GIT Module 2 Unit 9 - Computer and Cybersecurity PDF

Summary

This document provides an overview of computer security and cybersecurity, including various security practices and threats. It covers topics such as network security, application security, information security, and operational security, as well as disaster recovery and common computer fraud techniques.

Full Transcript

Module
02:

Unit 09: Computer and
Cybersecurity
Unit 02: Computer Security and Cybersecurity
Computer security is the protection of computer systems and information
from harm, theft, and unauthorized use. Computer hardware is typically
protected by the same means used to protect other valuable or sensitive
equipment, namely, serial numbers, doors and locks, and alarms. The
protection of information and system access, on the other hand, is
achieved through other tactics, some of them quite complex. Computer
security deals with the protection of computer systems and information
from harm, theft, and unauthorized use.
Cyber security is the practice of defending computers, servers, mobile
devices, electronic systems, networks, and data from malicious attacks. It's
also known as information technology security or electronic information
security. The term applies in a variety of contexts, from business to mobile
computing.
Common Categories of Security

Network security is the practice of securing a
computer network from intruders, whether
targeted attackers or opportunistic malware.

Application security focuses on keeping
software and devices free of threats. A
compromised application could provide access
to the data its designed to protect. Successful
security begins in the design stage, well before
a program or device is deployed.
Common Categories of Security
Information security protects the integrity
and privacy of data, both in storage and in
transit.

Operational security includes the processes and
decisions for handling and protecting data assets. The
permissions users have when accessing a network and
the procedures that determine how and where data
may be stored or shared all fall under this umbrella.
Common Categories of Security
Disaster recovery and business continuity define
how an organization responds to a cyber-security
incident or any other event that causes the loss of
operations or data. Disaster recovery policies dictate
how the organization restores its operations and
information to return to the same operating capacity
as before the event.

Business continuity is the plan the
organization falls back on while trying
to operate without certain resources.
Common Categories of Security
End-user education addresses the
most unpredictable cyber-security
factor: people. Anyone can
accidentally introduce a virus to an
otherwise secure system by failing to
follow good security practices.
Teaching users to delete suspicious
email attachments, not plug in
unidentified USB drives, and various
other important lessons is vital for
the security of any organization.
 CIA Triad
The goal of information security
follows three main principles:
1. Confidentiality is ensuring that
information is available only to the
intended audience.
information 2. Integrity is protecting information
security from being modified by
unauthorized parties.
3. When the individual that needs
that piece of data to perform a job
Effectively executing all three principles of the Security Triad creates
duty is ready to utilize it, it must
an ideal outcome from an information security perspective. be readily accessible.
Good Security Practices for Individuals

1. Install anti-virus and anti-malware software
Software may include bugs as discussed in the
previous modules. To limit the vulnerabilities,
make sure that the instructions for install of
software are followed, the acquisition of the
software is legitimate. Anti-virus and
anti-malware should also be installed and kept
up to date.
Good Security Practices for Individuals

2. Use a strong password
Reusing passwords or having the same
password for multiple accounts, websites,
and other systems will become more
vulnerable. Do not save passwords on
websites and devices that are unsecure.
Remember to change your passwords on a
schedule to keep them fresh.
Good Security Practices for Individuals
3. Log off public computers
Yes, the business centers and cybercafes that offer
the use of a computer system is convenient, but not
secure. Since anyone can use them for anything,
they have probably been exposed to viruses, worms,
trojans, keyloggers, and other nasty malware.
Should you use them at all?
When using a public area
computer, be sure to
completely log off when you
are finished using it.
Good Security Practices for Individuals

4. Save and Back up
Some events may be inevitable
like hardware failure and virus
infection, so be sure to save every
now and then. Also back up
important information that is
important to you. Make sure to
verify if the files you’ve saved can
be easily restored.
Good Security Practices for Individuals
5. Limit social network information
Facebook, Twitter, Google+, YouTube,
Pinterest, LinkedIn and other social networks
have become an integral part of our online
lives. Social networks are a great way to stay
connected with others, but you should be
wary about how much personal information
you post. Learn how to use the privacy and
security settings to protect yourself, keep
personal information personal, know and
manage your friends, know what to do if you
encounter a problem.
 Good Security Practices for Individuals
6. Download files legally
Avoid peer-to-peer (P2P) networks and
remove any file-sharing clients already
installed on your system. Since most P2P
applications have worldwide sharing
turned on by default during installation,
you run the risk of downloading viruses
P2P is used to share all kinds of computing resources or other malware to your computer, and
such as processing power, network bandwidth, or disk
storage space. However, the most common use case
having your personal and/or confidential
for peer-to-peer networks is the sharing of files on the information inadvertently shared across
internet. Peer-to-peer networks are ideal for file
sharing because they allow the computers connected the Internet, which could lead to identity
to them to receive files and send files simultaneously.
theft.
Good Security Practices for Individuals
7. Keep personal information safe
Do not divulge personal information
online if you’re not sure about the
sender or the website. A common fraud,
called "phishing", sends messages that
appear to be from a bank, shop or
auction, giving a link to a fake website
and asking you to follow that link and
confirm your account details.
 Good Security Practices for Individuals
8. Lock your computer
Whenever you leave our devices unattended,
make sure that your device/s is/are locked.
There are three different ways to manually lock your screen on a Windows 10 computer:
Method 2
Using the Start Menu
on the computer screen:
1.Open the Start Menu by
clicking the Windows Logo icon
Method 1 Method 3
(usually in the lower left of the
On your keyboard, hold down Using the Keyboard:
screen).
the Windows Logo Icon key and 1.Press Ctrl, Alt and Del at the
2.Next, click the Most Used icon
the L key on the keyboard at the same time.
on the upper left.
same time. 2.Then, select Lock from the
3.Then, click the User Icon and
options that appear on the screen.
To Unlock: choose Lock in the dropdown list
Press any button to wake the display up, Press Ctrl, Alt and Del at the same time. You will be asked to authenticate with your
username and password.
Good Security Practices for Individuals
9. Do not click on suspicious links or pop-up notifications
Avoid visiting unknown websites or downloading software from
untrusted sources. These sites often host malware that will
automatically install (often silently) and compromise your computer. If
attachments or links in the email are unexpected or suspicious for any
reason, don't click on it, just visit the actual sender website.
Good Security Practices for Individuals

