BASIC

SECURITY
CONCEPT
PRESENTED
BY GROUP
1.
 Syed Ali Saim Hassan Ali

Masoomah Hussnain
Group Representer : KHADIJA
Shabbir Ali

Group Aftab Ahmad

members
INTRODUCTIO
N:
Basic security concepts are fundamental
principles designed to protect information,
systems and resources from threats.
These concepts are crucial because they
protect sensitive information, ensure
accessibility and built trust.

Presentation Title 3
 Threats to user security
refer to risks that can
compromise a user's
personal information,
data, or safety, often
THREAT through digital means.
S TO
USER.
Phishing Spyware Malware
IDENTITY
THEFT:
Identity theft is when someone illegally obtains and uses another person’s
personal information—like their name, Social Security number, credit card
number, or bank account details without permission.

PREVENTION
TYPES S:
• Financial • Protect
personal
• Criminal information
• Use passwords.
• Medical • Monitor credit
card details
PURPOSE
• To commit CONSEQUEN COMMON
fraud. CES METHODS
• To make
• Financial loss
purchases.
• Emotional
• Data
stress breaches
• Time and • Skimming
Efford. • Phishig

5
 ONLINE THEFT:
Online theft, or cyber theft, is the illegal act of
stealing personal, financial, or intellectual property
through internet-based methods. This often
includes hacking, phishing, and other digital fraud
techniques.

PURPOSE COMMON
TECNIQUES
Online thieves aim to • Hacking
steal money, sensitive • Social Engineering
data, or personal • Malware
information, which they
• Keylogging
can use for financial
gain or sell on illegal
markets.

Presentation Title
ONLINE Online fraud is the intentional deception conducted over the

FRAUD: internet to steal money, personal information, or assets from

individuals or businesses.

• Investment
• Financial losses
Scams
Aim to steal • Identity thief
• E-Commerce
money, • Reputational
frauds • Spoofing
sensitive data, damage
or personal • Charity • Malware
• Emotional
information scams • Fake Ads distress
• Auction
LOSS OF
PRIVACY:
Privacy loss of a user refers to the
unauthorized exposure, access and
use of personal data and
information about an individual.
DATA BREACHING:
Gain of access to sensitive data by an
organization
TRACKING:
Process of collecting and monitoring
information about an individual.
Improper handling of sensitive data:
Failure of protect and manage
sensitive data in a secure way.
 ONLINE SY[ING TOOL:

PACKET APPS IN
Phishing COOKIES:
tools: SNIFFERS: MOBILE:

Tools used to Used to monitor

Involve fake Small text files
monitor and everything from
websites or stored in a
capture data calls, text
emails designed user's browser
packets that messages,
to deceive that track online
travel over a location,
individuals by activities.
network. photos, and app
pretending to
usage on a
be a
smartphone.
trustworthy
entity.
DOT CONS:
Online fraud, scams and other
related activities designed to steal
money or other resources from
individual or business these are
called dot cons.
E-commerce Scams:
Websites designed to trick consumers into
buying products or services that don't exist
Investment Scams:
Involve fraudsters promising high
returns on investments in fake
companies.
Fake Job Scams:
Exploit individuals looking for employment by
offering fake opportunities in exchange for
personal information.
PRECAUTIONS:
• Use password manager to generate and store complex
passwords.
• Use reputable security software at provides comprehensive
protection, including real-time protection, web security, and
anti-phishing features.
• Always use encrypted messaging apps for secure
communication.
• Don't share personal information, especially passwords or
credit card details, over email, text, or social media.
• Be cautious about filling out online forms and surveys,
especially if they ask for excessive details that aren’t
necessary.
• Avoid using public Wi-Fi for sensitive activities like banking.
Presentation Title

THREATS
TO DATA
THREATS TO DATA ARE RISK OR
DANGER THAT CAN HARM OR STEAL
INFORMATION LIKE PERSONAL
DETAILS, PHOTOS, DOCUMENTS,
AND BUSINESS RECORDS.
Data Breach: Unauthorized access to
sensitive data.
Data Loss/Theft: Physical theft or
accidental deletion.
Insider Threats: Insider threats are risk posed
by individuals within an organizations, like
employees or contractors, who may access the
misuse their access to harm the organization’s data
or system.
Phishing and Social Engineering:
Phishing and social engineering are techniques
used by attackers to manipulate individuals into
sharing sensitive information or compromising
security protocols like emails, texts, websites,
passwords or financial information.
 DATA LOSS:
Data loss is when
Data Theft:
important information is
accidentally deleted, Data theft is the illogical
damage, or becomes copying or stealing of
unusable. information from a person
or organization.
REASONS OF DATA
REASONS OF DATA THEFT:
LOSS:
1.Hacking
1. Human Error
2. Hardware Failure 2.Phishing

3. Software Corruption 3.Physical Theft

4. Natural Disasters
4.Inside Theft
5. No Backups
5.Weak security

Presentation Title
 .
Ransomware:
Locks or encrypts
TYPES: files until a
ransom is paid

Adware: Displays
Spyware: Collects
unwanted
data secretly.
MALWAR advertisements.

