Uploaded byKnownId
PPTX, PDF86 views

Information Systems.pptx

This document provides an overview of information systems and security topics including computer security, authentication mechanisms, firewalls, computer crimes, social impacts of computers, computer viruses, worms, digital signatures and certificates. It discusses information security principles of confidentiality, integrity and availability. It also covers specific authentication mechanisms like passwords, multi-factor authentication, certificates, tokens and biometrics. Additionally, it defines what a firewall is and how it works to inspect and block unauthorized network traffic based on packet rules.

Embed presentation

Download to read offline
Information Systems and Security Introduction to Information Systems
1. Computer security 2. Authentication mechanisms 3. Firewall 4. Computer crimes 5. Social impacts 6. Computer virus 7. Worms 8. Digital signature and Certificates Module Outline
Information security • Information security, sometimes abbreviated to infosec, is a set of practices intended to keep data secure from unauthorized access or alterations, both when it's being stored and when it's being transmitted from one machine or physical location to another. • Information security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption (SANS Institute)
Information Security vs Cybersecurity Because information technology has become the accepted corporates and that means, basically, "computers and related stuff," you will sometimes see information security and cybersecurity used interchangeably. Strictly speaking, cybersecurity is the broader practice of defending IT assets from attack, and information security is a specific discipline under the cybersecurity umbrella. Network security and application security are sister practices to infosec, focusing on networks and app code, respectively. (Obviously, there's some overlap here. We can't secure data transmitted across an insecure network or manipulated by a leaky application. As well, there is plenty of information that isn't stored electronically that also needs to be protected).
Information security principles The basic components of information security are Confidentiality: Data is confidential when only those people who are authorized to access it can do so; to ensure confidentiality, need to be able to identify who is trying to access data and block attempts by those without authorization. Passwords, encryption, authentication, and defense against penetration attacks are all techniques designed to ensure confidentiality. Integrity means maintaining data in its correct state and preventing it from being improperly modified, either by accident or maliciously. Many of the techniques that ensure confidentiality will also protect data integrity—after all, a hacker can't change data they can't access—but there are other tools that help provide a defense of integrity in depth. Integrity also covers the concept of non-repudiation – ability to prove that data is maintained the integrity, especially in legal contexts. Availability is to make sure that your data can't be accessed by unauthorized users, you also need to ensure that it can be accessed by those who have the proper permissions. Ensuring data availability means matching network and computing resources to the volume of data access you expect and implementing a good backup policy for disaster recovery purposes.
Information security measures Technical measures include the hardware and software that protects data — everything from encryption to firewalls Organizational measures include the creation of an internal unit dedicated to information security, along with making infosec part of the duties of some staff in every department Human measures include providing awareness training for users on proper infosec practices Physical measures include controlling access to the office locations and, especially, data centers
Computer Security Computer security professional should know 1. Specific motive of the computer security attack 2. Malware 3. Root cause exploits 4. Cryptography and data protection 5. Networking and network packet analysis 6. Basic common defences 7. Authentication 8. Mobile threats 9. Cloud security 10.Event logging 11.Incident response 12.Education and communication
1. Specific motive of the computer security attack Computer hackers can be categories with their motive as • Financial • Nation-state sponsored/cyberwarfare • Corporate espionage (spying) • Hacktivists • Resource theft • Cheating 2. Malware There are three major types of malware: computer virus, Trojan horse, and worm. Any malware program is an amalgam of one or more of these classifications. A computer virus is a malware program that hosts itself inside of other programs, files, and in digital storage to replicate. A trojan horse is a malware program claiming to be something legitimate to trick humans into setting it in motion. A trojan horse does not self-replicate; it relies on the curiosity of humans to help it spread. A worm is a self-replicating program that uses code to spread itself. It does not need other host programs or files.
3. Root cause exploits Computer security professionals face thousands of new software vulnerabilities and millions of unique malware programs, yet only few different root cause exploits allow each of those into someone’s environment. Identify and stop the root cause exploits and we are protected from hacking and malware. Here are the ten types of root exploits: • Programming bug • Social engineering • Authentication attack • Human error • Misconfiguration • Eavesdropping / man in the middle (MitM) • Data / Network traffic malformation • Insider attack • Third-party reliance issue • Physical attack
4. Cryptography and data protection Digital cryptography is the art of making information secure against unauthorized access and modification. Every IT security professional should learn the basics of cryptography, including asymmetric encryption, symmetric encryption, hashing, and key distribution and protection. Data protection requires a lot of cryptography. Complete data protection also demands that the data be lawfully collected and used, that you guard its privacy against unauthorized access, and that you back it up securely to prevent malicious modification and to ensure availability. 5. Networking and network packet analysis It is needed to recognize the security professionals to understand networks at the packet level. They are facile with network basics such as protocols, port numbers, network addresses, layers of the OSI model, the difference between a router and a switch, and are able to read and understand what all the various fields of a network packet are used for. To understand network packet analysis is to truly understand networks and the computers that use them.
6. Basic common defences Almost every computer has common basic defences, which to be considered and applied. Understanding and using the basic common IT security defences is a must for every IT security professional. But don’t stop at simply knowing about them. Know, too, what they are good at stopping and what they fail to do. They are the “standards” of computer security which include: • Patch management • End-user training • Firewalls • Antivirus • Secure configurations • Encryption/cryptography • Authentication • Intrusion detection • Logging
7. Authentication The best security professionals understand that authentication is more than the process of putting in a valid password or satisfying a two-factor ID test. It’s much more involved than that. Authentication begins with the process of providing a unique, valid identity label for any namespace – such as the email address, user principal name, or logon name. Authentication is the processes of providing one or more “secrets” that are only known by the valid identity holder and his authentication database/service. When the valid identity holder types in the correct authentication factor(s), this proves that the authenticated user is the valid owner of the identity. Then, after any successful authentication, the subject’s attempted accesses to protected resources are examined by a security manager process known as authorization. All logon and access attempts should be documented to a log file.
8. Mobile threats There are now more mobile devices than people on the planet and most people get most of their information through a mobile device. Because humankind’s mobile prowess is only likely to increase, IT security professionals need to take mobile devices, mobile threats, and mobile security seriously. There isn't usually much difference between mobile threats and computer threats, but there are some differences. The top mobile threats include: • Mobile malware • Privacy invasion/theft • Ransomware • Phishing attacks • Spyware • Data or credential theft • Picture theft • Unsecured wireless
9. Cloud security Traditional corporate administrators no longer control the servers, services, and infrastructure used to store sensitive data and service users. Cloud infrastructures are almost always multitenant architectures, where keeping different customers' data separate can be complicated by virtualization and the recent containerization and development of microservices. Heralded by some as a way to help make security easier to do, each development usually makes the infrastructure more complex. Factors make cloud security more complex than traditional networks are: • Lack of control • Always available on the internet • Multitenancy (shared services/servers) • Virtualization/containerization/microservices
10. Event logging Year after year, the research shows that the most missed security events were right there in the log files all along, just waiting to be discovered. A good event- log system is worth taking care of the basic steps of event logging, which every IT security professional should know: • Policy • Configuration • Event log collection • Normalization • Indexing • Storage • Correlation • Baselining • Alerting • Reporting
