LEARNING OUTCOMES: At the end of this topic, students should be able to: Define computer security risks. Identify types of security risks. 2
DEFINITION• Computer Security Risks is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability. 3
Types of Computer Security Risks
Types of Computer Security Risks Internet and network attack Unauthorized access and use Hardware theft Software theft Information theft System failure 5
1. Internet and network attacks• Information transmitted over networks has a higher degree of security risk than information kept on an organization’s premises.
1. Malware 5. Spoofing Internet and network attacks2. Botnets 4. Denial of service attacks 3. Back Doors 7
1a.Malware• Malware (malicious software) – which are program that act without a user’s knowledge and deliberately alter the computer operation.• Type of malware:i. Computer virusesii. Wormsiii. Trojan Horsesiv. Rootkitv. Back doorvi. Spyware
Malware Symptoms Malware• Operating system runs much slower than usual• Available memory is less than expected• Files become corrupted• Screen displays unusual message or image• Music or unusual sound plays randomly• Existing programs and files disappear 9
Malware Symptoms Malware• Programs or files do not work properly• Unknown programs or files mysteriously appear• System properties change• Operating system does not start up• Operating system shuts down unexpectedly 10
Malware 1. WormIs a program that copies itself repeatedly, forexample in memory or on a network, using upresources and possibly shutting down thecomputer or network. 11
Malware 2. Computer Virus is a potentially damaging computer programthat affects, or infects, a computer negatively byaltering the way the computer works without theuser’s knowledge or permission. 12
Malware 2. Computer Virus it can spread throughout and may damage filesand system software, including the operatingsystem. 13
Internet and network attacks Malware 3. Trojan horseIs a program that hides within or looks like alegitimate program. It does not replicate itselfto other computers. 14
Internet and network attacks Malware 3. Trojan horseit can spread throughout and may damage filesand system software, including the operatingsystem. 15
Internet and network attacks Malware 4. Rootkit•Is a program that hides in a computer and allowssomeone from a remote location to take full controlof the computer.•The rootkit author can execute programs, changesettings, monitor activity, and access files on theremote computer 16
Internet and network attacks Malware 5. Spyware & Adware• Spyware is a program placed on a computerwithout the users knowledge that secretly collectsinformation about the user.• Adware is a program that displays an onlineadvertisement in a banner or pop-up window onweb pages, e-mail messages or other internetservices 17
1b.Botnets• a group of compromised computers connected to a network such as the Internet that are used as part of a network that attacks other networks, usually for nefarious purposes.
1c.Back Door• A program or set of instructions in a program that allow users to bypass security controls when accessing a program, computer, or network
1d.Denial of Service Attacks Denial of service attacks or DoS attack, is an assault whose purpose is to disrupt computer access to an Internet service such as the Web or e-mail.
1e.Spoofing• A technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network.
2.Unauthorized Access and Use Unauthorized accessThe use of a computer or network without permission. Unauthorized useThe use of a computer or its data for unapproved or possibly illegal activities.
3.Hardware Theft and Vandalism Hardware theftIs the act of stealing computer equipment. Hardware vandalismThe act of defacing or destroying computer equipment.
4.Software Theft Steals Intentionallysoftware erases media programs IllegallyIllegally registerscopies a and/orprogram activates a program
5.Information TheftOccurs when someone steals personal orconfidential information.If stolen, the loss of information can cause asmuch damage as (if not more than) hardware orsoftware theft.
System FailureA system failure is the prolonged malfunction of acomputerA variety of factors can lead to system failure,including: • Aging hardware • Natural disasters • Electrical power problems • Noise, undervoltages, and overvoltages • Errors in computer programs