SlideShare una empresa de Scribd logo

Implications of Misuse and Cyber Security.pdf

S
srtwgwfwwgw

Implications of Misuse & Cyber Security discusses various forms of computer misuse including using stolen credit cards, financial fraud, and vulnerabilities in computer systems. It covers topics like cybersecurity, computer system vulnerabilities, threats like spyware, hackers and viruses. It also discusses countermeasures to prevent threats like strong passwords, firewalls, anti-virus software and keeping software updated. Distributed denial of service (DDoS) attacks are explained as attempts to overwhelm networks through large traffic volumes. Internal vulnerabilities include access control issues, malware, and vulnerability scanning. Computer misuse related to cyberbullying can psychologically impact individuals and negatively affect organizations.

Motor
1 de 34
Descargar para leer sin conexión
Implications of Misuse & Cyber Security
Computer Misuse This topic includes misuse of stolen or fictional credit card numbers to obtain goods or services on the internet, and use of computers in financial frauds. Cybersecurity Cyber security is the application of technologies, processes and controls to protect systems, networks, programs, devices and data from cyber attacks. It aims to reduce the risk of cyber attacks and protect against the unauthorised exploitation of systems, networks and technologies.
Computer System Misuse
Computer Vulnerability A computer system has several points of vulnerability; these include its hardware, software, data communications, and personnel. Computer security refers to the protection of hardware and software resources against their accidental or deliberate damage, theft, or corruption(in the case of software). Data security is the protection of data against intentional or accidental damage The importance of the security of computer systems and their data cannot be overstated. Organizations spend very considerable amounts of time and money trying to make sure that their information systems are secure against various hazards, both natural and man-made. Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. A vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat. Computer users and network personnels can protect computer systems from vulnerabilities by keeping software security patches up to date. These patches can remedy flaws or security holes that were found in the initial release. Computer and network personnel should also stay informed about current vulnerabilities in the software they use and seek out ways to protect against them.
Threats What are Threats? In computer security, a threat is a potential negative action or event facilitated by a vulnerability that results in an unwanted impact to a computer system or application. In simpler terms, a computer threat refers to a term that speaks to or speaks about a computer system being compromised. These threats can lead to lost or edited data being stolen or even cyber-attacks.
Type of Threats Spyware A spyware threat is any program that monitors your online activities or installs programs without your consent or knowledge to capture personalised information. This personalised information can be downloaded from email messages, instant messages and web sites. Spyware, as the word suggests, “spy”, is aimed so that it remains entirely discreet to the user. It is actively hidden away or is simply not recognisable by the user.
Hackers Hackers are programmers who exploit others for their own selfish and malicious intents by breaking into computer systems to steal, destroy or change information as a form of cyber-terrorism. They can compromise your credit card information, steal your identity and lock you out of your data.
Viruses A computer virus is a written program that alters the way a computer operates without the permission or knowledge of the user. The virus replicates and executes itself, usually doing damage to your computer in the process like corrupting files and stealing passwords.
★ Anti-Spyware ★ Firewalls ★ Strong Passwords ★ Anti-Virus ★ Plug Information Leaks How to Prevent/ Avoid These Threats
Anti-spyware Anti-spyware software detects and prevents any unwanted spyware program installations that are in your computer system. It can act much like an antivirus program by providing real-time protection and preventing spyware from being downloaded in the first place. Firewalls Firewalls enforce rules about what data packets will be allowed to enter or leave a network. Firewalls are incorporated into a wide variety of networked devices to filter traffic and lower the security risks from malicious packets travelling over the public internet. Strong Passwords Password cracking technology is quite advanced, and passwords that are easy to guess are potential security risks. Simply making sure employees are using passwords that are sufficient length and a mix of character types and numbers can be a huge detractor for hackers.
Anti-Virus Antivirus software was originally designed to detect and remove viruses from computers, but also protect against other types of malicious software, such as keyloggers, browser hijackers, Trojan horses, worms, rootkits spyware, adware and botnets. Plug Information Leaks Sensitive information can flow out of your organisation through emails, printed copies, instant messaging or by people simply talking about things they should keep to themselves, but technology can help. Starting with the intrusion detection system (IDS). Scan your business plan for unique phrases that you wouldn't expect to find anywhere else and configure your IDS to alert you whenever it sees these telltale snippets on the network. Installing email firewalls can scan the full text of all outgoing emails and alert the user if anything suspicious is found.
What is an attack? An attack or cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Cyber attacks aim to disable, disrupt, destroy or control computer systems or to alter, block, delete, manipulate or steal the data held within these systems. These attacks can be launched from anywhere by any individual or group using one or more various attack strategies. People who carry out cyber attacks are generally regarded as cybercriminals or who are also popularly known as hackers, they include individuals who act alone, drawing on their computer skills to design and execute malicious attacks. They can also belong to a criminal syndicate, working with other threat actors to find weaknesses or problems in the computer systems called vulnerabilities that can be exploited for criminal gain. Government-sponsored groups of computer experts also launch cyber attacks. They're identified as nation-state attackers, and they have been accused of attacking the information technology (IT) infrastructure of other governments, as well as non government entities, such as businesses, nonprofits and utilities. Attack
Why do cyber attacks happen? Cyber attacks are designed to cause damage. They can have various objectives, including the following: ➢ Financial gain Most cyber attacks today, especially those against commercial entities, are launched by cybercriminals for financial gain. These attacks often aim to steal sensitive data, such as customer credit card numbers or employee personal information, which the cybercriminals then use to access money or goods using the victims' identities. Still other attacks aim to gain valuable corporate data, such as proprietary information; these types of cyber attacks are a modern, computerized form of corporate espionage.
➢ Disruption and revenge Some hackers also launch attacks specifically to sow chaos, confusion, discontent, frustration or mistrust. They could be taking such action as a way to get revenge for acts taken against them. They could be aiming to publicly embarrass the attacked entities or to damage the organizations' reputation. These attacks are often directed at government entities but can also hit commercial entities or nonprofit organizations. ➢ Cyberwarfare Governments around the world are also involved in cyber attacks, with many national governments acknowledging or suspected of designing and executing attacks against other countries as part of ongoing political, economic and social disputes. These types of attacks are classified as cyberwarfare.
How can you prevent a cyber attack? There is no guaranteed way for any organization to prevent a cyber attack, but there are numerous cybersecurity best practices that organizations can follow to reduce the risk. Reducing the risk of a cyber attack relies on using a combination of skilled security professionals, processes and technology. Reducing risk also involves three broad categories of defensive action: 1. preventing attempted attacks from actually entering the organization's IT systems; 2. detecting intrusions; and 3. disrupting attacks already in motion -- ideally, at the earliest possible time.
Best practices include the following: ● implementing perimeter defenses, such as firewalls, to help block attack attempts and to block access to known malicious domains; ● using software to protect against malware, namely antivirus software, thereby adding another layer of protection against cyber attacks; ● having a patch management program to address known software vulnerabilities that could be exploited by hackers; ● setting appropriate security configurations, password policies and user access controls; ● maintaining a monitoring and detection program to identify and alert to suspicious activity; ● creating incident response plans to guide reaction to a breach; and ● training and educating individual users about attack scenarios and how they as individuals have a role to play in protecting the organization.
Countermeasure What is Countermeasure? In computer and cyber security a countermeasure can be defined as an action, device or technique that reduces a threat, vulnerability, or an attack by eliminating it or by minimizing the damage it may cause.
Why do we need Countermeasures? A countermeasure is an action, process, device, or system that can prevent, or mitigate the effects of, threats to a computer, server or network. In this context, a threat is a potential or actual adverse event that may be malicious or incidental, and that can compromise the assets of an enterprise or the integrity of a computer or network. Countermeasures can take the form of software, hardware and modes of behavior. Software countermeasures include: ● personal firewalls ● application firewalls ● anti-virus software ● pop-up blockers ● spyware detection/removal programs.
The most common hardware countermeasure is a router that can prevent the IP address of an individual computer from being directly visible on the Internet. Other hardware countermeasures include: ● biometric authentication systems ● physical restriction of access to computers and peripherals ● intrusion detectors ● alarms
