5.

eSecurity
Personal data
Personal data is any information that relates to an identified or identifiable living individual.
Different pieces of information, which are collected together can lead to the identification of a
particular person and also
constitute personal data. It means that any data used to identify or recognize somebody is
classed as personal data.

A de-identification is a common strategy when trying to prevent a person's identity from being
revealed.
Personal data items might be removed from a record. If the person can still be recognized from
the remaining data, reidentifying and adding removed data would be possible.

Encryption is used to make data unidentifiable however the data can be decrypted and so
becomes personal data again.

Pseudonymized data is when instead of removing the personal items of data, they are
replaced with a temporary ID. So instead of seeing the person's name, you would see an ID.
Similar to de-identification the person can be recognized from the rest of the record and they
can replace the ID with the individual's name.

General Data Protection Regulation (GDPR): Rules governing the protection of data. This
promotes both pseudonymisation and anonymization of personal data.

Examples - name, surname, home address, email address, identification card number, location
data, cookie ID, IP address, advertising identifier.

Importance of Data Confidentiality

Protects against identity theft and fraud
Prevents security breaches
Fraudsters can impersonate
Burglars can target homes using information
individuals using personal data like
like addresses and work schedules.
login credentials.
Posting about vacation plans online
Unauthorized withdrawals and purchases
provides an opportunity for criminals to
can be made if banking information is
plan a burglary.
exposed.
Personal security is compromised when
Identity theft can lead to long-term
sensitive information is shared carelessly.
financial damage and loss of trust.

Ensure access only for authorized personnel. Sensitive information shouldnʼt be shared on
Only specific employees or personnel social media
should be allowed access to personal Vacation plans and daily schedules
data. provide clues to criminals about when
Proper access control ensures data homes are empty.
remains within the organizationʼs trusted Photos and posts can reveal more about your
hands. lifestyle than intended, leading to privacy
Misuse of personal data by risks.
unauthorized personnel can lead Social media posts can be viewed by
to breaches and legal unintended people, including fraudsters.
consequences.

Follow data protection laws. store, transfer, and delete personal

data safely.
Data protection laws outline specific
measures organizations must follow to
protect personal data.

Non-compliance can result in heavy

fines and legal penalties for
organizations.

Laws often include guidelines on how to

5. 1
eSecurity
 Use encryption for online data. understood without proper
authorization.
Encryption scrambles data, making it
unreadable to hackers or anyone without Encrypting sensitive information like
the decryption key. passwords, credit card details, and
personal IDs protects
Even if data is stolen, it cannot be
against data breaches.

Minimize the sharing of identifiable information. Confidentiality agreements for workers

5. 2
eSecurity
 Only the least amount of personal data Employees handling personal data should
required should be shared between sign agreements that outline their duties
organizations. to maintain confidentiality.
Reducing unnecessary data sharing Legal action can be taken against
lowers the chances of misuse or identity employees who misuse confidential
theft. information.
Organizations should consider whether These agreements reinforce the idea that
certain details are necessary before personal data must be treated responsibly.
sharing them.

Anonymize and aggregate data Limit personal data on social media.

Anonymization removes identifying Employers and insurance companies
details to protect individuals' privacy. may check social media for personal
Aggregating data from multiple people information that could affect decisions.
helps provide insights without exposing Avoid posting controversial opinions, lifestyle
any one person. choices, or other details that could
However, extreme care is needed to influence job or insurance prospects.
ensure no identifiable details remain in Keeping profiles private and limiting the
anonymized data. amount of shared personal data reduces
risks.

Organizations should encourage responsible Be cautious with smartphone metadata.

data handling
Photos taken on smartphones include
Employees should be trained on the metadata
importance of protecting confidential data. like location and time, which can expose
Organizations can implement regular personal details.
security checks and audits to ensure Geotags can reveal where you live,
compliance. work, or frequently visit, compromising
Encouraging a culture of responsibility your security.
around data protection reduces the Disabling or deleting geotag information
likelihood of breaches. protects your privacy, especially when
sharing images
online.

