Information security system notes

What are computer threats

In computer security, a threat is a potential negative action or event facilitated by a vulnerability
that results in an unwanted impact to a computer system or application.
A threat can be either a negative "intentional" event (i.e. hacking: an individual cracker or a
criminal organization) or an "accidental" negative event (e.g. the possibility of a computer
malfunctioning, or the possibility of a natural disaster event such as an earthquake, a fire, or a
tornado) or otherwise a circumstance, capability, action, or even

Types of computer threat

1. SPYWARE
one of many types of computer crime, spyware screens your online exercises or secretly installs
programs for a benefit or to catch private data. We’ve amassed an abundance of information that
will help you battle spyware dangers and remain safe on the web. While numerous clients won’t
have any desire to hear it, understanding terms and conditions is a decent method to fabricate a
comprehension of how your movement is followed on the web. Furthermore, obviously, if an
organization you don’t perceive is publicizing an arrangement that appears to be unrealistic, be
certain you have a web security arrangement set up and click with caution.
2. WORMS
PC worms are bits of malware programs that reproduce rapidly and spread starting with one PC
then onto the next. Curiously, they are not generally intended to cause harm; there are worms
that are made just to spread. Transmission of worms is likewise regularly done by misusing
software weaknesses. Antivirus software is the first preventive measure on how to prevent
computer worms.
3. PHISHING
Phishing is a technique of social engineering with the objective of getting confidential
information, for example, passwords, usernames, charge card numbers. The assaults regularly
come as texts or phishing messages intended to seem authentic. The receiver of the email is
made to open a malevolent link unknowingly, which prompts the installation of malware on the
receiver’s PC. It can likewise acquire individual data by sending an email that has all the
earmarks of being sent from a bank, requesting to confirm your personality by disclosing your
private data.
4. PREDATORS AND HACKERS
Individuals, not PCs, make computer security attacks and malware. hackers and predators are
software engineers who exploit others for their own benefit by breaking into a computer system
to take, change, or annihilate data as a type of cyber-terrorism. such predators can bargain credit
care information, lock you out of your information, and take your identity. As you may have
speculated, online security instruments with protection from identity theft are one of the best
approaches to shield yourself from this brand of the cybercriminal.
5. MAN-IN-THE-MIDDLE ATTACKS
Man-in-the-middle assaults are cybersecurity assaults that permit the assailant to listen in on
conversations between two targets. It can tune in to a conversation that should, in typical
settings, be private.
6. MALVERTISING
Online advertisements are everywhere. They’re annoying, yet sometimes … oddly useful.
However, not every online ad is created similarly. In fact, some are created with downright
malicious intentions. Malvertising, in particular, is a nusance. It can infect your computer with
no click necessary. All you need to do is load the website. The ultimate objective of Malvertising
normally includes ransomware. To contaminate your system, the malevolent advertisement
depends on weaknesses — all in all, obsolete parts. Along these lines, a couple of things become
self-evident:
7. INTERNAL THREATS
Like Verizon makes reference to in its most recent information penetrate report, inward digital
dangers aren’t constantly covered with tricks and enormous aftermaths. All things considered,
most of the inner assaults include straightforward vindictive acts — like perusing an associate’s
messages or seeing information they shouldn’t have seen
It might appear as though there’s nothing you can do with regards to internal computer security
threats. However, that is not really the situation. This is what you need to know:
Make detailed approaches and procedures, so workers have a perfectly clear diagram of how to
carry on.
Depend on administrator rights to restrict admittance to confidential information.
8. TROJAN HORSE
Figuratively, a “trojan horse” alludes to fooling somebody into welcoming an aggressor into a
safely protected area. In case you’re perusing this to remain protected from these kinds of
assaults, later on, there are a couple of best practices in addition to installing cybersecurity
software to help guard yourself:
 Never download or install software from a source you don’t trust totally
 Never open a link or run a program shipped to you in an email from somebody you don’t
have the foggiest idea about.
 Ensure a Trojan antivirus is installed and running on your PC
9. COMPUTER VIRUS
Cautiously assessing free software, downloads from distributed record sharing destinations, and
messages from obscure senders are vital to dodging infections. Most internet browsers today
have security settings that can be increased for an ideal safeguard against online dangers.
However, the absolute best method of fighting off viruses is up-to-date antivirus programming
from a legitimate supplier.
10 . BRUTE FORCE ATTACKS
With one basic instrument and a couple of hours, a hacker can go through a great many
passwords with next to zero exertion included. Known as a Brute Force Attack, this particular
digital danger should be each online client’s more terrible dread — most in light of the fact that
most the online passwords are still combinations like “password123” and “123456”. if need to
conquer a password-hacking tool, what you need to zero in on is making strong, difficult to-
break passwords. keep these nuts and bolts to remember:
 use characters and numbers both.
 Expressions are ideal (however not basic ones).
 Never utilize one secret word for various records.