What are the Categories of a Countermeasure? These countermeasures can be classified into three groups. These are: ❖ Cryptography methods- (Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.) ❖ Human factors- (The 'human factor' has been recognized as the weakest link in creating safe and secure digital environments though, human intuition may also be the solution to thwarting many cyber threats. Every software or security monitoring system requires human interpretation of alerts.) ❖ Detection Methods- (Threat detection is the practice of analyzing the entirety of a security ecosystem to identify any malicious activity that could compromise the network. If a threat is detected, then mitigation efforts must be enacted to properly neutralize the threat before it can exploit any present vulnerabilities.)
External Computer Vulnerability Sources ★ Password Attack What are Password Attacks? A password attack refers to any of the various methods used to maliciously authenticate into password-protected accounts. These attacks are typically facilitated through the use of software that expedites cracking or guessing passwords.
➢ Brute Force Attack. A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and organizations' systems and networks. Different types of Password attacks ➢ Dictionary Attack. A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an encrypted message or document.
➢ Keyloggers Keyloggers are activity-monitoring software programs that give hackers access to your personal data. The passwords and credit card numbers you type, the web pages you visit – all by logging your keyboard strokes. The software is installed on your computer, and records everything you type. ➢ Man- In-The-Middle Attack. A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application—either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway.
A DDoS attack happens when a network or system becomes overwhelmed and it cannot respond to service requests. A DDoS attack happens when a massive number of machines are directed to bombard the target with traffic. These machines are typically infected with viruses controlled by one over all attacker. While DDoS offer a less complicated attack mode than other forms of cyber attacks, they are growing stronger and more sophisticated. There are three basic categories of attack: ● Volume-based attacks, which use high traffic to inundate the network bandwidth ● Protocol attacks, which focus on exploiting server resources ● Application attacks, which focus on web applications and are considered the most sophisticated and serious type of attacks ★ (DDoS) Distributed denial-of-s ervice attacks
How DDos perform? A distributed denial-of-service (DDoS) attack occurs when multiple machines are operating together to attack one target. DDoS attackers often leverage the use of a botnet, a group of hijacked internet-connected devices to carry out large scale attacks. Most popular types of DDoS attacks: ● SYN Flood ● Smurf Attack ● Fraggle Attack ● Slowloris ● Application Level Attack
★ File protocol The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data connections between the client and the server. FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS) or replaced with SSH File Transfer Protocol (SFTP).
Internal Vulnerability Source ★ Access Control Issues/Information Leakage What is Access Control Issues? Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification or destruction of all data, or performing a business function outside of the limits of the user. What are some causes? The majority of access control problems stem from outdated equipment, keycards falling into the wrong hands, and a lack of integration with other building systems. To some degree, all three issues might be causing problems. How can this problem be improved? 1. Evaluate Your Access Control System Features. 2. Determine Your Access Levels. 3. Audit Who Has Access. 4. Update Your Technology. 5. Perform Periodic Access Control Systems Testing. 6. No Tailgating Allowed.
★ Malware/Malicious cyber attacks Malware, or malicious software is any program or file that is intentionally designed to cause disruption to a computer, server, client, computer network, leak private information, gain unauthorized access to information or systems, deprive users access to information or which unknowingly interferes with the user's computer security and privacy. Types of malware includes: ● Computer Viruses ● Worms ● Trojan Horses ● Ransomware ● Spyware These malicious programs steal, encrypt and delete sensitive data; alter or hijack core computing functions and monitor end users computer activity.
★ Scan An internal vulnerability scan is performed typically with access to the internal network, with the main benefit of identifying at-risk systems while providing insight for patch management processes. An external scan is performed outside of a network and targets specific IP addresses to identify vulnerabilities. An external scan can also detect open ports and protocols, similar to an external penetration test. Both application and network scans not only detect vulnerabilities but may check for compliance against several different baselines.
What does malware do? Malware can infect networks and devices and is designed to harm those devices, networks and/or their users in some way. Depending on the type of malware and its goal, this harm may present itself differently to the user or endpoint. In some cases, the effect malware has is relatively mild and benign, and in others, it can be disastrous. No matter the method, all types of malware are designed to exploit devices at the expense of the user and to the benefit of the hacker, the person who has designed and/or deployed the malware.
The Impact of computer misuse relating to cyber bullying on an individual Cyberbullying, also known as online bullying, is a form of bullying or harassment using electronic means which also is computer abuse. Cyber-bullying, hacking, identity theft, and even using a work PC for personal business are all examples of computer abuse. An incident that many people might not think of as computer abuse is creating a fake social media account. If the social media service’s terms and conditions require users to provide accurate information about their identities when creating an account, they could be prosecuted under the CFAA. This outcome is unlikely unless an individual uses a fake account for malicious purposes, such as cyberbullying, but it is a possibility—and that possibility of being prosecuted for something as minor as the mere creation of a fake account is a major problem with the CFAA. Attorneys have been able to exploit the law’s weaknesses to defend clients who should perhaps have been punished, and prosecutors have been able to exploit the law to obtain convictions for minor incidents. Cyberbullying can impact an individual as it may bring about psychological problems. Some of these problems may include depression, self harm, low self esteem, school phobias and social anxiety.
The Impact of computer misuse relating to cyberbullying in an organisation Most people consider cyberbullying a teenage issue. Regretfully, the workplace is not immune to cyberbullying as the problem has expanded to adults. Cyberbullying at work, just like ordinary workplace bullying, can cause worker anxiety, stress and reduced productivity. Cyberbullying is like traditional workplace bullying and harassment, but involving electronic devices and online communications. Examples include, but are not limited to, text messages, tweets, malicious or threatening emails or social media posts. Workplace Bullying refers to repeated, unreasonable actions of individuals (or a group) directed towards an employee (or a group of employees), intended to intimidate, degrade, humiliate, undermine or create a risk to the health or safety of the employee(s) including physical and emotional stress. Bullying behavior creates feelings of defenselessness and discomfort in the target. Workplace Bullying may involve abuse or misuse of power. Bullying is different from aggression. Aggression may involve a single act, but bullying involves an ongoing pattern of behavior against the target. “Demanding” bosses are not necessarily bullies if they are respectful, fair and their primary motivation is better employee performance through setting high-yet-reasonable workplace expectations.Usually, it involves offensive emails or text messages containing jokes or inappropriate wording towards a specific individual race, gender, nationality, or sexual preference. The words have a direct effect on the bullying target. Another example is an intended personal email response forwarded without permission for the whole office to see.
Mitigate Cyber-bullying Why is Prevention Important? Cyberbullying is deliberately and repeatedly inflicting harm using electronic devices, gaming apps, and online social media platforms. It often starts as hate accounts, hurtful posts, rumors and gossip, and may even manifest because of mean comments said when gaming. The purpose of cyberbullying is to embarrass, hurt, humiliate and threaten the victim. This may cause the victim to feel depressed, lonely, social anxiety and even make the feel suicidal. However, there are some ways to combat the effects of cyberbullying. Don’t Engage A survey conducted in 2018 of children’s online behavior shows that 60% of children that are on social media have witnessed some form of bullying, and for various reasons, most children ignored the behavior altogether. In order to fight against this common occurrence, a mix of acknowledgement and avoidance is recommended. Those observing the attacks must be willing to report problems to friends, family members or teachers. While those being bullied are often better off ignoring the attacks rather than responding. The goal of the perpetrator is to goad the victim into anger, which in effect may ‘get to’ the target and make them acknowledge the malicious claims. The best option for the victim is to block the perpetrator(s) social media and email accounts altogether.
Mitigate Cyber-bullying Teach students it’s okay to report abuse Students need to know that they should report abuse. Every student should be encouraged to report instances or evidence of cyberbullying to a teacher, counselor, or any other staff member. Set up an anonymous reporting system so that youth can inform school officials of a problem without fear of repercussion. Organizations such as Safe2Tell, allow students to report incidents anonymously. Knowing there is a way to report cases may also stop students from engaging in the behavior

