Computer Security Risks

What is a computer security risk?

p. 556 - 558 Fig. 11-1 Next

Event or action that causes loss of or damage to computer system

Virus

A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly but misused to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.

Types of Virus

Not all computer viruses behave, replicate, or infect the same way. There are several different categories of viruses and malware. Below I list and discuss some of the most common types of computer viruses.

Trojan Horse

Trojan Horse:

A Trojan horse program has the appearance of having a useful and desired function. While it may advertise its activity after launching, this information is not apparent to the user beforehand. Secretly the program performs other, undesired functions. A Trojan Horse neither replicates nor copies itself, but causes damage or compromises the security of the computer. A Trojan Horse must be sent by someone or carried by another program and may arrive in the form of a joke program or software of some sort. The malicious functionality of a Trojan Horse may be anything undesirable for a computer user, including data destruction or compromising a system by providing a means for another computer to gain access, thus bypassing normal access controls.

Worms

Worms: A worm is a program that makes and facilitates the distribution of copies of itself; for example, from one disk drive to another, or by copying itself using email or another transport mechanism. The worm may do damage and compromise the security of the computer. It may arrive via exploitation of a system vulnerability or by clicking on an infected e-mail.

Types of virus continued ……

Bootsector Virus: A virus which attaches itself to the first part of the hard disk that is read by the computer upon bootup. These are normally spread by floppy disks.

Macro Virus:Macro viruses are viruses that use another application's macro programming language to distribute themselves. They infect documents such as MS Word or MS Excel and are typically spread to other similar documents.

Memory Resident Viruses:Memory Resident Viruses reside in a computers volitale memory (RAM). They are initiated from a virus which runs on the computer and they stay in memory after it's initiating program closes.

Types of virus continued ……

Root kit Virus: A root kit virus is an undetectable virus which attempts to allow someone to gain control of a computer system. The term root kit comes from the Linux administrator root user. These viruses are usually installed by Trojans and are normally disguised as operating system files.

Polymorphic Viruses:A polymorphic virus not only replicates itself by creating multiple files of itself, but it also changes it's digital signature every time it replicates. This makes it difficult or less sophisticated antivirus software to detect.

Logic Bombs/Time Bombs: These are viruses which are programmed to initiate at a specific date or when a specific event occurs. Some examples are a virus which deletes your photos on Halloween, or a virus which deletes a database table if a certain employee gets fired.

Stand-Alone Utility Programs

What is a virus?

p. 425 - 426 Fig. 8-36

Potentially damaging computer program Affects computer without user’s knowledge

SIGNS OF SIGNS OF VIRUS VIRUS

INFECTIONINFECTION

• An unusual message or image is displayed on the computer screen• An unusual sound or music plays randomly• The available memory is less than what should be available• A program or file suddenly is missing• An unknown program or file mysteriously appears• The size of a file changes without explanation• A file becomes corrupted• A program or file does not work properly• System properties change•The operating system runs much slower than usual

Stand-Alone Utility Programs

What is an antivirus program?

p. 426 Fig. 8-37

Identifies and removes viruses in memory, storage media, and incoming files

Must be updated frequently

Internet and Network Attacks

What is an antivirus program?

p. 560 - 561 Fig. 11-4 Next

Identifies and removes computer viruses

Most also protect against worms and Trojan horses

Internet and Network Attacks

What are viruses, worms, and Trojan horses?

p. 558 Next

VirusVirus is a potentially damaging computer program

WormWorm copies itself repeatedly,

using up resources

and possibly shutting down computer or

network

Trojan horseTrojan horse hides within or looks like

legitimate program until

triggered

Payload (destructive event) that is

delivered when you open file, run infected program, or boot computer with infected disk

in disk driveCan spread and

damage files

Does not replicate itself on

other computers

Internet and Network Attacks

How can a virus spread through an e-mail message?

p. 559 Fig. 11-2 Next

Step 1. Unscrupulous programmers create a virus program. They hide the virus in a Word document and attach the Word document to an e-mail message.

Step 2. They use the Internet to send the e-mail message to thousands of users around the world.

Step 3b. Other users do not recognize the name of the sender of the e-mail message. These users do not open the e-mail message. Instead they delete the e-mail message. These users’ computers are not infected with the virus.

Step 3a. Some users open the attachment and their computers become infected with the virus.

Internet and Network Attacks

How can you protect your system from a macro virus?

p. 560 Fig. 11-3 Next

Set macro security level in applications that allow you to write macros

Set security level so that warning displays that document contains macro Macros are instructions

saved in an application, such as word processing or spreadsheet program

Keeps file in separate area of hard disk

Internet and Network Attacks

How does an antivirus program inoculate a program file?

p. 561 Next

Records Records information information

about program such about program such as file size and as file size and

creation creation datedate

Attempts Attempts to remove to remove

any detected any detected virusvirus

Uses Uses information information to detect if to detect if

virus tampers virus tampers with filewith file

QuarantinesQuarantines infected infected

files that it files that it cannot cannot removeremove

Internet and Network Attacks

What is a firewall?

p. 563 Fig. 11-7 Next

Security system consisting of hardware and/or software that prevents unauthorized intrusion

Unauthorized Access and Use

What are other ways to protect your personal computer?

p. 565 Fig. 11-9 Next

Disable file and printer sharing on Internet connection

User Authentication(login)

What is a user name?

p. 566 Fig. 11-10 Next

Unique combination of characters that identifies user Password is private

combination of characters associated with the user name that allows access to computer resources

Tips for security

What are some tips for preventing virus, worm, and Trojan horse infections?

p. 562 Next

Install a personalfirewall program

If the antivirus program flags an e-mail attachment as infected, delete

the attachment immediately

Never start a computer with

removable media inserted

Never open an e-mail attachment

unless you are expecting it and

it is from a trusted source

Install an antivirus program on all of your computers

Check all downloaded programs for

viruses, worms, or Trojan horses

Software Theft

What is a license agreement?

p. 570 Fig. 11-15 Next

Right to use software Single-user license agreement allows user to install software

on one computer, make backup copy, and sell software after removing from computer

Backing Up — The Ultimate SafeguardWhat is a backup?

p. 576 Next

Duplicate of file, program, or disk

Full backupFull backupall files in computer

Full backupFull backupall files in computer

Selective backupSelective backupselect which files

to back up

Selective backupSelective backupselect which files

to back up

Three-generation Three-generation backupbackup

preserves three copies of important files

Three-generation Three-generation backupbackup

preserves three copies of important files

In case of system failure or corrupted files, restorerestore files by copying to original location

Information Privacy

What are spyware, adware, and spam?

p. 583 - 584 Fig. 11-29 Next

Spyware is program placed on computer without user’s knowledge

Adware is a programthat displays onlineadvertisements

Spam is bogus e-mail message sent to many recipients

Information Privacy

How can you control spam?

p. 584 Next

Collects spam incentral location

that you can view any time

Service that blocks e-mail

messages from designated

sources

E-mail filteringE-mail filtering

Sometimes removes valid

e-mail messages

Attempts to remove spam

Anti-spam programAnti-spam program