Smt. R.R.

Shahare,
Sr.A.O./CF & Admn
 WHAT IS THREAT TO COMPUTERS

 A BURGLAR, A VIRUS , AN EARTHQUAKE, OR A

SIMPLE USER ERRORS.

 DEGREE OF HARM AND COUNTER MEASURES.

 Interruption
 An asset of the system is destroyed if becomes
unavailable or unusable
 Attack on availability
 Destruction of hardware
 Cutting of a communication line
 Disabling the file management system
 Interception

 An unauthorized party gains access to an asset

 Attack on confidentiality

 Wiretapping to capture data in a network

 Illicit copying of files or programs

 Modification
 An unauthorized party not only gains access but
tampers with an asset
 Attack on integrity
 Changing values in a data file
 Altering a program so that it performs
differently
 Modifying the content of messages being
transmitted in a network
 Fabrication

 An unauthorized party inserts counterfeit objects

into the system

 Attack on authenticity

 Insertion of spurious messages in a network

 Addition of records to a file

 Hardware
 Threats include accidental and deliberate
damage

 Software
 Threats include deletion, alteration, damage
 Backups of the most recent versions can maintain
high availability
 Data

 Involves files

 Security concerns for availability, secrecy, and

integrity

 Statistical analysis can lead to determination of

individual information which threatens privacy

 Share all or share nothing
 Owner of an object declares it public or private
 Share via access limitation
 Operating system checks the permissibility of
each access by a specific user to a specific object
 Operating system acts as the guard
 Security
 Ensurecorrect function of various processes
that are active
 Log on
 Requires both a user identifier (ID) and a
password
 System only allows users to log on if the ID is
known to the system and password associated
with the ID is correct
 Users can reveal their password to others either
intentionally or accidentally
 Hackers are skillful at guessing passwords
 ID/password file can be obtained
 Objective of intruder is the gain access to
the system or to increase the range of
privileges accessible on a system

 Protected information that an intruder

acquires is a password
 Try default password used with standard
accounts shipped with computer
 Exhaustively try all short passwords
 Try words in dictionary or a list of likely
passwords
 Collect information about users and use
these items as passwords
 Try user’s phone numbers, social security
numbers, and room numbers
 Try all legitimate license plate numbers for
this state
 Use a Trojan horse to bypass restrictions on
access
 Tap the line between a remote user and the
host system
 Those that need a host program
 Fragments of programs that cannot exist
independently of some application program,
utility, or system program
 Independent
 Self-contained programs that can be scheduled
and run by the operating system
 Entry point into a program that allows
someone who is aware of trapdoor to gain
access
 used by programmers to debug and test
programs
 Avoids necessary setup and authentication
 Method to activate program if something wrong
with authentication procedure
 Code embedded in a legitimate program that
is set to “explode” when certain conditions
are met
 Presence or absence of certain files

 Particular day of the week

 Particular user running application

 Useful program that contains hidden code
that when invoked performs some unwanted
or harmful function
 Can be used to accomplish functions
indirectly that an unauthorized user could
not accomplish directly
 User may set file permission so everyone has
 Programthat can “infect” other programs by
modifying them
 Modification includes copy of virus program
 The infected program can infect other programs
 Use network connections to spread from
system to system
 Electronic mail facility
 A worm mails a copy of itself to other systems
 Remote execution capability
 A worm executes a copy of itself on another
system
 Remote log-in capability
 A worm logs on to a remote system as a user
and then uses commands to copy itself from
one system to the other
 Program that secretly takes over another
Internet-attached computer
 It uses that computer to launch attacks that
are difficult to trace to the zombie’s creator
 Triggering phase
 Virus is activated to perform the function for
which it was intended
 Caused by a variety of system events
 Execution phase
 Function is performed
 Parasitic
 Attaches itself to executable files and replicates
 When the infected program is executed, it looks
for other executables to infect
 Memory-resident
 Lodges in main memory as part of a resident
system program
 Once in memory, it infects every program that
executes
 Boot sector
 Infects boot record
 Spreads when system is booted from the disk
containing the virus
 Stealth
 Designed to hide itself form detection by
antivirus software
 May use compression
 Polymorphic

 Mutates with every infection, making detection

by the “signature” of the virus impossible
 Mutation engine creates a random encryption key
to encrypt the remainder of the virus
 The key is stored with the virus
 Platform independent
 Most infect Microsoft Word
 Infect document, not executable portions of
code
 Easily spread
A macro is an executable program
embedded in a word processing document
or other type of file
 Autoexecuting macros in Word
 Autoexecute
 Executes when Word is started
 Automacro
 Executes when defined event occurs such as opening
or closing a document
 Command macro
 Executed when user invokes a command (e.g., File
Save)
 Detection
 Identification
 Removal
 Activated when recipient opens the e-mail
attachment
 Activated by open an e-mail that contains
the virus
 Uses Visual Basic scripting language
 Propagates itself to all of the e-mail
addresses known to the infected host
A countermeasure is any step you take to
ward off a threat – to protect yourself, your
data, or your computer from harm.
 Eg. Regular backup of your data
 Firewall against hackers.
 There are two classes of countermeasures:
 The first shields the user from personal harm,
such as threats to personal property, confidential
information, financial records, medical records
etc.
 Protests a computer system from physical
hazards, such as theft, vandalism, power
problems, and natural disasters , or attack on
the data stored and processed in computers.
“You already have
zero privacy. Get
over it.”
-- Scott McNealy, CEO, Sun Microsystems,
Inc.