Recomendados

Implications of Computer Misuse and Cyber Security (Teaching) (1).pdf
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdfImplications of Computer Misuse and Cyber Security (Teaching) (1).pdf
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdf
srtwgwfwwgw
 
Teaching Your Staff About Phishing
Teaching Your Staff About PhishingTeaching Your Staff About Phishing
Teaching Your Staff About Phishing
Legal Services National Technology Assistance Project (LSNTAP)
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
Deepak Pareek
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application Security
Rob Ragan
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
kishore golla
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
Ramiro Cid
 
Cyber security
Cyber securityCyber security
Cyber security
Sapna Patil
 

Recomendados

Implications of Computer Misuse and Cyber Security (Teaching) (1).pdf
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdfImplications of Computer Misuse and Cyber Security (Teaching) (1).pdf
Implications of Computer Misuse and Cyber Security (Teaching) (1).pdf
srtwgwfwwgw
 
Teaching Your Staff About Phishing
Teaching Your Staff About PhishingTeaching Your Staff About Phishing
Teaching Your Staff About Phishing
Legal Services National Technology Assistance Project (LSNTAP)
 
Cyber Terrorism
Cyber TerrorismCyber Terrorism
Cyber Terrorism
Deepak Pareek
 
Intro to Web Application Security
Intro to Web Application SecurityIntro to Web Application Security
Intro to Web Application Security
Rob Ragan
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
cyber security presentation.pptx
cyber security presentation.pptxcyber security presentation.pptx
cyber security presentation.pptx
kishore golla
 
Cyber security threats for 2017
Cyber security threats for 2017Cyber security threats for 2017
Cyber security threats for 2017
Ramiro Cid
 
Cyber security
Cyber securityCyber security
Cyber security
Sapna Patil
 
introduction to cyber security
introduction to cyber securityintroduction to cyber security
introduction to cyber security
Slamet Ar Rokhim
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measures
CBIZ, Inc.
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
Noushad Hasan
 
Cyber security
Cyber securityCyber security
Cyber security
Samsil Arefin
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
Vaishak Chandran
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
sanjana mun
 
Ransomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksRansomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacks
dinCloud Inc.
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
Akash Dhiman
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)
Harsh Bhanushali
 
cyber security
cyber securitycyber security
cyber security
BasineniUdaykumar
 
cyber security
cyber securitycyber security
cyber security
abithajayavel
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
Edureka!
 