Keeping Personal Data safe

Firewalls: These are essential security tools used to prevent unauthorized access to a network,
especially in organizations that store personal data across interconnected computers. These
computers are often connected to the internet, making them vulnerable to external threats
without the protection of a firewall. Firewalls analyze incoming data by breaking it down into smaller
packets and reviewing information such as the IP address. If the IP address is not authorized, the
firewall blocks access, preventing unauthorized devices from entering the network.
Despite their protection, firewalls are not foolproof. Hackers may still gain access by stealing
authorized devices or using software to spoof their IP address, making it appear legitimate to
the firewall. This demonstrates that while firewalls add a layer of defence, they cannot
completely eliminate security risks.
Firewalls come in two main types: software and hardware.

1. Software firewalls are applications installed on individual computers or network servers. They
are relatively easy to set up, making them a common choice for smaller networks. While
software firewalls are cost-
effective and can be updated with new features without hardware replacements, they use the
computerʼs resources, which may reduce overall network performance, especially in larger
organizations.

2. Hardware firewalls are physical devices placed between the router and the network. Unlike
software firewalls, they have dedicated components that allow them to process a higher
volume of data packets, making them more efficient for large networks. Hardware firewalls
are more resilient against malware attacks, as they
operate on systems less familiar to hackers. However, they require specialized IT skills for
installation and ongoing management, often necessitating the employment of IT professionals.
Hardware firewalls provide greater control over the network and can protect devices like
5. 3
eSecurity
 printers or smart devices that lack built-in firewalls.

In large organizations, particularly those handling sensitive information—such as healthcare, financial

services, or payment processing companies—both types of firewalls are commonly used for
layered protection.
Penetration Testing: When companies employ somebody to deliberately attack their computer
network. They do this so that the authorized hacker will identify the weakness in their systemʼs
security and the company can take measures to improve if necessary. Basically to figure out,
how easy it is to access a computer network and how

5. 4
eSecurity
 well the measures being taken to protect the data are working and improve if necessary. This is to
enable the
company to secure personal data from illegal hackers who will attempt to gain unauthorized access to
the system.
Authentication techniques: To prevent hackers from accessing a computer network, users are
required to log on. This means that they have to identify themselves with the system so that it can
make sure that it is not a hacker trying to gain access. This is called authentication. There are many
ways to prove their identity:

Typing the user ID and password which only they know.

Inserting or swiping a smart card which belongs to

the user. Using biometrics related to a unique

physical characteristic

- iris or fingerprint scanning as these both are the best at providing unique data.
If only one of these methods is used, it would suggest that the system is not secure; at least two
should be used when accessing personal data.
Eg: when somebody withdraws money from an ATM, they have to use something that belongs to
them (their bank card) and something only they know (their PIN). Although many small
transactions can be carried out with just a
contactless card, for any transaction involving a lot of money a PIN has to be used as well. This is
called twin- or two-factor authentication, sometimes referred to as multi-factor authentication, as it
involves more than one
method.
While using online banking, additional information such as the userʼs DOB is often required. When a
customer carries out certain transactions using a smartphone, some banks send a one-time
PIN/password. In a text message for them to enter as part of the authentication process.
During the login process, keyboard presses can be detected by spyware and so drop-down
options are often used for dates or PINs to be entered.
Levels of Access: If hackers do gain access to a network, their ability to retrieve personal data
can be limited by network settings created by the network manager. Different groups of users
can be granted different levels of access to the data on the network. Often, the level of access
granted to the user is related to their user ID, but some systems enable all users of the network to
log on to the system. They then require a particular smart card to access the network. Eg:

1. Hospitals: where doctors may be able to see the illnesses and diagnoses of their patients but
administration staff may only be able to find out other, not health-related, information about
patients.

2. Online shopping: websites that require a login; customers will only see data that is relevant to
them. However, if programmers employed by the company access the customer database, they
will be able to view all the
accounts. This is because they will have been given a higher level of access than the
customers.

3. Social networks: it is the owner of the data that can grant different levels of access.
Individuals can amend settings so that only ‘friendsʼ are allowed to see their data, or they
could allow both ‘friendsʼ and ‘friends of friendsʼ to see their data. On the other hand, if
the setting is ‘publicʼ, the data can be seen by everyone.