11. Incident response Computer security professional should be ready for this with an incident response plan, which should be put into action immediately. A good incident response is essential. It can be the difference between an event that ruins the day and one that ends up in the media and tarnishes the character of the organisation. The basics of incident response include: • Respond effectively and in a timely fashion • Limit damage • Conduct forensic analysis • Identification of the threat • Communication • Limit future damage • Acknowledge lessons learned
12. Education and Communication Most threats are well known and re-occur frequently. Every stakeholder from end users to senior management needs to know the current top threats against company and what to do to stop them. Some of the threats like social engineering, can only be stopped by educating the people in the company. So the ability to communicate is often the thing that separates a secured company from a mediocre one. No matter what technical controls you deploy, every year something will make it past them. So, make sure your stakeholders are prepared. At the very least, the following items should be covered in your education program: • Significant, threats and risks against the organization • Acceptable use • Security policy • How to authenticate and what to avoid • Data protection • Social engineering awareness • How and when to report suspicious security incidents
Authentication Mechanisms What Is Authentication? Authentication is the process of identifying users that request access to a system, network, or device. Access control often determines user identity according to credentials like username and password. Other authentication technologies like biometrics and authentication apps are also used to authenticate user identity. Why Is User Authentication Important? User authentication is a method that keeps unauthorized users from accessing sensitive information. For example, User A only has access to relevant information and cannot see the sensitive information of User B. Cybercriminals can gain access to a system and steal information when user authentication is not secure. Authentication technology is always changing. Businesses have to move beyond passwords and think of authentication as a means of enhancing user experience. Authentication methods like biometrics eliminate the need to remember long and complex passwords. As a result of enhanced authentication methods and technologies, attackers will not be able to exploit passwords, and a data breach will be prevented.
Authentication Types 1. Password-based authentication 2. Multi-factor authentication 3. Certificate-based authentication 4. Token-based authentication 5. Biometric authentication
1. Password-based authentication Passwords are the most common methods of authentication. Passwords can be in the form of a string of letters, numbers, or special characters. To protect us, we need to create strong passwords that include a combination of all possible options. However, passwords are prone to phishing attacks and bad hygiene that weakens effectiveness. Very few users use different passwords across their accounts as there are a lot of passwords to remember. As a result, many people choose convenience over security. Most people use simple passwords instead of creating reliable passwords because they are easier to remember. Passwords have a lot of weaknesses and are not sufficient in protecting online information. Hackers can easily guess user credentials by running through all possible combinations until they find a match.
2. Multi-factor authentication Multi-Factor Authentication (MFA) is an authentication method that requires two or more independent ways to identify a user. Examples include codes generated from the user’s smartphone, Captcha tests, fingerprints, voice biometrics or facial recognition. MFA authentication methods and technologies increase the confidence of users by adding multiple layers of security. MFA may be a good defence against most account hacks, but it has its own pitfalls. People may lose their phones or SIM cards and not be able to generate an authentication code.
3. Certificate-based authentication Certificate-based authentication technologies identify users, machines or devices by using digital certificates. A digital certificate is an electronic document based on the idea of a driver’s license or a passport. The certificate contains the digital identity of a user including a public key, and the digital signature of a certification authority. Digital certificates prove the ownership of a public key and issued only by a certification authority. Users provide their digital certificates when they sign in to a server. The server verifies the credibility of the digital signature and the certificate authority. The server then uses cryptography to confirm that the user has a correct private key associated with the certificate. 4. Token-based authentication Token-based authentication technologies enable users to enter their credentials once and receive a unique encrypted string of random characters in exchange. Then use the token to access protected systems instead of entering credentials all over again. The digital token proves that already have access permission. Use cases of token-based authentication.
5. Biometric authentication Biometrics authentication is a security process that relies on the unique biological characteristics of an individual. Here are key advantages of using biometric authentication technologies: • Biological characteristics can be easily compared to authorized features saved in a database. • Biometric authentication can control physical access when installed on gates and doors. • Add biometrics into multi-factor authentication process. Biometric authentication technologies are used by consumers, governments and private corporations including airports, military bases, and national borders. The technology is increasingly adopted due to the ability to achieve a high level of security without creating friction for the user.
Common biometric authentication methods include: Facial recognition matches the different face characteristics of an individual trying to gain access to an approved face stored in a database. Face recognition can be inconsistent when comparing faces at different angles or comparing people who look similar, like close relatives.. Fingerprint scanners match the unique patterns on an individual’s fingerprints. Some versions of fingerprint scanners can even assess the vascular patterns in people’s fingers. Fingerprint scanners are currently the most popular biometric technology for everyday consumers, despite their frequent inaccuracies. Speaker Recognition also known as voice biometrics, examines a speaker’s speech patterns for the formation of specific shapes and sound qualities. A voice-protected device usually relies on standardized words to identify users, just like a password. Eye scanners include technologies like iris recognition and retina scanners. Iris scanners project a bright light towards the eye and search for unique patterns in the colored ring around the pupil of the eye. The patterns are then compared to approved information stored in a database. Eye-based authentication may suffer inaccuracies if a person wears glasses or contact lenses.
Firewall A firewall is software or firmware that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of rules to identify and block threats. Firewalls are used in both personal and enterprise settings, and many devices come with one built-in, including Mac, Windows, and Linux computers. They are widely considered an essential component of network security. Importance of Firewalls Firewalls are important because they have had a huge influence on modern security techniques and are still widely used. They first emerged in the early days of the internet, when networks needed new security methods that could handle increasing complexity. Firewalls have since become the foundation of network security in the client-server model – the central architecture of modern computing. Most devices use firewalls – or closely related tools – to inspect traffic and mitigate threats.
How does a firewall work? A firewall establishes a border between an external network and the network it guards. It is inserted inline across a network connection and inspects all packets entering and leaving the guarded network. As it inspects, it uses a set of pre- configured rules to distinguish between benign and malicious packets. The term 'packets' refers to pieces of data that are formatted for internet transfer. Packets contain the data itself, as well as information about the data, such as where it came from. Firewalls can use this packet information to determine whether a given packet abides by the rule set. If it does not, the packet will be barred from entering the guarded network. Rule sets can be based on several things indicated by packet data, including: • Their source • Their destination • Their content These characteristics may be represented differently at different levels of the network. As a packet travels through the network, it is reformatted several times to tell the protocol where to send it. Different types of firewalls exist to read packets at different network levels.
Types of firewalls Firewalls are either categorized by the way they filter data, or by the system they protect. • A packet-filtering firewall examines packets in isolation and does not know the packet's context. • A stateful inspection firewall examines network traffic to determine whether one packet is related to another packet. • A proxy firewall (aka application-level gateway) inspects packets at the application layer of the Open Systems Interconnection (OSI) reference model. • A Next Generation Firewall (NGFW) uses a multilayered approach to integrate enterprise firewall capabilities with an intrusion prevention system (IPS) and application control.