Cyber security
Cyber securityCyber security
Cyber security
manoj duli
 
Web security ppt sniper corporation
Web security ppt sniper corporationWeb security ppt sniper corporation
Web security ppt sniper corporation
sharmaakash1881
 
Cyber security
Cyber securityCyber security
Cyber security
vishakha bhagwat
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
belsis
 
Cyber crime - What is and types.
Cyber crime - What is and types.Cyber crime - What is and types.
Cyber crime - What is and types.
Niloy Biswas
 
Cyber Crime
Cyber Crime Cyber Crime
Cyber Crime
bhavya mohindru
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentation
Kudzai Rerayi
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
WindstoneHealth
 
Introduction to cyber security i
Introduction to cyber security iIntroduction to cyber security i
Introduction to cyber security i
Emmanuel Gbenga Dada (BSc, MSc, PhD)
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
TanushreeChakraborty27
 

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

introduction to cyber security
introduction to cyber securityintroduction to cyber security
introduction to cyber security
 
Cyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measuresCyber Security: Why your business needs protection & prevention measures
Cyber Security: Why your business needs protection & prevention measures
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and Security
 
Cyber security
Cyber securityCyber security
Cyber security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Ransomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacksRansomware and tips to prevent ransomware attacks
Ransomware and tips to prevent ransomware attacks
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)Cyber Security in AI (Artificial Intelligence)
Cyber Security in AI (Artificial Intelligence)
 
cyber security
cyber securitycyber security
cyber security
 
cyber security
cyber securitycyber security
cyber security
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
 
Cyber security
Cyber securityCyber security
Cyber security
 
Web security ppt sniper corporation
Web security ppt sniper corporationWeb security ppt sniper corporation
Web security ppt sniper corporation
 
Cyber security
Cyber securityCyber security
Cyber security
 
Introduction To Information Security
Introduction To Information SecurityIntroduction To Information Security
Introduction To Information Security
 
Cyber crime - What is and types.
Cyber crime - What is and types.Cyber crime - What is and types.
Cyber crime - What is and types.
 
Cyber Crime
Cyber Crime Cyber Crime
Cyber Crime
 
Network security presentation
Network security presentationNetwork security presentation
Network security presentation
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
 

Similar a Implications of Misuse and Cyber Security.pdf

Top 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent ThemTop 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent Them
Chinmayee Behera
 
Type of Security Threats and its Prevention
Type of Security Threats and its PreventionType of Security Threats and its Prevention
Type of Security Threats and its Prevention
ijsrd.com
 

Similar a Implications of Misuse and Cyber Security.pdf (20)

Introduction to cyber security i
Introduction to cyber security iIntroduction to cyber security i
Introduction to cyber security i
 
Cyber Security.docx
Cyber Security.docxCyber Security.docx
Cyber Security.docx
 
Cyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptxCyber Security in detail PPT BY HIMANXU.pptx
Cyber Security in detail PPT BY HIMANXU.pptx
 
Cyber Security Company.docx
Cyber Security Company.docxCyber Security Company.docx
Cyber Security Company.docx
 
Cyber Ethics Notes.pdf
Cyber Ethics Notes.pdfCyber Ethics Notes.pdf
Cyber Ethics Notes.pdf
 
Introduction to cyber security
Introduction to cyber securityIntroduction to cyber security
Introduction to cyber security
 
ppt on securities.pptx
ppt on securities.pptxppt on securities.pptx
ppt on securities.pptx
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Top 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent ThemTop 10 Cyber Security Threats and How to Prevent Them
Top 10 Cyber Security Threats and How to Prevent Them
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”“In 2024 Guide to Cyber Security: Protect Your Data Today”
“In 2024 Guide to Cyber Security: Protect Your Data Today”
 
Ch # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guardsCh # 10 computer security risks and safe guards
Ch # 10 computer security risks and safe guards
 
Type of Security Threats and its Prevention
Type of Security Threats and its PreventionType of Security Threats and its Prevention
Type of Security Threats and its Prevention
 
Cyber security
Cyber securityCyber security
Cyber security
 
Assess risks to IT security.pptx
Assess risks to IT security.pptxAssess risks to IT security.pptx
Assess risks to IT security.pptx
 
Network security and viruses
Network security and virusesNetwork security and viruses
Network security and viruses
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
 
Cybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdfCybersecurity Interview Questions and Answers.pdf
Cybersecurity Interview Questions and Answers.pdf
 
Cyber security
Cyber securityCyber security
Cyber security
 
Computer-Security.pptx
Computer-Security.pptxComputer-Security.pptx
Computer-Security.pptx
 

Último

Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
amitlee9823
 
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Majestic Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Es...
Majestic Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Es...Majestic Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Es...
Majestic Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Es...
amitlee9823
 
Bangalore Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore E...
Bangalore Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore E...Bangalore Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore E...
Bangalore Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore E...
amitlee9823
 
(INDIRA) Call Girl Nashik Call Now 8617697112 Nashik Escorts 24x7
(INDIRA) Call Girl Nashik Call Now 8617697112 Nashik Escorts 24x7(INDIRA) Call Girl Nashik Call Now 8617697112 Nashik Escorts 24x7
(INDIRA) Call Girl Nashik Call Now 8617697112 Nashik Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
➥🔝 7737669865 🔝▻ Asansol Call-girls in Women Seeking Men 🔝Asansol🔝 Escorts...
➥🔝 7737669865 🔝▻ Asansol Call-girls in Women Seeking Men 🔝Asansol🔝 Escorts...➥🔝 7737669865 🔝▻ Asansol Call-girls in Women Seeking Men 🔝Asansol🔝 Escorts...
➥🔝 7737669865 🔝▻ Asansol Call-girls in Women Seeking Men 🔝Asansol🔝 Escorts...
amitlee9823
 
Call Girls Hongasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Hongasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...Call Girls Hongasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Hongasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
amitlee9823
 
ELECTRICITÉ TMT 55.pdf electrick diagram manitout
ELECTRICITÉ TMT 55.pdf electrick diagram manitoutELECTRICITÉ TMT 55.pdf electrick diagram manitout
ELECTRICITÉ TMT 55.pdf electrick diagram manitout
ssjews46
 