Network Policies: Sets of rules that allow companies to choose who is allowed to access their
computer network once they have gained access.
Most companies now use the internet to carry out transactions and as a consequence, their
computer networks have become vulnerable to attack. These attacks can allow their
competitors to gain knowledge of their operations and, it can result in data being destroyed or
provide access to any personal data that is stored. When workers join the company they are
usually made to sign an agreement which specifies what type of use is
acceptable and what is not and to agree not to use the network of illegal, unethical or distracting non-work
related activities. This does not exactly prevent hackers from outside the organization from attacking
the network. It does help limit what employees might be tempted to do with personal data.
Software updates: Often made available for different types of application software. They are
useful in eliminating bugs and making the software easier to use but their most useful function is
that they eliminate security weaknesses. If weaknesses are present in an OS, hackers can take
advantage of these to access the computer system. As soon as any major software company is
5. 5
eSecurity
 made aware of the vulnerabilities, they produce updates which eliminate that risk. Users need to
install updates as soon as possible to limit the amount of time hackers
have to find and exploit these weaknesses. If a system or app is left without updating for a long time,
more
hackers may become aware of this and use the information to gain access to personal
information stored on the app. OS and anti-virus software tend to be the main types of software that
need regular updating as well as some application software.

Other measures

5. 6
eSecurity
 1. Encryption: This is a fundamental security practice that ensures data is converted into a format
that cannot be read without the proper key. Even if data is accessed illegally, encryption
protects it from being understood.

2. Digital Certificates: These are used to verify identities and secure communications over
networks. They authenticate devices and users, ensuring that data exchanges happen
between legitimate parties.

3. Remote Data Wiping: This feature is crucial for protecting personal information in case of loss
or theft. When a device is lost, the owner can issue a remote wipe command that will erase all
data on the device. This
command typically requires:

The device is being powered on.

An internet connection to receive the erasure command.

4. Limitations and Risks: If an unauthorized user turns off the device or removes the SIM card,
they can potentially access the data stored locally, especially if the data is not
encrypted or if the device isnʼt configured to lock upon inactivity.

5. Device Locator Features: Most modern smartphones include built-in apps or settings that
help locate lost devices. This often includes:

Ringing the device: Useful for finding a misplaced phone nearby.

Displaying messages: Users can display a message on the screen, which can be helpful if
the phone is found by someone.

6. Cloud Backups: While remote wiping protects against unauthorized access, any data that isn't
backed up in the cloud can be permanently lost. Therefore, regular backups of important
data are essential.

How personal data can be gathered by an unauthorized person

Pharming
Computers connected to the internet all have a file called the host file which is a basic text file
which contains the name and IP address of several URLs. When a user types a URL into a web
browser, the computer first looks it up in the host file, it then looks up the corresponding IP
address and connects the computer to the IP address. If it does not find the URL in the host file, it
connects to the DNS server looks for it there and uses the IP address to access the appropriate
computer.
Pharming begins with the user downloading malware without knowing to do so, this software
corrupts the host files by adding URLs of banks. Eg- to the host file and corresponding IP
addresses which will take the user to a fake website when they enter that URL. The user then
proceeds to type in their bank details, giving the fraudster all the information they need to access
the userʼs bank. Another type is when the fraudster hacks into the DNS server and corrupts the
file on the computer again causing the user to be redirected to a fake website. In both cases,
the user will not realize they have been tricked.
Limiting chances of pharming

using up-to-date anti-virus software ( to prevent downloading which changes host files)

Make sure to install the latest software updates

an up-to-date browser can cause an alert to be raised that a fake website is

being loaded. Use a trusted internet service provider(ISP)

digital certificates can be checked to make sure the site is legitimate

HTTPS ( It may be useful to check that the URL is indeed correct for that site. The actual fake
website may have tell-tale signs such as poor grammar or spelling and this should alert a user
that it may be a fake site.)

Phishing
Phishing is when fraudsters try to obtain personal banking details such as usernames, passwords,
and credit or
debit card details using email. They pretend to be an official of the bank and send emails which
often direct users to enter personal data into a fake website.

Common Techniques: Fake Websites: Emails direct users to

5. 7
eSecurity
 spoofed websites that resemble legitimate Types of Phishing Emails:
banking sites.
1. Prize Claims: Emails claiming the
recipient has won a lottery, asking for
personal details to claim the prize.

