slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Computer Security Risks PowerPoint Presentation
Download Presentation
Computer Security Risks

Loading in 2 Seconds...

play fullscreen
1 / 59

Computer Security Risks - PowerPoint PPT Presentation

  • Uploaded on

Computer Security Risks. What is a computer security risk ? Any event or action that could cause a loss of or damage to a computer system (hardware, software, data, information, or processing capability). Computer Security Myths.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

Computer Security Risks

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
    Presentation Transcript
    computer security risks
    Computer Security Risks
    • What is a computer security risk?
      • Any event or action that could cause a loss of or damage to a computer system (hardware, software, data, information, or processing capability)
    computer security myths
    Computer Security Myths
    • Myth 4: I can protect my PC if I disconnect from the Internet or turn it off when not using it.
    • Myth 5: Mac & Linux computers are safe from viruses/attacks.
    • Myth 6: Security threats only come from outside your network or company.
    • Myth 1: I have anti-virus software so my PC wont get infected.
    • Myth 2: Anti-virus software protects against spyware.
    • Myth 3: My network is behind a firewall, I am safe from hackers.
    • Myth 7: Cellphones and other mobile devices aren’t susceptible to viruses and other security risks.
    computer security risks 1
    Computer Security Risks
    • A cybercrime is an online or Internet-based illegal act.
    • An example of cybercriminals include:
    computer security risks hackers
    Computer Security Risks: Hackers
    • The term hacker was originally used for people that write code (programmers) and other computer enthusiasts.
      • Later adapted to people that crack the security of computer systems.
    • Methods of Attack:
      • Malware
      • Key-logging
      • Packet-sniffing
      • Port-scanning
      • DoS (denial of service)
      • Social engineering
      • Dumpster diving
    computer security risks malware
    Computer Security Risks: Malware
    • What is a Malware?
      • Short for malicious software.
      • Software designed for a malicious purpose.
      • Used to intrude or damage a computer system.
    • Examples of Malware:
      • Viruses, Worms, Trojans
      • Rootkit
      • Spyware
    attacks viruses
    Attacks: Viruses
    • Virus
      • A program that attaches itself to a file.
      • Spreads to other files, and delivers a destructive

    action called a payload.

    • Trojan Horse
      • Appears to be a harmless program.
      • When they run, install programs on the computer that can be harmful.
      • Used to open a backdoor for hackers to gain control of your computer.
    • Worms
      • Acts as a free agent, replicating itself numerous times in an effort to overwhelm systems.
    attacks spyware
    Attacks: Spyware
    • Spyware
      • A program that is installed on your computer without your knowledge or consent.
      • Their purpose is to collect information about you.
      • They can be a pain!
        • Keep you from visiting certain sites
        • Very difficult to remove.
      • Anti-spyware programs indentify and remove spyware programs from your computer.
    • Adware
      • A program that displays online advertisements.
    attacks viruses 1
    Attacks: Viruses
    • How can a virus spread?
      • Using infected removable media.
        • USB flash-drives, CDs/DVDs, floppy disks.
      • From the Internet.
        • Downloading an infected file or program.
        • File sharing networks.
        • Websites that contain harmful script.
      • Through email attachments.
    attacks viruses 3
    Attacks: Viruses
    • An infected computer has one or more of the following symptoms:
    preventing virus attacks
    Preventing Virus Attacks
    • An anti-virus program is software that identifies and removes viruses.
      • This software looks for a virus signature,

    which is a specific pattern of virus code.

      • Also called a virus definition.
    internet and network attacks 1
    Internet and Network Attacks
    • A denial of service attack (DoS attack) disrupts computer and network communications.
      • A computer system or network is bombarded with so many requests, such that it cannot handle legitimate requests and eventually renders it useless.
      • Usually disrupts the computer or network’s access to the Internet.
      • Distributed DoS (DDoS).
    • A botnet is a group of compromised computers connected to a network.
      • A compromised computer is known as a zombie.
    • A back dooris a program or set of instructions in a program that allow users to bypass security controls.
      • It is simply a security hole or exploit that allows access to a computer system.
    attacks phishing
    Attacks: Phishing

    Scam in which a perpetratorsends an official looking

    e-mail and/or uses a fake website in an attemptto obtain your personal and financial information.