Computer Virus and Worms Computer Virus A computer virus is a malicious application or authored code used to perform destructive activity on a device or local network. The code’s malicious activity could damage the local file system, steal data, interrupt services, download additional malware, or any other actions coded into the program by the malware author. Many viruses pretend to be legitimate programs to trick users into executing them on their device, delivering the computer virus payload. Causes of Computer Viruses Computer viruses are standard programs; only instead of offering useful resources, these programs can damage your device. For a threat actor to execute a virus on your machine, you must initiate execution. In some cases, an attacker can execute malicious code through your browser or remotely from another network computer. Modern browsers have defenses against local machine code execution, but third- party software installed on the browser could have vulnerabilities that allow viruses to run locally. The delivery of a computer virus can happen in several ways. One common method is via a phishing email. Another technique is hosting malware on a server that promises to provide a legitimate program. It can be delivered using macros or by injecting malicious code into legitimate software files.
Types of Computer Viruses Every virus has a payload that performs an action. The threat actor can code any malicious activity into the virus payload, including simple, innocuous pranks that don’t do any harm. While a few viruses have harmless payloads, most of them cause damage to the system and its data. There are nine main virus types, some of which could be packaged with other malware to increase the chance of infection and damage. The nine major categories for viruses are: Boot Sector Virus Computer drive has a sector solely responsible for pointing to the operating system so that it can boot into the interface. A boot sector virus damages or controls the boot sector on the drive, rendering the machine unusable. Attackers will usually spread this virus type using a malicious USB device. The virus is activated when users plug in the USB device and boot their machine. Web Scripting Virus Most browsers have defences against malicious web scripts, but older, unsupported browsers have vulnerabilities that allow an attacker to run code on the local device.
Browser Hijacker A virus that can change the settings on your browser will hijack browser favorites, the home page URL, your search preferences and redirect you to a malicious site. The site could be a phishing site or an adware page used to steal data or make money for the attacker. Resident Virus A virus that can access computer memory and sit dormant until a payload is delivered is considered a resident virus. This malware may stay dormant until a specific date, time, or a user performs an action. Direct Action Virus When a user executes a seemingly harmless file attached with malicious code, direct action viruses deliver a payload immediately. These viruses can also remain dormant until a specific action is taken or a timeframe passes. Polymorphic Virus Malware authors can use polymorphic code to change the program’s footprint to avoid detection. Polymorphic viruses make it more difficult for an antivirus to detect and remove them.
File Infector Virus To persist on a system, a threat actor uses file infector viruses to inject malicious code into critical files that run the operating system or important programs. When the system boots or the program runs, the virus is activated. Multipartite Virus These malicious programs spread across a network or other systems by copying themselves or injecting code into critical computer resources. Macro Virus Microsoft Office files can run macros, and these macros can be used to download additional malware or run malicious code. Macro viruses deliver a payload when the file is opened, and the macro runs.
Computer Worm A computer worm is malware, just like a virus, but a worm takes a copy of itself and propagates it to other users. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage. Worms can also deliver a payload and exhaust resources. For example, an email worm sends a copy of itself to everyone on an infected user’s email contact list. When it reaches recipient inboxes, anyone who runs the worm sends it to their contact list. Email worms exhaust storage space and spread very quickly across the internet, so they create issues differently than a virus. Symptoms of infected Computer Signs that a computer is infected by virus or worm include: • Popup windows, including ads (adware) or links to malicious websites. • Web browser home page changes, and you did not change it. • Outbound emails to your contact list or people on your contact list alert you to strange messages sent by your account. • The computer crashes often, runs out of memory with few active programs, or a blue screen of death in Windows. • Slow computer performance even when running few programs or the computer was recently booted. • Unknown programs start when the computer boots or when you open specific programs. • Passwords change without your knowledge or your interaction on the account.
Digital Signature and Certificates A digital signature is a mechanism that is used to verify that a particular digital document, message or transaction is authentic. It provides a receiver the guarantee that the message was actually generated by the sender and it was not modified by a third party. A digital signature is an electronic, encrypted stamp of authentication on digital data. The signature confirms that the information originated from the signer and has not been altered. Digital signatures can provide the added assurances of evidence to the origin, identity and status, as well as acknowledging informed consent by the signer. Below are some common reasons for applying a digital signature to communications: • Authentication: Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. The importance of high confidence in sender authenticity is especially obvious in a financial context. • Integrity: In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. So, if a message is digitally signed, any change in the message after signature invalidates the signature. • Non-repudiation: Non-repudiation, or more specifically non-repudiation of origin, is an important aspect of digital signatures. By this property, an entity that has signed some information cannot at a later time deny having signed it. Similarly, access to the public key only does not enable a fraudulent party to fake a valid signature.
Digital Certificates function similarly to identification cards such as passports and drivers’ licenses. Digital certificates are issued by recognised (government) authorities. When someone requests a certificate, the authority verifies the identity of the requester, certifies that the requester meets all requirements to receive the certificate, and then issues it. When a digital certificate is presented to others, they can verify the identity of its owner because the certificate provides the following security benefits: • It contains personal information to help identify and trace the owner. • It contains the information that is required to identify and contact the issuing authority. • It is designed to be tamper-resistant and difficult to counterfeit. • It is issued by an authority that can revoke the identification card at any time (for example, if the card is misused or stolen). • It can be checked for revocation by contacting the issuing authority.
Ev
Computer crimes Computer crime also called, Cybercrime, the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. The four primary categories of computer crimes are • Internal computer crimes • Telecommunications crimes • Computer manipulation crimes • Traditional theft Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device. Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is carried out by individuals or organizations. Some cybercriminals are organized, use advanced techniques and are highly technically skilled. Others are novice hackers. Rarely, cybercrime aims to damage computers for reasons other than profit. These could be political or personal.
Types of cybercrime • Email and internet fraud. • Identity fraud (where personal information is stolen and used). • Theft of financial or card payment data. • Theft and sale of corporate data. • Cyberextortion (demanding money to prevent a threatened attack). • Ransomware attacks (a type of cyberextortion). • Cryptojacking (where hackers mine cryptocurrency using resources they do not own). • Cyberespionage (where hackers access government or company data). Most cybercrime falls under two main categories: • Criminal activity that targets • Criminal activity that uses computers to commit other crimes. Cybercrime that targets computers often involves viruses and other types of malware. Cybercriminals may infect computers with viruses and malware to damage devices or stop them working. They may also use malware to delete or steal data
How to get protected against cybercrime? • Keep software and operating system updated • Use anti-virus software and keep it updated • Use strong passwords • Never open attachments in spam emails • Do not click on links in spam emails or untrusted websites • Do not give out personal information unless secure • Contact companies directly about suspicious requests • Be mindful of website URLs • Keep an eye on your bank statements
Social impacts Cyber crime is being committed every day. Thieves commit cyber crimes to steal people’s money and their identity. With others identity, the cyber criminal: can take out loans, incur credit, accumulate debt and, then flee without a trace. It can take years to rehabilitate your identity. A virus can destroy someone’s files and a lost database can result in receiving unwanted sales calls. The list below includes some of the most immediate effects: • lost money due to online theft • expenses incurred to fix problems and prevent future cybercrimes • loss of reputation due to personal information that is revealed • corrupted files due to viruses • long-term debt created resulting in poor credit rating due to online identity theft