5. 8
eSecurity
 Urgent Messages: Emails create urgency, 2. Account Issues: Emails indicating the account
often alerting recipients to supposed has been frozen or needs unblocking,
problems (e.g., account closure, winning directing
a lottery) requiring recipients to enter their credentials on a fake
immediate action. site.

Financial Scams: Scammers may solicit Red Flags in Phishing Emails:

money to cover fees for fictitious
Unrecognized Senders: Emails from
winnings, leading to repeated requests for
unfamiliar names should be treated with
more money after the initial payment.
caution.
Prevention Tips:
Generic Greetings: Phrases like "Dear
Anti-Phishing Software: Use software Customer" instead of the recipient's name
that identifies and blocks phishing content are suspicious.
in emails and websites.
Spelling/Grammar Errors: Phishing emails
Antivirus and Anti-Spyware: Keep all often contain mistakes.
security software updated.
Requests for Personal Information:
Delete Suspicious Emails: When in doubt, Reputable
itʼs best to delete suspect messages. companies will never ask for sensitive
information via email.
Do Not Share Sensitive Information:
Never send personal or financial Too Good to Be True Offers: Large sums of
information through email. money or unrealistic deals are usually scams.

Shortened Links: Use caution with

shortened URLs; hover over links to
reveal the actual URL, which can indicate
legitimacy.

Smishing
Smishing is a variation of phishing that uses SMS (text messages) to deceive recipients into
revealing personal details.

Medium: Utilizes text messages Common Tactics Used in Smishing:

instead of emails.
Fake Links: Messages often contain links to
Increased Vulnerability: Users often fraudulent websites or ask recipients to reply
perceive smartphones as more with sensitive
secure than computers, leading to a information.
higher likelihood of responding to
smishing attempts. Urgent Requests: Messages may create a
sense of urgency or claim financial rewards to
Malware Threats: Some smishing prompt immediate action.
messages may contain links or
attachments that, when activated, Phone Scams: Some messages provide a phone
download malware to the device, number to call, where users are asked for
compromising personal data personal details.

Key Points to Identify Smishing: Prevention Tips:

Spelling and Grammar Errors: 1. Use Mobile Protection Software: Install security
Look for mistakes in the text. software on smartphones to guard against
smishing.
Pushy Offers: Messages that require
immediate action or seem too good to 2. Verify Sender Information: Check the senderʼs
be true (e.g., "financial reward"). phone number against official company contact
details.
Unrecognized Senders: Be
cautious of messages from 3. Avoid Clicking Links: Do not click on links in text
unknown numbers. messages; instead, type the URL directly into a
browser.

4. Do Not Reply: Never respond to suspicious

messages with personal information.

5. Avoid Calling Provided Numbers: Do not call any

number included in suspicious texts.

Vishing

5. 9
eSecurity
 Vishing is a type of phishing that occurs over the phone, where fraudsters attempt to obtain personal or
banking information from individuals.

Common Vishing Tactics: Prevention Tips:

1. Impersonation: Fraudsters may pose as bank Verify Calls: Use a different phone to call the
representatives, claiming that the victim's bank and confirm the legitimacy of the
account call and the caller.

5. 1
eSecurity 0
 has been compromised and offering to help Do Not Share Personal Information:
them change their password. Legitimate banks will never ask for sensitive
2. Voicemail Messages: If the victim is information like login details, PINs, or
unavailable, passwords over the phone.
fraudsters may leave messages asking
Hang Up and Block Numbers: If a call seems
them to call a specific number, which is the
suspicious, hang up and block the number.
fraudster's number.
Smartphones often have built-in features to
3. Prize Scams: Victims may receive calls block calls.
claiming they have won money or prizes,
Use Call-Blocking Apps: Consider using apps
which require them to pay handling or
that not only block numbers but also
redemption fees using their credit card
maintain a record of blocked calls.
information.
Organizational Software Solutions:
4. Call Manipulation: Fraudsters may instruct
Large organizations may employ software
victims to hang up and call their bank to
that filters calls based on the likelihood
confirm, but they do not disconnect the
of scams.
call, keeping the victim
connected to them.

