KOLEJ MATRIKULASI KEDAH

06010 CHANGLUN, KEDAH

SC015 COMPUTER SCIENCE 1

WRITING ASSIGNMENT
3.3 COMPUTER SECURITY RISKS
3.4 COMPUTER SECURITY MEASURES

PREPARED BY : RAS ADILAH BINTI MOHD SALLEH

MATRIC NO : MS2018107686
CLASS : B4T4
LECTURER : PUAN NURUL AKMAR BINTI MOHD SALLEH
DATE OF SUBMISSION : 24 SEPTEMBER 2020
 Table of Contents

1.0 INTRODUCTION 3

2.0 SECURITY RISKS 3

a. Risk 1 4
b. Risk 2 4
c. Risk 3 4
d. Risk 4………………………………………………………………………………..5

3.0 SECURITY MEASURES 6

a. Measure 1 6
b. Measure 2 7
c. Measure 3 8
d. Measure 4……………………………………………………………………………8
e. Measure 5…………………………………………………………………………...9

4.0 CONCLUSION 9

References

Attachment 1: TABLE

2
1.0 INTRODUCTION

Computer security basically is the protection of computer systems and information

from harm,theft and unautharized used. It is the process of preventing and detecting
unautharized use of your computer system. Computer security also can be defined as
controls that are put in place to provide confidentially,integrity and availability for all
components of computer system. The importance of security is to prevent from data
loss,damage or misuse because nowadays,people rely on computers to create,store and
manage critical information.In this digital era, we all want to keep our computers and our
personal information secure and hence computer security is important to keep our personal
information protected. It is also important to maintain our computer security and its overall
health by preventing viruses and malware which would impact on the system performance.

2.0 SECURITY RISKS

Security risk is any event or action that could cause a loss of or damage to
computer hardware,software,data,information or processing capability. A computer security
risk is really anything on your computer that may damage or steal your data or allow
someone else to access your computer, without your knowledge or consent. There are a lot
of different things that can create a computer risk, including malware, a general term used
to describe many types of bad software. We commonly think of computer viruses, but, there
are several types of bad software that can create a computer security risk, including viruses,
worms, ransomware, spyware, and Trojan horses. Misconfiguration of computer products as
well as unsafe computing habits also pose risks.

3
a. Risk 1

The first one is information theft. Information theft is the act of stealing personal or
confidential information such as a person’s name,bank account number and company’s
financial data. Identity theft is a specific type of information theft which occurs when
someone steals and uses other’s personal information for a financial gain. This can be
related to the scenario given in the article when Australia and New Zealand logistics
provider Henning Harders has been attacked by ransomware criminals who are threatening
to publish information stolen from the company on the web.

b. Risk 2

The second type of security risk involved is unauthorized use. Unauthorized use
refers to the use of a computer or its data for unapproved or possibly illegal activities.
Unauthorized use can have serious security implications. For example,an employee uses his
office computer to send personal e-mail messages or an employee uses his company’s
landscaping software to a landscape design for his house. This situation can ease the
ransomware criminal to access the company’s data. From the article,the evidence for
unauthorized use is ransomware criminal threatening to publish information stolen from the
company on the web and ransomware criminals Maze have claimed responsibility for the
March 15 attack but not yet published any of the data that might have been taken.

c. Risk 3

Next,malicious code is also the security risk involved which refer to any code that is
intended to cause undesired effects,security breaches or damage to a system. Malicious
code will be activated on a computer when a user opens an infected file,an infected e-mail
attachments,runs an infected program and connects an unprotected computer to a network.
Malicious code can be detected when the files become corrupted or disappear and an
unknown program or files mysteriously appear. Based on the scenario given in the article,the
company “became aware of unusual activity on our systems which appears to be the result
of an organised attack” and include the evidence when the attack on Toll Group saw up to
1000 servers being hit by ransomware,which impacted around 500 corporate applictions and
compromised Active Directory systems serving the company.

4
d. Risk 4

The last type of security risk that involved in the scenario given in the article is
software theft which is the act of stealing software media,intentionally erasing
programs,illegally copying a program or illegally registering a program. Software theft may
be carried out by individuals, groups or, in some cases, organizations who then distribute the
unauthorized software copies to users.This proven in the article when some customer
commercial data may have been accessed.

