3. ETHICAL ISSUES
Ethics in society holds each person responsible for
his or her actions. Each person is accountable for
everything he or she does. If anything that is
illegal or immoral in the real world it is illegal in
the computer world too. IT and computer
personnel often have access to much confidential
data and knowledge about individuals and
companies networks and system that give them a
great deal of information. This raises ethical
questions.
4. Such As:
• SHOULD YOU READ THE PRIVATE E-MAIL OF
YOUR NETWORK USERS JUST BECAUSE YOU
HAVE THE ACCESS?
• IS IT RIGHT TO MONITOR THE WEBSITES
VISITED BY NETWORK USERS?
5. Security Issue
• Security issues related to computerized system involves
protecting all parts of the computer system. This
includes data, the software and the hardware.
• The abuse of computers has also given birth to a new
ages crimes that are addressed by the Information
Technology act, 2000. Defining cyber crimes as “acts
that are punishable by the information technology act”
would be unsuitable as the Indian penal code also
covers many cyber crimes, such as email spoofing and
cyber deformation, sending threatening e mail etc. .
6. Security Threats
• A network security threat is any potentially adverse
occurrence that can harm or interrupt the systems
using the network, or cause a monetary loss to an
organization.
• Once the threats are identified they are then ranked
according to their occurrence.
• For example, the average cost to clean up a virus that
slips through a security system and infects an average
number of computers is $150,000/virus
7. Types of Threats
•
Fabrication
– An unauthorized party inserts counterfeit objects
into the system
– Attack on authenticity
– Insertion of spurious messages in a network
– Addition of records to a file
8. • Interruption
– An asset of the system is destroyed of becomes
unavailable or unusable
– Attack on availability
– Destruction of hardware
– Cutting of a communication line
– Disabling the file management system
9. • Interception
– An unauthorized party gains
access to an asset
– Attack on confidentiality
– Wiretapping to capture data in a
network
– Illicit copying of files or
programs
10. • Modification
– An unauthorized party not only gains
access but tampers with an asset
– Attack on integrity
– Changing values in a data file
– Altering a program so that it performs
differently
– Modifying the content of messages
being transmitted in a network
11. • Disruptions are the loss or reduction in network
service.
• Some disruptions may also be caused by or result
in the destruction data.
• Natural (or manmade) may occur that destroy
host computers or large sections of the network is
often viewed as hackers gaining access to
organizational data files and resources. However,
most unauthorized access incidents involve
employees.
13. HACKING
Hacking is the gaining of access(wanted or
unwanted) to a computer and viewing,
copying, or creating data(leaving a trace)
without the intention of destroying data or
maliciously harming the computer. Cases of
hacking reported in 2011 was 157 and
reported in 2012 was 435 thereby % variation
in increase in cases over 2011 is 177.1%
16. SPAM
Email spam, also known as junk
email or unsolicited bulk email (UBE), is a subset
of electronic spam involving nearly identical
messages sent to numerous recipients by email.
Clicking on links in spam email may send users
to phishing web sites or sites that are
hosting malware. Spam email may also include
malware as scripts or other executable file
attachments. Definitions of spam usually include the
aspects that email is unsolicited and sent in bulk.
17. A HISTORICAL ARTIFACT: THE FIRST SPAM
The first spam, (sent to Usenet news groups, not to email accounts, BTW). It was
sent by lawyers… Grr!
From: Laurence Canter (nike@indirect.com)
Subject: Green Card Lottery- Final One?
Newsgroups: alt.brother-jed, alt.pub.coffeehouse.amethyst
View: Complete Thread (4 articles) | Original Format
Date: 1994-04-12 00:40:42 PST
Green Card Lottery 1994 May Be The Last One!
THE DEADLINE HAS BEEN ANNOUNCED.
The Green Card Lottery is a completely legal program giving away a certain annual
allotment of Green Cards to persons born in certain countries. The lottery
program was scheduled to continue on a permanent basis. However, recently,
Senator Alan J Simpson introduced a bill into the U. S. Congress which could end
any future lotteries. THE 1994 LOTTERY IS SCHEDULED TO TAKE PLACE SOON, BUT
IT MAY BE THE VERY LAST ONE. [continues]
18. Ankit Fadia
The author of The
Unofficial Guide to
Ethical Hacking Said “ I
could hack a stateowned bank’s website
or government
communications
website which shows
the vulnerability,
thousands of Indian
websites are being
hacked each day”.
19. SECURITY MEASURES AND
TECHNIQUES
Encryption- Encryption is the process of making information
indecipherable to protect it from unauthorized viewing or use,
especially during transmission or when it is stored on a
transportable magnetic medium.
• Encryption is usually based on a key without which the
information cannot be decoded or decrypted.
• Someone intercepting it may not be able to understand or
misuse it.
• Institute of standards and technology has created an extremely
complex encryption standard called DES(Data Encryption
Standard) that provides virtually unlimited ways to secure
computer files.
20. ACCESS CONTROL
• Access to computer systems should be physically controlled by
use of measures like entry passes and ID cards being checked
by security staff.
• Authorization is the act of granting the permission to a person
or a group or a programme so that the required activity can be
done.
• Common means used to restrict access to computer systems
and sensitive file is a password.
21. Users must not display there passwords at easily accessible places.
System developers must ensure that passwords are never displayed
on a screen.
Password should also not be printed on reports. Password should to
be held in in the system in an encrypted form, so that even if someone
reaches the password table/file, all that be seen is garbage.
System developers must ensure that short passwords are not
permitted.
System administrators must deactivate the usernames/passwords
of employees who have resigned, have retired, have been transferred
or have departed for any reason.
22. PROECTION FROM VIRUSES
A computer virus is a programme that infects computer files and
runs executable programmes by inserting in those files copies of it.
This is usually done in such a manner that the copies will be
executed when the file is loaded into memory.
A virus cannot exist by itself It infects an executable file.
When the file is executed, the virus gets transmitted.
Virus spreads through CDs, pendrive, local area network and intenet.
23. FIREWALL
A Firewall is a barrier to keep destructive forces away from a system.
Its job is similar to physical firewall that keeps a fire spreading from one
area to another.
A firewall is simply a programme or a hardware device that filters the
information coming through the internet connection into a computer
system.
Firewalls can be implemented in both hardware and software or a
combination of both.
Firewalls are frequently used to prevent unauthorized internet
from accessing private networks connected to internet.
users
24. ADULT TRIAL
Adult Trial is a means of tracing all activities affecting a piece of
information such as data recorded from a time in enters the system
from the time in enters the system to the time it leaves.
An adult trial documents the path from input to output and should
provide information to reconstructed or verify the entire sequence
either manually or through automated tracking procedures.
Adult trial can often be used to identify the cause, timing and location
of security breaches.
