GIT Module 2 Unit 9 - Computer and Cybersecurity PDF

Summary

This document provides an overview of computer security and cybersecurity, including various security practices and threats. It covers topics such as network security, application security, information security, and operational security, as well as disaster recovery and common computer fraud techniques.

Full Transcript

Module 02: Unit 09: Computer and Cybersecurity Unit 02: Computer Security and Cybersecurity Computer security is the protection of computer systems and information from harm, theft, and unauthorized use. Computer hardware is typically protected by the same means used to protect other valu...

Module 02: Unit 09: Computer and Cybersecurity Unit 02: Computer Security and Cybersecurity Computer security is the protection of computer systems and information from harm, theft, and unauthorized use. Computer hardware is typically protected by the same means used to protect other valuable or sensitive equipment, namely, serial numbers, doors and locks, and alarms. The protection of information and system access, on the other hand, is achieved through other tactics, some of them quite complex. Computer security deals with the protection of computer systems and information from harm, theft, and unauthorized use. Cyber security is the practice of defending computers, servers, mobile devices, electronic systems, networks, and data from malicious attacks. It's also known as information technology security or electronic information security. The term applies in a variety of contexts, from business to mobile computing. Common Categories of Security Network security is the practice of securing a computer network from intruders, whether targeted attackers or opportunistic malware. Application security focuses on keeping software and devices free of threats. A compromised application could provide access to the data its designed to protect. Successful security begins in the design stage, well before a program or device is deployed. Common Categories of Security Information security protects the integrity and privacy of data, both in storage and in transit. Operational security includes the processes and decisions for handling and protecting data assets. The permissions users have when accessing a network and the procedures that determine how and where data may be stored or shared all fall under this umbrella. Common Categories of Security Disaster recovery and business continuity define how an organization responds to a cyber-security incident or any other event that causes the loss of operations or data. Disaster recovery policies dictate how the organization restores its operations and information to return to the same operating capacity as before the event. Business continuity is the plan the organization falls back on while trying to operate without certain resources. Common Categories of Security End-user education addresses the most unpredictable cyber-security factor: people. Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow good security practices. Teaching users to delete suspicious email attachments, not plug in unidentified USB drives, and various other important lessons is vital for the security of any organization. CIA Triad The goal of information security follows three main principles: 1. Confidentiality is ensuring that information is available only to the intended audience. information 2. Integrity is protecting information security from being modified by unauthorized parties. 3. When the individual that needs that piece of data to perform a job Effectively executing all three principles of the Security Triad creates duty is ready to utilize it, it must an ideal outcome from an information security perspective. be readily accessible. Good Security Practices for Individuals 1. Install anti-virus and anti-malware software Software may include bugs as discussed in the previous modules. To limit the vulnerabilities, make sure that the instructions for install of software are followed, the acquisition of the software is legitimate. Anti-virus and anti-malware should also be installed and kept up to date. Good Security Practices for Individuals 2. Use a strong password Reusing passwords or having the same password for multiple accounts, websites, and other systems will become more vulnerable. Do not save passwords on websites and devices that are unsecure. Remember to change your passwords on a schedule to keep them fresh. Good Security Practices for Individuals 3. Log off public computers Yes, the business centers and cybercafes that offer the use of a computer system is convenient, but not secure. Since anyone can use them for anything, they have probably been exposed to viruses, worms, trojans, keyloggers, and other nasty malware. Should you use them at all? When using a public area computer, be sure to completely log off when you are finished using it. Good Security Practices for Individuals 4. Save and Back up Some events may be inevitable like hardware failure and virus infection, so be sure to save every now and then. Also back up important information that is important to you. Make sure to verify if the files you’ve saved can be easily restored. Good Security Practices for Individuals 5. Limit social network information Facebook, Twitter, Google+, YouTube, Pinterest, LinkedIn and other social networks have become an integral part of our online lives. Social networks are a great way to stay connected with others, but you should be wary about how much personal information you post. Learn how to use the privacy and security settings to protect yourself, keep personal information personal, know and manage your friends, know what to do if you encounter a problem. Good Security Practices for Individuals 6. Download files legally Avoid peer-to-peer (P2P) networks and remove any file-sharing clients already installed on your system. Since most P2P applications have worldwide sharing turned on by default during installation, you run the risk of downloading viruses P2P is used to share all kinds of computing resources or other malware to your computer, and such as processing power, network bandwidth, or disk storage space. However, the most common use case