How to protect your data online

If you are wondering how to ensure internet protection and how to protect your data online,
sensible internet security tips you can follow include:
Enable multifactor authentication wherever you can
Multifactor authentication (MFA) is an authentication method that asks users to provide two or
more verification methods to access an online account. For example, instead of simply asking for
a username or password, multifactor authentication goes further by requesting additional
information, such as:
 An extra one-time password that the website's authentication servers send to the user's
phone or email address.
 Answers to personal security questions.
 A fingerprint or other biometric information, such as voice or face recognition.
 Multifactor authentication decreases the likelihood of a successful cyber-attack. To make
your online accounts more secure, it is a good idea to implement multifactor
authentication where possible. You can also consider using a third-party authenticator
app, such as Google Authenticator and Authy, to help with internet security.
 Use a firewall
A firewall acts as a barrier between your computer and another network, such as the
internet. Firewalls block unwanted traffic and can also help to block malicious software
from infecting your computer. Often, your operating system and security system come
with a pre-installed firewall. It is a good idea to make sure those features are turned on,
with your settings configured to run updates automatically, to maximize internet security.
  Choose your browser carefully
Our browsers are our primary gateway to the web and therefore play a key role in internet
security. A good web browser should be secure and help to protect you from data
breaches. The Freedom of the Press Foundation has compiled a detailed guide here,
explaining the security pros and cons of the leading web browsers on the market.

 Create strong passwords, and use a secure password manager

 A strong password will help you maintain internet security. A strong password is:

 Long – made up of at least 12 characters and ideally more.

 A mix of characters – that is, upper- and lower-case letters plus symbols and
numbers.
 Avoids the obvious – such as using sequential numbers (“1234”) or personal
information that someone who knows you might guess, such as your date of birth or a
pet’s name.
 Avoids memorable keyboard paths.
 These days, it’s no longer enough to substitute lookalike characters for letters or
numbers – for example, “P@ssw0rd” for “password” – since hackers are wise to it.
The more complex and involved your password, the harder it is to crack. Using a
password manager will help – by generating, storing, and managing all your
passwords in one secure online account.
 Keep your passwords private – avoid sharing them with others or writing them down. Try
to avoid using the same password for all your accounts and remember to change them
regularly.
 Keep an up-to-date security program installed on your devices
 Internet security antivirus is critical for ensuring privacy and security online. The best
internet security software protects you from different types of internet attacks and
protects your data online. It’s important to keep antivirus software up to date – most
modern programs update themselves automatically to stay on top of the latest internet
security

How to keep your email safe

Email was designed to be as open and accessible as possible, to allow people to communicate
with each other. The drawback of this accessibility is that certain aspects of email are not secure,
allowing attackers to use emails to cause internet security problems.

What is email security?

Email security refers to the methods used to protect email accounts and correspondence against
unauthorized access, loss, or compromise. Given that email is often used to spread malware,
spam, and phishing attacks, email security is an important aspect of internet security.

How to deal with email spam

Spam emails – also known as junk emails – are unsolicited messages sent out in bulk. Most
email providers use algorithms to filter out spam messages, but they can still appear in your
inbox despite this. Steps to take include:
 Mark spam emails as spam – this will help the email provider to refine their spam
filtering. How to mark a message as spam will vary depending on which email client you
use – Outlook, Gmail, Apple Mail, Yahoo Mail, and so on.
 Never click on a link or open an attachment in a spam email. Doing so could mean you
download malware onto your device. At the very least, you confirm to the spammers that
yours is an active email account, incentivizing them to send more spam.
 Be careful about where you disclose your email address. It's a good idea to have a
secondary, throwaway email account that you use solely for email sign-ups and
subscriptions, separate from the one you use for friends and family and separate from the
one you use for work.
 Most email providers will offer privacy settings – review these and make sure they are set
to a level you feel comfortable with.
 Look into third-party email spam filters. These provide an additional layer of
cybersecurity, as emails have to travel through two spam filters before getting to you –
your email provider’s spam filter plus the third-party app.

What Is a Network Attack?

A network attack is an attempt to gain unauthorized access to an organization’s network, with the
objective of stealing data or perform other malicious activity. There are two main types of
network attacks:

 Passive: Attackers gain access to a network and can monitor or steal sensitive
information, but without making any change to the data, leaving it intact.
 Active: Attackers not only gain unauthorized access but also modify data, either deleting,
encrypting or otherwise harming it.

What are the Common Types of Network Attacks?

Following are common threat vectors attackers can use to penetrate your network.