    What is phishing?

    internet and network attacks 2
    Internet and Network Attacks
    • Spoofingis a technique used by intruders to make their network or Internet transmission appear legitimated.
    preventing internet and network attacks
    Preventing Internet and Network Attacks
    • A firewall is a security system consisting of hardware and/or software that protects a network and computer from intrusion.
    preventing internet and network attacks 1
    Preventing Internet and Network Attacks
    • What is a honeypot?
      • A trap set to detect and counteract network intrusions.
      • Typically a vulnerable computer that is set up to entice an intruder to break into it.
      • A honeynet is two or more honeypots setup on a network.
    unauthorized access and use 1
    Unauthorized Access and Use
    • Organizations take several measures to help prevent unauthorized access and use.
      • Acceptable use policy
      • User policies and privileges
      • Firewalls
      • Intrusion detection software
    unauthorized access and use 2
    Unauthorized Access and Use
    • Makestronger passwords.
      • Longer passwords provide greater security.
      • Mix letters (uppercase and lowercase), numbers, and symbols.
    unauthorized access and use 3
    Unauthorized Access and Use
    • A possessed object is any item that you must carry to gain access to a computer or computer facility.
      • Often are used in combination with a personal identification number(PIN).
      • Smartcards contain embedded circuitry that allow it to process data.
        • Provide greater security.
    unauthorized access
    Unauthorized Access
    • Tips for protecting your computer:
      • Disable file and printer sharing on Internet connection

    File and printer sharing turned off

    unauthorized access and use 4
    Unauthorized Access and Use
    • A biometric deviceauthenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer.
    • Facial Recognition
      • Uses mathematical technique to measure the distances between 128 points on the face.
    • Retinal Scanner
      • Analyzes the pattern of blood vessels at the back of the eye.
    unauthorized access and use 5
    Unauthorized Access and Use
    • Digital forensicsis the discovery, collection, and analysis of evidence found on computers and networks.
    • Many areas use digital forensics
    hardware theft and vandalism 1
    Hardware Theft and Vandalism
    • To help reduce the of chances of theft, companies and schools use a variety of security measures
    software theft
    Software Theft
    • Software theft occurs when someone:
    software theft 1
    Software Theft
    • A single-user license agreementtypically contains the following conditions:
    software theft 2
    Software Theft
    • There are some safeguards against software theft:
    information theft
    Information Theft
    • Information theft occurs when someone steals personal or confidential information.
      • Financial Information
        • Banking information, credit cards, e-cash, etc..
      • Personal Information
        • SSN, medical info, occupational info, etc…
      • Business & Government Information
        • Top-secret military information
        • Industrial secrets
    • Identity Theft is the criminal act of using stolen information about a person to assume that person’s identity.
      • In 2008, over 10 million people were affected (22% increase over 2007).
    information theft 1
    Information Theft
    • What is encryption?
      • The process of converting readable data (plaintext) into unreadable characters (ciphered text).
      • A safeguard against information theft.
      • An encryption key is a mathematical formula used to convert data into ciphered text.
      • To read the data, the recipient must decipher or decrypt the data.
    information theft 2
    Information Theft
    • Example of an encrypted file:
    information theft 4
    Information Theft
    • How to encrypt files & folders in Windows Vista & Windows 7:
      • Right-click the folder or file you want to encrypt, and then click Properties.
      • Click the Advanced button.
      • Select the Encrypt contents to secure datacheck box, and then click OK.

    *** To decrypt the folder, just remove the check from the checkbox.

    information theft 5
    Information Theft
    • What is BitLocker Drive Encryption in Windows?
      • Software used to encrypt an entire hard drive.
      • Helps keep data safe in the event your computer is lost, stolen, or intruded by a hacker.
    information theft 6
    Information Theft
    • How to encrypt files & folders in MAC OS X:
    information theft 7
    Information Theft
    • A digital signatureis an encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the sender.
      • Often used to ensure that an impostor is not participating in an Internet transaction.
      • Used to authenticate the source of messages.
    • A certificate authority (CA)is a company or organization thatissues and authorizes digital certificates.
      • These certificates contain a digital signature and the issuing CA.
    information theft 8
    Information Theft
    • What is Secure Sockets Layer (SSL)?
      • Provides encryption for all data that passes between client and Internet server.
      • Web addresses begin with “https” to indicate secure connections.
    information privacy
    Information Privacy

    What is a cookie?

