TASK01 Write down all possible ways how your personal computer system couldbe compromised. What are the possible attack vectors? “Compromised”is a nice way of saying that someone or something has maliciously broken intoyour computer without your knowledge or permission. It means that you cannottrust the integrity of any fileon your computer (including program files, image files, operating system files,etc.). You cannot find out what has been done to your computer files without anexact “before the compromise” copy to compare your files against, and youprobably will never know what has been done with your personal information,including your passwords or where your personal information has been sent.There are possible ways to compromise our personal computer system 1. Disconnect the computer fromthe network2.
Contact the InformationSecurity Office3. Notify users of the computer,if any, of a temporary service interruption4. Preserve any log informationnot resident on the compromised computer5. Wait for further instructionsfrom the Information Security Office Furthermore to protect our personal computer system We can always install OperatingSystem updatesWe can keep our installedapplications up-to-dateWe cannot use the same password atevery siteWe can Install and be sure to update youranti-virus softwareWe can use a firewallWe can backup our dataWe can enable the display of file extensionsWe do not open attachments from people you donot knowWe can ignore emails that state you won acontest or a stranger asking for assistance with their inheritanceWe can watch out for online and phone supportscamsWe can ignore web pop ups that state yourcomputer is infected or has a problem Attack VectorAn attack vector isdefined as the technique by means of which unauthorized access can be gained toa device or a network by hackers for nefarious purposes. In other words, it isused for assaulting or exploiting a network, computer or device. Attack vectorshelp unauthorized elements to exploit the vulnerabilities in the system ornetwork, including the human elements.
An attack vector is apath or means by which a hacker (or cracker) can gain access to a computer ornetwork server in order to deliver a payload or malicious outcome. Attackvectors enable hackers to exploit system vulnerabilities, including the humanelement. Attack vectors includeviruses, e-mail attachments, Web pages, pop-up windows, instant messages, chatrooms, and deception. All of these methods involve programming (or, in a fewcases, hardware), except deception, in which a human operator is fooled intoremoving or weakening system defenses.
To some extent, firewallsand anti-virus software can block attack vectors. But no protection method istotally attack-proof. A defense method that is effective today may not remainso for long, because hackers are constantly updating attack vectors, andseeking new ones, in their quest to gain unauthorized access to computers andservers.The most commonmalicious payloads are viruses (which can function as their own attackvectors), Trojan horse, worms, and spyware. If an attack vector is thought ofas a guided missile, its payload can be compared to the warhead in the tip ofthe missile. Malicioussoftware (malware) designed todamage, destroy, or deny service to the targeted systems. Mostcommon types of software attacks are viruses, worms, Trojan horses, logicbombs, back doors, denial-of-service, alien software, phishing and pharming.
Viruses. Segments of computer code thatperforms unintended actions ranging from merely annoying to destructive. It isa piece of self-replicating code embedded within another program (host). Virusesassociated with program files· Harddisks, floppy disks, CD-ROMS· EmailattachmentsHow viruses spread· Diskettesor CDs· Email· Filesdownloaded from InternetWell-known viruses· Brain· Michelangelo· Melissa· LoveBugViruses today· Commercialantivirus software· Fewpeople keep up-to-date Worms. Destructive programs that replicate themselves withoutrequiring another program to provide a safe environment for replication.Self-containedprogramSpreadsthrough a computer networkExploitssecurity holes in networked computers Famous worms· WANK· CodeRed· Sapphire(Slammer)· Blaster· SasserTrojan horses. Softwareprogams that hide in other computer programs and reveal their designed behavioronly when they are activated.
program with benign capabilitythat masks a sinister purposeRemote access Trojan: Trojanhorse that gives attack access to victim’s computer· BackOrifice· SubSevenRAT servers often found withinfiles downloaded from erotica/porn Usenet sitesProvide the attacker withcomplete control of the victim’s system. Attackers usually hide these Trojan horsesin games and other small programs that unsuspecting users then execute on theirPCs. Logic bombs. Designed to activate and perform a destructive action at acertain time.
