COMPUTER SECURITY

The term computer security is

used frequently, but the content
of a computer is vulnerable to few
risks unless the computer is
connected to other computers on
a network.
The major technical areas
of computer security are
usually represented by the
initials CIA:
 
Confidentiality,
Integrity, and
Authentication or
availability.
• Confidentiality means that
information cannot be access by
unauthorized parties.
Confidentiality is also known as
secrecy or privacy; breaches of
confidentiality range from the
embarrassing to the disastrous.
•
• Integrity means that information is
protected against unauthorized
changes that are not detectable to
authorized users; many incidents of
hacking compromise the integrity
of databases and other resources.
•
• Authentication means that users are
who they claim to be. Availability
means that resources are
accessible by authorized parties;
"denial of service" attacks, which
are sometimes the topic of national
news, are attacks against
availability.
•
 Threats of Data
• Theft of computers and data
• Espionage
• "Hackers“
• Denial of Service attacks
• Incompetent employees
• Hardware failure (e.g. hard disk
crash, file server failure)
• Operating system failure
• Software failure
•
COMPUTER VIRUS
A co m p u te r viru s is a m a licio u sly cre a te d
so ftw a re p ro g ra m th a t is w ritte n fo r th e
exp re ss p u rp o se o f ca u sin g d a m a g e to a
co m p u te r syste m

A viru s typ ica lly h a s th re e p h a se s

•Infection
•Replication
•Execution
• Many worms are designed to simply spread themselves, but even at this very
lowest level of threat, worms are bad for a network and a computer because
of the extra bandwidth they consume. In serious cases like the Mydoom
worm, severe network degradation can result.
•

• Payload: A "payload" (a term adopted from a bomber's bomb capacity) is code in

the worm that does more than just distribute itself. It might:
– delete files
– encrypt files in a cryptoviral extortion attack (where
victims' files are made accessible again only if a ransom
is paid)
– send sensitive documents
– install a backdoor in the infected computer to let it be
remote-controlled by the worm's author to participate in
a botnet DDOS (Distributed Denial Of Service) attack, or
sending floods of spam.
– install a keylogger which records all keystrokes (including
bank account logins, credit card information, site
passwords etc) and mails them back to the worm's
author.
 Phishing
• Phishing emails often get an
unsuspecting user to download and
open a worm. Typical methods are to
open an attachment, view a supposed
'e-greeting card', or visit a website
that hosts the worm.
• The term "worm"' was first used in John
Brunner's 1975 novel,
The Shockwave Rider in which a man
designs and sets off a data-gathering
worm in an act of revenge against the
powerful men who run a national
electronic information web that
induces mass conformity.
Payload:
•

– Once infected by a Trojan, it burrows into the

depths of your system and actively hides itself
from detection: some even try to disable your
antivirus and firewall protection.
•

• Adware: A trojan may modify the victim's

computer to display advertisements in places,
such as the desktop or in uncontrollable pop-
ups, or may install a toolbar on to the user's
Web browser without permission.
– They carry out nefarious deeds such as:
– installing keyboard loggers, which record when
you type in bank account details, passwords,
credit card numbers etc. When the log is full,
the trojan uses its built-in email software to
"phone home" and pass your sensitive
information to the hacker.
– acting as a spam distributor: when the spam is
detected, your ISP account gets cancelled, not
the hacker's!
 Trojans can be installed
through:
• Infected software downloads
• Bundling (e.g. as an inconspicuous part of a
pirated application downloaded from a
torrent site)
• Email attachments
• Websites containing executable content
(e.g. an ActiveX control)
• Exploiting flaws in browsers, media players,
IM clients, etc to allow
• Spread: Trojans can be spread by misleading
computer users into installing it, or by
installing itself by exploiting system
weakness.
•
 Spyware
• Spyware is a type of malware that secretly
collects information about users without
their knowledge. Spyware typically hides
from users and can be difficult to detect.
Information might include:
• Internet surfing habits and sites that have
been visited
• personal information
• logins and passwords
• banking information
• credit card details
 Spyware Cont
• They can also actively be programmed
to
– redirect Web browser activity
– change computer settings
– change home pages
– turn off firewalls or antivirus scanners
– download additional unrequested
software
• Some spyware is installed by employers
to monitor staff performance and
behaviour.
• Most anti-virus suites (e.g. Microsoft
 Antivirus software
• Computer viruses pose significant threats to the
security and efficient running of both stand-alone
computers and networks. They can disclose user
passwords, steal information, destroy data, install
"back doors" to let hackers in, clog print queues,
disrupt Internet traffic, overload email servers - and
new threats appear daily.
•

• It is crucial that both network servers and

workstations are always running reputable virus
scanners using up-to-date virus definitions. Using
old virus definitions is worse than using no virus
scanning at all, since computers are vulnerable
while their users work under the misapprehension
that they are safely protected.
•

• Most anti-virus suites (e.g.