TASK your personal computer system could be compromised.

TASK 01

 

Write
down all possible ways how your personal computer system could be compromised.
What are the possible attack vectors?

 

“Compromised”
is a nice way of saying that someone or something has maliciously broken into
your computer without your knowledge or permission. It means that you cannot
trust the integrity of any file on your computer (including program files,
image files, operating system files, etc.). You cannot find out what has been
done to your computer files without an exact “before the compromise” copy to
compare your files against, and you probably will never know what has been done
with your personal information, including your passwords or where your personal
information has been sent.

Steps for compromise the personal
computer

 

1.     
Disconnect the computer from the
network

2.     
Contact the Information Security
Office

3.     
Notify users of the computer, if
any, of a temporary service interruption

4.     
Preserve any log information not
resident on the compromised computer

5.     
Wait for further instructions
from the Information Security Office

 

 

There are possible ways to
compromise our personal computer system

 

·        
We can always install Operating System updates

·        
We can keep our installed applications up-to-date

·        
We cannot use the same password at every site

·        
We can Install and be sure to
update your anti-virus software

·        
We can use a firewall

·        
We can backup our data

·        
We can enable the display of file
extensions

·        
We do not open attachments from
people you do not know

·        
We can ignore emails that state
you won a contest or a stranger asking for assistance with their inheritance

·        
We can watch out for online and
phone support scams

·        
We can ignore web pop ups that
state your computer is infected or has a problem

 

Attack Vector

An attack vector is defined as
the technique by means of which unauthorized access can be gained to a device
or a network by hackers for nefarious purposes. In other words, it is used for
assaulting or exploiting a network, computer or device. Attack vectors help
unauthorized elements to exploit the vulnerabilities in the system or network,
including the human elements.

 

An attack vector is a path or
means by which a hacker (or cracker) can gain access to a computer or network
server in order to deliver a payload or malicious outcome. Attack vectors
enable hackers to exploit system vulnerabilities, including the human element.

 

Attack vectors include viruses,
e-mail attachments, Web pages, pop-up windows, instant messages, chat rooms,
and deception. All of these methods involve programming (or, in a few cases,
hardware), except deception, in which a human operator is fooled into removing
or weakening system defenses.

 

To some extent, firewalls and anti-virus
software can block attack vectors. But no protection method is totally
attack-proof. A defense method that is effective today may not remain so for
long, because hackers are constantly updating attack vectors, and seeking new
ones, in their quest to gain unauthorized access to computers and servers.

 

The most common malicious
payloads are viruses (which can function as their own attack vectors), Trojan horse,
worms, and spyware. If an attack vector is thought of as a guided missile, its payload
can be compared to the warhead in the tip of the missile.

Malicious
software (malware)
designed
to damage, destroy, or deny service to the targeted systems.

Most
common types of software attacks are viruses, worms, Trojan horses, logic
bombs, back doors, denial-of-service, alien software, phishing and pharming.

 

 

Viruses

 

Segments of computer code that
performs unintended actions ranging from merely annoying to destructive. It is
a piece of self-replicating code embedded within another program (host). Viruses
associated with program files

·        
Hard
disks, floppy disks, CD-ROMS

·        
Email
attachments

How viruses spread

·        
Diskettes
or CDs

·        
Email

·        
Files
downloaded from Internet

Well-known viruses

·        
Brain

·        
Michelangelo

·        
Melissa

·        
Love
Bug

Viruses today

·        
Commercial
antivirus software

·        
Few
people keep up-to-date

 

 

Worms

Destructive programs that replicate themselves without
requiring another program to provide a safe environment for replication.

Self-contained program

It Spreads through a computer network

Exploits security holes in networked computers

 Famous worms

·        
WANK

·        
Code
Red

·        
Sapphire
(Slammer)

·        
Blaster

·        
Sasser

 

Trojan horses

 

Software
programs that hide in other computer programs and reveal their designed
behavior only when they are activated.

 

Program with benign
capability that masks a sinister purpose

 

Remote access Trojan: Trojan
horse that gives attack access to victim’s computer

·        
Back
Orifice

·        
SubSeven

 

RAT servers often found within
files downloaded from erotica/porn Usenet sites

 

Provide the attacker with
complete control of the victim’s system. Attackers usually hide these Trojan horses
in games and other small programs that unsuspecting users then execute on their
PCs.

 

Logic bombs

Designed to activate and perform a destructive action at a
certain time.

 

Back doors or trap doors

Typically a password, known only to the attacker, that allows
access to the system without having to go through any security.

 

Denial-of-service

 

An
attacker sends so many information requests to a target system that the target
cannot handle them successfully and can crash the entire system.

 

 

Alien
Software Attacks

 

Pestware : Clandestine
software that uses up valuable system resources and can report on your Web
surfing habits and other personal information.