Advantages Disadvantages
Anti-virus software helps prevent viruses from deleting No method can eliminate the threat of pharming. Anti-
files virus
and stops users from downloading harmful software software may fail if not updated, and outdated browsers
that could corrupt the host file, which is relevant to may not alert users to fake websites. Keeping
pharming and software up to date can also be costly.
phishing.
Not all web browsers have anti-phishing software,
Deleting unauthorized emails can free up disk space and outdated anti-virus or anti-spyware may not
and improve computer performance. Avoiding effectively
suspicious links in phishing emails prevents virus prevent phishing. Deleting emails based on minor errors
downloads, protecting files and hard disk space. may result in genuine emails being lost. Anti-virus
software can
slow down system performance, and customer support
for
these services may be lacking or difficult to access.
Mobile protection software alerts users to potential Mobile protection software may slow down phone
smishing messages and protects against viruses and processes. Deleting texts to prevent smishing may
malware. Deleting unauthorized texts can enhance also result in the loss of genuine messages,
mobile phone performance by freeing up memory. especially if filtering is based on minor errors or
unknown senders.
Customers may struggle to verify calls if they only
have one phone. Maintaining a list of blocked
Implementing anti-vishing strategies can prevent fraud
numbers may lead to missing genuine calls, as
and save customers time typically spent on phone
some blocked numbers may not be related to
calls.
vishing scams.

Malware
Short form for malicious software- programs which have been created with deliberate intention of
causing damage or disruption, or gaining access to a computer without the ownerʼs permission.

Virus
A computer virus is a type of malware that spreads or replicates itself from one computer to another,
often via the internet, altering the way computers operate.

Symptoms of Infection: Frequent computer crashes.

Frequent pop-up windows. The noticeable slowdown in processing speed.

Changes to the
user's homepage.

Altered passwords,
preventing login.

Unexplained emails sent from

the user's account.

5. 1
eSecurity 1
 Key Points

Spread: Via the internet and

through program attachment.

Dormancy: Viruses can lie

inactive until triggered by
specific events (e.g., a
certain date or action).

Data Impact: Can delete,

corrupt, or change data.

User Experience:
Symptoms include pop-
ups, homepage changes,
and performance
issues.

Email Activity: May send

large volumes of emails
without user consent.

Behavior: Viruses may remain

dormant until triggered by
specific events (e.g., a certain
date or action).

5. 1
eSecurity 2
 Trojan Horse
A Trojan horse is a malicious computer program designed to hack into and take control of an

infected computer. Users are tricked into believing they have downloaded legitimate

software.

Functionality: Allows control of the infected computer.

Replication: Does not replicate or spread like viruses/worms.

Purposes:

Gain unauthorized access to personal

data. Deleting files from the hard

disk.

Corrupting data.

Worms
Worms are a type of malware that replicate themselves and spread across networks, exploiting
security vulnerabilities.
Purpose:

Some worms are designed primarily to replicate continuously, consuming disk space
until storage is full and the computer can no longer function.

Others may primarily aim to occupy network bandwidth, slowing down network traffic without
altering the computers they traverse.

Behavior:

Unlike viruses, worms do not attach themselves to other programs or files; they are
standalone programs. They spread by sending multiple copies of themselves to other
computers within a network.

Symptoms of Infection

Reduced Performance: Slower computer speed and performance.

Storage Issues: Noticeable reduction in free storage space.

File Anomalies: Missing files or the sudden appearance of new files.

Spyware
Spyware is malicious software designed to collect information about a computer user's activities
without their knowledge.

Data Collected: Keylogger Functionality:

Web browsing A common type of spyware that records
habits. Email user keystrokes.

messages. Allows the hacker to access sensitive

personal data, including credit card
Usernames and
numbers.
passwords. Credit card
Key Points
information.
Malicious Purpose: Collects user data
Symptoms of Infection: without consent.
Users might notice a reduction in Non-replicative: Does not spread like
processing power and bandwidth, as viruses or worms.
these resources are used for
Performance Impact: This can cause
communicating collected information
slower processing and reduced
back to the hacker.
bandwidth.

Adware
Malicious adware is software primarily designed to generate income for its creator by displaying
advertisements.

Distribution:
5. 1
eSecurity 3
 Often bundled with free software and downloaded without the user's knowledge.

Functionality:

5. 1
eSecurity 4
 Automatically generates advertisements when the software is opened.

