1.
1
Threats and Security Tips of
Computer System
Lecture 8

2.
t Threats too ccoommppuutteerrss aanndd ccoommmmuunniiccaattiioonnss ssyysstteemmss
 Information technology can be disabled by a
number of occurrences. It may be harmed
by people, procedural, and software errors;
by electromechanical problems; and by
“dirty data”. It may be threatened by
natural hazards and terrorism.
 Computer may be harmed by viruses.
Computers can also be used as instruments
of crime. Criminals may be employee,
outside users, hackers, crackers, and
professional criminals.
CIT 3303 2

3.
t Threats too ccoommppuutteerrss aanndd ccoommmmuunniiccaattiioonnss ssyysstteemmss
 Here we discuss the following threats to
computers and communications systems:
 Errors and accidents
 Natural hazards
 Crimes against information technology
 Crimes using information technology
 Computer Viruses
CIT 3303 3

4.
EErrrroorrss aanndd AAcccciiddeennttss
 Errors and accidents in computer
systems may be classified as -
 People errors
 Procedural errors
 Software errors
 Electromechanical problems
 “Dirty data” problems
CIT 3303 4

5.
PPeeooppllee eerrrroorrss
 One of the most important part of a
computer system is the people who
manage it or run it.
 Quite often, what may seem to be “the
computer’s fault” is human indifference
or bad management.
 So, errors may be occurs by people
during data entry and computer operate.
CIT 3303 5

6.
PPrroocceedduurraall eerrrroorrss
 We know that procedures are
descriptions of how things are done,
steps for accomplishing a result.
 Some remarkable computer failures have
occurred because someone didn’t follow
procedures.
CIT 3303 6

7.
SSooffttwwaarree eerrrroorrss
 We are hearing about “software bugs”. A
software bug is an error in a program
that causes it to malfunction.
 Especially with complex software, there
are always bugs, even after the system
has been thoroughly tested and
“debugged”.
CIT 3303 7

8.
EElleeccttrroommeecchhaanniiccaall pprroobblleemmss
 Mechanical systems, such as printers,
and electrical systems, such as circuit
boards, don’t always work. They may be
faultily constructed, get dirty or
overheated, or become damaged in some
other way.
 Power failures can shut a system down
and burn out equipment.
CIT 3303 8

9.
““DDiirrttyy ddaattaa”” pprroobblleemmss
 When keyboarding a research paper, you
undoubtedly make a few typing errors.
 A lot of problems are caused by this kind
of “dirty data”.
 “Dirty data” is data that is incomplete,
outdated, or otherwise inaccurate.
CIT 3303 9

10.
NNaattuurraall HHaazzaarrddss
Whatever is harmful to property (and people)
is harmful to computers and communications
systems. This certainly includes natural
disasters: fires, floods, earthquakes,
tornadoes, cyclones, hurricanes, and the like.
Natural hazards can disable all the electronic
systems. Without power and communications
connections, automatic teller machines (ATM),
credit card verifiers, and bank computers are
useless.
CIT 3303 10

11.
Crimes aaggaaiinnsstt iinnffoorrmmaattiioonn tteecchhnnoollooggyy
 Crime against information technology
include –
 Theft of hardware
 Theft of software
 Theft of time and services
 Theft of information
CIT 3303 11

12.
CCrriimmeess uussiinngg iinnffoorrmmaattiioonn tteecchhnnoollooggyy
 Just a car can be used to assist in a
crime, so can a computer and
communication system.
 Criminals use inexpensive
microcomputers with sophisticated
graphics capabilities for illegal purposes.
CIT 3303 12

13.
CIT 3303 13
VViirruusseess
 Computer viruses are programs that
causes systems to behave in unexpected
and undesirable ways.
 Virus can copy itself and damage files.
Spread through floppy disks, Internet
downloads or as e-mail.
 Viruses may take several forms. The two
principal ones are boot sector virus and
file viruses.

14.
CCoommppuutteerr CCrriimmiinnaallss
 What kind of people are responsible for
most of the information technology
crime?
 Over 80% may be employees, and rest
are outside users, hackers and crackers,
and professional criminals.
CIT 3303 14

15.
CCoommppuutteerr CCrriimmiinnaallss ((ccoonntt……))
 Employees: Employees are the ones with the
skill, the knowledge, and the access to do bad
things. Dishonest employees create a far
greater problems than most people realize.
 The increasing use of laptops, away from the
eyes of supervisors, concerns some security
experts. They worry that dishonest employees
or outsiders can more easily intercept
communications or steal company trade
secrets.
CIT 3303 15

16.
CCoommppuutteerr CCrriimmiinnaallss ((ccoonntt……))
 Outside users: Suppliers and clients
may also gain access to a company’s
information technology and use it to
commit crimes.
CIT 3303 16

17.
CCoommppuutteerr CCrriimmiinnaallss ((ccoonntt……))
CIT 3303 17
 Hacker
 An individual who has the knowledge to
illegally break into a computer system or
facility, although he or she does not cause
any harm to the system or the organization.
 Cracker
 A computer thief who breaks into a system
with the intent of stealing passwords, files,
and programs, either for fun or for profit.

