The document discusses computer security threats, defining what constitutes a threat and outlining various types, including malware, spyware, and DDoS attacks. It provides a historical timeline of significant computer viruses and attacks, highlighting the evolution of threats from the 1970s to the early 2000s. It concludes with prevention strategies, emphasizing the importance of securing networks and data through methods like firewalls, antivirus software, and regular updates.

1. Computer
Security Threats
& Prevention
By: M.Jawad & Adnan

3. What is a Threat?
In computer security a threat is a possible
danger that might exploit a vulnerability to
breach security and thus cause possible harm.
A threat can be either "intentional" (i.e.,
intelligent; e.g., an individual cracker or a
criminal organization) or "accidental" (e.g., the
possibility of a computer malfunctioning, or the
possibility of a natural disaster such as an
earthquake, a fire, or a tornado) or otherwise a
circumstance, capability, action, or event

4. History of computer security
threats.
 1986 The first virus for PCs
The first virus for IBM PCs, Brain, was written by two
brothers in Pakistan, when they noticed that people
were copying their software. The virus put a copy of
itself and a copyright message on any floppy disk
copies their customers made.
 1971 The first worm
Bob Thomas, a developer working on ARPANET, a
precursor to the Internet, wrote a program called
Creeper that passed from computer to computer,
displaying a message.

5.  1988 The Internet Worm
Robert Morris, a 23-year-old student, released a
worm on the US DARPA Internet. It spread to
thousands of computers and, due to an error, kept
re-infecting computers many times, causing them to
crash.
 1999 Email viruses
Melissa, a virus that forwards itself by email, spread
worldwide. Bubbleboy, the first virus to infect a
computer when email is viewed, appeared.
 2000 Denial-of-service attacks
“Distributed denial-of-service” attacks by hackers
put Yahoo!, eBay, Amazon and other high profile
websites offline for several hours.
Love Bug became the most successful email virus
yet.

6. Threats and their types
There are so many types of threats but we will discus here today about
software threats.
 Malware
 Trojans
 Virus
 Firewall breech
 Computer Policy Disturbance
 Bugs and Flaws
 Adware
 Backdoors
 Email Trojans
 DDOS
 Cookies
 Keylogging
ect….

7. Definitions and theory
 Virus:
Perhaps the most well known computer
security threat, a computer virus is a program written
to alter the way a computer operates, without the
permission or knowledge of the user. A virus
replicates and executes itself, usually doing damage
to your computer in the process.
 Spyware:
A serious computer security threat, spyware is
any program that monitors your online activities or
installs programs without your consent for profit or to
capture personal information.

8.  Backdoors:
A backdoor Trojan allows someone to
take control of another user’s computer via the
internet without their permission.
A backdoor Trojan may pose as legitimate
software, just as other Trojan horse programs.
 Cookies:
Cookies are fi les on your computer that
enable websites to remember your details.
When you visit a website, it can place a fi le
called a cookie on your computer. This enables
the website to remember your details and track
your visits. Cookies can be a threat to
confidentiality, but not to your data.

9.  DDOS (Denial-of-service attack):
A denial-of-service (DoS) attack prevents
users from accessing a computer or website. In
a DoS attack, a hacker attempts to overload or
shut down a computer, so that legitimate users
can no longer access it. Typical DoS attacks
target web servers and aim to make websites
unavailable. No data is stolen or compromised,
but the interruption to the service can be costly
for a company.
 Email Trojans:
Many of the most prolific viruses distribute
themselves automatically by email. Typically,
email-aware viruses depend on the user
double-clicking on an attachment.
This runs the malicious code, which will then mail
itself to other people from that computer.

10.  Boot Sector Malware:
When you turn on a computer, the hardware
looks for the boot sector program, which is usually on
the hard disk (but can be on a CD/DVD or
FlashDrive), and runs it. This program then loads the
rest of the operating system into memory.
Boot sector malware replaces the original boot
sector with its own, modified version (and usually
hides the original somewhere else on the hard disk).
The next time you start up, the infected boot sector is
used and the malware becomes active.
 Autorun worm:
Autorun worms are malicious programs that
take advantage of the Windows AutoRun feature.
They execute automatically when the device on
which they are stored is plugged into a computer.

11.  Keylogging:
Keylogging is the proces of secretly
recording keystrokes by an unauthorized
third party. Keylogging is often used by
malware to steal usernames, passwords,
credit card details and other sensitive data.

12. Threats Ratio
Statics and Reports from all
over the Globe. (2013)

13. Targeted operating systems and softwares

14. By countries

15. Computer Infection level TOP 20

16. World Map

17. Prevention
Identify your weaknesses. Like a fort that surrounds a castle, your protection is
only as strong as your weakest point. Review how your company and your clients
access your network. Make sure every entry point is secured with passwords and
encryption.
Install anti-virus software on your computers. Many Internet service providers
supply these with your agreement. But if they don’t, invest in an anti-virus
program to prevent malware attacks on your system.
Install perimeter security solutions. There are three types of network perimeter
security:
1) Firewall – Prevents unauthorized Internet users from accessing your private
network via the Internet
2) Intrusion Detection System – Monitors and reports on threats to your network
3) Intrusion Prevention Program – Stops threats as well as reports on them

18. Use a spam filter. You can either install spam filtering
software on your computer or network server, buy a
dedicated appliance or outsource spam filtering to
an online service provider. The software option is
typically more budget-friendly, but online services
may be more effective and more suitable for higher
volumes of emails.
Backup your important data. Identify the vital data
you need to protect - accounting information,
business plans, customer databases, vendor
information, marketing documents, etc. Then,
choose from offline and online data backup
solutions to ensure the security and availability of
your critical business information. Set a backup
schedule and test your solutions regularly.

19. Encrypt your files, hard drives and backup disks. By
encrypting your hardware and data, only people with
a valid password will have access. It’s a necessary step.
Set up a virtual private network (VPN). By creating a
VPN, team members working from home or on the road
using Wi-Fi in public won’t be exposing your business to
security threats.
Automate security updates. By enabling auto updates,
your computer will always have the most recent form of
software and anti-virus programs installed.
Restrict total access. Don’t give all team members
universal access to every part of your network. Protect
sensitive files and databases with passwords that only
your key people know.

20. Monitor network traffic. Install software or
hardware that keeps an eye on who’s visiting
which sites and which of your computers
they’re using.
Review your security periodically. Stay aware of
new security threats and improved solutions by
visiting your security software/service vendor
websites. As your business grows, you may need
to take new security measures.
Don’t host your business website. Consider using
a website hosting service that will take care of
your website’s security needs and provide
redundancy, which will allow your website to be
properly restored if attacked.

21. Add example video from
YouTube

22. Web and Document
References
 Wikipedia
 Kaspersky Lab
 Kaspersky Security Bulletin (2013)
 Security Magazine (2013)
 Webroot
 Sophos
 Norton
 ESET NOD 32
 Securelist
 Youtube