More Related Content

PPT
Chapter1 intro network_security_sunorganised
byBule Hora University
 
PPTX
Cybersecurity: Definition, Importance, and Best Practices.pptx
byCloudavize
 
PDF
Cyber Security Matters a book by Hama David Bundo
byhdbundo
 
PPTX
Lecture 6 Cybersecurity-Basics and .pptx
byakatsesena2003
 
PPTX
sec.This includes policy settings that prevent unauthorized people
byJuliusECatipon
 
PPTX
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 
DOCX
Unit 1 Information Security.docx
byPrernaThakwani
 
PDF
1-Computer_Security_EENG-524_Lecture-01.pdf
byUmarr Alie Sesay
 
Chapter1 intro network_security_sunorganised
byBule Hora University
 
Cybersecurity: Definition, Importance, and Best Practices.pptx
byCloudavize
 
Cyber Security Matters a book by Hama David Bundo
byhdbundo
 
Lecture 6 Cybersecurity-Basics and .pptx
byakatsesena2003
 
sec.This includes policy settings that prevent unauthorized people
byJuliusECatipon
 
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 
Unit 1 Information Security.docx
byPrernaThakwani
 
1-Computer_Security_EENG-524_Lecture-01.pdf
byUmarr Alie Sesay
 

Similar to Information Systems.pptx

PPTX
Unit 1 Network Fundamentals and Security .pptx
byGuna Dhondwad
 
PDF
Sec0001 .pdf
bymah902110
 
PPTX
information security (network security methods)
byZara Nawaz
 
PPTX
What is Cyber & information security.pptx
byamnamahfooz615
 
PPT
Information Technology Security Basics
byMohan Jadhav
 
PDF
Implications of Misuse and Cyber Security.pdf
bysrtwgwfwwgw
 
PPTX
Information Security and Indian IT Act 2000
byDr. Prashant Vats
 
PPTX
Information Security Bachelor in Information technology unit 1
byssuserf35ac9
 
PDF
Lecture 7---Security (1).pdf
byZeeshanMajeed15
 
PPTX
Foundation of the information securiety
byALIZAIB KHAN
 
PPTX
U-1.pptx..........................................
by322103310075
 
PDF
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
byJenna Murray
 
PPTX
Cyber Security in detail PPT BY HIMANXU.pptx
byhimanshuratnama
 
PDF
Cyber Security Notes Unit 2 for Engineering
bynctitacademic
 
PPT
Security And Ethical Challenges Of Infornation Technology
byparamalways
 
DOCX
Ethical and security issues on MIS inte 322 assignment.docx
byGogoOmolloFrancis
 
PPTX
Information security ist lecture
byZara Nawaz
 
PPTX
Computing safety
bytitoferrus
 
PPTX
INTERNETSECURITY with the different threats
byPrabinPathak5
 
PDF
IT Security - Guidelines
byPedro Espinosa
 
Unit 1 Network Fundamentals and Security .pptx
byGuna Dhondwad
 
Sec0001 .pdf
bymah902110
 
information security (network security methods)
byZara Nawaz
 
What is Cyber & information security.pptx
byamnamahfooz615
 
Information Technology Security Basics
byMohan Jadhav
 
Implications of Misuse and Cyber Security.pdf
bysrtwgwfwwgw
 
Information Security and Indian IT Act 2000
byDr. Prashant Vats
 
Information Security Bachelor in Information technology unit 1
byssuserf35ac9
 
Lecture 7---Security (1).pdf
byZeeshanMajeed15
 
Foundation of the information securiety
byALIZAIB KHAN
 
U-1.pptx..........................................
by322103310075
 
CYBER SECURITY WHAT IS IT AND WHAT YOU NEED TO KNOW.pdf
byJenna Murray
 
Cyber Security in detail PPT BY HIMANXU.pptx
byhimanshuratnama
 
Cyber Security Notes Unit 2 for Engineering
bynctitacademic
 
Security And Ethical Challenges Of Infornation Technology
byparamalways
 
Ethical and security issues on MIS inte 322 assignment.docx
byGogoOmolloFrancis
 
Information security ist lecture
byZara Nawaz
 
Computing safety
bytitoferrus
 
INTERNETSECURITY with the different threats
byPrabinPathak5
 
IT Security - Guidelines
byPedro Espinosa
 

Recently uploaded

PPTX
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
PDF
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
PDF
Why Enterprises Are Moving to Dedicated Servers in the Netherlands
byAtal Networks
 