1. Unauthorized access
Unauthorized access refers to attackers accessing a network without receiving permission.
Among the causes of unauthorized access attacks are weak passwords, lacking protection against
social engineering, previously compromised accounts, and insider threats.
2. Distributed Denial of Service (DDoS) attacks
Attackers build botnets, large fleets of compromised devices, and use them to direct false traffic
at your network or servers. DDoS can occur at the network level, for example by sending huge
volumes of SYN/ACC packets which can overwhelm a server, or at the application level, for
example by performing complex SQL queries that bring a database to its knees.

3. Man in the middle attacks

A man in the middle attack involves attackers intercepting traffic, either between your network
and external sites or within your network. If communication protocols are not secured or
attackers find a way to circumvent that security, they can steal data that is being transmitted,
obtain user credentials and hijack their sessions.

4. Code and SQL injection attacks

Many websites accept user inputs and fail to validate and sanitize those inputs. Attackers can
then fill out a form or make an API call, passing malicious code instead of the expected data
values. The code is executed on the server and allows attackers to compromise it.

5. Privilege escalation
Once attackers penetrate your network, they can use privilege escalation to expand their reach.
Horizontal privilege escalation involves attackers gaining access to additional, adjacent systems,
and vertical escalation means attackers gain a higher level of privileges for the same systems.

6. Insider threats
A network is especially vulnerable to malicious insiders, who already have privileged access to
organizational systems. Insider threats can be difficult to detect and protect against, because
insiders do not need to penetrate the network in order to do harm. New technologies like User
and Even Behavioral Analytics (UEBA) can help identify suspicious or anomalous behavior by
internal users, which can help identify insider attacks.

Explain firewall and Types of Firewall

There are mainly three types of firewalls, such as software firewalls, hardware firewalls, or both,
depending on their structure. Each type of firewall has different functionality but the same
purpose. However, it is best practice to have both to achieve maximum possible protection.
A hardware firewall is a physical device that attaches between a computer network and a
gateway. For example- a broadband router. A hardware firewall is sometimes referred to as
an Appliance Firewall. On the other hand, a software firewall is a simple program installed on a
computer that works through port numbers and other installed software. This type of firewall is
also called a Host Firewall.

Besides, there are many other types of firewalls depending on their features and the level of
security they provide. The following are types of firewall techniques that can be implemented as
software or hardware:

o Packet-filtering Firewalls
o Circuit-level Gateways
o Application-level Gateways (Proxy Firewalls)

Packet-filtering Firewalls

A packet filtering firewall is the most basic type of firewall. It acts like a management program
that monitors network traffic and filters incoming packets based on configured security rules.
These firewalls are designed to block network traffic IP protocols, an IP address, and a port
number if a data packet does not match the established rule-set.

While packet-filtering firewalls can be considered a fast solution without many resource
requirements, they also have some limitations. Because these types of firewalls do not prevent
web-based attacks, they are not the safest.

Circuit-level Gateways

Circuit-level gateways are another simplified type of firewall that can be easily configured to
allow or block traffic without consuming significant computing resources. These types of
firewalls typically operate at the session-level of the OSI model by verifying TCP (Transmission
Control Protocol) connections and sessions. Circuit-level gateways are designed to ensure that
the established sessions are protected.

Typically, circuit-level firewalls are implemented as security software or pre-existing firewalls.

Like packet-filtering firewalls, these firewalls do not check for actual data, although they inspect
information about transactions. Therefore, if a data contains malware, but follows the
correct TCP connection, it will pass through the gateway. That is why circuit-level gateways are
not considered safe enough to protect our systems.

Application-level Gateways (Proxy Firewalls)

Proxy firewalls operate at the application layer as an intermediate device to filter incoming
traffic between two end systems (e.g., network and traffic systems). That is why these firewalls
are called 'Application-level Gateways'.

Unlike basic firewalls, these firewalls transfer requests from clients pretending to be original
clients on the web-server. This protects the client's identity and other suspicious information,
keeping the network safe from potential attacks. Once the connection is established, the proxy
firewall inspects data packets coming from the source. If the contents of the incoming data
packet are protected, the proxy firewall transfers it to the client. This approach creates an
additional layer of security between the client and many different sources on the network

Cloud Firewalls

Whenever a firewall is designed using a cloud solution, it is known as a cloud firewall or FaaS
(firewall-as-service). Cloud firewalls are typically maintained and run on the Internet by third-
party vendors. This type of firewall is considered similar to a proxy firewall. The reason for this
is the use of cloud firewalls as proxy servers. However, they are configured based on
requirements.

The most significant advantage of cloud firewalls is scalability. Because cloud firewalls have no
physical resources, they are easy to scale according to the organization's demand or traffic-load.
If demand increases, additional capacity can be added to the cloud server to filter out the
additional traffic load. Most organizations use cloud firewalls to secure their internal networks or
entire cloud infrastructure.