Cyber security has become critical component in securing the day-to-day operations nearly every organization in business today. Security threats like viruses and worms and the software needed to cope with them, such as Symantec’s Norton Antivirus, have become familiar to business employees, as well as students and grandmothers. In general sense, security can be considered as a state of freedom from a danger or risk. The goal of the security is to be able to defend against these attacks and ensure that the organization or a system will survive in the event of an attack.
Along with viruses, one of the biggest threats to computer users on the internet today is malware. It can hijack your browser, redirect your search attempts, serve up nasty pop-ups, track what web sites you visit, and generally cause serious damage to your computer or organization. Malware programs are usually poorly-programmed and can cause your computer to become unresponsive to the commands.
A system can get infected by malware in several ways. Malware often comes bundled with other programs (i.e., KAZAA, and other peer-to-peer sharing software).
These malware programs usually pop-ups ads, sending revenue from the ads to the program’s authors. Other are installed from websites, pretending to be software needed to view the website. Unfortunately, getting infected with malware is usually much easier than getting rid of it, and once you get malware like a worm, it tend to spread itself to other computers by attaching itself to programs and emails.
Computer security is the means by which the computer industry is combating computer crime. This topic was chosen because there is an ever-increasing dependency on computer systems. Any destruction or violation of these systems can cause more damage than ever before. New computer software/hardware is being developed everyday to help protect the computers of today and the systems of tomorrow. ...
email security is becoming very critical. The email security threats may be of many different types. Email security can be compromised by spoofing, identity theft, and attacks by modifying existing messages, and imposters. Hackers may use any or all these methods to break into a user’s computer.
Email security is one of the most potent sources for losing our data because most people are complacent about enforcing email security. Email software is also the most used software among computer users. Hence, any vulnerability of popular email software can be easily exploited by unscrupulous elements to gain entry into the private data of a lot of people. It is very important that every one use secure email clients for receiving and sending emails. A lot of reputed email clients are available and the c company that makes them releases security patches from time to time to stay at top of vulnerabilities.
It must be understood that the computer architecture that is sued to exchange emails are not very secured and does not provide for much privacy for the users. On the other hand, software like sniffers is available in the market, which can effectively capture data that is meant for some other computer (Ciampa, 2009).
The need for encrypting data is very important. Encryption techniques ensure that messages meant for a person can be read by that person alone.
Although there are a wide variety of attacks that can be launched against a computer or network, the same basic steps are used in most attacks. Protecting computers against these steps in an attack calls for five fundamental security principles. (Whitman, Herbert, Austin, & Holden, 2009).
1. Probe for information – The first step in an attack is to probe the system for any information that can be used to attack it. This type of reconnaissance is essential to provide information, such as the type of hardware used, version of software or firmware, and even personal information about the users, that can then be used in the next step. Actions that take place in probing for information include ping weeps of the network to determine if a system responds, port scanning for seeing what ports may be open, queries that send failure messages back to a system when a delivery problem has been detected, and password guessing.
A combination of hardware, software, infrastructure and trained personnel organized to facilitate planning, control, coordination, and decision making in an organisation Contrast IS and IT: What is the difference between Information Systems and Information Technology? In: Computer Terminology, Technology, Information Technology[Edit categories] Answer: Information Systems is a large umbrella ...
2. Penetrate any defenses- Once a potential system has been identified and information about it has been gathered, the next stop is to launch the attack to penetrate the defenses. These attacks come in a variety of forms, such as manipulating or breaking a password.
3. Modify security settings – modifying the security settings is the next step after the system has been penetrated. This allows the attacker to re enter the compromised system more easily. Also known as privilege escalation tools, there many programs that help accomplish this task.
4. Circulate to other system – Once the network or system has been compromised, the attacker then uses it as a base to attack other networks and computers. The same tools that are used to probe for information are then directed toward other systems.
5. Paralyze networks and devices – If the attacker chooses, he or she may also work to maliciously damage the infected computer or network. This may include deleting or modifying files, stealing valuable data, crashing the computer, or performing denial of attacks. (Whitman, Herbert, Austin, & Holden, 2009).
Although multiple defenses may be necessary to withstand an attack. In information security must likewise be created in layers. One defense mechanism may be relatively easy for an attacker to circumvent. Instead, a security system must have layers, making it unlikely that an attacker ahs the tools and skills to break through all the layers of defense. A layered approach can also be useful in resisting a variety of attacks. Layered security provides the most comprehensive protection (Ciampa, 2009).