5
3.0 SECURITY MEASURES

Security measures mean the precautionary measures taken toward possible

danger or damage that could harms your computer systems. There are a few security
measure up,cryptography,anti-virus,anti-spyware,firewall,physical access control and human
aspect;awareness.

a. Measure 1

First security measure is cryptography. Cryptography involves the process of

encryption and decryption. Encryption is a process of converting readable data into
unreadable characters to prevent unauthorized access of files or data meanwhile,decryption
is a process of converting unreadable data into readable characters to prevent unauthorized
access of files or data. Cryptography technique can be implemented to safeguard against
information theft by encryption and decryption process that should be related to the
scenario that Australia and New Zealand logistics provider Henning Harders has been
attacked by ransomware criminals who are threatening to publish the information stolen
from the company on the web.

This cryptography technique can also be implemented to safeguard against

unauthorized use by converting readable data into unreadable characters,so that the file or
data can be prevented from accessed by cyber criminals that should be related to
ransomware criminals Maze have claimed responsibility for 15 March attack but not yet
published any of the data that might have been taken.

6
b. Measure 2

Next,firewall is a network security system designed to prevent unauthorized

access from other network to a private network. A personel firewall is a utility program that
detects and protect a personal computer and its data from unauthorized intrusions such as
unauthorized use that should be related to the scenario ransomware criminal Maze have
claimed responsibility for 15 March attack but not yet published any of the data that might
have been taken.

Firewall also used to overcome another risk such as malicious code detect and
protect the data drom any viruses,worms and trojan horse that should be related to the
scenario that the company “became aware of unusual activity on our system which appears
to be the result of an organised attack” and include the evidence which the attack on Toll
Group saw up to 1000 servers being hit by ransomware,which impacted around 500
corporate applictions and compromised Active Directory systems serving the company.

Besides,this security measure also can overcome information theft and

software theft by detects and protects a personal computer and its data from unauthorized
intrusions. Information theft should be related to the scenario which Australia and New
Zealand logistics provider Henning Harders has been attacked by ransomware criminals who
are threatening to publish information stolen from the company on the web. Hence,for the
software theft should be related to the scenario that some customer commercial data may
have been accessed.

7
c. Measure 3

Another security measure is data backup which duplicate of file,program or disk

that can be used if the original lost,damaged or destroyed. Backups can be stored in any
storage media such optical disc or external hard disk and should be kept in a fireproof and
heatproof room or offsites. Cloud storage is becoming popular as an offsite storage to store
backups. Users should perform backup regularly to protect against data loss than may
happen due to the security risks. Data backup can protect the computer systems from
attacked by malicious code which should be related to the evidence when the company
“became aware of unusual activity on our systems which appears to be the result of an
oraganised attack and the evidence when the attack on Toll Group saw up to 1000 servers
being hit by ransomware,which impacted around 500 corporate applictions and
compromised Active Directory systems serving the company.

d. Measure 4

Afterwards, malicious code also can be prevented by antivirus which is the

program that protect computer against viruses by indentifying and removing viruses found
in memory,on storage media or on incoming files. Most antivirus programs also protect
against worms and trojan horses,and also contain spyware removers,internet filters and
other utilities. Antivirus must be installed and its virus definition should be updated regularly
to protect against malicious code infections that should be related to the scenario when the
company “became aware of unusual activity on our systems which appears to be the results
of an organised attack” and the scenario when the attack on Toll Group saw up to 1000
servers being hit by ransomware,which impacted around 500 corporate applictions and
compromised Active Directory systems serving the company.

8
e. Measure 5

There are also security measure named anti-spyware that is a type of program
designed to detect and prevent spyware installation. Anti-spyware programs monitor
incoming data programs from email,or websites and stop spyware programs from getting an
access to the computer operating system. Anti-spyware stop spyware programs from getting
an access to the computer operating system such as software theft that should be related to
the scenario in the article when there is some customer commercial data may have been
access.

4.0 CONCLUSION

As a conclusion,there are many types of security risks and security measures.

Security risk is any event or action that could cause a loss of or damage to computer
hardware,software,data,information or processing capability while security measures mean
the precautionary measures taken toward possible danger or damage that could harms your
computer systems. People nowadays should know about computer security so that the
computer can be protected at all cost. Ignoring the security risk could result in unintended
consequences. Therefore,by completing this task I have learnt how to detect the security
risks and how to overcome the risks using the security measures.

REFERENCES

9
1. China Business Review,Est 1974.Unauthorized Use and Legal Management. Retrieved
from https://www.chinabusinessreview.com/electronic-chops-unauthorized-use-and-
legal-risk-management-in-china/
2. Edureka!.(2020).What is Computer Security. Retrieved from
https://www.edureka.co/blog/what-is-computer-security/
3. Study.com,(2003-2020).What is Security Risk. Retrieved from
https://study.com/academy/lesson/what-is-a-computer-security-risk-definition-
types.html
4. Techopedia.com.(2017).What is Software Theft. Retrieved from
https://www.techopedia.com/definition/22203/software-theft

10
11