DATA SECURITY AND

VIRUSES
Computer Security Risk
 A computer security risk is any event or action that could cause a loss
of or damage to computer hardware, software, data, information, or
processing capability.
 While some breaches to computer security are accidental, many are
intentional.
 An intentional breach of computer security often involves a deliberate
act that is against the law. Any illegal act involving a computer
generally is referred to as a computer crime.
Computer crime / Cybercrime
 Cybercrime, also called computer crime, the use of a computer as an
instrument to further illegal ends, such as committing fraud , intellectual
property , stealing identities or violating privacy.
 Cybercrime that uses computer to commit other crimes may involve
using computers or networks to spread malware, illegal information or
illegal images.
 The term cybercrime refers to online or Internet-based illegal acts.
Software intellectual property
 Software intellectual property, also known as software IP, is a computer code
or program that is protected by law against copying, theft, or other use that is
not permitted by the owner.
 Software IP belongs to the company that either created or purchased the
rights to that code or software.
PHISHING IDENTITY THEFT

EXAMPLES

MALWARE BANK FRAUD

Categories
Perpetrators of cybercrime and other intrusions fall into seven basic categories
1. Hacker
2. Cracker
3. Script kiddie
4. Corporate spy
5. Unethical employee
6. Cyberextortion
7. Cyberterrorist
Hackers
 The term hacker, refers to someone who accesses a computer or
network illegally. Some hackers claim the intent of their security
breaches is to improve security.
Cracker
 A cracker also is someone who accesses a computer or network
illegally but has the intent of destroying data, stealing information, or
other malicious action. Both hackers and crackers have advanced
computer and network skills.
Script kiddie
 A script kiddie has the same intent as a cracker but does not have the
technical skills and knowledge. Script kiddies often use prewritten
hacking and cracking programs to break into computers.
Corporate spies
 Some corporate spies have excellent computer and networking skills
and are hired to break into a specific computer and steal its proprietary
data and information.
Unethical employees
 Unethical employees Unethical employees break into their employers’
computers for a variety of reasons. Some simply want to exploit a
security weakness. Others seek financial gains from selling confidential
information. Disgruntled employees may want revenge.
Cyberextortion
 A cyberextortion is someone who uses e-mail as a vehicle for extortion.
Cyberextortion is an online crime in which hackers hold your business
data hostage or disable your websites or computer systems until you pay
a ransom.
Cyberterrorist
 A cyberterrorist is someone who uses the internet or network to destroy or
damage computers for political reasons. The cyberterrorist might target the
nation’s air traffic control system, electricity-generating companies, or a
telecommunications infrastructure. Cyberterrorism usually requires a team of
highly skilled individuals, millions of dollars, and several years of planning.
Effects
 Cyber threats are a big deals. Cyber attacks can cause breaches of national
security secrets. They can result in the theft of valuable, sensitive data like
medical records.
 Cybercrime leads to higher risks such as cyberbullying, sexual solicitation, and
child pornography, which results in negativity in youth
Types Of Cybercrimes
 Email and internet fraud.
 Identity fraud (where personal
information is stolen and used).
 Illegal gambling.
 Cyberextortion (demanding money to
prevent threatened attack).
 Cyberespionage (where hackers access
government or company data).
Classification of cybercrime
 Cybercrime against individual
• Email spoofing, spamming,
• cyber defamation, Harassment & stalking
 Cybercrime against companies and organization
• Unauthorized accessing of computer
• computer contamination, virus attack
 Cybercrime against government
• The biggest threat of government regarding cybercrime is the loss of data of
their government information which is in high demand, local government
have dedicated cybersecurity expert; they relay on their IT teams to ensure
security.
Cybercrime against society
 Web jacking
 Cyber terrorism
 Online shopping scam
 Identity theft
 Passwords attack
Preventions of cyber crime
 Use strong passwords
 Secure your computers, protect your data and devices
 Be social- media savvy
 Install latest operating system updates
 Secure your wireless network
 Protect your e-identity
 Avoid being scammed
 Lock or log off your computer when you step away
 Take advantage of security settings
 Using antivirus software
 Never Give Out Personal Information To a Stranger
Data security
 Data security is the process of maintaining the confidentiality, integrity, and
availability of an organization’s data in a manner consistent with the
organization's risk strategy.
 Data security refers to protecting your data against unauthorized access or use
that could result in exposure, deletion, or corruption of that data.
 Example
• Data security would be using encryption to prevent hackers from using your
data if it's breached.
Principles
Data security is based on three foundational principles
1. Confidentiality: systems and data are accessible to authorized users only.
2. Integrity: systems and data are accurate and complete
3. Availability: systems and data are accessible when they are needed
Data protection
 Data protection is the process of protecting sensitive information from damage,
loss, or corruption. As the amount of data being created and stored has increased
at an unprecedented rate, making data protection increasingly important.
Here are some benefits of data protection.
1: Protects valuable data.
2: Staying ahead of the competition.
3: Reduced costs of development.
4: Protect against hackers.
5: Prevents your website from going down.
Data protection legislation
 The data protection defines the laws that ensure data
protection. Many countries have defined the data
protection legislation.
 Data protection legislation sets out rules and standards
for the use and handling ('processing') of information
('personal data') about living identifiable individuals
('data subjects') by organizations ('data controllers’).
 It is based around the notions of principles, rights and
accountability obligations.
Main difference between data
security and data privacy
 The main difference between data security and
data privacy is that privacy is about ensuring
only those who are authorized to access the
data can do so.
 Data security is more about guarding against
malicious threats. If data is encrypted, that data
is private, but it isn't necessarily secure
PC Security
 PC Security refers to technologies used to secure PCs, laptops and other
personal devices on a network .
 PC security deals with both private and public computer networks.
 Any unauthorized and illegitimate access is restricted from infecting any virtual
information, equipment and services.
Prevent PC
• Use strong password.
• Install antiviruses to prevent viruses.
• Backup your data.
• Secure your personal information.
Security Threat
A security threat is a malicious act that aims to corrupt or steal data or
disrupt an organization's systems or the entire organization.