PDF
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
PDF
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
PPTX
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
PPTX
Storage-and-HCI-Positioning-update-sales.pptx
byhungungphu123
 
PPTX
About Computer Hardware ................
bymaratiakshaya07
 
PPTX
Becoming Frontier for Dynamics 365 Finance PPT
byjonbravetti
 
PPTX
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
PDF
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
PDF
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
PDF
Mercury Computer Systems & The Cell Broadband Engine
bySlide_N
 
PDF
Profiting from Technological Innovation: Managing Intellectual Property to Bu...
byDavid Teece
 
PPTX
Accelerate Innovation with Engineering R&D Services
byChetu
 
PDF
Implementing A Data Lakehouse Using Iceberg & Spark
byAnass Nabil
 
PDF
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
PPTX
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
PDF
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
PPT
connectives-linking words in English.ppt
byAmrMohammed82
 
UNIT 1- Introduction to Basic of Computer Fundamentals
bypawarbhaktiit
 
TrustArc Webinar - Unpacking India’s DPDP Act: What You Should Know
byTrustArc
 
Why Enterprises Are Moving to Dedicated Servers in the Netherlands
byAtal Networks
 
Top 10 Dedicated Server Providers in Stockholm (Updated Edition).pdf
byAtal Networks
 
AI Data Analyst: Smarter Insights for Modern Real Estate Decisions
byLeni Analyst
 
computer science class 11 ( phishing and fraud mails) .pptx
bybalajichess314
 
Storage-and-HCI-Positioning-update-sales.pptx
byhungungphu123
 
About Computer Hardware ................
bymaratiakshaya07
 
Becoming Frontier for Dynamics 365 Finance PPT
byjonbravetti
 
The Abomination of AI – keynote at ICoSCI 2026
byAlan Dix
 
6 Insights from the Patron Saint of AI Failure
byScott M. Graffius
 
Top 5 Best Dedicated Server Providers in Los Angeles (Updated Edition)
byAtal Networks
 
Mercury Computer Systems & The Cell Broadband Engine
bySlide_N
 
Profiting from Technological Innovation: Managing Intellectual Property to Bu...
byDavid Teece
 
Accelerate Innovation with Engineering R&D Services
byChetu
 
Implementing A Data Lakehouse Using Iceberg & Spark
byAnass Nabil
 
Special Reeling Cable Specification _ Anhui Feichun Special Cable Co., Ltd_.pdf
byAnhui Feichun Special Cable Co., Ltd.
 
WIFI Enabled 8 by 32 Matrix.pptx for final year project
bymdsabbirhossain524856
 
TopMate ES11 3-Wheel Electric Scooter: Comfort, Stability, and Independence f...
byTopmate
 
