Computer Security

10 Sept 2024
th
Definition
Computer security refers to
techniques developed to
protect systems and
information stored on
computers.
Computer security is also
known as cyber security.

Computer security is mainly

concerned with three main
areas, demonstrated by the
CIA triad:
Importance of Computer Security
1. To Protect Personal Information
2. To Protect Company Properties
3. To Prevent Data Theft
4. To Prevent Malware and Viruses
5. To Protect systems From Unauthorized
Access
6. To ensure proper functioning of
hardware systems
7. To protect the network from being
hacked
Types of computer security
1. Information security is securing information from
unauthorized access, modification & deletion
2. Application Security is securing an application by
building security features to prevent from Cyber
Threats.
3. Computer Security means securing a standalone
machine by keeping it updated and patched
4. Network Security is by securing both the software
and hardware technologies from cyber attacks.
5. Cybersecurity is defined as protecting computer
systems, which communicate over the computer
networks
threats

A threat refers to anything that has the

potential to cause serious harm to a
computer system.
A threat is an activity/ attack/ situation
that may happen, with the potential to
cause serious damage.
The threats could be intentional,
accidental or caused by natural disasters.

Computer threats are categorized in two

Physical threats are threats that
damage the hardware eg theft,
vandalism, overuse, poor storage,
inadequate maintenance, and natural
hazards, Infrastructure failure. Etc

Logical threats are threats that

damages software systems, data, or
network without actually damaging your
hardware. Eg Viruses, DoS attacks,
phishing, and Trojans etc
Computer attacks
A cyberattack is a malicious and deliberate
attempt by an individual or organization to breach
the information system of another individual or
organization.
An attack can be active or passive.
Active attacks are a type of cybersecurity
attack in which an attacker attempts to alter,
destroy, or disrupt the normal operation of a
system or network..
A “passive attack” attempts to monitor or
make use of information from the system but
does not affect system resources.
 Differences between active and passive attack
Active Attack
Modification in information takes place.
Is a danger to Integrity as well as availability.
A attention is on prevention.
Victim gets informed about the attack.
System resources can be changed.
Is tough to restrict from entering systems or
networks.
Can be easily detected.
the original information is modified.
The duration of an active attack is short.
Passive Attack
No modification in the information take
place.
Is a danger to Confidentiality.
While in passive attack attention is on
detection.
Victim does not get informed about the
attack.
System resources are not changing.
Is easy to prohibit in comparison to active
attack.
Very difficult to detect.
original information is Unaffected.
The duration of a passive attack is long.
Types of attacks
1. Malware
Malware can be used for a range of objectives
from stealing information, to defacing or
altering web content, to damaging a
computing system permanently. Examples of
malware: virus, worms, Trojan horse, adware,
spyware, ransomware, rootkits, botnets.
Ransomware. This is malware that uses
encryption to deny access to resources (eg.
user’s files), usually in an attempt to force the
victim to pay a ransom.
2. Denial-of-service (DoS) attacks
overwhelm the target system so it cannot
respond to legitimate requests.
3. Distributed denial-of-service (DDoS)
attacks are similar but involve multiple host
machines.
4. SQL Injection
SQL injection is a type of attack which is
specific to SQL databases. SQL databases use
SQL statements to query the data, and these
statements are typically executed via an
HTML form on a webpage.
5. Social engineering attack involves
impersonating a trusted person or entity,
and tricking individuals into granting an
attacker sensitive information,
transferring funds, or providing access to
systems or networks.
6. Phishing attacks occur when a
malicious attacker sends a message that
appears to be from a trusted and
legitimate source and obtains sensitive
information from a target .
7. MitM Attacks
Man-in-the-Middle (MitM) attacks are
breaches that allow attackers to intercept the
data transmitted between networks, computers
or users. The attacker can also modify messages
before sending them on to the intended recipient.
8. Zero-day Exploit
A zero-day exploit is where cyber-criminals learn
of a vulnerability that has been discovered in
certain widely-used software applications and
operating systems, and then target organizations
who are using that software in order to exploit
the vulnerability before a fix becomes available.
Cryptojacking is where cybercriminals
compromise a user’s computer or device and
use it to mine cryptocurrencies, such as Bitcoin.
10. Cross-site Scripting (XSS) Aattacks
Cross-site scripting attacks are quite similar to
SQL injection attacks, although instead of
extracting data from a database, they are
typically used to infect other users who visit the
site.
11.Password Attack
A password attack, as you may have already
guessed, is a type of cyber-attack where an
attacker tries to guess, or “crack” a user’s
12. Eavesdropping Attacks
Sometimes referred to as “snooping” or
“sniffing”, an eavesdropping attack is where the
attacker looks for unsecured network
communications in an attempt to intercept and
access data that is being sent across the
network.
13. Insider Threats
Insider threats, which consist of current or
former employees, present a significant danger
to organizations due to their unrestricted access
to the company network, including sensitive
data and intellectual property.
Sources of virus and other attacks
1. Opening suspicious email attachments
2. Attaching unsecured removable or external
storage devices (e.g., flash drives, external hard
drives, memory cards)
3. Accessing malicious websites
4. Clicking malicious ads (adverts)
5. Downloading malicious and unlicensed
applications
6. peer-to-peer file sharing
7. installing cracked / pirated software
8. Bluetooth file transfers
9. unpatched software
Threat protection / protection against
attacks
> Ensure that you have the latest and
greatest anti-malware/spam protection
software installed.
> Ensure that your staff is trained to identify
malicious emails and websites.
> Keep all software patched and up-to-date.
> Only use administrator accounts when
absolutely necessary.
> Ensure that HTML form input validation .
> Monitor your network for malicious activity,
> Use end-to-end encryption
> Using a VPN (a virtual private network)
> Have a strong password policy, and use multi-factor
authentication where possible.
> Use salting. Extending the number of characters in
a password to make it complex
> Using firewall and intrusion detection systems (IDS)
> Always look for “HTTPS” at the beginning of each
URL
> Implement strong authentication and access
controls
> Carry out penetration tests to identify vulnerabilities
> Encryption
> Regular backup
Cyber crimes
Cybercrime refers to criminal conduct committed
with the aid of a computer or other electronic
equipment connected to the internet.
A cybercrime is also explained as a type of
crime that targets or uses a computer or a group
of computers under one network for the purpose
of harm.