having your personal and/or confidential for peer-to-peer networks is the sharing of files on the information inadvertently shared across internet. Peer-to-peer networks are ideal for file sharing because they allow the computers connected the Internet, which could lead to identity to them to receive files and send files simultaneously. theft. Good Security Practices for Individuals 7. Keep personal information safe Do not divulge personal information online if you’re not sure about the sender or the website. A common fraud, called "phishing", sends messages that appear to be from a bank, shop or auction, giving a link to a fake website and asking you to follow that link and confirm your account details. Good Security Practices for Individuals 8. Lock your computer Whenever you leave our devices unattended, make sure that your device/s is/are locked. There are three different ways to manually lock your screen on a Windows 10 computer: Method 2 Using the Start Menu on the computer screen: 1.Open the Start Menu by clicking the Windows Logo icon Method 1 Method 3 (usually in the lower left of the On your keyboard, hold down Using the Keyboard: screen). the Windows Logo Icon key and 1.Press Ctrl, Alt and Del at the 2.Next, click the Most Used icon the L key on the keyboard at the same time. on the upper left. same time. 2.Then, select Lock from the 3.Then, click the User Icon and options that appear on the screen. To Unlock: choose Lock in the dropdown list Press any button to wake the display up, Press Ctrl, Alt and Del at the same time. You will be asked to authenticate with your username and password. Good Security Practices for Individuals 9. Do not click on suspicious links or pop-up notifications Avoid visiting unknown websites or downloading software from untrusted sources. These sites often host malware that will automatically install (often silently) and compromise your computer. If attachments or links in the email are unexpected or suspicious for any reason, don't click on it, just visit the actual sender website. Good Security Practices for Individuals 10. Keep applications up to date Turn on automatic updating or make sure that all applications are also up to date. Definition of terms Firewall a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules. Definition of terms Hackers A hacker is a person who breaks into a computer system. The reasons for hacking can be many: installing malware, stealing or destroying data, disrupting service, and more. Hacking can also be done for ethical reasons, such as trying to find software vulnerabilities so they can be fixed. Definition of terms Threats A threat is anything that can compromise the confidentiality, integrity, or availability of an information system. Definition of terms Vulnerability A vulnerability is any weakness in the information technology (IT) infrastructure that hackers can exploit to gain unauthorized access to data. The security precautions related to computer information and access address four major threats: (1) Theft of data, such as that of military secrets from government computers; (2) Vandalism, including the destruction of data by a computer virus; (3) Fraud, such as employees at a bank channeling funds into their own accounts; and (4) Invasion of privacy, such as the illegal accessing of protected personal financial or medical data from a large database. Malware Malware is a collective term used to describe a number of malicious software or computer program that performs malicious activities. These are unwanted and potentially dangerous set of programs that can cause harm to your computers. Software Bugs vs. Malicious Activities Usually, errors in a program are assumed to be “bugs”. Sometimes bugs do occur which affect program performance. These software bugs are unintentional. However, malware can have similar affects; and these effects are always intentional. Malware always intends to do harm and this is what we call malicious activity. Types of Malware Ransomware Ransomware is a type of malicious software that threatens to publish the victim's data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way that is not difficult for a knowledgeable person to reverse, more advanced malware uses several techniques to extort, encrypt the victim's files, making them inaccessible, and demands a ransom payment to decrypt them. Types of Malware Virus A virus is a type of malware that infects files to spread or propagate. It has the capability to insert a copy of itself or any malicious code on another executable code (called host). It attaches to another program and, when executed—usually inadvertently by the user—replicates itself by modifying other computer programs and infecting them with its own bits of code. Types of Malware ! Be aware that spyware is different from viruses. While both are types of malware that hide within your device, viruses are designed to replicate and embed into your other device files. Spyware does not have this replication trait. Therefore, terms like “spy virus” are not accurate. Types of Malware Worm Worm is another type of malware that creates a copy of itself and then sends it over the network to infect other systems. In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate. To spread, worms either exploit vulnerability on the target system or use some kind of social engineering to trick users into executing them. Types of Malware Worm A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems. A computer worm duplicates itself to spread to uninfected computers. Types of Malware Trojan Horse A computer worm is a type of malware whose primary function is to self-replicate and infect other computers while remaining active on infected systems. A computer worm duplicates itself to spread to uninfected computers. Types of Malware Bots "Bot" is derived from the word "robot" and is an automated process that interacts with other network services. Bots often automate tasks and provide information or services that would otherwise be conducted by a human being. Bots can be used for either good or malicious intent. A malicious bot is self-propagating malware designed to infect a host and connect back to a central server or servers that act as a