Computer Security Issues

Some External Threats.

▪ Malware, phishing attacks, exploitation of
applications, denial of service, and theft
of computing or storage devices.
Some Internal Threats.
▪ Internal threats come from current
employees, former employees, or
contractors.
 Top Five
Malware (e.g.,
Security Phishing 59%
viruses) 76%
Breaches, 2014

Web or Theft of
Software Denial of Computers or
Applications Service 26% Storage Devices
Exploited 35% 25%
▪ Increasing Complexity Increases Vulnerability
▪ As the computing world become much more
complex, the possibility of security breach
increases.

▪ Higher Computer User Expectation

▪ Computer help desk are pressured to respond
quickly that they sometimes forgot to verify users
▪ Coworkers sharing their username and password.

▪ Expanding and Changing System Introduces new

risks
▪ From stand alone computer to interconnected
network.
▪ It is harder to keep up with technology hence new
security risk and implementation
WHY COMPUTER INCIDENTS
ARE SO PREVALENT CONT.
▪ Increased Reliance on Commercial
Software with Known Vulnerabilities
▪ Attackers can exploit a weakness from a
particular system vulnerability.
▪ Now developers have to create a fix for
this problems.
Computers, mobile devices, ipods, etc.. Store personal
identity information, including credit card numbers and
bank account numbers

The more people use such device the more attractive

these devices are for attatckers.

▪ Computer Virus - is a piece of programming code,

usually disguised as something else, that causes a
computer to behave in an unexpected and usually
undesirable manner.
▪ Often it is attached to a file and remain dormant until
it is opened and executed.
▪ Viruses can be task differently, it could simple
display a message, delete or modify certain
document, or reformat the hard drive.
▪ Macro Viruses, application created from macro
language(Visual Basic or VB Script)
▪ Worms – unlike computer virus, worms can spread
without human intervention, sending copies of
themselves to other computers.
▪ Worms can cause lost data and programs, lost
productivity due to workers un able to use their
computers or unable to retrieve their works.
Example: ILOVEYOU worm costed $8.75B
-it is created by 24-year-old Onel De Guzman,
Philippines.
▪ Trojan Horse – is a malicious code hidden inside a
seemingly harmless program.
▪ Unlike viruses and worms, Trojans do not reproduce by
infecting other files nor do they self-replicate.
▪ Trojans are also known to create a backdoor on your
computer that gives malicious users access to your
system, possibly allowing confidential or personal
information to be compromised.
▪ Botnets – group of computers that is controlled by one or
more hackers without the knowledge of the owners.
▪ Botnets are use to send malicious codes
▪ Example. Cutwail, involve in sending spam emails that
contains trojan components called pushdo. It affects
computers running in Microsoft.
▪ the total size of the botnet was around 1.5 to 2 million
individual computers, capable of sending 74 billion spam
messages a day, or 51 million every minute, equal to
46.5% of the worldwide spam volume.
▪ Distributed Denial-of-Service (DDoS) Attacks
▪ A distributed denial-of-service attack does not involve
infiltration of the targeted system. Instead, it keeps the
target so busy responding to a stream of automated
requests that legitimate users cannot get in—the Internet
▪ Hackers may use someone else’s infected
computers(Zombies)
▪ Zombies are often much damaged than their target
▪ RootKits - is a set of programs that enables its user to
gain administrator level access to a computer without
the end user’s consent or knowledge.
▪ Rootkits are one part of a blended threat, consisting of the
dropper, loader, and rootkit.
▪ The dropper code gets the rootkit installation
▪ The loader loads the rootkit in the memory; computer
already compromised.
▪ Symptoms :
▪ The computer locks up or fails to respond to input from the
keyboard or mouse.
▪ The screen saver changes without any action on the part of the
user.
▪ The taskbar disappears.
▪ Network activities function extremely slowly.
▪ Spam – Sending unsolicited e-mail to a
large number of people.
▪ Most spams are just low-cost advertisement,
marketing.
▪ Completely Automated Public Turing Test
to Tell Computers and Humans Apart
(CAPTCHA)
▪ Phishing
▪ is the attempt to obtain sensitive information
such as usernames, passwords, and credit
card details (and money), often
for malicious reasons, by disguising as a
trustworthy entity in an electronic
communication.
TYPES OF PERPETRATORS
▪ These people are thrill seekers wanting
a challenge, criminals looking for
financial gain, industrial spies trying to
gain competitive advantage, or terrorist
seeking to cause destruction to further
their cost.

▪ Each type of perpetrators have different

objectives
▪ Hackers and Crackers
▪ Hackers test the limitations of information system.
▪ They used to have a positive connotation, unlike today.
▪ They use to just test the security of system the term has evolve to those who commit crimes
▪ Ethical Hacking, purposely penetrate the security of a computer system to find vulnerabilities
▪ Hackers have plenty of tools to hone their skills--online chat groups, Web sites, downloadable
hacker tools, and even hacker conventions (such as DEFCON, an annual gathering in Las
Vegas).
▪ Cracking is a form of hacking that is clearly criminal activity.
Motives
▪ Hackers - Test limits of system and/or gain publicity
▪ Crackers - Cause problems, steal data, and corrupt systems
▪ Malicious Insider –
▪ Companies are exposed to a wide range of fraud risks, including diversion of company funds, theft of assets,
fraud connected with bidding processes, invoice and payment fraud, computer fraud, and credit card fraud.
▪ Problem: weakness in its internal control procedure.
▪ Often, frauds involve some form of collusion.
▪ Collusion, a secret agreement between two or more parties, mostly an illegal activity

Insiders are not necessarily employees; they can also be consultants and contractors.
Malicious insiders are extremely difficult to detect or stop because they are often authorized to access the very
systems they abuse.
To counter this: company perform thorough background check, establish psychological and drug testing a
routine, carefully limit the number of people who can perform sensitive operations.
▪ Typical motive: Gain financially and/or disrupt company’s information systems
and business operations
▪ Industrial Spies - use illegal means to obtain trade secrets from competitors of
their sponsor.
▪ Industrial Espionage involves using illegal means to obtain information not available in
public.
▪ a wiretap on the phones of key company officials, bug a conference room, or break into a
research and development facility to steal confidential test results.
▪ Industrial espionage can involve the theft of new product designs, production data,
marketing information, or new software source code.
Typical Motives: Capture trade secrets and gain competitive advantage
▪ Cyber Criminal - are motivated by the potential for
monetary gain and hack into corporate computers to steal
▪ Engage in stealing and reselling credit card numbers,
personal identities, and cellphone IDs
▪ Common ploy is the use of stolen credit card information.

To reduce fraud e commerce website, use some form of

encryption technology to protect information.
Some issue cards in a form of Smart Cards, contains a
memory chip that is updated with encrypted data.
▪ These data includes the user’s account identification and
the amount of credit remaining

▪ Virtual private network (VPN)

▪ Hacktivists and Cyberterrorists
▪ Hacktivism, a combination of the words hacking
and activism, is hacking to achieve a political or
social goal.
▪ Cyberterrorist, launches computer-based attacks
against other computers or networks in an attempt to
intimidate or coerce a government in order to
advance certain political or social objectives.
▪ Cyberterrorist targets might include telephone-
switching systems, an electric power grid that serves
major portions of a geographic region, or an air
traffic control center.
EXPLOITS AND PERPETRATORS
▪ ITE 10 : INTRODUCTION TO COMPUTING