+97470301568>>buy vape oil,thc oil weed,hash and cannabis oil in qatar doha}}
+97470301568>>buy vape oil,thc oil weed,hash and cannabis oil in qatar doha}}+97470301568>>buy vape oil,thc oil weed,hash and cannabis oil in qatar doha}}
+97470301568>>buy vape oil,thc oil weed,hash and cannabis oil in qatar doha}}
Health
 
Vip Mumbai Call Girls Panvel Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Panvel Call On 9920725232 With Body to body massage wit...Vip Mumbai Call Girls Panvel Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Panvel Call On 9920725232 With Body to body massage wit...
amitlee9823
 
Vip Mumbai Call Girls Navi Mumbai Call On 9920725232 With Body to body massag...
Vip Mumbai Call Girls Navi Mumbai Call On 9920725232 With Body to body massag...Vip Mumbai Call Girls Navi Mumbai Call On 9920725232 With Body to body massag...
Vip Mumbai Call Girls Navi Mumbai Call On 9920725232 With Body to body massag...
amitlee9823
 
Call Girls In Kotla Mubarakpur Delhi ❤️8448577510 ⊹Best Escorts Service In 24...
Call Girls In Kotla Mubarakpur Delhi ❤️8448577510 ⊹Best Escorts Service In 24...Call Girls In Kotla Mubarakpur Delhi ❤️8448577510 ⊹Best Escorts Service In 24...
Call Girls In Kotla Mubarakpur Delhi ❤️8448577510 ⊹Best Escorts Service In 24...
lizamodels9
 
Sanjay Nagar Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalor...
Sanjay Nagar Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalor...Sanjay Nagar Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalor...
Sanjay Nagar Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalor...
amitlee9823
 
Top Rated Call Girls Navi Mumbai : 9920725232 We offer Beautiful and sexy Cal...
Top Rated Call Girls Navi Mumbai : 9920725232 We offer Beautiful and sexy Cal...Top Rated Call Girls Navi Mumbai : 9920725232 We offer Beautiful and sexy Cal...
Top Rated Call Girls Navi Mumbai : 9920725232 We offer Beautiful and sexy Cal...
amitlee9823
 
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
amitlee9823
 

Último (20)

Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
Call Girls Bangalore Just Call 👗 7737669865 👗 Top Class Call Girl Service Ban...
 
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
(INDIRA) Call Girl Surat Call Now 8250077686 Surat Escorts 24x7
 
Majestic Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Es...
Majestic Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Es...Majestic Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Es...
Majestic Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore Es...
 
Bangalore Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore E...
Bangalore Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore E...Bangalore Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore E...
Bangalore Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalore E...
 
(INDIRA) Call Girl Nashik Call Now 8617697112 Nashik Escorts 24x7
(INDIRA) Call Girl Nashik Call Now 8617697112 Nashik Escorts 24x7(INDIRA) Call Girl Nashik Call Now 8617697112 Nashik Escorts 24x7
(INDIRA) Call Girl Nashik Call Now 8617697112 Nashik Escorts 24x7
 
Why Does My Porsche Cayenne's Exhaust Sound So Loud
Why Does My Porsche Cayenne's Exhaust Sound So LoudWhy Does My Porsche Cayenne's Exhaust Sound So Loud
Why Does My Porsche Cayenne's Exhaust Sound So Loud
 
Lecture-20 Kleene’s Theorem-1.pptx best for understanding the automata
Lecture-20 Kleene’s Theorem-1.pptx best for understanding the automataLecture-20 Kleene’s Theorem-1.pptx best for understanding the automata
Lecture-20 Kleene’s Theorem-1.pptx best for understanding the automata
 
➥🔝 7737669865 🔝▻ Asansol Call-girls in Women Seeking Men 🔝Asansol🔝 Escorts...
➥🔝 7737669865 🔝▻ Asansol Call-girls in Women Seeking Men 🔝Asansol🔝 Escorts...➥🔝 7737669865 🔝▻ Asansol Call-girls in Women Seeking Men 🔝Asansol🔝 Escorts...
➥🔝 7737669865 🔝▻ Asansol Call-girls in Women Seeking Men 🔝Asansol🔝 Escorts...
 
Stay Cool and Compliant: Know Your Window Tint Laws Before You Tint
Stay Cool and Compliant: Know Your Window Tint Laws Before You TintStay Cool and Compliant: Know Your Window Tint Laws Before You Tint
Stay Cool and Compliant: Know Your Window Tint Laws Before You Tint
 
Call Girls Hongasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Hongasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...Call Girls Hongasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
Call Girls Hongasandra Just Call 👗 7737669865 👗 Top Class Call Girl Service B...
 
ELECTRICITÉ TMT 55.pdf electrick diagram manitout
ELECTRICITÉ TMT 55.pdf electrick diagram manitoutELECTRICITÉ TMT 55.pdf electrick diagram manitout
ELECTRICITÉ TMT 55.pdf electrick diagram manitout
 
John Deere 7430 7530 Tractors Diagnostic Service Manual W.pdf
John Deere 7430 7530 Tractors Diagnostic Service Manual W.pdfJohn Deere 7430 7530 Tractors Diagnostic Service Manual W.pdf
John Deere 7430 7530 Tractors Diagnostic Service Manual W.pdf
 
+97470301568>>buy vape oil,thc oil weed,hash and cannabis oil in qatar doha}}
+97470301568>>buy vape oil,thc oil weed,hash and cannabis oil in qatar doha}}+97470301568>>buy vape oil,thc oil weed,hash and cannabis oil in qatar doha}}
+97470301568>>buy vape oil,thc oil weed,hash and cannabis oil in qatar doha}}
 
Vip Mumbai Call Girls Panvel Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Panvel Call On 9920725232 With Body to body massage wit...Vip Mumbai Call Girls Panvel Call On 9920725232 With Body to body massage wit...
Vip Mumbai Call Girls Panvel Call On 9920725232 With Body to body massage wit...
 
Marathi Call Girls Santacruz WhatsApp +91-9930687706, Best Service
Marathi Call Girls Santacruz WhatsApp +91-9930687706, Best ServiceMarathi Call Girls Santacruz WhatsApp +91-9930687706, Best Service
Marathi Call Girls Santacruz WhatsApp +91-9930687706, Best Service
 
Vip Mumbai Call Girls Navi Mumbai Call On 9920725232 With Body to body massag...
Vip Mumbai Call Girls Navi Mumbai Call On 9920725232 With Body to body massag...Vip Mumbai Call Girls Navi Mumbai Call On 9920725232 With Body to body massag...
Vip Mumbai Call Girls Navi Mumbai Call On 9920725232 With Body to body massag...
 
