Computer

Security Threats

& PreventionBy: M.Jawad & Adnan

What is a Threat?In computer security a threat is a possibledanger that might exploit a vulnerability tobreach security and thus cause possible harm.

A threat can be either "intentional" (i.e.,intelligent; e.g., an individual cracker or acriminal organization) or "accidental" (e.g., thepossibility of a computer malfunctioning, or thepossibility of a natural disaster such as anearthquake, a fire, or a tornado) or otherwise acircumstance, capability, action, or event

History of computer security

threats.

1986 The first virus for PCs

The first virus for IBM PCs, Brain, was written by twobrothers in Pakistan, when they noticed that peoplewere copying their software. The virus put a copy ofitself and a copyright message on any floppy diskcopies their customers made.

1971 The first worm

Bob Thomas, a developer working on ARPANET, a

precursor to the Internet, wrote a program called

Creeper that passed from computer to computer,

displaying a message.

1988 The Internet Worm

Robert Morris, a 23-year-old student, released aworm on the US DARPA Internet. It spread tothousands of computers and, due to an error, keptre-infecting computers many times, causing them tocrash.

1999 Email viruses

Melissa, a virus that forwards itself by email, spreadworldwide. Bubbleboy, the first virus to infect acomputer when email is viewed, appeared.

2000 Denial-of-service attacks

“Distributed denial-of-service” attacks by hackersput Yahoo!, eBay, Amazon and other high profilewebsites offline for several hours.

Love Bug became the most successful email virusyet.

Threats and their typesThere are so many types of threats but we will discus here today about software threats.

Malware

Trojans

Virus

Firewall breech

Computer Policy Disturbance

Bugs and Flaws

Adware

Backdoors

Email Trojans

DDOS

Cookies

Keylogging

ect….

Definitions and theory Virus:

Perhaps the most well known computersecurity threat, a computer virus is a program writtento alter the way a computer operates, without thepermission or knowledge of the user. A virusreplicates and executes itself, usually doing damageto your computer in the process.

Spyware:A serious computer security threat, spyware is

any program that monitors your online activities orinstalls programs without your consent for profit or tocapture personal information.

Backdoors:

A backdoor Trojan allows someone totake control of another user’s computer via theinternet without their permission.

A backdoor Trojan may pose as legitimatesoftware, just as other Trojan horse programs.

Cookies:

Cookies are fi les on your computer thatenable websites to remember your details.

When you visit a website, it can place a fi lecalled a cookie on your computer. This enablesthe website to remember your details and trackyour visits. Cookies can be a threat toconfidentiality, but not to your data.

DDOS (Denial-of-service attack):A denial-of-service (DoS) attack prevents

users from accessing a computer or website. Ina DoS attack, a hacker attempts to overload orshut down a computer, so that legitimate userscan no longer access it. Typical DoS attackstarget web servers and aim to make websitesunavailable. No data is stolen or compromised,but the interruption to the service can be costlyfor a company.

Email Trojans:Many of the most prolific viruses distribute

themselves automatically by email. Typically, email-aware viruses depend on the user double-clicking on an attachment.

This runs the malicious code, which will then mail itself to other people from that computer.

Boot Sector Malware:

When you turn on a computer, the hardwarelooks for the boot sector program, which is usually onthe hard disk (but can be on a CD/DVD orFlashDrive), and runs it. This program then loads the

rest of the operating system into memory.

Boot sector malware replaces the original bootsector with its own, modified version (and usuallyhides the original somewhere else on the hard disk).The next time you start up, the infected boot sector isused and the malware becomes active.

Autorun worm:

Autorun worms are malicious programs thattake advantage of the Windows AutoRun feature.They execute automatically when the device onwhich they are stored is plugged into a computer.

Keylogging:

Keylogging is the proces of secretly

recording keystrokes by an unauthorized

third party. Keylogging is often used by

malware to steal usernames, passwords,

credit card details and other sensitive data.

Threats Ratio

Statics and Reports from all

over the Globe. (2013)

Targeted operating systems and softwares

By countries

Computer Infection level TOP 20

World Map

PreventionIdentify your weaknesses. Like a fort that surrounds a castle, your protection isonly as strong as your weakest point. Review how your company and your clientsaccess your network. Make sure every entry point is secured with passwords andencryption.

Install anti-virus software on your computers. Many Internet service providerssupply these with your agreement. But if they don’t, invest in an anti-virusprogram to prevent malware attacks on your system.

Install perimeter security solutions. There are three types of network perimetersecurity:

1) Firewall – Prevents unauthorized Internet users from accessing your privatenetwork via the Internet

2) Intrusion Detection System – Monitors and reports on threats to your network

3) Intrusion Prevention Program – Stops threats as well as reports on them

Use a spam filter. You can either install spam filtering software on your computer or network server, buy a dedicated appliance or outsource spam filtering to an online service provider. The software option is typically more budget-friendly, but online services may be more effective and more suitable for higher volumes of emails.

Backup your important data. Identify the vital data you need to protect - accounting information, business plans, customer databases, vendor information, marketing documents, etc. Then, choose from offline and online data backup solutions to ensure the security and availability of your critical business information. Set a backup schedule and test your solutions regularly.

Encrypt your files, hard drives and backup disks. By encrypting your hardware and data, only people with a valid password will have access. It’s a necessary step.

Set up a virtual private network (VPN). By creating a VPN, team members working from home or on the road using Wi-Fi in public won’t be exposing your business to security threats.

Automate security updates. By enabling auto updates, your computer will always have the most recent form of software and anti-virus programs installed.

Restrict total access. Don’t give all team members universal access to every part of your network. Protect sensitive files and databases with passwords that only your key people know.

Monitor network traffic. Install software or hardware that keeps an eye on who’s visiting which sites and which of your computers they’re using.

Review your security periodically. Stay aware of new security threats and improved solutions by visiting your security software/service vendor websites. As your business grows, you may need to take new security measures.

Don’t host your business website. Consider using a website hosting service that will take care of your website’s security needs and provide redundancy, which will allow your website to be properly restored if attacked.

Add example video from

YouTube

Web and Document

References

Wikipedia

Kaspersky Lab

Kaspersky Security Bulletin (2013)

Security Magazine (2013)

Webroot

Sophos

Norton

ESET NOD 32

Securelist

Youtube