Computer

System
Security

A presentation by: Eyeto Vincent

(I.T Unit)
 What is security?

A presentation by: Eyeto Vincent (I.T Unit)

 Security is the state of being free from danger or threat. It is also known
as freedom from danger or threat. For example a padlock to lock your gate
at home is a good example of security, even if you are not around maybe
busy with work or with something that requires you not being at home,
you can use a padlock to ensure you freedom from danger or anxiety

A presentation by: Eyeto Vincent (I.T Unit)

 COMPUTER SYSTEM SECURITY

Computer system security includes the development

and implementation of security countermeasures.
These include firewalls, data encryption/protection,
and biometrics.

A presentation by: Eyeto Vincent (I.T Unit)

The objective of computer system security is the
protection of information and property from theft,
corruption and other types of damage, while
allowing the information and property to remain
accessible and productive.

A presentation by: Eyeto Vincent (I.T Unit)

 SECURITY THREATS
1. Insider threats
2. Viruses and worms
3. Drive-by download attacks
4. Phishing attacks
5. Ransomware
6. Exploit kits

A presentation by: Eyeto Vincent (I.T Unit)

 1. INSIDER THREATS
An insider threat occurs when individuals close to an organization who
have authorized access to its network intentionally or unintentionally
misuse that access to negatively affect the organization's critical data or
systems.
Careless employees who don't comply with their organizations' business
rules and policies cause insider threats. For example, they may
inadvertently email customer data to external parties, click on phishing
links in emails or share their login information with others. Contractors,
business partners and third-party vendors are the source of other
insider threats.

Some insiders intentionally bypass security measures out of convenience

or ill-considered attempts to become more productive. Malicious insiders
intentionally elude cybersecurity protocols to delete data, steal data to sell
or exploit later, disrupt operations or otherwise harm the business.

A presentation by: Eyeto Vincent (I.T Unit)

 PREVENTING INSIDER
THREATS
The list of things organizations can do to minimize the risks associated with insider threats
include the following:

1. Limit employees' access to only the specific resources they need to do their jobs;
train new employees and contractors on security awareness before allowing them to access
the network.

2. Incorporate information about unintentional and malicious insider threat awareness into
regular security training.

3. Set up contractors and other freelancers with temporary accounts that expire on specific
dates, such as the dates their contracts end.

4. Implement two-factor authentication, which requires each user to provide a second piece
of identifying information in addition to a password.

5. Install employee monitoring software to help reduce the risk of data breaches and the
theft of intellectual property by identifying careless, disgruntled or malicious insiders.

A presentation by: Eyeto Vincent (I.T Unit)

 2. VIRUSES AND WORMS
Viruses and worms are malicious software programs (malware) aimed at
destroying an organization's systems, data and network. A computer virus is a
malicious code that replicates by copying itself to another program, system or
host file. It remains dormant until someone knowingly or inadvertently
activates it, spreading the infection without the knowledge or permission of a
user or system administration.

A computer worm is a self-replicating program that doesn't have to copy itself

to a host program or require human interaction to spread. Its main function is
to infect other computers while remaining active on the infected system.
Worms often spread using parts of an operating system that are automatic
and invisible to the user. Once a worm enters a system, it immediately starts
replicating itself, infecting computers and networks that aren't adequately
protected.

A presentation by: Eyeto Vincent (I.T

Unit)
 PREVENTING VIRUSES AND
WORMS
To reduce the risk of these types of information security threats caused
by viruses or worms, companies should install antivirus and
antimalware software on all their systems and networked devices and
keep that software up to date. In addition, organizations must train
users not to download attachments or click on links in emails from
unknown senders and to avoid downloading free software from
untrusted websites. Users should also be very cautious and they
shouldn't click on ads, particularly ads from unfamiliar brands and
websites.

A presentation by: Eyeto Vincent (I.T Unit)

4. DRIVE-BY DOWNLOAD ATTAC
In a drive-by download attack, malicious code is downloaded from a
website via a browser, application or integrated operating system
without a user's permission or knowledge. A user doesn't have to click on
anything to activate the download. Just accessing or browsing a website
can start a download. Cybercriminals can use drive-by downloads to
inject banking Trojans, steal and collect personal information as well as
introduce exploit kits or other malware to endpoints.

A presentation by: Eyeto Vincent (I.T

Unit)
Preventing drive-by download attacks
One of the best ways a company can prevent drive-by download attacks
is to regularly update and patch systems with the latest versions of
software, applications, browsers, and operating systems. Users should
also be warned to stay away from insecure websites. Installing security
software that actively scans websites can help protect endpoints from
drive-by downloads.

A presentation by: Eyeto Vincent (I.T Unit)

 5. PHISHING ATTACKS
Phishing attacks are a type of information security threat that employs social
engineering to trick users into breaking normal security practices and giving up
confidential information, including names, addresses, login credentials, Social Security
numbers, credit card information and other financial information. In most cases,
hackers send out fake emails that look as if they're coming from legitimate sources,
such as financial institutions, eBay, PayPal -- and even friends and colleagues.

In phishing attacks, hackers attempt to get users to take some recommended action,
such as clicking on links in emails that take them to fraudulent websites that ask for
personal information or install malware on their devices. Opening attachments in
emails can also install malware on users' devices that are designed to harvest sensitive
information, send out emails to their contacts or provide remote access to their
devices.

A presentation by: Eyeto Vincent (I.T Unit)

 PREVENTING PHISHING ATTACKS
Enterprises should train users not to download attachments or
click on links in emails from unknown senders and avoid
downloading free software from untrusted websites.

A presentation by: Eyeto Vincent (I.T Unit)

 7. RANSOMWARE
In a ransomware attack, the victim's computer is locked, typically by
encryption, which keeps the victim from using the device or data that's
stored on it. To regain access to the device or data, the victim has to pay
the hacker a ransom, typically in a virtual currency such as Bitcoin
(Crypto-currency). Ransomware can be spread via malicious email
attachments, infected software apps, infected external storage devices
and compromised websites.

A presentation by: Eyeto Vincent (I.T Unit)

 PREVENTING RANSOMWARE
To protect against ransomware attacks, users should regularly back up
their computing devices and update all software, including antivirus
software. Users should avoid clicking on links in emails or opening
email attachments from unknown sources. Victims should do
everything possible to avoid paying ransom. Organizations should also
couple a traditional firewall that blocks unauthorized access to
computers or networks with a program that filters web content and
focuses on sites that may introduce malware. In addition, limit the
data a cybercriminal can access by segregating the network into
distinct zones, each of which requires different credentials.

A presentation by: Eyeto Vincent (I.T Unit)

 8. EXPLOIT KITS
An exploit kit is a programming tool that enables a person without any
experience writing software code to create, customize and distribute
malware. Exploit kits are known by a variety of names, including
infection kit, crimeware kit, DIY attack kit and malware toolkit.
Cybercriminals use these toolkits to attack system vulnerabilities to
distribute malware or engage in other malicious activities, such as
stealing corporate data etc.

A presentation by: Eyeto Vincent (I.T Unit)

 PREVENTING EXPLOIT KITS
To guard against exploit kits, an organization should deploy
antimalware software as well as a security program that
continually evaluates if its security controls are effective and
provide protection against attacks. Enterprises should also install
anti-phishing tools because many exploit kits use phishing or
compromised websites to penetrate the network.

A presentation by: Eyeto Vincent (I.T Unit)

A presentation by: Eyeto Vincent (I.T Unit)