Computer Security
Category : Banking
Computer Security
Computer security is also known as cyber security or IT security. Computer security is a branch of information technology known as information security, which is intended to protect computers. It is the protection of computing systems and the data that they store or access.
Methods to Provide Protection
There are four primary methods to provide protection
Components of Computer Security
Computer security is associated with many core areas. Basic components of computer security system are
Some terms commonly used in cryptography are
(i) Plain Text It is the original message that is an input.
(ii) Cipher It is a bit-by-bit or character-by character transformation without regard to the meaning of the message.
(iii) Cipher Text It is the coded message or the encrypted data.
(iv) Encryption It is the process of converting plain text to cipher text, using an encryption algorithm.
(v) Decryption It is the reverse of encryption, i.e. converting cipher text to plain text.
Sources of Cyber Attack
The most potent and vulnerable threat of computer users is virus attacks. A computer virus is a small software program that spreads from one computer to another and that interferes with computer operation. It is imperative for every computer user to be aware about the software and programs that can help to protect the personal computers from attacks.
The sources of attack can be
Malware: Threats to Computer Security
Malware stands for malicious software. It is a broad term that refers to a variety of malicious programs that are used to damage computer system, gather sensitive information, or gain access to private computer systems. It includes computer viruses, worms, trojan rurses, rootkits, spyware, adware, etc.
Some of them are described
Virus
VIRUS stands for Vital Information Resources Under Siege. Computer viruses or perverse softwares are small programs that can negatively affect the computer. It obtains control of a PC and directs it to perform unusual and often destructive actions. Viruses are copied itself and attached itself to other programs which further spread the infection. The virus can affect or attack any part of the computer software such as the boot block, operating system, system areas, files and application program.
Type of Virus
Some common types of viruses are
(a) Resident Virus It fixes themselves into the system's memory and get activated whenever the OS runs and infects all the files that are then opened. It hides in the RAM and stays there even after the malicious code is executed, e.g. Randex, Meve, etc.
(b) Direct Action Virus It comes into action when the file containing the virus is executed. It infects files in the folder that are specified in the AUTOEXEC.bat file path. e.g. Vienna virus.
(c) Overwrite Virus It deletes the information contained in the files that it infects, rendering them partially or totally useless, once they have been infected. e.g. Way, Trj.Reboot, Trivial.88.D, etc.
(d) Boot Sector Virus It is also called Master Boot Sector Virus or Master Boot Record Virus. This type of virus affects the boot sector of a hard disk. e.g. Polyboot.B, AntiEXE, etc.
(e) Macros Virus It infects files that are created using certain applications or programs that contain macros, like .doc, .xls, .ppt, etc. e.g. Melissa.A.
(f) File System Virus It is also called Cluster Virus or Directory Virus. It infects the directory of your computer by changing the path that indicates the location of a file. e.g. Dir-2 virus.
(g) Polymorphic Virus It encrypts or encodes itself in an encrypted way, every time it infects a system. This virus then goes on to create a large number of copies, e.g. Elkern, Tuareg, etc.
(h) FAT Virus It is used to store all the information about the location of files, unusable space, etc. e.g. Link virus, etc.
(i) Multipartite Virus It may spread in multiple ways such as the operating system installed or the existance of certain files. e.g. Flip.
(j) Web Scripting Virus Many Websites execute complex code in order to provide interesting content. These sites are sometimes created with purposely infected code. e.g. JS Fortnight.
Some common viruses are tabulated below
|
Year |
Name |
|
1971 |
Creeper |
|
1982 |
ElkCloner |
|
1988 |
The Morris Internet Worm |
|
1999 |
Melissa |
|
2000 |
I Love You |
|
2001 |
Code Red |
|
2003 |
SQL Slammer |
|
2003 |
Blaster |
|
2004 |
Sasser |
|
2010 |
Stuxnet |
|
2011 |
Trojan |
|
2012 |
Rootkit |
|
2014 |
Generic PUP |
|
2014 |
Net Worm |
Effects of Virus
There are many different effects that viruses can have on your computer, depending on the types of virus. Some viruses can
(a) monitor what you are doing.
(b) slow down your computers performance.
(c) destroy all data on your local disk.
(d) affect on computer networks and the connection to Internet.
(e) increase or decrease memory size.
(f) display different types of error messages.
(g) decrease partition size.
(h) alter PC settings.
(i) display arrays of annoying advertising.
(j) extend boot times.
(k) create more than one partition.
Worms
A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Worms are hard to detect because they are invisible files.
e.g. Bagle, I love you, Morris, Nimda, etc.
Trojan
A Trojan, or Trojan Horse, is a non-self-replicating type of malware which appears to perform a desirable function but instead facilitates unauthorised access to the user's computer system. Trojans do not attempt to inject themselves into other files like a computer virus. Trojan Horses may steal information, or harm their host computer systems. Trojans may use drive-by downloads or install via online games or Internet-driven applications in order to reach target computers. Unlike viruses, Trojan horses do not replicate themselves. e.g. Beast, Sub7.Zeus, ZeroAccess Rootkit, etc.
Spyware
It is a program which is installed on a computer system to spy on the system owner's activity and collects all the information which is misused afterwards. It tracks the user's behaviour and reports back to a central source.
