Más contenido relacionado


Threats to information security

  1. WHAT IS INFORMATION ? • Information is a complete set of data. • It can be called as processed data.
  2. WHAT IS INFORMATION SECURITY ? • It is protection of information systems and hardware that use, store and transit the information. • Security is the quality or state of information • Security is always multilayered : Physical Security Personal Security Operations Security Communications Security
  3. THREATS TO INFORMATION SECURITY • A threat is an object, person, or other entity that represents a constant danger to an asset. • The Management should ensure that information is given sufficient protection through policies, proper training and proper equipment. • Consistent reviews andBetter information security can be provided by recognizing and ranking the threats to the information. • Checks also help and Surveys also help in keeping information safe
  4. TYPES OF THREATS TO INFORMATION • Inadvertent Acts • Deliberate Acts • Natural Disaster (Natural Forces) • Technical Failures • Management Failure
  5. INADVERTENT ACTS • These are the acts that happen by mistake. They are not deliberate • The attacker does not have any ill will or malicious intent or his attack is not proven in categories of theft. • Acts of Human error and failure, Deviation from service quality, communication error, are examples of inadvertent acts
  6. DELIBERATE ACTS • These acts are done by people of organizations to harm the information. • The attackers have a malicious intent and wish to steal or destroy the data. • Acts of espionage, Hacking, Cracking, come under deliberate acts.
  7. NATURAL DISASTERS • Forces of nature are dangerous because they are unexpected and come without very little warning. • They disrupt lives of individuals but also causes damage to information that is stored within computers. • These threats can be avoided but he management must have the necessary precautions.
  8. TECHNICAL FAILURES • Technical failures are classified into two types : • Technical Hardware Failure • Technical Software Failure • Technical Hardware Failure: It occurs when manufacturer distributes equipment with flaws that may be known or unknown to the manufacturer • Technical Software Failure: These can cause the system to perform in an undesirable or unexpected way. Some of these are unrecoverable while some occur periodically
  9. MANAGEMENT FAILURE • Management must always be updated about recent developments and technology. • Proper planning must be done by the management for good protection of the information. • IT professionals must help the management in protecting the information, by helping the management upgrade to the latest technology.
  10. MALWARE • It is any malicious software designed to harm a computer without the user’s consent. • Eg. VIRUS, Worm, Trojan, Spyware
  11. VIRUS (VITAL INFORMATION RESOURCE UNDER SIEGE ) • It is a computer program designed to copy itself and attach itself to other files stored on a computer. • It moves from computer to computer through by attaching itself to files or boot records of disks. • It can be sent through a network or a removable storage device.
  12. WORM • Worm is a self replicating computer program that uses a network to send copies of itself to other computers on the network. • It replicates ad eats up the computer storage. • An example is Voyager Worm
  13. TROJAN HORSE • They appear to be harmless but secretly gather information about the user. • They upload hidden and malicious programs on the computer without the user’s knowledge. • It does not attempt to inject itself into other files unlike computer virus.
  14. SPYWARE • It secretly monitors internet surfing habits without user’s knowledge. • They perform actions like advertising vague products and changing computer configurations. These actions are very troublesome. • They usually do not replicate themselves.
  15. PROTECTION AGAINST MALWARE • Make sure that you have updated operating system and antivirus software. Eg. McAfee • Do not use pirated software, or download files from unreliable sources. • Perform regular hard drive scans. • Use licensed software
  16. HACKING • Hacking means finding out weaknesses in a computer or a network and exploiting them. • Hackers are usually motivated by profit, protest or challenge.
  17. HACKER • He/She is a person who enjoys the challenge of breaking into computers without the knowledge of the user. • Their main aim might be to know the detail of a programmable system and how it works. • Hackers are experts who see new ways to use computers.
  18. CRACKER • These people crack or remove the protection mechanism of a computer system. • Their main aim is to steal or destroy information without the users consent • They are much more dangerous than hackers.
  19. ANTIVIRUS • It is a software used to prevent, detect and remove malware. • It runs in the background at all times. • It should be kept updated. • It runs computer disk scans periodically. • Eg. McAfee, Norton, Kaspersky.