➧Other intruders indicate some evidence of their presence either by leaving a message or ➧by deliberately altering or damaging data.
➧Any illegal act involving a computer generally is referred to as a computer crime.
➧Cybercrime refers to online or Internet-based illegal acts.
➧Software used by cybercriminals sometimes is called crimeware.
- Perpetrators of cybercrime and other intrusions fall into seven basic categories:
- Hacker, refers to someone who accesses a computer or network illegally. Some hackers claim the intent of their security breaches is to improve security.
- Cracker also is someone who accesses a computer or network illegally but has the intent of. destroying data, stealing information, or other malicious action
- Script kiddie has the same intent as a cracker but does not have the technical skills and knowledge. Often use prewritten hacking and cracking programs to break into computers.
- Corporate spies have excellent computer and networking skills.
ühired to break into a specific
computer and steal its proprietary data and information.
üto help identify security risks in their
own organization.
- Unethical employees may break into their employers’ computers for a variety of reasons:
üwant to exploit a security weakness,
üseek financial gains from selling
confidential information
üdisgruntled employees may want
revenge.
- Cyber extortionist is someone who uses e-mail as a medium for extortion.
üThey will send an organization a
threatening e-mail message indicatingthey will expose confidential information
if they are not paid a sum of money.
- Cyberterrorist is someone who uses the Internet or network to destroy or damage computers for political reasons. They might targets:
üthe nation’s air traffic control
system,
üelectricity-generating companies,
üa telecommunications
infrastructure.
Malicious code
➧Malicious code is code causing damage to a computer or system. It is code not easily or solely controlled through the use of anti-virus tools.
➧Malicious code can either activate itself or be like a virus requiring user to perform an action, such as clicking on something or opening an email attachment.
Computer Virus
Definition : A computer virus is a potentially damaging computer program that affects or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.
➧A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels
➧It may damage files and system software, including the operating system
➧Almost all viruses are attached to an executable file.
➧The virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program.
➧A computer virus by sharing infecting files or sending emails with viruses as attachments in the email.Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt.
Examples: Melissa, Tequila, Cascade, Invader
Worm
➧A worm is a program that copies itself repeatedly.
➧For example in memory or on a network, using up resources and possibly shutting down the computer or network.
➧Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any human action
➧A worm takes advantage of file or information transport features on your system, which is what allows it to travel unaided.
➧The biggest danger with a worm is its capability to replicate itself on your system.
➧It will causing Web servers, network servers and individual computers to stop responding.
Examples: Jerusalem, Sobig, Nimda, Morris Worm
Differentiate between worms and virus
Enable visualization to see the difference between the two.
Trojan Horse
➧A program that hides within or looks like a legitimate program. It does not replicate itself to other computers.
➧At first glance will appear to be useful software but will actually do damage once installed or run on your computer.
➧Examples: It can change your desktop, adding silly active desktop icons or they can cause serious damage by deleting files and destroying information on your system.
Examples: Netbus, Back Orifice, Subseven, Beast
Differences of Malicious code
Unauthorized access & use
Unauthorized accesss
- The use of a computer or network without permission.
Unauthorized use
- The use of a computer or its data for unapproved or possibly illegal activities
To help prevent unauthorized access and use, they should have a written
acceptable use policy (AUP) that outlines the computer activities for which the computer and network may
and may not be used.An access
control
is
a security measure that defines who
can access a computer, when they can access it, and what actions they can take
while accessing the computer.Many systems implement access controls
using a two-phase process called identification
and authentication.Identification
verifies
that an individual is a valid user.
Authentication
verifies
that the individual is the person he or
she claims to be.Three methods of identification and
authentication include user
names and passwords, possessed
objects,
and bio metric
devices.A user
name or
user ID (identification),
is a unique combination of characters,
such as letters of the alphabet or numbers, that identifies one specific user.A password
is
a private combination of characters
associated with the user name that allows access to certain
computer resources.
Most multi user
(networked) operating systems require that users correctly enter a user name and a password before
they can access the data, information and programs stored on a computer or
network.
A possessed
object is any
item that you must carry to gain access to a computer or computer facility. Examples of possessed objects are badges, cards, smart cards
and
keys. The card
you use in an automated teller machine
(ATM)
is a possessed object that allows access to your bank account. Possessed objects often are used in combination with
personal identification numbers.
A personal
identification number (PIN) is
a numeric password,
either assigned by a company or selected by a user. A biometric
device
authenticates
a person’s identity by translating a personal characteristic, such as a fingerprint
into a digital code.
Hardware Theft
➤Hardware
theft is
the act of stealing computer equipment.
➤Hardware
vandalism is
the act
of defacing or destroying computer equipment.
➤Companies, schools, and other
organizations that house many computers, however, are at risk of hardware
theft.
➤Safeguards
against Hardware Theft and Vandalism:
- physical access controls, such as locked doors and windows
- install alarm systems in their buildings
- physical security devices such as cables that lock the equipment to a desk.
Software Theft
➤Software theft occurs
when someone:
- Steals software media
- Intentionally erases programs
- Illegally copies a program
- Illegally registers and/or activates a program.
➤Steals software media involves
a perpetrator physically stealing the media that contain the software or the
hardware that contains the media.
➤Intentionally erases programs can
occur when a programmer is terminated from, or stops working for a company.
➤Although
the programs are company property, some dishonest
programmers intentionally remove or disable the programs they have written from company
computers.
➤Illegally copies a program occurs
when software is stolen
from software manufacturers.
➤This
type of theft, called piracy,
is by far the most common form of software
theft.
➤Illegally registers and/or activates
a program involves
users
➤illegally obtaining registration
numbers and/or activation codes.
➤A
program called a keygen,
short for key generator, creates
software registration numbers and sometimes activation codes.
➤Some
individuals create and post keygens so
that users can install software without legally purchasing it
Safeguards
against Software Theft
➤To
protect software media from being stolen, owners should keep original software boxes and media
in a secure location, out of sight of
prying eyes.
➤All
computer users should back up
their files and disks regularly.
➤To
protect
themselves from software piracy, software
manufacturers issue users license agreements.
Information Theft
➤Information
theft occurs
when someone steals personal or
confidential information.
➤If stolen, the loss of information
can cause as much damage
as (if not more than) hardware or software theft.
➤An unethical
company executive may steal
or buy stolen information to learn about a competitor.
➤A
corrupt individual may steal credit
card numbers to make fraudulent purchases.
Safeguards against Information
Theft
➤Protecting information on computers
located on an organization’s premises.
➤To protect information on the internet
and networks, organizations and individuals use
a variety of encryption techniques.
➤Encryption
is
a process of converting
readable data into unreadable characters to prevent unauthorized access.
System Failure
System Failure
➤A system
failure is the prolonged malfunction of a
computer
➤Can cause loss of hardware, software, data, or information.
➤These include aging hardware; natural
disasters such
as fires, floods, or hurricanes; random events such as electrical power problems; and even errors in
computer programs.
➤Electrical power variations can cause loss
of data and loss of equipment.
➤If
the computer equipment is networked, a single power disturbance can damage
multiple systems.
➤Electrical
disturbances include noise
(any unwanted signal), undervoltages (electrical supply drops), and overvoltages (incoming electrical power
increases).
Safeguards against System failure
➤To protect against electrical power
variations, use a surge protector.
➤A surge
protector,
also called a surge suppressor,
uses special electrical components to smooth out minor noise, provide a stable
current flow, and keep an overvoltage from reaching the computer and other
electronic equipment.
Tiada ulasan:
Catat Ulasan