10. Keep applications up to date
Turn on automatic updating or make
sure that all applications are also up
to date.
Definition of terms

Firewall
a network security device that monitors incoming and
outgoing network traffic and decides whether to allow or
block specific traffic based on a defined set of security rules.
Definition of terms
Hackers
A hacker is a person who breaks
into a computer system. The
reasons for hacking can be
many: installing malware,
stealing or destroying data,
disrupting service, and more.
Hacking can also be done for
ethical reasons, such as trying
to find software vulnerabilities
so they can be fixed.
Definition of terms

Threats
A threat is anything
that can compromise
the confidentiality,
integrity, or availability
of an information
system.
Definition of terms
Vulnerability
A vulnerability is any weakness in the information
technology (IT) infrastructure that hackers can exploit to
gain unauthorized access to data.
The security precautions related to computer information and
access address four major threats:
(1) Theft of data, such as that of military secrets from
government computers;
(2) Vandalism, including the destruction of data by a
computer virus;
(3) Fraud, such as employees at a bank channeling funds into
their own accounts; and
(4) Invasion of privacy, such as the illegal accessing of
protected personal financial or medical data from a large
database.
Malware
Malware is a collective term used to describe a number of malicious
software or computer program that performs malicious activities.
These are unwanted and potentially dangerous set of programs that
can cause harm to your computers.
Software Bugs vs. Malicious Activities
Usually, errors in a program are assumed to be
“bugs”. Sometimes bugs do occur which affect
program performance. These software bugs are
unintentional. However, malware can have
similar affects; and these effects are always
intentional. Malware always intends to do harm
and this is what we call malicious activity.
Types of Malware

Ransomware
Ransomware is a type of malicious software that threatens to publish
the victim's data or perpetually block access to it unless a ransom is
paid. While some simple ransomware may lock the system in a way
that is not difficult for a knowledgeable person to reverse, more
advanced malware uses several techniques to extort, encrypt the
victim's files, making them inaccessible, and demands a ransom
payment to decrypt them.
Types of Malware

Virus
A virus is a type of malware that infects files to spread or
propagate. It has the capability to insert a copy of itself or
any malicious code on another executable code (called host).
It attaches to another program and, when executed—usually
inadvertently by the user—replicates itself by modifying other
computer programs and infecting them with its own bits of code.
Types of Malware

! Be aware that spyware is different from viruses.
While both are types of malware that hide within
your device, viruses are designed to replicate and
embed into your other device files. Spyware does
not have this replication trait. Therefore, terms like
“spy virus” are not accurate.
Types of Malware

Worm Worm is another type of malware that creates a copy of
itself and then sends it over the network to infect other
systems. In contrast to viruses, which require the
spreading of an infected host file, worms are standalone
software and do not require a host program or human help
to propagate. To spread, worms either exploit vulnerability
on the target system or use some kind of social
engineering to trick users into executing them.
Types of Malware

Worm
A computer worm is a type of malware whose primary
function is to self-replicate and infect other computers
while remaining active on infected systems. A computer
worm duplicates itself to spread to uninfected computers.
Types of Malware

Trojan Horse
A computer worm is a type of malware whose primary
function is to self-replicate and infect other computers
while remaining active on infected systems. A computer
worm duplicates itself to spread to uninfected
computers.
Types of Malware