18.
CCoommppuutteerr CCrriimmiinnaallss ((ccoonntt……))
 Professional criminals:
 Member of organized crime rings don’t just steal
information technology. They also use it the way
that legal businesses do – as a business tool, but for
illegal purposes.
 For example, databases can be used to keep track
of illegal gambling debts and stolen goods. Drug
dealers have user pagers as a link to customers.
Microcomputers, scanners, and printers can be used
for forge checks, immigration papers, passports,
and driving licenses. Telecommunications can be
used to transfer funds illegally.
CIT 3303 18

19.
CCoommppuutteerr SSeeccuurriittyy
 Computer security includes the policies,
procedures, tools and techniques designed
to protect a company’s computer assets
from accidental, intentional, or natural
disasters. It covers all components of a
company’s computing environment:
hardware, software, networks, physical
facilities, data and information, and
personnel.
CIT 3303 19

20.
CCoommppuutteerr SSeeccuurriittyy ((ccoonntt……))
 We consider the following components of security:
 Identification and access
 PPaasssswwoorrdd SSeeccuurriittyy
 PPeerrssoonnaall ffiirreewwaallll
 AAnnttii--vviirruuss ssooffttwwaarree aanndd UUppddaatteess
 BBee aawwaarree ooff hhooww vviirruusseess sspprreeaadd
 AAvvooiidd iinnssttaalllliinngg bbaadd aapppplliiccaattiioonnss
 CCoonnffiigguurree yyoouurr ssyysstteemm
 BBaacckkuupp yyoouurr ddaattaa
 CCrreeddiitt ccaarrdd sseeccuurriittyy
 TTeerrmmiinnaall ccoonnnneeccttiioonnss
 AAcccceessss CCoonnttrroollss aanndd EEnnccrryyppttiioonn
CIT 3303 20

21.
IIddeennttiiffiiccaattiioonn aanndd aacccceessss
 There are three ways a computer system can
verify that you have legal right of access.
Some security systems use a mix of these
techniques. The systems try to authenticate
your identity by determining –
1. what you have – cards, keys, signatures, badges.
2. what you know – PINs, passwords, digital
CIT 3303 21
signatures.
3. who you are –fingerprint id, voice id, retinal id, lip
prints.

22.
PPaasssswwoorrdd SSeeccuurriittyy
 A password is a special word, code, or
symbol that is required to access a
computer system.
 Choose Strong Passwords. Never use your
name or the name of a loved one, or even a
word in the dictionary.
 Use a mix of alphanumeric characters, but
make it easy to remember.
CIT 3303 22

23.
PPeerrssoonnaall ffiirreewwaallll
 If you are not behind a corporate
firewall, purchase and install a personal
firewall on your computer. This will help
protect your system from many
weaknesses that some worms will try to
use.
CIT 3303 23

24.
AAnnttii--vviirruuss ssooffttwwaarree aanndd UUppddaatteess
 Use anti-virus software with regular
CIT 3303 24
updates.
 Perform system updates regularly.

25.
BBee aawwaarree ooff hhooww vviirruusseess sspprreeaadd
 Be aware of how viruses spread and don't
open attachments unless you are SURE
they are genuine. Call the sender if
necessary to be sure they sent the email. Be
sure your system settings are set so you
can recognize potential virus files that may
have multiple extensions such as
filename.txt.exe. If the extension ends in
.exe, .com, or .bat don't double click on it or
run it unless you are SURE it is from a valid
source.
CIT 3303 25

26.
AAvvooiidd iinnssttaalllliinngg bbaadd aapppplliiccaattiioonnss
 Some computer programs may come with
spyware. Avoiding these can be
important in both securing your system
and keeping your system performance
from being degraded.
 A personal firewall is one defense against
this happening because it will normally
notify you when a program accesses the
internet.
CIT 3303 26

27.
CCoonnffiigguurree yyoouurr ssyysstteemm
 Configure your system so you will see all
file extensions as described on the page
called "Windows File View Settings".
CIT 3303 27

28.
BBaacckkuupp yyoouurr ddaattaa
 Make frequent backups of vital data and
store it in a different physical location
from the computer.
CIT 3303 28

29.
CCrreeddiitt ccaarrdd sseeccuurriittyy
 Don’t send your credit card number “in
the clear” (that is, without encryption)
over the Internet.
CIT 3303 29

30.
TTeerrmmiinnaall ccoonnnneeccttiioonnss
 Don’t leave modem lines or Internet
connections open when you are not using
them. Turn off your computer when you
leave it.
CIT 3303 30

31.
AAcccceessss CCoonnttrroollss aanndd EEnnccrryyppttiioonn
 Using a PC security package that
demands passwords for computer access
and encrypts data resident on the hard
disk.
CIT 3303 31

32.
EEtthhiiccaall IIssssuueess iinn CCoommppuuttiinngg
The Ten Commandments of Computer Ethics
1. Do not use a computer to harm other people.
2. Do not interfere with other people's computer work.
3. Do not snoop around in other people's computer files.
4. Do not use a computer to steal.
5. Do not use a computer to bear false witness.
6. Do not copy or use proprietary software for which you have not paid.
7. Do not use other people's computer resources without authorization or
proper compensation.
8. Do not appropriate other people's intellectual output.
9. Always think about the social consequences of the program you are
writing or the system you are designing.
10. Always use a computer in ways that insure consideration and respect for
your fellow human.
CIT 3303 32

33.
Any Question
?
CIT 3303 33

34.
Thanks to All
CIT 3303 34