Week 3 Lecture 2 Module 1 Internet Security PDF
Document Details
Uploaded by Deleted User
Yanbu Industrial College
Tags
Related
- Computer Security Risks & Etiquettes - Notes PDF
- GT101 Learning and Information Technology - Computing Essentials (PDF)
- GT101 Learning and Information Technology - Computing Essentials PDF
- GT101 Learning and Information Technology PDF
- Computer and Internet Crimes - 4-Week 7 2024
- Comp 101: Introduction to Computing - Security and Privacy (PDF)
Summary
This document is a lecture from Yanbu Industrial College on Internet Security. It covers topics such as new risks to privacy, W3C security mechanisms, data loss and security risks. This material is from a women's campus within the college.
Full Transcript
XE452 Global Issues on Information and Computer Technology CHAPTER 01: Internet Standard and Se- curity. YANBU INDUSTRIAL COLLEGE (Women’s Campus) 1 Outline New Risks to Privacy W3C and Security Mechanism...
XE452 Global Issues on Information and Computer Technology CHAPTER 01: Internet Standard and Se- curity. YANBU INDUSTRIAL COLLEGE (Women’s Campus) 1 Outline New Risks to Privacy W3C and Security Mechanism Data Loss Security Risks: DoS, Botnets Worm, Spam, Vandalism Virus, Trojan Horse Phishing Pharming, Spoofing Hacker/Cracker CHAPTER 01: Internet Standard and Security. 2 Define internet 1 Who owns the Internet? no single person, organization, or government owns the entire inter- net. The internet is a vast network of networks that is decentralized and globally distributed. 2 Introduction The Internet today is the main platform of information exchange world- wide. The work in the Internet has affected people's lives in many ways. However, the integrity of content within the Internet has been challenged. 3 New Risks to Privacy. Emails scanned for certain key terms. New Risks to Privacy. W3C and Security Mechanism. Cameras in mobile devices. Data Loss. GPS in mobiles and navigation devices can track users. Security Risks: DoS, Botnet Worm, Spam, Vandalism Social networking sites expose facts of our lives. Virus, Trojan Horse Search analysis form a detailed profile. Phishing Pharming, Spoofing Internet archives record anything we do online, at least Hacker/Cracker briefly, and link it to our computer, if not our name. Inexpensive storage capacity enabled companies to retain data for a long time. Anonymous is a decentralized international hacktivist collec- tive known for carrying out cyber-attacks and protests, often in the name of activism against governments, corporations, and organizations they deem corrupt or unethical. 4 W3C: World Wide Web Consortium The World Wide Web Consortium (W3C) is an interna- tional organization founded by Tim Berners-Lee in 1994. It develops open standards for the Web, ensuring its long-term growth And accessibility. W3C creates and maintains key web technologies like HTML, New Risks to Privacy. CSS, and XML, which are essential for the functioning of W3C. websites and applications. Data Loss. Security Risks: DoS, Botnet Worm, Spam, Vandalism Virus, Trojan Horse Phishing Pharming, Spoofing Hacker/Cracker 5 W3C: World Wide Web Consortium Benefits of Standards Enable users to work together productively and safely. Passed comprehensive tests. Enhance web security New Risks to Privacy. W3C. Data Loss. Security Risks: DoS, Botnet Worm, Spam, Vandalism Virus, Trojan Horse Phishing Pharming, Spoofing Hacker/Cracker 6 W3C: World Wide Web Consortium Give examples for open standards for the Web 1. TML (Hypertext Markup Language): The standard language for creating and structuring web pages and web applications. HTML5 is the latest version and includes new features for multimedia, graphics, and improved support for modern web applications. 2.CSS (Cascading Style Sheets): A style sheet language used to describe the presentation of a document written in HTML or XML. CSS3 is the latest version and introduces new features like Flexbox, Grid Layout, and animations. 3.JavaScript: A programming language that enables interactive web pages. While not an open standard in itself, New Risks to Privacy. its use is standardized through ECMAScript, the specification upon which JavaScript is based. 4.HTTP (Hypertext Transfer Protocol): The protocol used for transferring data over the web. HTTP/2 and HTTP/3 are newer versions that improve performance and security. W3C. 5.WebSocket: A protocol providing full-duplex communication channels over a single TCP connection, used for real-time web applications. Data Loss. 6.WebAssembly: A binary instruction format for a stack-based virtual machine, designed to enable high- performance applications on the web. Security Risks: DoS, Botnet 7.SVG (Scalable Vector Graphics): An XML-based vector image format for describing two-dimensional graphics, which can be scaled without loss of quality. 8.WAI-ARIA (Web Accessibility Initiative – Accessible Rich Internet Applications): A specification to improve Worm, Spam, Vandalism the accessibility of web applications for people with disabilities. 9.JSON (JavaScript Object Notation): A lightweight data interchange format that's easy for humans to read and Virus, Trojan Horse write and easy for machines to parse and generate. 10.OAuth: An open standard for access delegation commonly used for token-based authentication and Phishing authorization. These standards are developed and maintained by various organizations such as the World Wide Web Pharming, Spoofing Consortium (W3C), the Internet Engineering Task Force (IETF), and the Web Hypertext Application Technology Working Group (WHATWG). Hacker/Cracker 7 Consequences of Data Loss. The consequences of data loss can be severe and varied, depending on the nature of the data and the context in which it is used. Here are some potential consequences: 1.Financial Loss: For businesses, data loss can result in significant New Risks to Privacy. financial repercussions, including loss of revenue, W3C. legal costs, and expenses related to data recov- Data Loss. Security Risks: DoS, Botnet ery. Worm, Spam, Vandalism Virus, Trojan Horse Phishing 2. Operational Disruption: Data loss can disrupt normal business Pharming, Spoofing operations, leading to decreased pro- Hacker/Cracker ductivity , delays in delivering services or prod- 8 ucts, and Consequences of Data Loss. 3. Reputation Damage: Loss of data can damage a company’s reputation, leading to loss of customer trust and confidence. This can affect customer relationships and lead to a decline in business. 