Bots "Bot" is derived from the word "robot" and is an
automated process that interacts with other network
services. Bots often automate tasks and provide
information or services that would otherwise be
conducted by a human being.
Bots can be used for either good or malicious intent. A malicious bot is
self-propagating malware designed to infect a host and connect back to a central
server or servers that act as a command and control (C&C) center for an entire
network of compromised devices, or "botnet.
Distribution Channels for Malware
Advanced malware typically comes via the following distribution
channels to a computer or network:
Download—Unintended download of computer software from the
Internet
Unsolicited email —Unwanted attachments or embedded links in
electronic mail
Physical media—Integrated or removable media such as thumb drives
Self-propagation—Ability of malware to move itself from computer to
computer or network to network, thus spreading
on its own
Common Computer Fraud Techniques
Sending out a spoofed email that appears to
Phishing come from a legitimate company, such as a
financial institution. eBay, PayPal, and banks
are commonly spoofed. The recipient is
advised that information or a security check
is needed on his account, and advised to click
on a link to the company’s website to provide
the information. The link connects the
individual to a Website that is an imitation of
the spoofed company’s actual Website.
These counterfeit Websites appear very
authentic, as do the emails.
Common Computer Fraud Techniques

Phishing

Example:
A fraudulent SMS, social media
message, voice mail, or other in-app
message asks the recipient to update
their account details, change their
password, or tell them their account has
been violated. The message includes a
link used to steal the victim's personal
information or install malware on the
mobile device.
Common Computer Fraud Techniques

Phishing

Example:
Phishing happens when a victim acts on a fraudulent email that
demands urgent action.
Examples of requested actions in a phishing email include:
Clicking an attachment
Enabling macros in a Word document
Updating a password
Responding to a social media friend or contact request
Connecting to a new Wi-Fi hot spot
Common Computer Fraud Techniques

Denial of An attacker overloads and shuts down an Internet
Service service provider’s email system by sending email
bombs at a rate of thousands per second—often
Attacks from randomly generated email addresses. May also
involve shutting down a Web server by sending a
load of requests for the Web pages.
Common Computer Fraud Techniques

Denial of (DoS) attack is a cyberattack on
Service devices, information systems, or
other network resources that
Attacks prevents legitimate users from
accessing expected services and
resources.
Examples: Attackers shut down a machine or network, making it
inaccessible to its intended users.
In a DoS attack, rapid and continuous online requests
are sent to a target server to overload the server’s
bandwidth. DoS attackers exploit a software
vulnerability in the system and proceed to exhaust the
RAM or CPU of the server.
Common Computer Fraud Techniques

Distributed (DDoS) A common type of
denial-of-servDoS attack is the distributed
denial-of-service (DDoS)
ice attack.

Examples: The attacker floods its target with unwanted internet
traffic so that normal traffic is unable to reach its
intended destination. Hordes of infected, connected
devices (e.g., smartphones, PCs, network servers, and
Internet of Things devices) from around the world go
after a targeted website, network, web application,
application programming interface, or data center
infrastructure simultaneously to block traffic.
Common Computer Fraud Techniques

Distributed (DDoS) A common type of
denial-of-ser DoS attack is the distributed
denial-of-service (DDoS)
vice attack.

Why Are Unlike most cyberattacks initiated to steal sensitive
DDoS information, initial DDoS attacks are launched to
make websites inaccessible to their users. However,
Attacks some DDoS attacks serve as a facade for other
Launched? malicious acts. For example, when servers have been
successfully knocked down, the culprits may go
behind the scenes to dismantle the websites’
firewalls or weaken their security codes for future
attack plans.
Common Computer Fraud Techniques

Distributed (DDoS) A common type of
denial-of-servDoS attack is the distributed
denial-of-service (DDoS)
ice attack.

Recent One of the more recent examples of a DDoS Attack occurred
in February 2020, impacting Amazon Web Services (AWS), a
DDoS cloud computing service used by over a million companies,
Attack individuals, and government entities.
Examples: The hackers used directories on Connection-less Lightweight
Directory Access Protocol (CLDAP) servers to send huge
amounts of information to AWS's servers—as many as 2.3
terabits per second (Tbps). However, Amazon was able to
stop the attack before it became a big security risk for its
customers.
Common Computer Fraud Techniques

Distributed (DDoS) A common type of
denial-of-servDoS attack is the distributed
denial-of-service (DDoS)
ice attack.

Recent In October 2016, a DDoS attack was carried out on a domain
name system (DNS) provider, Dyn, which hosts and manages
DDoS the domain names of select companies in this directory on
Attack its server. When Dyn’s server was compromised, it also
affected the websites of the companies it hosts. The attack
Examples: on Dyn flooded its servers with overwhelming traffic,
creating a massive web outage and shutting down over 80
websites, including major sites like Twitter (now X), Amazon,
Spotify, Airbnb, PayPal, and Netflix.
Common Computer Fraud Techniques

Distributed (DDoS) A common type of
DoS
denial-of-servi attack is the distributed
denial-of-service (DDoS)
ce attack.

Recent Some traffic was detected as coming from a botnet created
with malicious software known as Mirai, which seemed to
DDoS have affected more than 500,000 devices connected to the
Attack internet. Unlike other botnets that capture private computers,
this botnet gained control over easily accessible Internet of
Examples: Things (IoT) devices such as internet-connected cameras and
recording devices. These weakly secured devices were then
used to make a DDoS attack designed to take down the Sony
Playstation Network's gaming platform by sending an
insurmountable number of requests to Dyn’s server.
Common Computer Fraud Techniques

Warning! Both DoS and DDoS attacks can slow or
completely stop various online services,
including email, websites, ecommerce sites,
and other online resources.