Call Girls In Kotla Mubarakpur Delhi ❤️8448577510 ⊹Best Escorts Service In 24...
Call Girls In Kotla Mubarakpur Delhi ❤️8448577510 ⊹Best Escorts Service In 24...Call Girls In Kotla Mubarakpur Delhi ❤️8448577510 ⊹Best Escorts Service In 24...
Call Girls In Kotla Mubarakpur Delhi ❤️8448577510 ⊹Best Escorts Service In 24...
 
Sanjay Nagar Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalor...
Sanjay Nagar Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalor...Sanjay Nagar Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalor...
Sanjay Nagar Call Girls: 🍓 7737669865 🍓 High Profile Model Escorts | Bangalor...
 
Top Rated Call Girls Navi Mumbai : 9920725232 We offer Beautiful and sexy Cal...
Top Rated Call Girls Navi Mumbai : 9920725232 We offer Beautiful and sexy Cal...Top Rated Call Girls Navi Mumbai : 9920725232 We offer Beautiful and sexy Cal...
Top Rated Call Girls Navi Mumbai : 9920725232 We offer Beautiful and sexy Cal...
 
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Kadugodi Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 

Implications of Misuse and Cyber Security.pdf

  • 2. Computer Misuse This topic includes misuse of stolen or fictional credit card numbers to obtain goods or services on the internet, and use of computers in financial frauds. Cybersecurity Cyber security is the application of technologies, processes and controls to protect systems, networks, programs, devices and data from cyber attacks. It aims to reduce the risk of cyber attacks and protect against the unauthorised exploitation of systems, networks and technologies.
  • 4. Computer Vulnerability A computer system has several points of vulnerability; these include its hardware, software, data communications, and personnel. Computer security refers to the protection of hardware and software resources against their accidental or deliberate damage, theft, or corruption(in the case of software). Data security is the protection of data against intentional or accidental damage The importance of the security of computer systems and their data cannot be overstated. Organizations spend very considerable amounts of time and money trying to make sure that their information systems are secure against various hazards, both natural and man-made. Vulnerability is a cyber-security term that refers to a flaw in a system that can leave it open to attack. A vulnerability may also refer to any type of weakness in a computer system itself, in a set of procedures, or in anything that leaves information security exposed to a threat. Computer users and network personnels can protect computer systems from vulnerabilities by keeping software security patches up to date. These patches can remedy flaws or security holes that were found in the initial release. Computer and network personnel should also stay informed about current vulnerabilities in the software they use and seek out ways to protect against them.
  • 5. Threats What are Threats? In computer security, a threat is a potential negative action or event facilitated by a vulnerability that results in an unwanted impact to a computer system or application. In simpler terms, a computer threat refers to a term that speaks to or speaks about a computer system being compromised. These threats can lead to lost or edited data being stolen or even cyber-attacks.
  • 6. Type of Threats Spyware A spyware threat is any program that monitors your online activities or installs programs without your consent or knowledge to capture personalised information. This personalised information can be downloaded from email messages, instant messages and web sites. Spyware, as the word suggests, “spy”, is aimed so that it remains entirely discreet to the user. It is actively hidden away or is simply not recognisable by the user.
  • 7. Hackers Hackers are programmers who exploit others for their own selfish and malicious intents by breaking into computer systems to steal, destroy or change information as a form of cyber-terrorism. They can compromise your credit card information, steal your identity and lock you out of your data.
  • 8. Viruses A computer virus is a written program that alters the way a computer operates without the permission or knowledge of the user. The virus replicates and executes itself, usually doing damage to your computer in the process like corrupting files and stealing passwords.
  • 9. ★ Anti-Spyware ★ Firewalls ★ Strong Passwords ★ Anti-Virus ★ Plug Information Leaks How to Prevent/ Avoid These Threats
  • 10. Anti-spyware Anti-spyware software detects and prevents any unwanted spyware program installations that are in your computer system. It can act much like an antivirus program by providing real-time protection and preventing spyware from being downloaded in the first place. Firewalls Firewalls enforce rules about what data packets will be allowed to enter or leave a network. Firewalls are incorporated into a wide variety of networked devices to filter traffic and lower the security risks from malicious packets travelling over the public internet. Strong Passwords Password cracking technology is quite advanced, and passwords that are easy to guess are potential security risks. Simply making sure employees are using passwords that are sufficient length and a mix of character types and numbers can be a huge detractor for hackers.
  • 11. Anti-Virus Antivirus software was originally designed to detect and remove viruses from computers, but also protect against other types of malicious software, such as keyloggers, browser hijackers, Trojan horses, worms, rootkits spyware, adware and botnets. Plug Information Leaks Sensitive information can flow out of your organisation through emails, printed copies, instant messaging or by people simply talking about things they should keep to themselves, but technology can help. Starting with the intrusion detection system (IDS). Scan your business plan for unique phrases that you wouldn't expect to find anywhere else and configure your IDS to alert you whenever it sees these telltale snippets on the network. Installing email firewalls can scan the full text of all outgoing emails and alert the user if anything suspicious is found.
  • 12. What is an attack? An attack or cyber attack is any attempt to gain unauthorized access to a computer, computing system or computer network with the intent to cause damage. Cyber attacks aim to disable, disrupt, destroy or control computer systems or to alter, block, delete, manipulate or steal the data held within these systems. These attacks can be launched from anywhere by any individual or group using one or more various attack strategies. People who carry out cyber attacks are generally regarded as cybercriminals or who are also popularly known as hackers, they include individuals who act alone, drawing on their computer skills to design and execute malicious attacks. They can also belong to a criminal syndicate, working with other threat actors to find weaknesses or problems in the computer systems called vulnerabilities that can be exploited for criminal gain. Government-sponsored groups of computer experts also launch cyber attacks. They're identified as nation-state attackers, and they have been accused of attacking the information technology (IT) infrastructure of other governments, as well as non government entities, such as businesses, nonprofits and utilities. Attack
  • 13. Why do cyber attacks happen? Cyber attacks are designed to cause damage. They can have various objectives, including the following: ➢ Financial gain Most cyber attacks today, especially those against commercial entities, are launched by cybercriminals for financial gain. These attacks often aim to steal sensitive data, such as customer credit card numbers or employee personal information, which the cybercriminals then use to access money or goods using the victims' identities. Still other attacks aim to gain valuable corporate data, such as proprietary information; these types of cyber attacks are a modern, computerized form of corporate espionage.