The main types of information security threats are:

 Malware attack.
 Social engineering attacks.
 Software supply chain attacks.
 Advanced persistent threats (APT).
 Password attacks.
Data Backup
 Data Backup is the process of making a copy of your digitized data and other
business information in case your data is damaged, deleted or lost.
 The backup copy is then used to recover or restore your data for business
continuity and disaster recovery.
 Backup applications have long offered several types of backup operations.
 The most common backup types are a full backup, incremental backup

and differential backup.

Difference Between Full, Differential and Incremental Backups

Full Incremental

Storage Space High Low

Backup Speed Slowest Fastest

Restoration Speed Fastest Slowest

Most recent full backup

Media Required for & all incremental
Most recent backup only
Recovery backups since full
backup
Computer Viruses And Worms
 Viruses and worms are malicious software programs (malware) aimed at
destroying an organization's systems, data and network.
 A computer virus is a type of malware that spreads between computers and
damages data and software.
 A computer virus is a type of malware that attaches to another program
(like a document), which can replicate and spread after a person first runs
it on their system.
 For instance, you could receive an email with a malicious attachment, open the
file unknowingly, and then the computer virus runs on your computer.
Difference Between Virus And Worm
 The primary difference between a virus and a worm is that viruses must be
triggered by the activation of their host
 Worms are stand-alone malicious programs that can self-replicate and propagate
independently as soon as they have breached the system.
Types of viruses
• Boot Sector Virus
• Trojan horse.
• Rootkit.
• Payload.
• File Infector Virus.
• Chernobyl virus.
• Logic bomb.
Boot Sector Virus
 Boot sector viruses infect the boot sector or the partition table of a disk.
Computer systems are typically infected by these viruses when started with
infected floppy disks - the boot attempt does not have to be successful for
the virus to infect the computer hard drive.

Spread
• Boot sector computer viruses are most commonly spread using
physical media. An infected floppy disk or USB drive connected to a
computer will transfer when the drive's VBR is read, then modify or
replace the existing boot code.
Trojan Horse (Trojan)
 A trojan horse (trojan) is a type of malware that disguises itself as legitimate
code or software. Once inside the network, attackers are able to carry out any
action that a legitimate user could perform, such as exporting files, modifying
data, deleting files or otherwise altering the contents of the device.
Spread
• Trojan horse might be used to infect a personal computer
• The victim receives an official-looking email with an attachment. The
attachment contains malicious code that is executed as soon as the victim
clicks on the attachment.
• File-sharing websites and fake email attachments.
Rootkit
 A rootkit is a program that hides in a computer and allows someone from a
remote location to take full control of the computer.
 Once the rootkit is installed, the rootkit author can execute programs, change
settings, monitor activity, and access files on the remote computer.
 Rootkits are classified as malware (short for malicious software), which are
programs that act without a user’s knowledge and deliberately alter the
computer’s operations.