connectives-linking words in English.ppt
byAmrMohammed82
 

Information Systems.pptx

  • 1.
    Information Systems andSecurity Introduction to Information Systems
  • 2.
    1. Computer security 2.Authentication mechanisms 3. Firewall 4. Computer crimes 5. Social impacts 6. Computer virus 7. Worms 8. Digital signature and Certificates Module Outline
  • 3.
    Information security • Informationsecurity, sometimes abbreviated to infosec, is a set of practices intended to keep data secure from unauthorized access or alterations, both when it's being stored and when it's being transmitted from one machine or physical location to another. • Information security refers to the processes and methodologies which are designed and implemented to protect print, electronic, or any other form of confidential, private and sensitive information or data from unauthorized access, use, misuse, disclosure, destruction, modification, or disruption (SANS Institute)
  • 4.
    Information Security vsCybersecurity Because information technology has become the accepted corporates and that means, basically, "computers and related stuff," you will sometimes see information security and cybersecurity used interchangeably. Strictly speaking, cybersecurity is the broader practice of defending IT assets from attack, and information security is a specific discipline under the cybersecurity umbrella. Network security and application security are sister practices to infosec, focusing on networks and app code, respectively. (Obviously, there's some overlap here. We can't secure data transmitted across an insecure network or manipulated by a leaky application. As well, there is plenty of information that isn't stored electronically that also needs to be protected).
  • 5.
    Information security principles Thebasic components of information security are Confidentiality: Data is confidential when only those people who are authorized to access it can do so; to ensure confidentiality, need to be able to identify who is trying to access data and block attempts by those without authorization. Passwords, encryption, authentication, and defense against penetration attacks are all techniques designed to ensure confidentiality. Integrity means maintaining data in its correct state and preventing it from being improperly modified, either by accident or maliciously. Many of the techniques that ensure confidentiality will also protect data integrity—after all, a hacker can't change data they can't access—but there are other tools that help provide a defense of integrity in depth. Integrity also covers the concept of non-repudiation – ability to prove that data is maintained the integrity, especially in legal contexts. Availability is to make sure that your data can't be accessed by unauthorized users, you also need to ensure that it can be accessed by those who have the proper permissions. Ensuring data availability means matching network and computing resources to the volume of data access you expect and implementing a good backup policy for disaster recovery purposes.
  • 6.
    Information security measures Technicalmeasures include the hardware and software that protects data — everything from encryption to firewalls Organizational measures include the creation of an internal unit dedicated to information security, along with making infosec part of the duties of some staff in every department Human measures include providing awareness training for users on proper infosec practices Physical measures include controlling access to the office locations and, especially, data centers
  • 7.
    Computer Security Computer securityprofessional should know 1. Specific motive of the computer security attack 2. Malware 3. Root cause exploits 4. Cryptography and data protection 5. Networking and network packet analysis 6. Basic common defences 7. Authentication 8. Mobile threats 9. Cloud security 10.Event logging 11.Incident response 12.Education and communication
  • 8.
    1. Specific motiveof the computer security attack Computer hackers can be categories with their motive as • Financial • Nation-state sponsored/cyberwarfare • Corporate espionage (spying) • Hacktivists • Resource theft • Cheating 2. Malware There are three major types of malware: computer virus, Trojan horse, and worm. Any malware program is an amalgam of one or more of these classifications. A computer virus is a malware program that hosts itself inside of other programs, files, and in digital storage to replicate. A trojan horse is a malware program claiming to be something legitimate to trick humans into setting it in motion. A trojan horse does not self-replicate; it relies on the curiosity of humans to help it spread. A worm is a self-replicating program that uses code to spread itself. It does not need other host programs or files.
  • 9.
    3. Root causeexploits Computer security professionals face thousands of new software vulnerabilities and millions of unique malware programs, yet only few different root cause exploits allow each of those into someone’s environment. Identify and stop the root cause exploits and we are protected from hacking and malware. Here are the ten types of root exploits: • Programming bug • Social engineering • Authentication attack • Human error • Misconfiguration • Eavesdropping / man in the middle (MitM) • Data / Network traffic malformation • Insider attack • Third-party reliance issue • Physical attack
  • 10.
    4. Cryptography anddata protection Digital cryptography is the art of making information secure against unauthorized access and modification. Every IT security professional should learn the basics of cryptography, including asymmetric encryption, symmetric encryption, hashing, and key distribution and protection. Data protection requires a lot of cryptography. Complete data protection also demands that the data be lawfully collected and used, that you guard its privacy against unauthorized access, and that you back it up securely to prevent malicious modification and to ensure availability. 5. Networking and network packet analysis It is needed to recognize the security professionals to understand networks at the packet level. They are facile with network basics such as protocols, port numbers, network addresses, layers of the OSI model, the difference between a router and a switch, and are able to read and understand what all the various fields of a network packet are used for. To understand network packet analysis is to truly understand networks and the computers that use them.
  • 11.
    6. Basic commondefences Almost every computer has common basic defences, which to be considered and applied. Understanding and using the basic common IT security defences is a must for every IT security professional. But don’t stop at simply knowing about them. Know, too, what they are good at stopping and what they fail to do. They are the “standards” of computer security which include: • Patch management • End-user training • Firewalls • Antivirus • Secure configurations • Encryption/cryptography • Authentication • Intrusion detection • Logging
  • 12.
    7. Authentication The bestsecurity professionals understand that authentication is more than the process of putting in a valid password or satisfying a two-factor ID test. It’s much more involved than that. Authentication begins with the process of providing a unique, valid identity label for any namespace – such as the email address, user principal name, or logon name. Authentication is the processes of providing one or more “secrets” that are only known by the valid identity holder and his authentication database/service. When the valid identity holder types in the correct authentication factor(s), this proves that the authenticated user is the valid owner of the identity. Then, after any successful authentication, the subject’s attempted accesses to protected resources are examined by a security manager process known as authorization. All logon and access attempts should be documented to a log file.
  • 13.
    8. Mobile threats Thereare now more mobile devices than people on the planet and most people get most of their information through a mobile device. Because humankind’s mobile prowess is only likely to increase, IT security professionals need to take mobile devices, mobile threats, and mobile security seriously. There isn't usually much difference between mobile threats and computer threats, but there are some differences. The top mobile threats include: • Mobile malware • Privacy invasion/theft • Ransomware • Phishing attacks • Spyware • Data or credential theft • Picture theft • Unsecured wireless
  • 14.
    9. Cloud security Traditionalcorporate administrators no longer control the servers, services, and infrastructure used to store sensitive data and service users. Cloud infrastructures are almost always multitenant architectures, where keeping different customers' data separate can be complicated by virtualization and the recent containerization and development of microservices. Heralded by some as a way to help make security easier to do, each development usually makes the infrastructure more complex. Factors make cloud security more complex than traditional networks are: • Lack of control • Always available on the internet • Multitenancy (shared services/servers) • Virtualization/containerization/microservices
  • 15.
    10. Event logging Yearafter year, the research shows that the most missed security events were right there in the log files all along, just waiting to be discovered. A good event- log system is worth taking care of the basic steps of event logging, which every IT security professional should know: • Policy • Configuration • Event log collection • Normalization • Indexing • Storage • Correlation • Baselining • Alerting • Reporting
  • 16.
    11. Incident response Computersecurity professional should be ready for this with an incident response plan, which should be put into action immediately. A good incident response is essential. It can be the difference between an event that ruins the day and one that ends up in the media and tarnishes the character of the organisation. The basics of incident response include: • Respond effectively and in a timely fashion • Limit damage • Conduct forensic analysis • Identification of the threat • Communication • Limit future damage • Acknowledge lessons learned