  • 14. ➢ Disruption and revenge Some hackers also launch attacks specifically to sow chaos, confusion, discontent, frustration or mistrust. They could be taking such action as a way to get revenge for acts taken against them. They could be aiming to publicly embarrass the attacked entities or to damage the organizations' reputation. These attacks are often directed at government entities but can also hit commercial entities or nonprofit organizations. ➢ Cyberwarfare Governments around the world are also involved in cyber attacks, with many national governments acknowledging or suspected of designing and executing attacks against other countries as part of ongoing political, economic and social disputes. These types of attacks are classified as cyberwarfare.
  • 15. How can you prevent a cyber attack? There is no guaranteed way for any organization to prevent a cyber attack, but there are numerous cybersecurity best practices that organizations can follow to reduce the risk. Reducing the risk of a cyber attack relies on using a combination of skilled security professionals, processes and technology. Reducing risk also involves three broad categories of defensive action: 1. preventing attempted attacks from actually entering the organization's IT systems; 2. detecting intrusions; and 3. disrupting attacks already in motion -- ideally, at the earliest possible time.
  • 16. Best practices include the following: ● implementing perimeter defenses, such as firewalls, to help block attack attempts and to block access to known malicious domains; ● using software to protect against malware, namely antivirus software, thereby adding another layer of protection against cyber attacks; ● having a patch management program to address known software vulnerabilities that could be exploited by hackers; ● setting appropriate security configurations, password policies and user access controls; ● maintaining a monitoring and detection program to identify and alert to suspicious activity; ● creating incident response plans to guide reaction to a breach; and ● training and educating individual users about attack scenarios and how they as individuals have a role to play in protecting the organization.
  • 17. Countermeasure What is Countermeasure? In computer and cyber security a countermeasure can be defined as an action, device or technique that reduces a threat, vulnerability, or an attack by eliminating it or by minimizing the damage it may cause.
  • 18. Why do we need Countermeasures? A countermeasure is an action, process, device, or system that can prevent, or mitigate the effects of, threats to a computer, server or network. In this context, a threat is a potential or actual adverse event that may be malicious or incidental, and that can compromise the assets of an enterprise or the integrity of a computer or network. Countermeasures can take the form of software, hardware and modes of behavior. Software countermeasures include: ● personal firewalls ● application firewalls ● anti-virus software ● pop-up blockers ● spyware detection/removal programs.
  • 19. The most common hardware countermeasure is a router that can prevent the IP address of an individual computer from being directly visible on the Internet. Other hardware countermeasures include: ● biometric authentication systems ● physical restriction of access to computers and peripherals ● intrusion detectors ● alarms
  • 20. What are the Categories of a Countermeasure? These countermeasures can be classified into three groups. These are: ❖ Cryptography methods- (Cryptography is associated with the process of converting ordinary plain text into unintelligible text and vice-versa. It is a method of storing and transmitting data in a particular form so that only those for whom it is intended can read and process it.) ❖ Human factors- (The 'human factor' has been recognized as the weakest link in creating safe and secure digital environments though, human intuition may also be the solution to thwarting many cyber threats. Every software or security monitoring system requires human interpretation of alerts.) ❖ Detection Methods- (Threat detection is the practice of analyzing the entirety of a security ecosystem to identify any malicious activity that could compromise the network. If a threat is detected, then mitigation efforts must be enacted to properly neutralize the threat before it can exploit any present vulnerabilities.)
  • 21. External Computer Vulnerability Sources ★ Password Attack What are Password Attacks? A password attack refers to any of the various methods used to maliciously authenticate into password-protected accounts. These attacks are typically facilitated through the use of software that expedites cracking or guessing passwords.
  • 22. ➢ Brute Force Attack. A brute force attack is a hacking method that uses trial and error to crack passwords, login credentials, and encryption keys. It is a simple yet reliable tactic for gaining unauthorized access to individual accounts and organizations' systems and networks. Different types of Password attacks ➢ Dictionary Attack. A dictionary attack is a method of breaking into a password-protected computer, network or other IT resource by systematically entering every word in a dictionary as a password. A dictionary attack can also be used in an attempt to find the key necessary to decrypt an encrypted message or document.
  • 23. ➢ Keyloggers Keyloggers are activity-monitoring software programs that give hackers access to your personal data. The passwords and credit card numbers you type, the web pages you visit – all by logging your keyboard strokes. The software is installed on your computer, and records everything you type. ➢ Man- In-The-Middle Attack. A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application—either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway.
  • 24. A DDoS attack happens when a network or system becomes overwhelmed and it cannot respond to service requests. A DDoS attack happens when a massive number of machines are directed to bombard the target with traffic. These machines are typically infected with viruses controlled by one over all attacker. While DDoS offer a less complicated attack mode than other forms of cyber attacks, they are growing stronger and more sophisticated. There are three basic categories of attack: ● Volume-based attacks, which use high traffic to inundate the network bandwidth ● Protocol attacks, which focus on exploiting server resources ● Application attacks, which focus on web applications and are considered the most sophisticated and serious type of attacks ★ (DDoS) Distributed denial-of-s ervice attacks
  • 25. How DDos perform? A distributed denial-of-service (DDoS) attack occurs when multiple machines are operating together to attack one target. DDoS attackers often leverage the use of a botnet, a group of hijacked internet-connected devices to carry out large scale attacks. Most popular types of DDoS attacks: ● SYN Flood ● Smurf Attack ● Fraggle Attack ● Slowloris ● Application Level Attack
  • 26. ★ File protocol The File Transfer Protocol (FTP) is a standard communication protocol used for the transfer of computer files from a server to a client on a computer network. FTP is built on a client–server model architecture using separate control and data connections between the client and the server. FTP users may authenticate themselves with a clear-text sign-in protocol, normally in the form of a username and password, but can connect anonymously if the server is configured to allow it. For secure transmission that protects the username and password, and encrypts the content, FTP is often secured with SSL/TLS (FTPS) or replaced with SSH File Transfer Protocol (SFTP).
