MANAGEMENT INFORMATION SYSTEM

TOPIC: Systems
Threads andRisks

Prepared by,Kajal Bhosale

MBA Sem3rd
OBJECTIVES
• Describe the different types of software-based attacks
• List different types of hard ware attacks
• Conclusion
 SOFTWARE –BASED ATTACKS :
A) MALWARE ( Malicious software)
1. Software that a computer system without the owner’s knowledge or consent.
2. The three primary objectives of malware
a) To infect a computer system.
b) Conceal the malware’s malicious actions.
C) Bring profit from the actions that it performs.

B) TROJANS
3. Trojans horse (or just Trojan)
4. program advertised as performing one activity that but actually does something else
5. Users is tricked into installing the software
 C) WORMS
• programme designed to take advantages of a vulnerability in an
operating system in order to enter a system
• Worms are different from of viruses in two regards:
1) A worms can travel by itself (over a network)
2) A worm does not require any user action to begin its execution
• Actions that worms have performed : deleting files on the
computer, allowing the computer to be remote controlled by an
attackers
 D) SPYWARE
• Software that violates a user’s privacy
• Antispyware Coalition defines spyware as:
• Technologies that are deployed without the user’s consent and
impair the user’s control over:
• Use of the system resources , including what programs are
installed on their computers
• Material changes that effects their user’s experience, privacy, or
system security
• Collections use and distributions of their personal or other sensitive
security
HARDWARE-BASED ATTACKS
A) BIOS (basic input /output system)
• BIOS a program embedded on a chip
• Recognized and controlled different devices on the computer
system is first turned on
• Executed when the computer system is first turned on
• BIOS attacks:
1) A BIOS virus won’t be removed even by reformatting the
computer system or replacing the hard drive
 B) USB DEVICES:
• USB devices use flash memory.
• flash memory is a type of EEPROM, non-volatile computer.
memory that can be electrically erased and rewritten repeatedly.
• USB devices are widely used to spread malware.
• Also, USB devices allow spies or disgruntled employee to copy and
steal sensitives corporate data.
• In addition , data stored on USB devices can be lost or fall into the
wrong hands .
 C) USB POCKET KNIFES:
• As soon as it is plugged into a computer ,it steals passwords, files,
installs a Trojan, etc.
TO REDUCE THE RISK INTRODUCED BY USB DEVICE:
1. Disable the USB in hardware.
2. Disable the USB through the operating system
3. Use third-party software
CONCLUSION:
• Threats and risks to information system can come from a variety of
places inside and external to an organization or companies.in order
to secure system and information n, each company or organization
should analyze the types of the type of threads and risks that will
be faced and how the threats affect information system security
THANK YOU