COMPUTER SECURITY

💘

COMPUTER SECURITY RISK 
💣

Definition of computer security risk:

Any event or action that could cause a loss of or damage to computer hardware, software,
 data, information or processing capability.

Perpetrators of cybercrime and other intrusions fall into seven basic categories

• Hacker - someone who accesses a computer or network illegally

• Cracker - someone who accesses a computer or network illegally but has the intent of. destroying data, stealing information, or other malicious action

• Script kiddie - same intent as a cracker but does not have the technical skills and knowledge

• Corporate spies - have excellent computer and networking skills

• hired to break into a specific computer and steal its proprietary data and information.

• help identify security risks in their own organization.

• Unethical employees - break into their employers’ computers for a variety of reasons:

• want to exploit a security weakness

• seek financial gains from selling confidential information

• disgruntled employees may want revenge.

• Cyber extortionist - someone who uses e-mail as a medium for extortion

• Send an organization a threatening e-mail message indicating they will expose confidential information if they are not paid a sum of money. 

• Cyberterrorist - someone who uses the Internet or network to destroy or damage computers for political reasons

•  the nation’s air traffic control system,
• 
  
•  electricity-generating companies
• 
  
•  telecommunications infrastructure.

1. MALICIOUS CODE

Malicious code is code causing damage to a computer or system. It is code not easily or solely controlled through the use of anti-virus code

I) COMPUTER VIRUS

A computer virus is a potentially damaging computer program that affects or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission.


II) WORM

A worm is a program that copies itself repeatedly.


III) TROJAN HORSE


A program that hides within or looks like legitimate program. It does not replicate itself to other computers.

2. UNAUTHORIZED ACCESS & USE

Unauthorized access 

- the use of a computer network without permission.

Unauthorized use - the use of a computer or its data for unapproved 
Access control - security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer or possibly illegal activities . 

PIN - a numeric password 

Possessed object - any item that you must carry to gain access to a computer or computer facility. 



3. HARDWARE THEFT 

Hardware theft - the act of stealing computer equipment.

Hardware vandalisme - the act of defacing or destroying computer 
equipment.

Safeguards :

- physical access control
- install alarm systems
- Device tracking app

4. SOFTWARE THEFT

Software theft :

- steals software media

- intentionally erases media

- illegally copies a program

- illegally registers and / or activates a program.

Safeguards :

- keep original software boxes and media

- back up their files and disks 

- protect themselves from software piracy

5. INFORMATION THEFT

Information theft occur when someone steals personal or confidential information.

Safeguards :

- Protect information on computers located on organization's premises.

- Use variety of encryption technque 

• Encryption -  process of converting readable data into unreadable characters to prevent unauthorized access.

6. SYSTEM FAILURE 

A system failure is the prolonged malfunction of a computer. It can cause loss of hardware, software, data or information

- Electrical power variations

- Electrical disturbance

• noise
• Undervoltages
• Overvoltages

Safeguards :

- Use a surge protector

• Surge protector -  uses electrical components to smooth out minor noise , provide a current flow and keep an overvoltages from reaching the computer and other electronic equipment.

SECURITY MEASURE

💥

Definition of Security Measures 

The precautionary measures taken toward possible danger or damage.

1. DATA BACKUP

- Definition :

To copy files to a second mediumas a precaution in case the first medium fails.

A data back up is the result of copying or achiving files and folders for the purpose of being able to restore them in case of data loss.

- Benefits :

If system fails , you can restore the files by copying the backed up files to their original location.

- Importance :

Prevent agaisnt data loss

- Data loss can be caused by :

• computer viruses 
• hardware failures 
• files corruption
• system failure or theft

2. CRYPTOGRAPHY

 Cryptogrsphy

Technology of encoding information so it can only be read by authorized individuals

- Encryption

Process of converting readable data into unreadable characters to prevent unauthorized access

- Decryption

Process of decode encrypted data

- How ?

• Unencrypted ⇒ plain text
• Encrypted ⇒ cipher text

•  To encrypt, plain text converted into cipher text using an encryption key.

3. ANTIVIRUS

Anti-virus software is a program or set of programs that are designed to prevent, search for, detect and remove software viruses and other malicious software like worms Trojan

horses, adware and more.

Basic Function :

• scan specific files or directories
• Allow to schedule scans
• Allow to initiate a scan of a specific files
• Remove any malicious code detected

4. ANTI SPYWARE

Spyware

Spyware is a type of malware that is installed on a computer without the user's knowledge in order to collect information about them. 

Anti Spyware

Anti-spyware is a type of software that is designed to detect and remove unwanted spyware programs. 

5. FIREWALL

A firewall is a system designed to prevent unauthorized access to or from a private network. 

6. PHYSICAL ACCESS CONTROL

   

• Lock your laptop
• Locks door and windows
• Put the access code
• Pur the CCTV 
• Make a policies 

7. HUMAN ASPECTS

AWARENESS :

• Ethics - be a good cyber citizen
• Lock it when you leave
• Pishing Emails
• Dispose of Information Properly
• Protect data in mobile devices