Lesson seventeen: Introduction to security threats The computer is a great tool to store important information. In certain cases the information is very vital that losing it will harm the computer system. Computer threats can come from many ways either from human or natural disaster. For example, when someone is stealing your account information from a trusted bank, this threat is considered as a human threat. However, when your computer is soaked in heavy rain, then that is a natural disaster threat. Generally, security threats include malicious code, hacking, natural environment and theft. A.) Malicious code 1. Malicious code is also known as a rouge program. It is a threat to computing assets by causing undesired effects in the programmer’s part. The effect is caused by an agent, with the intention to cause damage. 2. The agent for malicious code is the writer of the code or any person who causes its distributions. 3. There are various kinds of malicious code. They include a) virus Virus is a program that can pass on the malicious code to other non-infected programs by modifying them. To infect a computer, the virus needs to attaches itself to the program, usually files with .doc (document), .xls (spread sheet), .exe (executable file) extensions. It will then destroy or co-exists with the program. Once the infected file is open, the virus will copy itself into that particular system and perform its functions. Eventually, it can overtake the entire computing system and spread to other connected systems. b) Trojan Horse A program which can perform useful but unexpected actions. Must be installed by users or intruders before it can affect the system’s assets. An example of a Trojan horse is the login script that request for users’ login ID and password. The user will then successfully pass the login process, but the Trojan horse will keep a copy of the information to be use for malicious purposes. c) Logic bomb Logic bomb is a malicious code that goes off when a specific condition occurs. An example of a logic bomb is the time bomb. It goes off and causes threats at a specified time or date. d) Trapdoor or backdoor A feature in a program that allows someone to access the program and use it with special privileges. e) Worm A program that copies and spreads itself through a network. Primary differences between worms and viruses. Worm Virus Operates through the Spreads through any network. medium. (Usually copied programs or data files) Spreads copies of itself Spread copies of itself as a standalone as a program that program. attaches to other program. B.) Hacker 1. Hacking is a source of threat to security in computer. It is defined as unauthorized access to the computer system by a hacker. 2. Hackers are persons who learn about the computer systems in detail. They wrote program referred to as hacks. Hackers may use a modem or cable to hack the targeted computers. 3. Kevin Mitnick is the most notorious hacker ever caught. He had stolen millions of dollars worth of software and credit card information on the net. He used new identities and cleverly concealed his locations. He spent 5 years in jail for his hacking activity. C.) Natural and environmental threats 1. Computers are also threatened by natural or environmental disaster. Be ot at home, stores, offices and also automobiles. 2. Examples of natural and environmental disasters: a) flood b) fire c) earthquakes, storms and tornados d) excessive heat e) inadequate power supply D.) Theft 1. Two types of computer theft: a) Computer is used to steal money, goods, information and resources. b) Actual stealing of computer, especially notebook and PDA. (This type of stealing causes loss of the expensive item and also the valuable information.) 2. Three approaches to prevent theft a) Prevent access by using locks, smart card application and password activation b) Prevent portability of your computer by restricting all hardware from physically being moved to other places. c) Detect and guard all exits and record any hardware (such as disk or CD) before being transported Summary 1. Security threats include malicious code, hacking, natural environment and theft. 2. There are various types of malicious code that include virus, Trojan horse, logic door, trapdoor or backdoor and worm. 3. Virus is a program that can pass malicious code to other noninfected program by modifying them. 4. Computers are also threatened by natural or environmental disaster such as flood, fore, earthquakes, storms and tornados. 5. Computer theft includes stealing money, goods, information and computer resources.