  • 27. Internal Vulnerability Source ★ Access Control Issues/Information Leakage What is Access Control Issues? Access control enforces policy such that users cannot act outside of their intended permissions. Failures typically lead to unauthorized information disclosure, modification or destruction of all data, or performing a business function outside of the limits of the user. What are some causes? The majority of access control problems stem from outdated equipment, keycards falling into the wrong hands, and a lack of integration with other building systems. To some degree, all three issues might be causing problems. How can this problem be improved? 1. Evaluate Your Access Control System Features. 2. Determine Your Access Levels. 3. Audit Who Has Access. 4. Update Your Technology. 5. Perform Periodic Access Control Systems Testing. 6. No Tailgating Allowed.
  • 28. ★ Malware/Malicious cyber attacks Malware, or malicious software is any program or file that is intentionally designed to cause disruption to a computer, server, client, computer network, leak private information, gain unauthorized access to information or systems, deprive users access to information or which unknowingly interferes with the user's computer security and privacy. Types of malware includes: ● Computer Viruses ● Worms ● Trojan Horses ● Ransomware ● Spyware These malicious programs steal, encrypt and delete sensitive data; alter or hijack core computing functions and monitor end users computer activity.
  • 29. ★ Scan An internal vulnerability scan is performed typically with access to the internal network, with the main benefit of identifying at-risk systems while providing insight for patch management processes. An external scan is performed outside of a network and targets specific IP addresses to identify vulnerabilities. An external scan can also detect open ports and protocols, similar to an external penetration test. Both application and network scans not only detect vulnerabilities but may check for compliance against several different baselines.
  • 30. What does malware do? Malware can infect networks and devices and is designed to harm those devices, networks and/or their users in some way. Depending on the type of malware and its goal, this harm may present itself differently to the user or endpoint. In some cases, the effect malware has is relatively mild and benign, and in others, it can be disastrous. No matter the method, all types of malware are designed to exploit devices at the expense of the user and to the benefit of the hacker, the person who has designed and/or deployed the malware.
  • 31. The Impact of computer misuse relating to cyber bullying on an individual Cyberbullying, also known as online bullying, is a form of bullying or harassment using electronic means which also is computer abuse. Cyber-bullying, hacking, identity theft, and even using a work PC for personal business are all examples of computer abuse. An incident that many people might not think of as computer abuse is creating a fake social media account. If the social media service’s terms and conditions require users to provide accurate information about their identities when creating an account, they could be prosecuted under the CFAA. This outcome is unlikely unless an individual uses a fake account for malicious purposes, such as cyberbullying, but it is a possibility—and that possibility of being prosecuted for something as minor as the mere creation of a fake account is a major problem with the CFAA. Attorneys have been able to exploit the law’s weaknesses to defend clients who should perhaps have been punished, and prosecutors have been able to exploit the law to obtain convictions for minor incidents. Cyberbullying can impact an individual as it may bring about psychological problems. Some of these problems may include depression, self harm, low self esteem, school phobias and social anxiety.
  • 32. The Impact of computer misuse relating to cyberbullying in an organisation Most people consider cyberbullying a teenage issue. Regretfully, the workplace is not immune to cyberbullying as the problem has expanded to adults. Cyberbullying at work, just like ordinary workplace bullying, can cause worker anxiety, stress and reduced productivity. Cyberbullying is like traditional workplace bullying and harassment, but involving electronic devices and online communications. Examples include, but are not limited to, text messages, tweets, malicious or threatening emails or social media posts. Workplace Bullying refers to repeated, unreasonable actions of individuals (or a group) directed towards an employee (or a group of employees), intended to intimidate, degrade, humiliate, undermine or create a risk to the health or safety of the employee(s) including physical and emotional stress. Bullying behavior creates feelings of defenselessness and discomfort in the target. Workplace Bullying may involve abuse or misuse of power. Bullying is different from aggression. Aggression may involve a single act, but bullying involves an ongoing pattern of behavior against the target. “Demanding” bosses are not necessarily bullies if they are respectful, fair and their primary motivation is better employee performance through setting high-yet-reasonable workplace expectations.Usually, it involves offensive emails or text messages containing jokes or inappropriate wording towards a specific individual race, gender, nationality, or sexual preference. The words have a direct effect on the bullying target. Another example is an intended personal email response forwarded without permission for the whole office to see.
  • 33. Mitigate Cyber-bullying Why is Prevention Important? Cyberbullying is deliberately and repeatedly inflicting harm using electronic devices, gaming apps, and online social media platforms. It often starts as hate accounts, hurtful posts, rumors and gossip, and may even manifest because of mean comments said when gaming. The purpose of cyberbullying is to embarrass, hurt, humiliate and threaten the victim. This may cause the victim to feel depressed, lonely, social anxiety and even make the feel suicidal. However, there are some ways to combat the effects of cyberbullying. Don’t Engage A survey conducted in 2018 of children’s online behavior shows that 60% of children that are on social media have witnessed some form of bullying, and for various reasons, most children ignored the behavior altogether. In order to fight against this common occurrence, a mix of acknowledgement and avoidance is recommended. Those observing the attacks must be willing to report problems to friends, family members or teachers. While those being bullied are often better off ignoring the attacks rather than responding. The goal of the perpetrator is to goad the victim into anger, which in effect may ‘get to’ the target and make them acknowledge the malicious claims. The best option for the victim is to block the perpetrator(s) social media and email accounts altogether.
  • 34. Mitigate Cyber-bullying Teach students it’s okay to report abuse Students need to know that they should report abuse. Every student should be encouraged to report instances or evidence of cyberbullying to a teacher, counselor, or any other staff member. Set up an anonymous reporting system so that youth can inform school officials of a problem without fear of repercussion. Organizations such as Safe2Tell, allow students to report incidents anonymously. Knowing there is a way to report cases may also stop students from engaging in the behavior