Adware: Designed
to help popup advertisements appear on your screen.

Spyware:  Software that gathers user information through the user’s
Internet connection without their knowledge (i.e. keylogger, password capture).

 

Spamware:  Designed to use your computer as a
launch pad for spammers.

Spam:  Unsolicited e-mail, usually for
purposes of advertising.

Cookies: Small amount of information that Web sites store on your
computer, temporarily or more-or-less permanently

 

Web bugs: Small, usually
invisible, graphic images that are added to a Web page or e-mail.

 

Phishing: Uses deception to fraudulently acquire sensitive personal
information such as account numbers and passwords disguised as an
official-looking e-mail.

 

Pharming: Fraudulently acquires the Domain Name for a company’s Web
site and when people type in the Web site url they are redirected to a fake Web
site.

 

 

Types
of Attacks

 

Interruption –
an asset is destroyed, unavailable or unusable (availability)

 

Interception –
unauthorized party gains access to an asset (confidentiality)

 

Modification –
unauthorized party tampers (unauthorized alternation) with asset (integrity)

 

Fabrication – unauthorized
party inserts counterfeit (fraudulent imitation) object into the system (authenticity)

 

Denial –
person denies taking an action (authenticity)

 

 

 

Passive
attacks:

·        
Eavesdropping
(secretly listen to a conversation)

·        
Monitoring

Active
attacks:

·        
Masquerade – one entity pretends to be a different
entity

·        
Replay – passive capture of information and its
retransmission

·        
Modification of messages -legitimate
message is altered

·        
Denial of service – prevents normal
use of resources. An intentional action designed to prevent legitimate users
from making use of a computer service. Goal of this attack is disrupt a
server’s ability to respond to its clients. About 4,000 Web sites attacked each
week.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

TASK 02

 

Congratulations! You are elected
member of the newly established computer and data security team in ABC
institution.

1)     
Make
a list of all possible risks that can have an impact on the security and stability
of your data and internal and external Information & Technology services.

2)     
Make
a list of recommendations to lower the risks.

 

 

Computer Security Risks is any
event or action that could cause a loss of or damage to computer hardware,
software, data, information, or processing capability.

 

Types of Computer Security Risks

·        
Internet
and network attack

·        
Unauthorized
access and use

·        
Hardware
theft

·        
Software
theft

·        
Information
theft

·        
System
failure

 

Internet
and network attack

 

Information transmitted over
networks has a higher degree of security risk than information kept on an
organization’s premises.

It contains

·        
Malware

·        
Botnets

·        
Back
Doors

·        
Denial
of service attacks

·        
Spoofing

 

Malware
(malicious software)

 

Which are program that act
without a user’s knowledge and deliberately alter the computer operation.

 

 Type of malware:

i.                   
Computer
viruses

ii.                 
Worms

iii.               
 Trojan Horses

iv.               
Rootkit

v.                 
Back
door

vi.               
Spyware

 

 

Botnets

 

A
group of compromised computers connected to a network such as the Internet that
are used as part of a network that attacks other networks, usually for
nefarious purposes.

 

Back door

 

A
program or set of instructions in a program that allow users to bypass security
controls when accessing a program, computer, or network

 

Denial of
service attacks or DoS attack

 

It
 is an assault whose purpose is to
disrupt computer access to an Internet service such as the Web or e-mail.

 

Spoofing

 

A
technique intruders use to make their network or Internet transmission appear legitimate
to a victim computer or network.

 

 

Unauthorized
Access and Use

 

Unauthorized
access

The
use of a computer or network without permission.

 

Unauthorized use

The
use of a computer or its data for unapproved or possibly illegal activities.

 

 

Hardware Theft
and Vandalism

 

Hardware theft

Is
the act of stealing computer equipment.

 

 Hardware
vandalism

The
act of defacing or destroying computer equipment.

 

 

Software Theft

 

·        
Steals
software media

·        
Illegally
copies a program

·        
Intentionally
erases programs

·        
Illegally
registers and/or activates a program

Information
Theft

 

·        
Occurs
when someone steals personal or confidential information.

·        
If
stolen, the loss of information can cause as much damage as (if not more than)
hardware or software theft.

 

 

System Failure

 

·        
A
system failure is the prolonged malfunction of a computer

·        
A
variety of factors can lead to system failure, including:

o  
Aging
hardware

o  
Natural
disasters

o  
Electrical
power problems

·        
Noise,
undervoltages, and overvoltages

o  
Errors
in computer programs

 

 

Recommendations to
lower the risks

 

·        
Install quality antivirus

·        
Install real-time anti-spyware protection

·        
Keep anti-malware applications current

·        
Perform daily scans

·        
Disable autorun

·        
Disable image previews in Outlook

·        
Don’t click on email links or attachments

·        
Surf smart

·        
Use a hardware-based firewall

·        
Deploy DNS protection