technical measures to prevent unauthorized access , alteration, theft or damage to the computer system. 🞆 Computer Security is the protection of computing systems and the data that they store or access.
🞆 Primary Reasons To Secure Your Computer
To prevent theft of or damage to the hardware To prevent theft of or damage to information To prevent disruption of service KEY AREAS OF CONCERN
🞆 Confidentiality - Only authorized users can
access the data resources and information.
🞆 •Integrity - Only authorized users should be
able to modify the data when needed.
🞆 •Availability - Data should be available to users
when needed.
🞆 •Authentication - The computer system should
be able to verify the identity of a user. CONSEQUENCES OF IGNORING COMPUTER SECURITY
🞆 Loss Of Confidential Data
🞆 Loss In Productivity 🞆 Identity Theft 🞆 Compromised Data Integrity 🞆 Unavailability Of Access To Data Or Computer Network 🞆 Lawsuits & Judicial Actions 🞆 Termination Of Employment or Business TYPES OF COMPUTER SECURITY THREATS 🞆 Interruption •An asset of the system becomes lost, unavailable, or unusable •Attack on availability •Destruction of hardware •Cutting of a communication line •Disabling the file management system TYPES OF COMPUTER SECURITY THREATS 🞆 Interception •An unauthorized party gains access to an asset •Attack on confidentiality •Wiretapping to capture data in a network •Illicit copying of files or programs TYPES OF COMPUTER SECURITY THREATS 🞆 Modification •An unauthorized party not only gains access but tampers with an asset •Attack on integrity •Changing values in a data file •Altering a program so that it performs differently •Modifying the content of messages being transmitted in a network TYPES OF COMPUTER SECURITY THREATS 🞆 Fabrication An unauthorized party inserts counterfeit objects into the system Attack on authenticity Insertion of spurious messages in a network Addition of records to a file MALICIOUS SOFTWARE 🞆 Programs that create the threat 🞆 Also known as malware 🞆 For example: VIRUS, Worm, Trojan etc. MALICIOUS SOFTWARE TRAPDOOR OR BACKDOOR 🞆 Secret entry into a program 🞆 allows someone that is aware of it to gain access without going through the usual security access procedures. 🞆 Have been used legitimately for many years to debug and test programs, but become a threat when left in production programs. 🞆 It is difficult to implement operating system controls for backdoors. 🞆 Security measures must focus on the program development and software update activities. LOGIC BOMB
🞆 one of the oldest types of program threat,
🞆 code embedded in some legitimate program that is set to “explode” when certain conditions are met. - presence or absence of certain file - particular date/ time - particular user 🞆 Once triggered, a bomb may alter or delete data or entire files, cause a machine halt, or do some other damage. TROJAN HORSE 🞆 useful, or apparently useful, program or command procedure (eg. game, utility, s/w upgrade etc) 🞆 containing hidden code that performs some unwanted or harmful function that an unauthorized user could not accomplish directly. 🞆 Commonly used to make files readable, propagate a virus or worm, or install a backdoor or simply to destroy data. ZOMBIE
🞆 secretly takes over another Internet-attached
computer 🞆 then uses that computer to launch attacks that are difficult to trace to the zombie’s creator. 🞆 Zombies are used in denial-of-service attacks, being planted on hundreds of computers belonging to unsuspecting third parties, and then used to overwhelm the target Web site by launching an overwhelming onslaught of Internet traffic. 🞆 Typically zombies exploit known flaws in networked computer systems. VIRUS 🞆 software that can “infect” other programs by modifying them; 🞆 the modification includes a copy of the virus program, which can then go on to infect other programs. 🞆 It can be compared to biological viruses, and like them, a computer virus carries in its instructional code the recipe for making perfect copies of itself. 🞆 Once a virus is executing, it can perform any function, such as erasing files and programs. VIRUS OPERATION During its lifetime, a typical virus goes through the following four phases: 🞆 Dormant phase: virus is idle, waiting for trigger event (eg date, program or file , disk capacity). Not all viruses have this stage. 🞆 Propagation phase: virus places a copy of itself into other programs / system areas . 🞆 Triggering phase: virus is activated by some trigger event to perform intended function. 🞆 Execution phase: desired function (which may be harmless or destructive) is performed. MACRO VIRUSES
🞆 In the mid-1990s, macro viruses became by far the
most prevalent type of virus, and were particularly threatening because they’re platform independent, infect documents not executable code, and are easily spread. 🞆 Macro viruses take advantage of the macro feature found in Word and other office applications. A macro is an executable program embedded in a word processing document or other type of file, blurring distinction between document & program. There is a continuing arms race in the field of macro viruses. Successive releases of Word provide increased protection against macro viruses, and they no longer are the predominant virus threat. E-MAIL VIRUS 🞆 A more recent development in malicious software is the e-mail virus. The first rapidly spreading e-mail viruses, such as Melissa, made use of a Microsoft Word macro embedded in an attachment, triggered when the attachment was opened. At the end of 1999, a more powerful version of the e-mail virus appeared, activated merely by opening an e-mail that contains the virus rather than opening an attachment. As a result, instead of taking months or years to propagate, now take only hours. This makes it very difficult for antivirus software to respond before much damage is done. Ultimately, a greater degree of security must be built into Internet utility and application software on PCs to counter this growing threat. WORM 🞆 replicate itself and send copies from computer to computer across network connections. 🞆 Replicate only but not infecting the program 🞆 replicate and propagate again, and also perform some unwanted function. 🞆 To replicate itself, a network worm uses some sort of network vehicle such as email, remote execution, or remote login. 🞆 Once active within a system, a network worm can behave as a computer virus or bacteria, or it could implant Trojan horse programs or perform any number of disruptive or destructive actions. MORRIS WORM 🞆 best known classic worm 🞆 released onto the Internet by Robert Morris in 1988. 🞆 designed to spread on UNIX systems and 🞆 used a number of different techniques for propagation, including -cracking the local password file -exploiting a bug in the finger protocol, or -exploiting a trapdoor at debug option of sent mail o If any attack succeeded, then run on another system and replicate itself. DISTRIBUTED DENIAL OF SERVICE (DDOS)
🞆 significant security threat to corporations and in
growing stage. 🞆 make computer systems inaccessible by flooding servers, networks, or even end user systems 🞆 a large number of compromised (zombie) hosts are amassed to send useless packets. 🞆 In recent years, the attack methods and tools have become more sophisticated, effective, and more difficult to trace. HACKER VS CRACKER ❑ Hacker is an individual who intends to gain unauthorized access to the computer system
❑ Cracker is a hacker with criminal intention
TOP SECURITY ACTION 1.Patch, Patch, Patch! Set up your computer for automatic software and operating system updates. An unpatched machine is more likely to have software vulnerabilities that can be exploited. 2. Install Security Software When installed, the software should be set to scan your files and update your virus definitions on a regular basis. 3. Choose Strong Passwords Choose strong passwords with letters, numbers, and special characters to create a mental image or an acronym that is easy for you to remember. Create a different password for each important account, and change passwords regularly. 4. Backup, Backup, Backup! Backing up your machine regularly can protect you from the unexpected. Keep a few months' worth of backups and make sure the files can be retrieved if needed. 5. Control access to your machine Don't leave your computer in an unsecured area, or unattended and logged on, especially in public places. The physical security of your machine is just as important as its technical security 6. Use email and the Internet safely Ignore unsolicited emails, and be wary of attachments, links and forms in emails that come from people you don't know, or which seem "phishy." Thanks for your kind patience