Introduction to ICT

• Computer Crime
• Data security
• Security threats
• Computer virus
• Worms
• Personal computer security
• Backup of data
• Antivirus
• Data Protection Legislation
• Data Protection in Pakistan
• Intellectual Property
 Computer Crime
• A type of crime in which a computer is either
the target or the tool for an illegal activity is
called computer crime.
• A type of crime that refers to an illegal act
involving the internet is called cyber crime.
• It usually involves stealing, using or selling
someone else’s data.
 Computer Crime: Computer Criminals
• Computer criminals are the persons who
commit computer crimes.
• Different type of computer criminals are
– Hacker
– Script Kiddie
– Corporate Spy
– Unethical Employee
– Cyber Extortionist
– Cyber Terrorist
 Methods Used by Computer Criminals
• Bomb: It is a program that triggers under certain
conditions. It is usually activated at a certain date.
• Denial of Service: It slows down a computer
system or network. It floods a computer or
network with requests for information or data. The
server under attack receives so many requests that
it can not respond to legitimate user. Most
common targets re internet service providers
(ISPs).
Methods Used by Computer Criminals

• Piggybacking: It is a process of entering the

system by riding on the back of an authorized
user. It occurs when an authorized user does
not log off the system properly. An illegal user
may continue where original user left.
• Salami Technique: It is a process of getting a
small amount of money illegally from a large
financial system.
 Methods Used by Computer Criminals
• Scavenging: It is a process of searching company’s trash
can s to find useful information. The thieves search
garbage and recycling bins of individuals to find bank
account numbers and credit card numbers etc.
• Trap Door: It is an illegitimate program that is left
within a completely legitimate program. It allows
subsequent entry by unauthorized user in the system.
• Zapping: The zapping software is designed to bypass all
security systems.
 Security
• Security is a system that is used to protect a
computer system and data.
• It protects from intentional or accidental
damage or access by unauthorized persons.
• With the help of a security system, a computer
can detect whether the user is authorized or
not.
 Data Security
• Protection of data is called data security.
• Data stored in computer can be lost accidentally
or someone can damage it can be lost
completely or partially.
• Data is more valuable and important than
computer itself, so it should be saved in such a
way that it may not be lost or damaged.
• It is very important to protect data from illegal
and unauthorized access.
 Security Threats
• Computer security threat can be a computer
program or a person that violates computer
security.
• It may cause stealing or loss of data.
• It may also affect working of computer
 Security Threats
• Hacker:
– A person who accesses a computer, network and its
resources illegally is known as hacker.
– Hackers are computer experts and user their computer
knowledge for negative purpose.
– Hackers may steal
• Information of clients or customers.
• Credit card details
• Passwords to access computers illegally
• Email passwords to use email account without user’s
knowledge
 Security Threats
• Hardware Theft and Vandalism:
– Hardware theft is a process of stealing the
hardware equipment such as hard disk or monitor.
– Hardware vandalism is the process of defacing the
hardware equipment, e.g. an employee in an
organization may damage the keyboard and cut
the wires etc.
 Security Threats
• Software Theft:
– Software theft means that a person can steal software
media, erase software program or copy it without
permission
• Information Theft:
– Information theft is a process of stealing personal or
confidential information.
– The stolen information can further be used for illegal
activities e.g. stealing credit card details and use it for
online shopping.
 Security Threats
• System failure:
– System failure is an important security threat and it
occurs when the system does not function properly
for longer time.
– System failure may further cause loss of data,
software and hardware.
– It occurs due to various reasons
• Obsolete hardware
• Natural disaster such as flood, fire or storm
• Fluctuation in power supply
 Computer Virus
• A computer virus is a program that may
disturb the normal working of a computer
system.
• Virus attaches itself to files stored in flash
drives, email attachments and hard disk.
• A file containing a virus is called an infected
file and when it is copied to a computer, virus
is also copied to the computer.
 Computer Virus
• Computer viruses can not damage hardware
but they can cause many damages to
computer system.
• A computer virus can
– Damage data or software
– Delete some or all of the files
– Destroy all data by formatting hard disk
– Display a false message every few times.
 Computer Virus: Causes
• A virus is spread on different computers due
to following reasons
– Infected flash drives or disks
– Email attachments
– Insecure websites
– Networks
– Pirated software
 Computer Virus: Protection
• A computer system can b protected from
viruses by following these precautions
– Install latest anti-virus
– Upgrade antivirus regularly
– Scan flash drive before use
– Do not open junk or unknown emails
– Do not install pirated software
– Freeware and shareware software normally contain
viruses, so check the software before using it.
 Worms
• A worm is a program that copies itself
repeatedly in memory or disk until no space is
left there and computer may stop working in
this situation.
• Worms spreads from one computer to
another computer through networks.
• Some examples of worms are SQL Slammer,
The Blaster Worm, One-Half and cascade.
 Personal Computer security
• Avoid extreme conditions: The computer
system should not be placed in extreme
conditions, it should be safe from direct sun,
rain and extreme temperature.
• Avoid virus: Antivirus software must be
installed on the computer and must be
updated regularly.
 Personal Computer security
• Firewall:
– A firewall is a set combination of hardware and
software that prevents unauthorized access to a
network.
– It works between an organization’s internal network
and the internet.
– It protects data, information and storage media from
unauthorized access.
– It can also be used to stop internal users from
accessing certain sites.
 Personal Computer security
• Passwords:
– Password is a secret word that is used to protect a
computer system or program.
– The user has to type the password to access the
computer system, therefore the system can be
accessed only by the person who knows the
password.
– So the computer and the data stored on it will be
safe and protected.
 Personal Computer security
• Encryption:
– Encryption is a process of encoding data so that only
authorized user may understand and use it.
– Some strong encryption should be used to protect
important files.
• Backup:
– An additional copy of data or information stored on
secondary storage media is called backup.
– It is very important to take backup of data regularly and
store it at a safe and protected place.
 Backup of Data
• An additional copy of data or information
stored on secondary storage media is called
the backup of data.
• The common media for backup are USB flash
drives, magnetic tape, CD and external hard
disk.
 Backup of Data: Purpose
• An important file can be deleted accidentally.
• The user may overwrite a part or whole of an
existing file.
• A mechanical failure in the computer may
result in loss of data.
• A virus may damage the data.
• The computer system may be damaged due to
fire or power failure.
 Backup of Data: Types
• Two ways to take the backup of data are
– Complete backup
– Incremental backup
• Complete backup is the backup of all data on
the hard disk.
• Advantage of this backup is that entire hard disk
is backed-up and whole data can be restored.
• It takes more time and storage capacity.
 Backup of Data: Types
• Incremental backup creates a copy of only the
data that is newly created or modified since
the last backup.
• This process is performed automatically in
some software.
• In this type, entire disk is not copied so it takes
less time and space.
 Antivirus
• Antivirus software is used to detect and remove
viruses, worms and adware etc.
• It contains information about different known
viruses.
• It runs in the background all the time and alerts
the computer user when any virus is detected.
• Some examples are McAfee, AVG, Kaspersky
and NOD32.
 Antivirus: McAfee
• McAfee is an American organization that has
developed an antivirus program called McAfee
VirusScan.
• McAfee
– Automatically detects and removes viruses
– Block adware before it installs on computer
– Remove existing adware
– Protects computer from hackers
– Can also check emails for viruses.
 Antivirus: AVG
• AVG stands for Antivirus Guard and is an
antivirus program developed by AVG
Technologies.
• It protects computer from latest viruses,
worms and other threats.
• The AVG Free Edition is also available that can
be downloaded, however it does not provide
full protection.
 Antivirus
• The antivirus software should be managed
properly to detect and remove viruses, worms
and adware from the computer system.
• Many new viruses are created and spread
continuously.
• The antivirus software must be updated
regularly in order to protect the computer
properly.
 Data Protection Legislation
• The data protection legislation defines the laws
that ensure data protection.
• Many countries have defined data protection
legislation which is based on same basic principles
– The purpose of keeping personal data must be clearly
defined by that organization that obtains the data.
– The individual about whom data is collected must be
informed about the identity of the organization or
individual that collects data.
 Data Protection Legislation
• Some important privacy acts are
• 1980 Privacy Act prohibits agents of federal
government from making unannounced
searches of press office.
• 1984 Cable Communication Policy Act restricts
cable companies in the collection and sharing of
information about their customers. It was the
first legislation to regulate the use of
information processed on computer.
 Data Protection Legislation
• Data Protection Act 1984 protects an individual
from unauthorized use and disclosure of personal
information stored on computer.
• It consists of following eight principles
– The data should be processed fairly and lawfully and may
not be processed unless the data controller can satisfy
one of the conditions for processing set out in the Act.
– Data should be obtained only for specified and lawful
purposes.
– Data should be adequate, relevant and not excessive.
 Data Protection Legislation
– Data should be accurate and, where necessary, kept up to date.
– Data should not be kept longer than is necessary for the purposes
for which it is processed.
– Data should be processed in accordance with the rights of the data
subject under the Act.
– Appropriate technical and organisational measures should be taken
against unauthorised or unlawful processing of personal data and
against accidental loss or destruction of, or damage to, personal
data.
– Data should not be transferred to a country or territory outside the
European Economic Area unless that country or territory ensures an
adequate level of protection for the rights and freedoms of data
subjects in relation to the processing of personal data.
 Data Protection in Pakistan