Back doors or trap doors. Typically a password, known only tothe attacker, that allows access to the system without having to go through anysecurity. Denial-of-service. An attacker sends so manyinformation requests to a target system that the target cannot handle themsuccessfully and can crash the entire system. AlienSoftware Attacks Pestware. Clandestinesoftware that uses up valuable system resources and can report on your Websurfing habits and other personal information. Adware.
Designed to helppopup advertisements appear on your screen. Spyware. Software that gathers user information through the user’sInternet connection without their knowledge (i.
e. keylogger, password capture). Spamware. Designed to useyour computer as a launch pad for spammers. Spam.
Unsolicitede-mail, usually for purposes of advertising. Cookies. Small amount of information that Web sites store on yourcomputer, temporarily or more-or-less permanently Web bugs. Small, usually invisible, graphic images that are added to aWeb page or e-mail. Phishing.
Uses deception to fraudulently acquire sensitive personalinformation such as account numbers and passwords disguised as anofficial-looking e-mail. Pharming. Fraudulently acquires the Domain Name for a company’s Website and when people type in the Web site url they are redirected to a fake Website. Types of Attacks Interruption – an asset isdestroyed, unavailable or unusable (availability)Interception – unauthorizedparty gains access to an asset(confidentiality)Modification – unauthorizedparty tampers (unauthorized alternation) with asset (integrity)Fabrication – unauthorizedparty inserts counterfeit (fraudulent imitation) object into the system (authenticity)Denial – person deniestaking an action (authenticity) Passiveattacks:· Eavesdropping (secretly listen to a conversation)· MonitoringActiveattacks:· Masquerade – oneentity pretends to be a different entity· Replay – passivecapture of information and its retransmission· Modification of messages -legitimatemessage is altered· Denialof service – preventsnormal use of resources. An intentional action designed to prevent legitimateusers from making use of a computer service. Goal of this attack is disrupt aserver’s ability to respond to its clients.
About 4,000 Web sites attacked eachweek. TASK02 Congratulations! You are elected member of the newly establishedcomputer and data security team in ABC institution.1) Make a listof all possible risks that can have an impact on the security and stability of yourdata and internal and external Information & Technology services.
2) Make a listof recommendations to lower the risks. Computer Security Risksis any event or action that could cause a loss of or damage to computerhardware, software, data, information, or processing capability. Types of ComputerSecurity Risks· Internet and network attack· Unauthorized access and use· Hardware theft· Software theft· Information theft· System failure Internet and networkattack Information transmittedover networks has a higher degree of security risk than information kept on anorganization’s premises. MalwareBotnetsBack DoorsDenial of serviceattacksSpoofing Malware (malicious software)– which are program that act without a user’s knowledge and deliberately alterthe computer operation. Type of malware:i.
Computer viruses ii. Worms iii. TrojanHorses iv. Rootkit v. Back door vi.
Spyware Botnetsa group of compromised computers connected to anetwork such as the Internet that are used as part of a network that attacksother networks, usually for nefarious purposes. Back door A program or set of instructions in a program thatallow users to bypass security controls when accessing a program, computer, ornetwork Denial of service attacks or DoS attackIt is anassault whose purpose is to disrupt computer access to an Internet service suchas the Web or e-mail. SpoofingA technique intruders use to make their network orInternet transmission appear legitimate to a victim computer or network.
Unauthorized Access and UseUnauthorized access The use of a computer or network without permission. Unauthorized use The use of a computer or its data for unapproved orpossibly illegal activities. Hardware Theft and VandalismHardware theft Is the act of stealing computer equipment.
Hardwarevandalism The act of defacing or destroying computer equipment. Software TheftSteals software mediaIllegally copies a programIntentionally erases programsIllegally registers and/or activates a program Information TheftOccurs when someone steals personal or confidentialinformation. If stolen, the loss of information can cause as muchdamage as (if not more than) hardware or software theft. System FailureA system failure is the prolonged malfunction of acomputer A variety of factors can lead to system failure,including: • Aging hardware • Natural disasters • Electricalpower problems · Noise, undervoltages, and overvoltages • Errors in computer programs recommendationsto lower the risksInstallquality antivirusInstallreal-time anti-spyware protectionKeepanti-malware applications current Performdaily scansDisableautorunDisableimage previews in OutlookDon’tclick on email links or attachmentsSurfsmartUsea hardware-based firewallDeployDNS protection