Tracks user internet activity to target advertisements based

on interests. Displays unsolicited advertisements in browsers
or as pop-ups.

Key Points

Income Generation: Designed to create revenue for the software creator.

Bundled Software: Typically downloaded with free applications.

Advertisement Targeting: Matches ads to user interests based on browsing habits.

Nuisance vs. Threat: Primarily annoying, but can be linked to more harmful spyware.

User Experience: Symptoms include slower performance and excessive pop-ups.

Rootkit
A malicious software designed to install tools that provide attackers continuous remote access to a
computer. "Root" refers to the administrator account in Unix/Linux systems.

Installation:

Can be downloaded via phishing emails or installed remotely by gaining administrator

privileges.

Capabilities:

Can manipulate or remove security software, including antivirus programs.

Functionality:

Hides deep within the operating system, making the infection undetectable

by the user. Allows attackers to discover passwords and credit card

details.

Malicious bots
Internet robots that perform tasks typically carried out by humans, can replicate
like worms.

Functionality:

Often used as web crawlers for information gathering.

Malicious bots form botnets, networks of infected computers controlled by a

server.

Capable of gathering sensitive information from various websites (e.g., date of birth, health
insurance details).

Concerns:

With the rise of the Internet of Things (IoT), botnets can exploit easily hackable devices,
controlling extensive networks.

Ransomware
Malware that blocks access to user data until a ransom is paid.

Methods of Infection:

Commonly delivered via phishing emails that trick users into clicking malicious
links.

Functionality:

Once activated, it can encrypt user files and demand payment for
decryption. May threaten to publish sensitive data unless a
ransom is paid.

Other Types of Malware

1. Fileless Malware:

Definition: Malware that does not rely on files and leaves no traditional evidence.

Detection: Difficult for anti-malware software to identify; resides only in

5. 1
eSecurity 5
 RAM.

Persistence: Ceases to work upon rebooting the system.

2. Scareware:

5. 1
eSecurity 6
 Definition: Malware that deceives users into thinking their computer has a virus.

Method: Appears as a popup from a supposedly legitimate antivirus provider.

Outcome: Users pay for a fake antivirus solution, only to be scammed.

How Malware is Used

Fraud

Involves the use of computers to alter electronic data or unlawfully access systems for
financial benefit.

Example: Spyware collects a user's data, browsing habits, and keystrokes, potentially leading
to identity theft or credit card fraud.

Scareware: Tries to extort money by alarming users with fake threats or warnings.

Phishing, vishing, smishing, pharming: Tactics trick users into disclosing passwords, credit
card
numbers, and bank details, which fraudsters use to withdraw money, make transfers, or shop
online.

Ransomware: Blackmail victims into paying large sums, often in untraceable cryptocurrency
like Bitcoin, to regain access to locked systems or data.

Theft

Hackers create duplicate copies of valuable information to sell or use for identity theft.

Purpose: Hackers use stolen data to gain access to bank accounts, transfer money, or make
illegal transactions.

The stolen information can also be sold on the Dark Web or to other criminals for further
exploitation.

Industrial Espionage

The theft of business trade secrets through hacking is often more effective than using
traditional spies.

Malware: Used to infiltrate company databases and networks to steal sensitive information,
such as intellectual property, research, or financial plans.

Some malware is designed specifically to target computers with vulnerabilities relevant to

espionage, ensuring only useful information is stolen.

Hostile actors: Teams of hackers, including foreign states and criminal groups, work together
to steal valuable corporate data.

Foreign states: Especially skilled in cyber espionage, they infiltrate networks to steal
sensitive business information like merger plans or R&D data, often undetected.

Private companies: Some also engage in espionage, hiring hacker groups to obtain
competitive information.

Dark Web: Facilitates the sale of stolen information, where intellectual property and
confidential business data are auctioned to the highest bidder, typically in Bitcoin.

Sabotage

Involves deliberate attacks aimed at disrupting the operations of organizations, including

businesses, hospitals, and educational institutions.

Disgruntled employees: Both current and former employees can misuse their system
privileges to access, alter, or delete important information.

Sabotage can also involve deploying malware or viruses to hinder or block access to key
systems, leading to significant financial and operational damage.

Impact: Legal fees from identity theft cases, system repairs, and operational disruptions in
critical sectors, such as healthcare and finance, can result in billions in losses.