    Small file on your computer that contains data about you

    Some Web sites sell or trade information stored in your cookies

    Set browser to accept cookies, prompt you to accept cookies, or disable cookies

    User preferences

    How regularly you visit Web sites

    Interests and browsing habits

    information theft 9
    Information Theft
    • Are cookies a security risk?
      • First party cookies
        • Usually don’t contain information that present a risk to your privacy.
        • They contain data like your username, preferences, shopping cart products, info about your visit to their website.
        • The information is only for their website and contains no data about previous websites.
        • Disabling these may keep you from viewing many websites.
      • Third part cookies
        • These contain information that present a risk to your privacy.
        • They collect information about the websites you visit, web searches, and other private information, which can be sold to companies.
        • You should disable these!
    surfing anonymously
    Surfing Anonymously
    • Surfing the Web anonymously means your browsing habits and identity is hidden from “snoopers”.
    • You need to use a Web proxy.
      • A Web proxy is a Web server or service that acts like a middle-man for all communications between your browser and the websites you visit.
      • Also called an anonymizer.
      • Besides hiding your IP address, a good proxy will remove traffic such as cookies, pop-ups, and scripts.
      • Make sure the proxy you chose uses SSL or TLS security measures for transmitting your information.
      • Best Commercial Anonymizers:
        • Anonymizer
        • Ghostsurf
      • Free Anonymizer:
        • The Cloak
    surfing anonymously 1
    Surfing Anonymously
    • Beware of false protection!
    • There are several risks involved with using a proxy:
      • They do not protect you from Internet threats
      • The proxy may be harvesting your information to provide to companies.
      • Personal information (usernames, passwords, PINs, etc…) may be leaked or used by the proxy’s administrator for their own malicious purposes.
    information privacy security
    Information Privacy & Security
    • Preventing information theft and violations to privacy requires a few security measures.
      • Use of encryption for important information.
      • Keep operating system and all programs up-to-date.
      • Surf the Web anonymously.
    system failure
    System Failure
    • A system failure is the prolonged malfunction of a computer.
    • A variety of factors can lead to system failure, including:
      • Aging hardware.
      • Natural disasters.
      • Errors in computer programs.
      • Electrical power problems
        • noise – unwanted electrical signals.
        • undervoltages– a drop is electrical supply.
        • overvoltages– a significant increase in electrical power.
    system failure 1
    System Failure
    • Protection against system failures caused by electrical disturbances:
      • A surge protectorprovides protection from an overvoltage that can destroy a computer and other electronic equipment.
      • An uninterruptable power supplies(UPS) is a surge protector that provides power during a power loss.
    backing up the ultimate safeguard
    Backing Up – The Ultimate Safeguard
    • A backup is a duplicate of a file, program, or disk that can be used if the original is lost, damaged, or destroyed
      • To back upa file means to make a copy of it
    • Offsite backups are stored in a location separate from the computer site

    Cloud Storage

    wireless security
    Wireless Security
    • Wireless access poses additional security risks.
      • About 80 percent of wireless networks have no security protection.
    • War Driving
      • Driving through neighborhoods with a wireless notebook or handheld computer looking for unsecured Wi-Fi networks.
    wireless security 1
    Wireless Security
    • In additional to using firewalls, some safeguards to improve security of wireless networks:
    ethics and society 1
    Ethics and Society
    • Computer ethicsare the moral guidelines that govern the use of computers and information systems
    • Information accuracy is a concern
      • Not all information on the Web is correct
    fun thought
    Fun Thought…

    Is the problem ignorance or apathy?

    I don’t know and I don’t care.

    the end
    The End…

    The Last Lecture…HOORAY!!!

    for more information
    For More Information…
    • Guard Privacy & Online Security
      • Lots of really good information about privacy and online security.
    • Gibson Research Corporation
      • Some tools to protect your computer.