“PERSONAL DATA PROTECTION BILL

2018”
 PERSONAL DATA PROTECTION BILL 2018

• A new Personal Data Protection Bill 2018 Draft

(the “Bill”) has been proposed by the Ministry
of Information Technology and
Telecommunication (“MOITT”) of Pakistan.
• With this Bill, Pakistan will the wave of new
data protection laws that have been drafted or
passed since Europe’s General Data Protection
Regulation (GDPR).
 PERSONAL DATA PROTECTION BILL 2018

• A new enforcement body, the National Commission

for Personal Data Protection (NCPDP), will be
established under the Bill.
• NCPDP will receive and decide complaints from
individuals, as well as engage, support, guide,
facilitate, train and persuade data controllers, data
processors to ensure protection of personal data.
• The current draft of the Bill has 25 pages with
requirements and individual rights similar to the
GDPR.
 Intellectual Property
• Intellectual property is the unique and original
works such as ideas, inventions, writings and logos
etc.
• Intellectual property rights are such rights which are
given to persons who are the authors or creators of
the new and original literary and artistic works such
as books, articles , other writings ,paintings , musical
compositions, sculpture , films and computer
programs by application of their creativity process
and intellect.
 Intellectual Property
• Intellectual property rights are given to such
individuals to compensate for their efforts
during such creative process and their
investments.
• These rights are given for a certain period of
time and after which general public have the
right to freely benefit from them in their
benefit and use.
 Intellectual Property
• The term intellectual property, covers the following
aspects in the relevant categories namely:
– Copyright: literary, artistic and scientific works
covering books, journals, magazines, written
articles etc. 
– Trademarks: trademarks, merchandise marks,
service marks, commercial names and
designations like logos.
 Intellectual Property
– Patents: inventions like a new form of airplane
engine, a floor cleaner, etc.
– Designs: it includes the shape of a bottle,
machine, model of luxury car or any other
product, etc.