computer user to adhere to good

computing practices.

This means that everyone who uses a computer or mobile device needs to understand
how to keep their computer, devices and data secure by:

• Use good, cryptic passwords that can’t be easily guessed - and keep your
passwords secret
• Make sure your computer, devices and applications (apps) are current and up
to date Make sure your computer is protected with up-to-date anti-virus and
anti-spyware software
• Don’t click on unknown or unsolicited links or attachments, and don’t
download unknown files or programs onto your computer or other devices
• Remember that information and passwords sent via standard, unencrypted
wireless are especially easy for hackers to intercept An unprotected computer
can become infected or compromised within a few seconds after it is connected
to the network.

A hacked computer can be used to:

• Record keystrokes and steal passwords.

• Send spam and phishing emails.
• Harvest and sell email addresses and passwords.
• Access restricted or personal information on your computer
• or other systems that you have access to.
• Infect other systems.
• Hide programs that launch attacks on other computers.
• Illegally distribute music, movies and software.
• Distribute child pornography.
• Generate large volumes of traffic, slowing down the entire system.

What are the consequences for security violations?

• Risk to security and integrity of personal or confidential information e.g.

identity theft, data corruption or destruction; lack of availability of critical
information in an emergency, etc.
 • Loss of valuable business information
• Loss of employee and public trust, embarrassment, bad publicity, media
coverage, news reports
• Costly reporting requirements in the case of a compromise of certain types of
personal, financial and health information
• Internal disciplinary action(s) up to and including termination of employment,
as well as possible penalties, prosecution and the potential for sanctions /
lawsuits

Computer Viruses
o Viruses are small programs that hide themselves on your disks (both diskettes
and your hard disk). For example, a virus might attach itself to a program
such as a spreadsheet program such that each time the spreadsheet program
runs, the virus runs, too, and it has the chance to reproduce (by attaching to
other programs)
o Unless you use virus detection software the first time that you know that you
have a virus is when it activates.
o Viruses hide on a disk and when you access the disk (either a diskette or
another hard disk over a network) the virus program will start and infect
your computer.
o The worst thing about a computer virus is that they can spread from one
computer to another, either via use of infected floppy disk, or over a
computer network, including the Internet
Viruses
•E-mail viruses: An e-mail virus travels as an attachment to e-mail messages, and
usually replicates itself by automatically mailing itself to dozens of people
in the victim's e-mail address book. Some e-mail viruses don't even require
a double-click -- they launch when you view the infected message in the
preview pane of your e-mail software
•Trojan horses: A Trojan horse is simply a computer program. The program claims
to
do one thing (it may claim to be a game) but instead does damage when you
run it (it may erase your hard disk). Trojan horses have no way to replicate
automatically.
•Worms: A worm is a small piece of software that uses computer networks and
security holes to replicate itself. A copy of the worm scans the network for another
machine that has a specific security hole. It copies itself to the new machine
using the security hole, and then starts replicating from there, as well.

How to prevent virus damage

• Install anti-virus software from a reputable vendor. Update it and use it

regularly.
• In addition to scanning for viruses on a regular basis, install an "on access"
scanner (included in most anti-virus software packages) and configure it to
start each time you start up your computer. This will protect your system by
checking for viruses each time you run an executable file.
• Use a virus scan before you open any new programs or files that may contain
executable code. This includes packaged software that you buy from the store
as well as any program you might download from the Internet.
• If you are a member of an online community or chat room, be very careful
about accepting files or clicking links that you find or that people send you
within the community.
• Make sure you back up your data (documents, bookmark files, important email
messages, etc.) on disc so that in the event of a virus infection, you do not lose
valuable work
• Software Copyright - Be aware on software copyright issues and Software site
licenses.
• If your computer system holds information about individuals then you have a
moral and legal duty to treat that information with respect.

Security threats to e-mails

Spam- sending unsolicited bulk E-mails which one has not asked for

Virus- some emails may be incorporated with files containing malicious script
which when run on your computer may destroy your important data.

Phishing- sending malicious emails to a user claiming to be a legitimate enterprise

to steal sensitive information such as username, passwords and credit card details.
Physical breaches of computer security
Computer systems by their nature of functionalities face security threats on both
hardware and software. Such threats can be both technical and physical.

Physical breaches:

Fire, natural disasters, burglary, theft, vandalism and terrorism