Cybercrimes are committed using computers

and computer networks. They can be targeting
individuals, business groups, or even
governments.
Types of cyber crimes
1. Identity theft and fraud
2. Cyberstalking. This kind of
cybercrime involves online harassment
3. Social Engineering. Social
engineering involves criminals making
direct contact with you usually by phone
or email.
4. Online Scams. These are usually in
the form of ads or spam emails that
include promises of rewards or offers of
5. Sexting and pornography
6. Cyber bullying
7. Black hat hackers
8. Cyber terrorism
8. Blackmail
9. Unwanted content
10. Ransomware
11. Cyber harassment
12. Cyber sex trafficking
1. Masquerade. An attacker pretends to be
someone else in order to gain access to systems or
data.
2. Modification of messages. A message is
altered or that message is delayed or reordered to
produce an unauthorized effect.
3. Repudiation. An attacker attempts to deny or
repudiate actions that they have taken
4. Replay. This aim of the attacker is to save a
copy of the data originally present on that
particular network and later on use this data for
personal uses.
5. Denial of Service. This is designed to make a
system or network unavailable to its intended users
Homework
Qn1. Differentiate between physical security
and logical security. Give examples of each.
Qn2. How to prevent cyber attacks? ie how to
protect computer systems.
Qn3. What mechanisms can we use to
prevent phishing attacks?
Qn4. (a) List the causes of Physical threats.
(b) List the causes of logical threats.
Qn5. Compare and contrast works and virus.
Qn6. To control access to systems data, what
authentication mechanisms can be used?