Computer Security protection Computer security (also known as subjectivity or IT security) is information security as applied to computing devices such as computers and smartness, as well as computer networks such as private and public networks, including the whole Internet. The field covers all the processes and mechanisms by which digital equipment, information and a service are protected from unintended or unauthorized access, change or destruction, and is of growing importance in line with the increasing reliance on computer systems of most societies worldwide. 1 Security and systems design Although there are many aspects to take into consideration when designing a computer system, security can prove to be very important. According to Symantec, in 2010, 94 percent of organizations polled expect to implement security improvements to their computer systems, with 42 percent claiming cyber security as their top risk. At the same time, many organizations are improving security and many types of cyber criminals are finding ways to continue their activities. Almost every type of cyber-attack is on the rise.
In 2009 respondents to the CSS Computer Crime and Security Survey admitted that mallard infections, denial-of-service attacks, password sniffing, and web site defacement's were significantly higher than in the previous two years. 1. 2 Security measures A state of computer "security" is the conceptual ideal, attained by the use of the three processes: threat prevention, detection, and response. These processes are based on various policies and system components, which include the following: User account access controls and cryptography can protect systems files and data, respectively.
Firewalls are by far the most common prevention systems from a outwork security perspective as they can shield access to internal network services, and block certain kinds of attacks through packet filtering. Intrusion Detection Systems (Ids) are designed to detect network attacks in progress and assist in post- attack forensics, while audit trails and logs serve a similar function for individual systems. "Response" is necessarily defined by the assessed security requirements of an individual system and may cover the range from simple upgrade of protections to notification of legal authorities, counter-attacks, and the like. . Difficulty with response Responding forcefully to attempted security breaches (in the manner that one would for attempted physical security breaches) is often very difficult for a variety of reasons: 2. 1 Backdoor Identifying attackers is difficult, as they are often in a different Jurisdiction to the systems they attempt to breach, and operate through proxies, temporary anonymous dial-up accounts, wireless connections, and other monogramming procedures which make backtracking difficult and are often located in yet another Jurisdiction.
If they successfully breach security, they are often able to delete logs to cover their tracks. . 2 Denial-of-service attack The sheer number of attempted attacks is so large that organizations cannot spend time pursuing each attacker a typical home user with a permanent connection will be attacked at least several times per day, so more attractive targets could be presumed to. However, that most of the sheer bulks of these attacks are made by automated vulnerability scanners and computer worms. 2. Direct access attacks Law enforcement officers are often unfamiliar with information technology, and so lack the skills and interest in pursuing attackers In addition, the identification of attackers across a network may require logs from various points in the network and in many countries, the release of these records to law requires a search warrant and, depending on the circumstances, the legal proceedings required can be drawn out to the point where the records are either regularly destroyed, or the information is no longer relevant. . Threats to users 3. 1 Shoulder surfing In computer security, shoulder surfing refers to using direct observation techniques, such as looking over someone's shoulder, to get information. [l] It is commonly used o obtain passwords, PINS, security codes, and similar data.
Occurrence Shoulder surfing is particularly effective in crowded places because it is relatively easy to observe someone as they: fill out a form enter their PIN at an automated teller machine or a POS terminal use a telephone card at a public payphone enter a password at a cybercafé, public and university libraries, or airport kiosks enter a code for a rented locker in a public place such as a swimming pool or airport enter a PIN or password on their smartened Public transport is a particular area of concern. 3. 2 Dumpster driving
Dumpster diving is looking for treasure in someone else's trash. (A dumpster is a large trash container. ) In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network. Dumpster diving isn't limited to searching through the trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques to gain access to the network.
To prevent dumpster divers from learning anything valuable from your trash, experts recommend that your company establish a disposal policy where all paper, including print-outs, is shredded in a cross-cut shredder before being recycled, all storage media is erased, and all staff is educated about the danger of untracked trash. 3. 3 Computer security tools: Power Spy Power Spy is computer surveillance software that enables you to automatically log and record activities on PC.
The program can capture keystrokes and desktop corrections, log visited websites, and Seep chats (text), track application and comment usage, and perform audio surveillance, log emails read, and more. Stain pro Stats Win Pro is computer activity monitoring software, that automatically tracks user activities, including web sites visited, applications used, program UN/installed, network files accessed and more. Unlike most other activity monitoring tools, Stain Pro is not designed to be a spy tool, it does not log keystrokes, password, emails and other personal details (except web sites).
Activity Monitor Activity Monitor is a remote surveillance program that monitors networked machines in real time. You can view real-time (and history) desktop snapshots, programs that have been used and are currently running, websites visited, typed keystrokes and more. The administration interface is easy to use and allows you to simply switch between the machines in order to view and investigate real-time details or to retrieve history logs from each agent. 3. 4 Web bug A web bug is an object embedded in a web page or email, which unobtrusively (usually invisibly) allows checking that a user has accessed the content.