command and control (C&C) center for an entire network of compromised devices, or "botnet. Distribution Channels for Malware Advanced malware typically comes via the following distribution channels to a computer or network: Download—Unintended download of computer software from the Internet Unsolicited email —Unwanted attachments or embedded links in electronic mail Physical media—Integrated or removable media such as thumb drives Self-propagation—Ability of malware to move itself from computer to computer or network to network, thus spreading on its own Common Computer Fraud Techniques Sending out a spoofed email that appears to Phishing come from a legitimate company, such as a financial institution. eBay, PayPal, and banks are commonly spoofed. The recipient is advised that information or a security check is needed on his account, and advised to click on a link to the company’s website to provide the information. The link connects the individual to a Website that is an imitation of the spoofed company’s actual Website. These counterfeit Websites appear very authentic, as do the emails. Common Computer Fraud Techniques Phishing Example: A fraudulent SMS, social media message, voice mail, or other in-app message asks the recipient to update their account details, change their password, or tell them their account has been violated. The message includes a link used to steal the victim's personal information or install malware on the mobile device. Common Computer Fraud Techniques Phishing Example: Phishing happens when a victim acts on a fraudulent email that demands urgent action. Examples of requested actions in a phishing email include: Clicking an attachment Enabling macros in a Word document Updating a password Responding to a social media friend or contact request Connecting to a new Wi-Fi hot spot Common Computer Fraud Techniques Denial of An attacker overloads and shuts down an Internet Service service provider’s email system by sending email bombs at a rate of thousands per second—often Attacks from randomly generated email addresses. May also involve shutting down a Web server by sending a load of requests for the Web pages. Common Computer Fraud Techniques Denial of (DoS) attack is a cyberattack on Service devices, information systems, or other network resources that Attacks prevents legitimate users from accessing expected services and resources. Examples: Attackers shut down a machine or network, making it inaccessible to its intended users. In a DoS attack, rapid and continuous online requests are sent to a target server to overload the server’s bandwidth. DoS attackers exploit a software vulnerability in the system and proceed to exhaust the RAM or CPU of the server. Common Computer Fraud Techniques Distributed (DDoS) A common type of denial-of-servDoS attack is the distributed denial-of-service (DDoS) ice attack. Examples: The attacker floods its target with unwanted internet traffic so that normal traffic is unable to reach its intended destination. Hordes of infected, connected devices (e.g., smartphones, PCs, network servers, and Internet of Things devices) from around the world go after a targeted website, network, web application, application programming interface, or data center infrastructure simultaneously to block traffic. Common Computer Fraud Techniques Distributed (DDoS) A common type of denial-of-ser DoS attack is the distributed denial-of-service (DDoS) vice attack. Why Are Unlike most cyberattacks initiated to steal sensitive DDoS information, initial DDoS attacks are launched to make websites inaccessible to their users. However, Attacks some DDoS attacks serve as a facade for other Launched? malicious acts. For example, when servers have been successfully knocked down, the culprits may go behind the scenes to dismantle the websites’ firewalls or weaken their security codes for future attack plans. Common Computer Fraud Techniques Distributed (DDoS) A common type of denial-of-servDoS attack is the distributed denial-of-service (DDoS) ice attack. Recent One of the more recent examples of a DDoS Attack occurred in February 2020, impacting Amazon Web Services (AWS), a DDoS cloud computing service used by over a million companies, Attack individuals, and government entities. Examples: The hackers used directories on Connection-less Lightweight Directory Access Protocol (CLDAP) servers to send huge amounts of information to AWS's servers—as many as 2.3 terabits per second (Tbps). However, Amazon was able to stop the attack before it became a big security risk for its customers. Common Computer Fraud Techniques Distributed (DDoS) A common type of denial-of-servDoS attack is the distributed denial-of-service (DDoS) ice attack. Recent In October 2016, a DDoS attack was carried out on a domain name system (DNS) provider, Dyn, which hosts and manages DDoS the domain names of select companies in this directory on Attack its server. When Dyn’s server was compromised, it also affected the websites of the companies it hosts. The attack Examples: on Dyn flooded its servers with overwhelming traffic, creating a massive web outage and shutting down over 80 websites, including major sites like Twitter (now X), Amazon, Spotify, Airbnb, PayPal, and Netflix. Common Computer Fraud Techniques Distributed (DDoS) A common type of DoS denial-of-servi attack is the distributed denial-of-service (DDoS) ce attack. Recent Some traffic was detected as coming from a botnet created with malicious software known as Mirai, which seemed to DDoS have affected more than 500,000 devices connected to the Attack internet. Unlike other botnets that capture private computers, this botnet gained control over easily accessible Internet of Examples: Things (IoT) devices such as internet-connected cameras and recording devices. These weakly secured devices were then used to make a DDoS attack designed to take down the Sony Playstation Network's gaming platform by sending an insurmountable number of requests to Dyn’s server. Common Computer Fraud Techniques Warning! Both DoS and DDoS attacks can slow or completely stop various online services, including email, websites, ecommerce sites, and other online resources.

Use Quizgecko on...
Browser
Browser