These are used for either legal or illegal purpose. Spyware can transmit personal information to another person's computer over the internet.
e.g. CoolWeb Search, FinFisher, Zango, Zlob Trojan, Keyloggers, etc.
Symptoms of Malware Attack
There is a list of symptoms of malware attack which indicates that your system is infected with a computer malware.
Some primary symptoms are
(i) Odd messages are displaying on the screen.
(ii) Some files are missing.
(iii) System runs slower.
(iv) PC crashes and restarts again and again.
(v) Drives are not accessible.
(vi) Antivirus software will not run or installed.
(vii) Unexpected sound or music plays.
(viii) The mouse pointer changes its graphic.
(ix) System receives strange E-mails containing odd attachments or viruses.
(x) PC starts performing functions like opening or closing window, running programs on its own.
Some Other Threats to Computer Security
There are some other threats "which are described below
(i) Spoofing It is the technique to access the unauthorised data without concerning to the authorised user. It accesses the resources over the network. It is also known as 'Masquerade'. IP spoofing is a process or technique to enter in another computer by accessing its IP address. It pretends to be a legitimate user and access to its computer via a network.
(ii) Salami Technique It diverts small amounts of money from a large number of accounts maintained by the system.
(iii) Hacking It is the act of intruding into someone else's computer or network. Hacking may result in a Denial of Service (DoS) attack. It prevents authorised users from accessing the resources of the computer. A hacker is someone, who does hacking process.
(iv) Cracking It is the act of breaking into computers. It is a popular, growing subject on Internet. Cracking tools are widely distributed on the Internet. They include password crackers, trojans, viruses, war- dialers, etc.
(v) Phishing It is characterised by attempting to fraudulently acquire sensitive information such as passwords, credit cards details, etc by masquerading as a trustworthy person. Phishing messages usually take the form of fake notifications from banks providers, E-pay systems and other organisation. It is a type of Internet fraud that seeks to acquire a user's credentials by deception.
(vi) Spam It is the abuse of messaging systems to send unsolicited bulk messages in the form of E-mails. It is a subset of electronic spam involving nearly identical messages sent to numerous recipients by E-mails.
(vii) Adware It is any software package which automatically renders advertisements in order to generate revenue for its author. The term is sometimes used to refer the software that displays unwanted advertisements. A software license is a document that provides legally binding guidelines on the use and distribution of software.
(viii) Rootkit It is a type of malware that is designed to gain administrative level control over a computer system without being detected. Rootkits can change how the operating system functions and in some cases, can temper with the antivirus program and render it infective. Rootkits are also difficult to remove, in some cases, require a complete re-installation of the operating system.
Solutions to Computer Security Threats
Some safeguards (or solutions) to protect a computer system from accidental access, are described below
Antivirus Software
It is a application software that is designed to prevent, search for, detect and remove viruses and other malicious software like worms, trojans, adware and more. It consists of computer programs that attempt to identify threats and eliminate computer viruses and other malware.
Some Popular Antivirus
|
· Avast |
· Avg |
|
· K7 |
· Kaspersky |
|
· Trend Micro |
· Quick Heal |
|
· Symantec |
· Norton |
|
· McAfee |
|
Digital Certificate
It is the attachment to an electronic message used for security purposes. The common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. It provides a means of proving your identity in electronic transactions.
Digital Signature
It is an electronic form of a signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and also ensure that the original content of the message or document that has been sent is unchanged.
Firewall
It can either be software-based or hardware-based and is used to help in keeping a network secure. Its primary objective is to control the incoming and outgoing network traffic by analysing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set.
A network's firewall builds a bridge between an internal network that is assumed to be secure and trusted, and another network, usually an external (inter) network, such as the Internet, that is not assumed to be secure and trusted. A firewall also includes or works with a proxy server that makes network requests on behalf of workstation users.
There are two forms of fireballs Hardware firewall and software firewall
Password
It is a secret word or a string of characters used for user authentication to prove identity or access approval to gain access to a resource, which should be kept secret from those who are not allowed to get access.
A password is typically somewhere between 4 to 16 characters, depending on how the computer system is setup. When a password is entered, the computer system is careful not to display the characters on the display screen, in case others might see it.
There are two common modes of password as follows
(i) Weak Password Easily remember just like names, birth dates, phone number, etc.
(ii) Strong Password Difficult to break and a combination of alphabets and symbols.
File Access Permission
Most current file systems have methods of assigning permissions or access rights to specific users and group of users. These systems control the ability of the users to view or make changes to the contents of the file system. File access permission refers to privileges that allow a user to read, write or execute a file.
There are three specific permissions as follow
(i) Read Permission If you have read permission of a file, you can only see the contents. In case of directory, access means that the user can read the contents.
(ii) Write Permission If you have write permission of a file, you can only modify or remove the contents of a file. In case of directory, you can add or delete contents to the files of the directory.
(iii) Execute Permission If you have execute permission of a file, you can only execute a file. In case of directory, you must have execute access to the bin directory in order to execute it or cd command.
Terms Related to Security
Tit-Bits
You need to login to perform this action.
You will be redirected in
3 sec