33
• Data is a corporate asset, like any other
• Corporate data is at a higher risk of theft or
misuse than ever before
• Companies have obligations to protect data
– Laws, regulations, guidelines
– Contracts with third parties
– Privacy policies for users of websites, other online
features

34
 Breaches of data privacy, data security can
result in
 Damage to reputation
 Disruption of operations
 Legal liability under new and amended laws,
regulations, and guidelines, as well as under
contracts
 Financial costs

35
 Causes physical injury to the users due to
 Prolonged mouse and keyboard use

 Staring at a monitor for too long

 Poor seating conditions

• “Personally identifiable information” (PII) can be
linked to a specific individual
 Name, e-mail, full postal address, birth date, Social
Security number, driver’s license number, account
numbers
• “Non-personally identifiable information” (non-PII)
cannot, by itself, be used to identify a specific
individual
 Aggregate data, zip code, area code, city, state, gender,
age

37
• Data privacy laws govern businesses’
collection, use, and sharing of information
about individuals
• Federal, state, and foreign laws apply
• Laws govern both physical and electronic
security of information

38
 Keeping marketers at Bay
 1. Be wary about filling out forms.

 2. Guard your primary email address

 3. Know your rights.

 Manage Cookies, Spyware and
other bugs
 Dealing with cookies
 Removing Web Bugs and Spyware
 Evading Spam
 Keep your Data secure
 Restrict access to your system.
 Using a Firewall
 Backing up your data
 Safeguarding your hardware
 Magnetism

 Heat and Cold

 Storing Computer Equipment

 Keeping your computer clean

 Windows XP provides a tool called Event
Viewer.
 It automatically generates information, error,
and warning messages.
 Never store your equipment near large
electrical equipment, such as refrigerators or
generators.
 Store your equipment in climate and heat
controlled environments. Like storage media,
computers and other hardware components
fare better in dry , room- temperature
environments where dust and moisture are
minimal.
 Determine whether natural hazards such as
fire and flood might affect the storage area,
then take appropriate actions.

 Ensure that stored equipment is properly

stacked. Don’t store equipment in piles or
stack computers on top of one another.
• Do you need one?
• No, if your website:
• Is merely static
• Is business-to-business (B2B) only, and collects no
PII from consumers
• Yes, otherwise
• What must it cover?
• Actual practices for PII and information that
reasonably could be associated with a person or
device, regarding
• Collection
• Storage
• Use
• Sharing

45
• Best practices:
• Clear and concise
• Comprehensive
• Comprehensible
• Current
• Consistent with your actual practices
• Do not overpromise: “We will never
share your information . . .”

46
• Take stock
• What information do you have?
• Where is it stored?
• Who has access to it?
• Who should have access to it?
• Scale down
• Collect only what you need
• Keep it only as long as you need it
• Maintain a good filing system
• Restrict access

47
 Most Web Browsers/Internet Explorers give
you option of refusing/accepting cookies.
 Or requiring notification before allowing a
cookie to your PC
 What is
 Session Cookies : These are Transient cookies and
are temporary and are automatically deleted
when you close your browser.
 Persistent cookies : These are stored cookies.
They are stored on your computer’s hard disk
until they expire or you delete them.
 First-party cookies
 These come from web sites you are currently viewing.
They are persistent cookies.

 Third party cookies

 These come from different web sites other than you
are currently viewing. These are used to tract your
browsing history for marketing purposes.
 Anti spyware utilities or anti-adware utilities
can detect both. Popular ones are SpyGuard,
Noadware and Xoftspy. Many antivirus
programs can find and remove Web bugs and
spyware in addition to viruses, worms , and
other malicious files.
 While downloading files and programmes
from the internet, be careful. Shareware and
freeware are popular sources of spyware.
 Be sure to install a pop up blocker on your
PC.
 Should not place liquids on or near computer or
its media.
 Should not eat or smoke while operating it.
 Physical parts are subject to wear and tear
therefore it is important to keep them clean and
well maintained.
 Dust is a common cause of component failure. If
affects everything from the mechanics of your
drives to the integrity of your circuit boards and
the reliability of the power supply.
 The fan and filters that ventilate the inside of
your CPU cabinet should be well maintained.