Computer security also known as cyber security is the protection of information systems from theft or damage to the hardware, the software and to the information on them, as well as from disruption of the services they provide.
Security is based on the following issues:
- Privacy: The ability to keep things private/condential. T
- rust: we trust data from an individual or a host.
- Authenticity: Are security credentials in order.
- Integrity: Has the system been compromised/altered already.
Why do I need to learn about Computer Security ?
Good Security Standards follow the "90 / 10" Rule:
- 10% of security safeguards are technical.
- 90% of security safeguards rely on the computer user ("YOU") to adhere to good computing practices
- We need both parts for effective security.
checking to see if the door is closed, ensuring others do not prop the door open, keeping control of the keys, etc. is the 90%.
Threats classied into one of the categories below:
- Back doors : A back door in a computer system, a cryptosystem is any secret method of bypassing normal authentication or security controls. They may exist for a number of reasons, including by original design or from poor conguration
- Denial-of-service attack : It designed to make a machine or network resource unavailable to its intended users.
- Direct-access attacks : An unauthorized user gaining physical access to a computer is most likely able to directly download data from it.
- Eavesdropping: It is the act of surreptitiously listening to a private conversation, typically between hosts on a network.
- Spoong : Spoong of user identity describes a situation in which one person or program successfully masquerades as another by falsifying data.
- Tampering: It describes a malicious modication of products. So-called "Evil Maid" attacks and security services planting of surveillance capability into routers.
- Phishing: It is the attempt to acquire sensitive information such as usernames, passwords and credit card details directly from users.
Good computing practices and tips that apply to most people who use a computer.
- Use passwords that can't be easily guessed and protect your passwords.
- Minimize storage of sensitive information
- Beware of scams.
- Protect information when using the Internet and email.
- Make sure your computer is protected with anti-virus and all necessary security "patches" and updates.
- Secure laptop computers and mobile devices at all times: Lock them up or carry them with you.
- Shut down, lock, log off, or put your computer and other devices to sleep before leaving them unattended and make sure they require a secure password to start up or wake-up.
- Don't install or download unknown or unsolicited programs/apps.
- Secure your area before leaving it unattended.
- Make backup copies of les or data you are not willing to lose.
A virus is a parasitic program that infects another legitimate program, which is sometimes called the host. To infect the host program, the virus modies the host so that it contains a copy of the virus.
- Boot sector viruses: A boot sector virus infects the boot record of a hard disk. The virus allows the actual boot sector data to be read as through a normal start-up were occurring.
- Cluster viruses: If any program is run from the infected disk, the program causes the virus also to run . This technique creates the illusion that the virus
- Worms: A worm is a program whose purpose is to duplicate itself.
- Bombs: This type of virus hides on the user’s disk and waits for a specic event to occur before running.
- Trojan Horses: A Trojan Horses is a malicious program that appears to be friendly. Because Trojan Horses do not make duplicates of themselves on the victim’s disk. They are not technically viruses.
- Stealth Viruses: These viruses take up residence in the computer’s memory, making them hard to detect.
- Micro Viruses: A macro virus is designed to infect a specic type of document le, such as Microsoft Word or Microsoft Excel les. These types of documents can include macros, which are small programs that execute commands.
The following are some well-known viruses.
- CodeRed : It is a worm that infects a computer running Microsoft IIS server. This virus launched DOS attack on White House’s website. It allows the hacker to access the infected computer remotely.
- Nimba : It is a worm that spreads itself using different methods. IT damages computer in different ways. It modied les, alters security settings and degrades performance.
- SirCam : It is distributed as an email attachment. It may delete les, degrade performance and send the les to anyone.
- Melisa : It is a virus that is distributed as an email attachment. IT disables different safeguards in MS Word. It sends itself to 50 people if Microsoft Outlook is installed..
- Ripper: It corrupts data from the hard disk.
- MDMA: It is transferred from one MS Word le to other if both les are in memory.
- Concept: It is also transferred as an email attachment. It saves the le in template directory instead of its original location.
- One_Half: It encrypts hard disk so only the virus may read the data. It displays One_Half on the screen when the encryption is half completed.
A computer system can be protected from virus by following precautions:
- The latest and updated version of Anti-Virus and rewall should be installed on the computer.
- The Anti-Virus software must be upgraded regularly.
- USB drives should be scanned for viruses, and should not be used on infected computers.
- Junk or unknown emails should not be opened and must be deleted straight away.
- Unauthorized or pirated software should not be installed on the computer.
- An important way of protection against virus is the use of back up of data. The backup is used if the virus deletes data or modies it. So back-up your data on regular basis.
- Freeware and shareware software from the internet normally contain viruses. It is important to check the software before using them. Never download songs, videos or les from suspicious websites. Never share your personal data with people you don’t know over the internet.