  • 17.
    12. Education andCommunication Most threats are well known and re-occur frequently. Every stakeholder from end users to senior management needs to know the current top threats against company and what to do to stop them. Some of the threats like social engineering, can only be stopped by educating the people in the company. So the ability to communicate is often the thing that separates a secured company from a mediocre one. No matter what technical controls you deploy, every year something will make it past them. So, make sure your stakeholders are prepared. At the very least, the following items should be covered in your education program: • Significant, threats and risks against the organization • Acceptable use • Security policy • How to authenticate and what to avoid • Data protection • Social engineering awareness • How and when to report suspicious security incidents
  • 18.
    Authentication Mechanisms What IsAuthentication? Authentication is the process of identifying users that request access to a system, network, or device. Access control often determines user identity according to credentials like username and password. Other authentication technologies like biometrics and authentication apps are also used to authenticate user identity. Why Is User Authentication Important? User authentication is a method that keeps unauthorized users from accessing sensitive information. For example, User A only has access to relevant information and cannot see the sensitive information of User B. Cybercriminals can gain access to a system and steal information when user authentication is not secure. Authentication technology is always changing. Businesses have to move beyond passwords and think of authentication as a means of enhancing user experience. Authentication methods like biometrics eliminate the need to remember long and complex passwords. As a result of enhanced authentication methods and technologies, attackers will not be able to exploit passwords, and a data breach will be prevented.
  • 19.
    Authentication Types 1. Password-basedauthentication 2. Multi-factor authentication 3. Certificate-based authentication 4. Token-based authentication 5. Biometric authentication
  • 20.
    1. Password-based authentication Passwordsare the most common methods of authentication. Passwords can be in the form of a string of letters, numbers, or special characters. To protect us, we need to create strong passwords that include a combination of all possible options. However, passwords are prone to phishing attacks and bad hygiene that weakens effectiveness. Very few users use different passwords across their accounts as there are a lot of passwords to remember. As a result, many people choose convenience over security. Most people use simple passwords instead of creating reliable passwords because they are easier to remember. Passwords have a lot of weaknesses and are not sufficient in protecting online information. Hackers can easily guess user credentials by running through all possible combinations until they find a match.
  • 21.
    2. Multi-factor authentication Multi-FactorAuthentication (MFA) is an authentication method that requires two or more independent ways to identify a user. Examples include codes generated from the user’s smartphone, Captcha tests, fingerprints, voice biometrics or facial recognition. MFA authentication methods and technologies increase the confidence of users by adding multiple layers of security. MFA may be a good defence against most account hacks, but it has its own pitfalls. People may lose their phones or SIM cards and not be able to generate an authentication code.
  • 22.
    3. Certificate-based authentication Certificate-basedauthentication technologies identify users, machines or devices by using digital certificates. A digital certificate is an electronic document based on the idea of a driver’s license or a passport. The certificate contains the digital identity of a user including a public key, and the digital signature of a certification authority. Digital certificates prove the ownership of a public key and issued only by a certification authority. Users provide their digital certificates when they sign in to a server. The server verifies the credibility of the digital signature and the certificate authority. The server then uses cryptography to confirm that the user has a correct private key associated with the certificate. 4. Token-based authentication Token-based authentication technologies enable users to enter their credentials once and receive a unique encrypted string of random characters in exchange. Then use the token to access protected systems instead of entering credentials all over again. The digital token proves that already have access permission. Use cases of token-based authentication.
  • 23.
    5. Biometric authentication Biometricsauthentication is a security process that relies on the unique biological characteristics of an individual. Here are key advantages of using biometric authentication technologies: • Biological characteristics can be easily compared to authorized features saved in a database. • Biometric authentication can control physical access when installed on gates and doors. • Add biometrics into multi-factor authentication process. Biometric authentication technologies are used by consumers, governments and private corporations including airports, military bases, and national borders. The technology is increasingly adopted due to the ability to achieve a high level of security without creating friction for the user.
  • 24.
    Common biometric authenticationmethods include: Facial recognition matches the different face characteristics of an individual trying to gain access to an approved face stored in a database. Face recognition can be inconsistent when comparing faces at different angles or comparing people who look similar, like close relatives.. Fingerprint scanners match the unique patterns on an individual’s fingerprints. Some versions of fingerprint scanners can even assess the vascular patterns in people’s fingers. Fingerprint scanners are currently the most popular biometric technology for everyday consumers, despite their frequent inaccuracies. Speaker Recognition also known as voice biometrics, examines a speaker’s speech patterns for the formation of specific shapes and sound qualities. A voice-protected device usually relies on standardized words to identify users, just like a password. Eye scanners include technologies like iris recognition and retina scanners. Iris scanners project a bright light towards the eye and search for unique patterns in the colored ring around the pupil of the eye. The patterns are then compared to approved information stored in a database. Eye-based authentication may suffer inaccuracies if a person wears glasses or contact lenses.
  • 25.
    Firewall A firewall issoftware or firmware that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of rules to identify and block threats. Firewalls are used in both personal and enterprise settings, and many devices come with one built-in, including Mac, Windows, and Linux computers. They are widely considered an essential component of network security. Importance of Firewalls Firewalls are important because they have had a huge influence on modern security techniques and are still widely used. They first emerged in the early days of the internet, when networks needed new security methods that could handle increasing complexity. Firewalls have since become the foundation of network security in the client-server model – the central architecture of modern computing. Most devices use firewalls – or closely related tools – to inspect traffic and mitigate threats.
  • 26.
    How does afirewall work? A firewall establishes a border between an external network and the network it guards. It is inserted inline across a network connection and inspects all packets entering and leaving the guarded network. As it inspects, it uses a set of pre- configured rules to distinguish between benign and malicious packets. The term 'packets' refers to pieces of data that are formatted for internet transfer. Packets contain the data itself, as well as information about the data, such as where it came from. Firewalls can use this packet information to determine whether a given packet abides by the rule set. If it does not, the packet will be barred from entering the guarded network. Rule sets can be based on several things indicated by packet data, including: • Their source • Their destination • Their content These characteristics may be represented differently at different levels of the network. As a packet travels through the network, it is reformatted several times to tell the protocol where to send it. Different types of firewalls exist to read packets at different network levels.
  • 27.
    Types of firewalls Firewallsare either categorized by the way they filter data, or by the system they protect. • A packet-filtering firewall examines packets in isolation and does not know the packet's context. • A stateful inspection firewall examines network traffic to determine whether one packet is related to another packet. • A proxy firewall (aka application-level gateway) inspects packets at the application layer of the Open Systems Interconnection (OSI) reference model. • A Next Generation Firewall (NGFW) uses a multilayered approach to integrate enterprise firewall capabilities with an intrusion prevention system (IPS) and application control.
  • 28.