Spread
• Rootkits can enter computers when users open spam emails and
inadvertently download malicious software.
• Rootkits also use keyloggers that capture user login information.
File Infecting Viruses
 File infecting viruses, or file infectors, generally copy their code onto
executable programs such as .COM and .EXE files.
 Most file infectors simply replicate and spread, but some inadvertently
damage host programs. There are also file infectors that overwrite host files.
Spread
• These infect program files, such as applications, games or utilities.
• They are often memory-resident, meaning that once they have been
executed they remain active in the computer's memory and can infect
more programs.
 Symptoms of computer infected by a virus
 Operating system runs much slower than usual
 Available memory is less than expected
 Files become corrupted
 Screen displays unusual message or image
 Unknown programs or files mysteriously appear
 Music or unusual sound plays randomly
 Existing programs and files disappear
 Programs or files do not work properly
 System properties change
 Operating system does not start up
 Operating system shuts down unexpectedly
Chernobyl Virus
 The famous Chernobyl virus deletes all Microsoft office files.
 It also deletes the partition information from the disk that causes a major loss
of data.
 It also corrupts the system’s BIOS.
 It destroys all computer data when an infected file is executed.
 Since many files are executed during computer use, the virus is able to
spread quickly and infect those files.
Logic Bomb
 Logic bomb is a virus that activates when certain conditions are met such as
opening a file or when certain date and time occurs.
 It is also called time bomb.
 It destroys data on the hard disk on March 06.
Computer Virus Hoax
 A virus hoax is a false warning about a computer virus. Typically, the warning
arrives in an email note or is distributed through a note in a company's internal
network.
 The message is usually a chain e-mail that tells the recipients to forward it to
everyone they know, but it can also be in the form of a pop-up window.
Botnets
 Botnet refers to a network of hijacked internet-connected devices that are
installed with malicious codes known as malware.
 Each of these infected devices is known as Bots, and a hacker/cybercriminal
known as the "Bot herder" remotely controls them.
 For example, an ad fraud botnet infects a user's PC with malicious software
that uses the system's web browsers to divert fraudulent traffic to certain online
advertisements.
Dos Attack
 "Denial of service" or "DoS" describes the
ultimate goal of a class of cyber attacks
designed to render a service inaccessible.
 The DoS attacks that most people have
heard about are those launched against high
profile websites, since these are frequently
reported by the media.
 A DoS attack is characterized by using a
single computer to launch the attack.
Backdoor Attack
 A backdoor attack is a type of
cybersecurity threat that could put
companies, websites, and internet users
at risk.
 The term covers a wide range of
common cyberattacks, targeting
everyone from individuals to
government agencies and international
corporations.
Spoofing
 Spoofing is when an attacker
impersonates an authorized device or user
to steal data, spread malware, or bypass
access control systems.

Examples
• Fake job offers,
• Fake banking-related messages,
• Fake lottery messages,
• Money refund scams
How to preventing viruses and worms
 install antivirus and antimalware software on all their systems and networked
devices and keep that software up to date.
 train users not to download attachments or click on links in emails from
unknown senders and to avoid downloading free software from untrusted
websites.
 Users should also be very cautious when they use P2P file sharing services
and they shouldn't click on ads, particularly ads from unfamiliar brands and
websites.
Antivirus
 Antivirus software is a type of program designed and developed to protect
computers from malware like viruses, computer worms, spyware, botnets,
rootkits, keyloggers and such.
 Once installed, most antivirus software runs automatically in the background to
provide real-time protection against virus attacks.
 Antivirus programs function to scan, detect and remove viruses from your
computer.
Benefits of Antivirus Software
• Detecting, blocking, and removing viruses, malware, and ransomware.
• Preventing identity theft and block phishing and fraud.
• Warning about dangerous websites and links before you click.
• Scanning the Dark Web to find if an email address has been compromised