Preventative measures: Organizations must protect their systems using firewalls, anti-virus
software, and strict access controls (e.g., separate user IDs, and regular password updates)
to reduce the risk of
sabotage.

Consequences for Organizations and Individuals

Impact on Organizations:
5. 1
eSecurity 7
 Security Compromise: Malware can ruin an organizationʼs security arrangements, especially
regarding its computer network and systems, leading to disrupted business operations and
significant financial losses.

Data Breaches & Identity Theft: Personal information, including user IDs and passwords, can be
accessed through spyware, resulting in massive identity theft. This is especially critical for
institutions like banks, which may face substantial compensation payouts when personal data
is stolen.

Financial Implications:

High Costs: Protecting an organization from malware is expensive due to the vast number of
malware threats online. The cost of recovery, including virus removal and system repairs,
adds to the financial burden.

Time Loss: Malware outbreaks lead to extensive downtime as each infected computer on
a network must be disconnected and cleaned individually. The process is time-consuming,
as reconnecting without proper cleaning can lead to reinfection.

External Expertise: In large-scale malware attacks, organizations may need to hire external
experts to assist with cleaning and recovery, further increasing the costs.

Planning for Threats: Since malware can be easily introduced through actions like an
employee clicking a malicious link, companies must constantly be proactive and plan to
mitigate potential risks.

Impact on Individuals:

Theft of Sensitive Information: Malware enables hackers to steal valuable personal data, such
as bank
details, email addresses, and passwords. This can lead to identity fraud, causing significant
personal and financial harm.

Scareware: Users can be tricked into buying fake antivirus software, and paying for solutions
that don't exist, often exacerbating the damage done by malware.

Inconvenience & System Slowdown: Malware often causes significant slowdowns in personal
computers, leading to frustration and inconvenience in everyday use.

Key Implications:

Financial Losses: Both organizations and individuals face financial consequences due to
data breaches, recovery efforts, and compensations for stolen information.

Data Loss & Time: Malware results in the loss of critical data and productivity, with both
individuals and organizations investing substantial time in recovery.

Costs of Virus Prevention & Recovery: For organizations, preventing and recovering from
malware attacks requires significant financial resources, especially when external help is
required.

Motivations for Malware Attacks:

Hacker Reputation: Hackers may attack to build their reputation within the hacker community.

Pranksters: Some malware is created to cause havoc for amusement, rather than for
financial gain. These attacks can still cause significant damage, even if the intent is mischief.

Prevention of malware
To prevent malware, organizations should implement a combination of software and physical security
measures.
Effective measures include using up-to-date anti-virus and anti-malware software, firewalls, anti-
spyware
programs, and spam filters. Itʼs crucial to maintain education and awareness among employees
about malware risks and safe practices. Policies should be established to block known malicious
websites, and employees should be trained to recognize and report unusual system behaviours.
Regular updates of operating systems and
software, the use of strong passwords, and cautious email handling can further mitigate risks.

Software Prevention scans.

1. Anti-Virus Software: Essential for scanning 2. Firewall: Filters incoming traffic to block
all incoming data for malicious code. Must malicious software from entering the
be kept up to date and run continuously network.
with scheduled
5. 1
eSecurity 0
 Physical Prevention

1. Anti-Malware Policies: Organizations should

develop and enforce comprehensive anti-
malware policies consistently.

2. Blocking Malicious Websites: Maintain a

record of known harmful sites and
configure firewalls to
block access to them.

5. 1
eSecurity 0
 3. Anti-Spyware Software: Should be used 3. Dedicated Virus-Checking Computers:
if not included in the anti-virus package, Provide standalone systems equipped with
ensuring it does not conflict with the anti-virus
anti-virus software. software for scanning various media.
4. Spam Filter: Important for email systems 4. Employee Education: Train employees on
that lack built-in spam protection. malware risks and safe practices,
5. Anti-Malware Software: Provides protection encouraging them to report suspicious
against malware entry and helps remove activities and avoid connecting personal
any that has infiltrated the network. devices to the network.

5. Regular Software Updates: Ensure operating

systems and applications are kept up to date,
and remove unsupported software to
reduce
vulnerability.

5. 1
eSecurity 1