4. Legal and Regulatory Consequences: Depending on the nature of the data, such as personal or sensitive information, there could be legal and New Risks to Privacy. regulatory repercussions, including fines and penalties for non-compliance W3C. with data protection laws. Data Loss. Security Risks: DoS, Botnet 5. Loss of Competitive Advantage: For businesses, data can be a critical Worm, Spam, Vandalism asset. Losing proprietary or strategic data can lead to a loss of competitive Virus, Trojan Horse Phishing advantage and hinder business growth. Pharming, Spoofing 6. Intellectual Property Loss: Data loss can result in the loss of valuable Hacker/Cracker intellectual property, such as research and development data, designs, or proprietary algorithms. 9 Consequences of Data Loss. 7. Data Recovery Costs: The process of recovering lost data can be expensive, especially if it involves specialized recovery services or technology. 8. Decreased Productivity: Individuals and organizations may ex- perience decreased productivity while trying to recover lost data or New Risks to Privacy. recreate it from scratch. W3C. Data Loss. 9. Emotional Impact: For individuals, losing personal data, such as Security Risks: DoS, Botnet photos or important documents, can cause emotional distress and Worm, Spam, Vandalism Virus, Trojan Horse frustration. Phishing Mitigating the impact of data loss involves implementing robust Pharming, Spoofing Hacker/Cracker backup and recovery solutions, maintaining up-to-date security measures, and having a data loss response plan in place. 10 Security The protection of information, including equip- ment, storage, and transmission. Need to protect data confidentiality, accuracy, and availability. New Risks to Privacy. W3C. Most Internet users are unsecured. Data Loss. Security Security Risks: DoS, Botnet Worm, Spam, Vandalism Virus, Trojan Horse Phishing Pharming, Spoofing Hacker/Cracker 11 Security Risks: Denial of Service (DoS) A Denial of Service (DoS) attack is a type of cyber attack aimed at making a computer, network, or service unavailable to its intended users by New Risks to Privacy. overwhelming it with a flood of illegitimate W3C. Data Loss. requests or traffic.. Security Security Risks: DoS, Botnet Worm, Spam, Vandalism Virus, Trojan Horse Phishing Pharming, Spoofing Hacker/Cracker 12 Security Risks: BOT both legitimate and malicious. In the context of computing and the internet, a "bot“ (short for "robot") refers to a software application that performs automated tasks over the internet. Bots can be used for a wide range of purposes, both legitimate and malicious. Risks and Concerns: New Risks to Privacy. W3C. 1.Security Risks: Malicious bots can be used for attacks like cre- Data Loss. dential stuffing, data scraping, or spreading malware. Security Security Risks: DoS, Botnet 2.Spam: Bots can flood social media or email systems with un- Worm, Spam, Vandalismwanted or harmful messages. Virus, Trojan Horse Phishing 3. Privacy Issues: Bots might scrape personal data or interact with Pharming, Spoofing users in ways that raise privacy concerns. Hacker/Cracker 13 Security Risks: Worm, Spam, Vandalism both legitimate and malicious. worm is a type of malicious software (malware) that replicates itself to spread to other computers and networks. Unlike viruses, worms do not require a host file or user intervention to propagate. Spam: Unwanted junk email. New Risks to Privacy. Cyber vandalism is the deliberate and malicious alteration, destruction, or defacement of digital W3C. Data Loss. information or resources. It typically involves: Security Website Defacement: Changing the appearance of a website to display unauthorized content. Security Risks: DoS, Botnet Data Tampering: Modifying or corrupting data to make it unusable. Worm, Spam, Vandalism Virus, Trojan Horse Destruction: Deleting or rendering digital resources inaccessible. Phishing Pharming, Spoofing Hacker/Cracker 14 Security Risks: Virus, Trojan Horse virus is a type of malicious software (malware) that attaches itself to legiti- mate files or programs and spreads to other files or systems when the infected file is executed. Trojan horse, commonly referred to as a Trojan, is a type of mali- cious software (malware) that disguises itself as a legitimate or harm- New Risks to Privacy. less program to trick users into installing it. Unlike viruses or worms, W3C. Trojans do not self-replicate but rely on user interaction to spread. Data Loss. Security Security Risks: DoS, Botnet Worm, Spam, Vandalism Virus, Trojan Horse Phishing Pharming, Spoofing Hacker/Cracker 15 Security Risks: Phishing is a type of cyber attack where attackers attempt to deceive individuals into providing sensitive information by masquerading as a trustworthy entity. Phishing attacks often occur through email, but they can also happen via social media, phone calls, or text messages Pharming is a type of cyber attack that redirects users from legitimate websites to fraudulent ones, often without the users’ knowledge. This can lead to the theft of sensitive information, such as login credentials or personal data. New Risks to Privacy. Spoofing refers to the act of falsifying the origin of communication or data to de- W3C. ceive or impersonate another entity. Spoofing can occur in various forms, impacting Data Loss. network security, email, and other forms of digital communication. Security Security Risks: DoS, Botnet hacker is an individual who uses technical skills to gain unauthorized access to sys- tems, networks, or data. Worm, Spam, Vandalism Virus, Trojan Horse cracker is a type of individual who breaks into systems or software with the intent of Phishing causing harm, stealing information, or bypassing security measures. Pharming, Spoofing Hacker/Cracker 16 17