Vulnerabilities can also be created by improper computer or security configurations. Threats exploit the weaknesses of vulnerabilities, resulting in potential damage to the computer or its data. 4. 2 Pushing Pushing is essentially an online con game, and fishers are nothing more than tech- as'. N. Y con artists and identity thieves. They use spam, malicious Web sites, email messages and instant messages to trick people into divulging sensitive information, such as bank and credit card information or access to personal accounts.
For more detail on what pushing is as well as to review examples of pushing email, please visit the Email Scam section of Monster's Security Centre. 5. Threats to data 5. 1 Mallard Mallard is a catch-all term for various malicious software, including viruses, Edward, prewar, browser hijacking software, and fake security software. Once installed on a computer, these programs can seriously affect your privacy and your computer's security. For example, mallard is known for relaying personal information to advertisers and other third parties without user consent.
Some programs are also known for containing worms and viruses that cause a great deal of computer damage. Viruses which are the most commonly-known form of mallard and potentially the most destructive. They can do anything from erasing the data on a imputer to hijacking your computer to attack other systems, send spam, or host and share illegal content. Spy;are collects one's personal information and passes it on to interested third parties without one's knowledge or consent. Spy;are is also known for installing Trojan viruses.
Edward displays pop-up advertisements when you are online. Fake security software poses as legitimate software to trick one into opening your system to further infection, providing personal information, or paying for unnecessary or even damaging "clean ups". Browser hijacking software changes rouser settings (such as home page and toolbars), displays pop-up ads and creates new desktop shortcuts. It can also relay your personal preferences to interested third parties. 6. Cyber crime Cybercafé encompasses any criminal act dealing with computers and networks (called hacking).
Additionally, cybercafé also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cybercafés when the illegal activities are committed through the use of a computer and the Internet. . Reducing vulnerabilities 8. 1 Security by design Security by design, or alternately secure by design, means that the software has been designed from the ground up to be secure. In this case, security is considered as a main feature.
Some of the techniques in this approach include: The principle of least privilege, where each part of the system has only the privileges that are needed for its function. That way even if an attacker gains access to that part, they have only limited access to the whole system. Automated theorem proving to prove the correctness of crucial software subsystems. Code reviews and unit testing, approaches to make modules more secure where formal correctness proofs are not possible. Deference in depth, where the design is such that more than one subsystem needs to be violated to compromise the integrity of the system and the information it holds.
Default secure settings, and design to "fail secure" rather than "fail insecure". Ideally, a secure system should require a deliberate, conscious, knowledgeable and free decision on the part of legitimate authorities in order to make it insecure. Audit trails tracking system activity, so that when a security breach occurs, the mechanism and extent of the breach can be determined. Storing audit trails remotely, where they can only be appended to, can keep intruders from covering their tracks.
Full disclosure of all vulnerabilities, to ensure that the "window of vulnerability" is kept as short as possible when bugs are discovered. 8. 2 Security architecture The Open Security Architecture organization defines IT security architecture as "the design artifacts that describe how the security controls (security countermeasures) are positioned, and how they relate to the overall information technology architecture. These controls serve the purpose to maintain the system's quality attributes: confidentiality, integrity, availability, accountability and assurance services.
Technophobia defines security architecture as "a unified security design that addresses the necessities and potential risks involved in a certain scenario or environment. It also specifies when and where to apply security controls. The design process is generally reproducible. " The key attributes of security architecture are: The relationship of different components and how they depend on each other. The termination of controls based on risk assessment, good practice, finances, and legal matters. The standardization of controls. 8. Hardware protection mechanisms While hardware may be a source of insecurity, such as with microchip vulnerabilities maliciously introduced during the manufacturing process, hardware-based or assisted computer security also offers an alternative to software-only computer security. Using devices and methods such as dongles, trusted platform modules, intrusion-aware cases, drive locks, disabling USB ports, and mobile-enabled access may be considered more secure due to the physical access (or sophisticated Ecuador access) required in order to be compromised.
Each of these is covered in more detail below. USB dongles are typically used in software licensing schemes to unlock software capabilities, but they can also be seen as a way to prevent unauthorized access to a computer or other device's software. Essentially creates a secure encrypted tunnel between the software application and the key. The principle is that an encryption scheme on the dongle, such as Advanced Encryption Standard (AES) provides a stronger measure of security, since it is harder to hack and replicate he dongle than to simply copy the native software to another machine and use it.
Computer case intrusion detection refers to a push-button switch which is triggered when a computer case is opened. The firmware or BIOS is programmed to show an alert to the operator when the computer is booted up the next time. Drive locks are essentially software tools to encrypt hard drives, making them inaccessible to thieves. Tools exist specifically for encrypting external drives as well. Disabling USB ports is a security option for preventing unauthorized and malicious access to an otherwise secure computer.
Infected USB dongles connected to a network from a computer inside the firewall are considered by Network World as the most common hardware threat facing computer networks. Mobile-enabled access devices are growing in popularity due to the ubiquitous nature of cell phones. Built-in capabilities such as Bluetooth, the newer Bluetooth low energy (EL), Near field communication (MFC) on non-ISO devices and biometric validation such as thumb print readers, as well as CRY code reader software designed for mobile devices, offer new, secure ways for mobile phones to connect to access control systems.