E:Malicious software designed to Trojan Horse:

harm or exploit systems. Disguised as legitimate
software but performs
malicious actions.
Viruses and
Malicious Programs
VIRUES: Malicious Programs:
• Self-replicating code • Worms: Standalone
that spreads from one software that spreads
file to another. across networks.

• Rootkits: Hide
• Often requires user malicious activity by
interaction to activate gaining root access.

• Botnets: Network of
infected computers
controlled remotely.
CYBERCRIM Definition: Criminal activities carried out using
computers and the internet.

E:

Identity Theft: Online Scams:

Stealing personal Fraudulent schemes
information for to steal money or
fraud. data.

TYPES:
Financial Fraud: Hacking:
Manipulating data Unauthorized access
or systems for to systems.
financial gain.

Presentation Title
 CYBER TERRORISM
The use of internet-based
attacks to disrupt or damage
critical infrastructure for
political or ideological purposes.

Targets: Government systems, utilities, financial

markets.
Examples of Cyber Terrorism Incidents
Impact: National security risks, financial loss, public
fear

Presentation Title
 Countermeasures
Techniques or action used to prevent or respond security threats.

Cybersecurity Best Practices:

Firewalls and Encryption: User Education: Regular Software

Antivirus Protect data Prevent phishing Updates: Close
Software: Block during and social security
and detect transmission. engineering vulnerabilities.
malware. attacks.
 Hardware threats refers
to risk or vulnerabilities
THREATS
that impact the physical
TO
components of a
HARDWAR computer or electronic
E system.
POWER POWER SURGES:

RELATED • Voltage spikes that exceed normal levels

can damage sensitive electronic
THREATS: components.
POWER OUTAGES:

• Sudden loss of power can result in data

corruption, system crashes and potential
hardware failure
VOLTAGE FLUCTUATIONS
• Fluctuating power levels can cause instability
in the system leading to malfunction or
permanent damage overtime.
HARDWARE
DAMAGE:
Environmental Mechanical
condition: Failures:
Extreme Wear and tear from
temperatures, prolonged use poor
humidity or exposure maintenance or
to dust and moist accidental
can damage drops/spills can
hardware. cause damage to
hardware.

MITIGATIONS FOR HARDWARE DAMAGE:

• ENVIRONMENTAL CONTROL
• SURGE PROTECTION
• REGULAR MAINTENANCE
 HARDWARE LOSS
Hardware loss refers to the
unintentional or accidental
misplacement , theft or destruction
of physical computing devices and
components resulting in their
unavailability unaccessibility or
permanent removal from service.

MITIGATIONS FOR HARDWARE LOSS:

• REGULAR BACKUPS
• DEVICE TRACKING
• ENCRYPTION

Presentation Title
SYSTEM
FAILURE:
System Failure means a situation where a computer system, software, or hardware
stops working correctly or completely crashes.

CAUSES:
1. SOFTWARE BUGS.
2. HARDWAREMALFUNCTIONS
3. POWER PROBLEMS
4. OVERLOAD
5. CYBERATTACKS
6. DATA LOSS
7. SECURITY RISKS
8. FINANCIAL LOSS
 UNAUTHORIZED ACCESS
Unauthorized access and use in software refer to situations where someone enters
systems, networks, or data without permission.

DATA PRIVACY FINANCIAL SYSTEM

THEFT. VIOLATIONS LOSS DAMAGE

CAUSES
 NATURAL DISASTERS
Such as floods, fires, earthquakes, or other natural events, can impact software
and computer systems by damaging physical infrastructure and disrupting
operations.
THREATS

DATA LOSS: System Security Financial Communicatio

Important data Downtime: Risks: Security Loss: n Disruption:
may be lost if Disasters can may be High costs may Network issues
systems are cause power weakened during arise from during disasters
damaged. outages, making a disaster, recovering data, can make it
software leading to repairing difficult for
temporarily unauthorized systems, and teams to access
unavailable. access. resuming software and
operations. communicate.