    Computer Virus andWorms Computer Virus A computer virus is a malicious application or authored code used to perform destructive activity on a device or local network. The code’s malicious activity could damage the local file system, steal data, interrupt services, download additional malware, or any other actions coded into the program by the malware author. Many viruses pretend to be legitimate programs to trick users into executing them on their device, delivering the computer virus payload. Causes of Computer Viruses Computer viruses are standard programs; only instead of offering useful resources, these programs can damage your device. For a threat actor to execute a virus on your machine, you must initiate execution. In some cases, an attacker can execute malicious code through your browser or remotely from another network computer. Modern browsers have defenses against local machine code execution, but third- party software installed on the browser could have vulnerabilities that allow viruses to run locally. The delivery of a computer virus can happen in several ways. One common method is via a phishing email. Another technique is hosting malware on a server that promises to provide a legitimate program. It can be delivered using macros or by injecting malicious code into legitimate software files.
  • 29.
    Types of ComputerViruses Every virus has a payload that performs an action. The threat actor can code any malicious activity into the virus payload, including simple, innocuous pranks that don’t do any harm. While a few viruses have harmless payloads, most of them cause damage to the system and its data. There are nine main virus types, some of which could be packaged with other malware to increase the chance of infection and damage. The nine major categories for viruses are: Boot Sector Virus Computer drive has a sector solely responsible for pointing to the operating system so that it can boot into the interface. A boot sector virus damages or controls the boot sector on the drive, rendering the machine unusable. Attackers will usually spread this virus type using a malicious USB device. The virus is activated when users plug in the USB device and boot their machine. Web Scripting Virus Most browsers have defences against malicious web scripts, but older, unsupported browsers have vulnerabilities that allow an attacker to run code on the local device.
  • 30.
    Browser Hijacker A virusthat can change the settings on your browser will hijack browser favorites, the home page URL, your search preferences and redirect you to a malicious site. The site could be a phishing site or an adware page used to steal data or make money for the attacker. Resident Virus A virus that can access computer memory and sit dormant until a payload is delivered is considered a resident virus. This malware may stay dormant until a specific date, time, or a user performs an action. Direct Action Virus When a user executes a seemingly harmless file attached with malicious code, direct action viruses deliver a payload immediately. These viruses can also remain dormant until a specific action is taken or a timeframe passes. Polymorphic Virus Malware authors can use polymorphic code to change the program’s footprint to avoid detection. Polymorphic viruses make it more difficult for an antivirus to detect and remove them.
  • 31.
    File Infector Virus Topersist on a system, a threat actor uses file infector viruses to inject malicious code into critical files that run the operating system or important programs. When the system boots or the program runs, the virus is activated. Multipartite Virus These malicious programs spread across a network or other systems by copying themselves or injecting code into critical computer resources. Macro Virus Microsoft Office files can run macros, and these macros can be used to download additional malware or run malicious code. Macro viruses deliver a payload when the file is opened, and the macro runs.
  • 32.
    Computer Worm A computerworm is malware, just like a virus, but a worm takes a copy of itself and propagates it to other users. A worm can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage. Worms can also deliver a payload and exhaust resources. For example, an email worm sends a copy of itself to everyone on an infected user’s email contact list. When it reaches recipient inboxes, anyone who runs the worm sends it to their contact list. Email worms exhaust storage space and spread very quickly across the internet, so they create issues differently than a virus. Symptoms of infected Computer Signs that a computer is infected by virus or worm include: • Popup windows, including ads (adware) or links to malicious websites. • Web browser home page changes, and you did not change it. • Outbound emails to your contact list or people on your contact list alert you to strange messages sent by your account. • The computer crashes often, runs out of memory with few active programs, or a blue screen of death in Windows. • Slow computer performance even when running few programs or the computer was recently booted. • Unknown programs start when the computer boots or when you open specific programs. • Passwords change without your knowledge or your interaction on the account.
  • 33.
    Digital Signature andCertificates A digital signature is a mechanism that is used to verify that a particular digital document, message or transaction is authentic. It provides a receiver the guarantee that the message was actually generated by the sender and it was not modified by a third party. A digital signature is an electronic, encrypted stamp of authentication on digital data. The signature confirms that the information originated from the signer and has not been altered. Digital signatures can provide the added assurances of evidence to the origin, identity and status, as well as acknowledging informed consent by the signer. Below are some common reasons for applying a digital signature to communications: • Authentication: Although messages may often include information about the entity sending a message, that information may not be accurate. Digital signatures can be used to authenticate the source of messages. The importance of high confidence in sender authenticity is especially obvious in a financial context. • Integrity: In many scenarios, the sender and receiver of a message may have a need for confidence that the message has not been altered during transmission. So, if a message is digitally signed, any change in the message after signature invalidates the signature. • Non-repudiation: Non-repudiation, or more specifically non-repudiation of origin, is an important aspect of digital signatures. By this property, an entity that has signed some information cannot at a later time deny having signed it. Similarly, access to the public key only does not enable a fraudulent party to fake a valid signature.
  • 36.
    Digital Certificates functionsimilarly to identification cards such as passports and drivers’ licenses. Digital certificates are issued by recognised (government) authorities. When someone requests a certificate, the authority verifies the identity of the requester, certifies that the requester meets all requirements to receive the certificate, and then issues it. When a digital certificate is presented to others, they can verify the identity of its owner because the certificate provides the following security benefits: • It contains personal information to help identify and trace the owner. • It contains the information that is required to identify and contact the issuing authority. • It is designed to be tamper-resistant and difficult to counterfeit. • It is issued by an authority that can revoke the identification card at any time (for example, if the card is misused or stolen). • It can be checked for revocation by contacting the issuing authority.
  • 37.
  • 38.
    Computer crimes Computer crimealso called, Cybercrime, the use of a computer as an instrument to further illegal ends, such as committing fraud, trafficking in child pornography and intellectual property, stealing identities, or violating privacy. The four primary categories of computer crimes are • Internal computer crimes • Telecommunications crimes • Computer manipulation crimes • Traditional theft Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device. Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is carried out by individuals or organizations. Some cybercriminals are organized, use advanced techniques and are highly technically skilled. Others are novice hackers. Rarely, cybercrime aims to damage computers for reasons other than profit. These could be political or personal.
  • 39.
    Types of cybercrime •Email and internet fraud. • Identity fraud (where personal information is stolen and used). • Theft of financial or card payment data. • Theft and sale of corporate data. • Cyberextortion (demanding money to prevent a threatened attack). • Ransomware attacks (a type of cyberextortion). • Cryptojacking (where hackers mine cryptocurrency using resources they do not own). • Cyberespionage (where hackers access government or company data). Most cybercrime falls under two main categories: • Criminal activity that targets • Criminal activity that uses computers to commit other crimes. Cybercrime that targets computers often involves viruses and other types of malware. Cybercriminals may infect computers with viruses and malware to damage devices or stop them working. They may also use malware to delete or steal data
  • 40.
    How to getprotected against cybercrime? • Keep software and operating system updated • Use anti-virus software and keep it updated • Use strong passwords • Never open attachments in spam emails • Do not click on links in spam emails or untrusted websites • Do not give out personal information unless secure • Contact companies directly about suspicious requests • Be mindful of website URLs • Keep an eye on your bank statements
  • 41.
    Social impacts Cyber crimeis being committed every day. Thieves commit cyber crimes to steal people’s money and their identity. With others identity, the cyber criminal: can take out loans, incur credit, accumulate debt and, then flee without a trace. It can take years to rehabilitate your identity. A virus can destroy someone’s files and a lost database can result in receiving unwanted sales calls. The list below includes some of the most immediate effects: • lost money due to online theft • expenses incurred to fix problems and prevent future cybercrimes • loss of reputation due to personal information that is revealed • corrupted files due to viruses • long-term debt created resulting in poor credit rating due to online identity theft