Computer Security
2/27/2014
Northland Security Systems
Ingrid Macklin
1
SECTION 1: UNAUTHORI ZED ACCESS
Like uncharted wilderness, the Internet lacks borders. This inherent openness is what
makes the Internet so valuable and yet so vulnerable. Over its short life, the Internet has
grown so quickly that the legal system has not been able to keep pace. The security risks
posed by networks and the Internet can be grouped into three categories: unauthorized
access, information theft, and denial of service.
Hackers, individuals who gain access to computers and networks illegally, are responsible
for most cases of unauthorized access. Hackers tend to exploit sites and programs that have
poor security measures in place. However, they also gain access to more challenging sites
by using sophisticated programs and strategies. Many hackers claim they hack merely
because they like the challenge of trying to defeat security measures. They rarely have a
more malicious motive, and they generally do not aim to destroy or damage the sites that
they invade. In fact, hackers dislike being identified with those who seek to cause damage.
They refer to hackers with malicious or criminal intent as crackers. Types of Viruses
USER IDS AND PASSWORDS
To gain entry over the Internet to a secure computer system, most hackers focus on finding
a working user ID and password combination. User IDs are easy to come by and are
generally not secure information. Sending an email, for example, displays the sender’s user
ID in the return address, making it very public. The only missing element is the password.
Hackers know from experience which passwords are common; they have programs that
generate thousands of likely passwords and they try them systematically over a period of
hours or days. Password Suggestions
SYSTEM BACKDOORS
Programmers can sometimes inadvertently aid hackers by providing unintentional
entrance to networks and information systems. One such unintentional entrance is a
system “backdoor,” which is a user ID and password that provides the highest level of
authorization. Programmers innocently create a “backdoor” in the early days of system
development to allow other programmers and team members to access the system to fix
problems. Through negligence or by design, the user ID and password are sometimes left
behind in the final version of the system. People who know about them can then enter the
system, bypassing the security, perhaps years later, when the backdoor has been forgotten.
SPOOFING
A sophisticated way to break into a network via the Internet involves spoofing, which is the
process of fooling another computer by pretending to send information from a legitimate
source. It works by altering the address that the system automatically puts on every
Northland Security Systems | Confidential
2
message sent. The address is changed to one that the receiving computer is programmed to
accept as a trusted source of information.
SPYWARE
Spyware is a type of software that allows an intruder to spy upon someone else’s computer.
This alarming technology takes advantage of loopholes in the computer’s security systems
and allows a stranger to witness and record another person’s every mouse click or keystroke
on the monitor as it occurs. The spy can record activities and gain access to passwords and
credit card information. Spyware generally requires the user to install it on the machine
that is being spied upon, so it is highly unlikely that random strangers on the Internet
could simply begin watching your computer. In the workplace, however, someone might be
able to install the software without the victim’s knowledge. Disguised as an email greeting,
for example, the program can operate like a virus that gets the unwary user to install the
spyware unknowingly.
SECTION 2: INFORMATION THEFT
Information can be a company’s most valuable possession. Stealing corporate information, a
crime included in the category of industrial espionage, is unfortunately both easy to do and
difficult to detect. This is due in part to the invisible nature of software and data. If a
cracker breaks into a company network and manages to download the company database
from the network onto a disk, there is no visible sign to the company that anything is
amiss. The original database is still in place, working the same way it always has.
WIRELESS DEVICE SECURITY
The growing number of wireless devices has created a new opportunity for data theft.
Wireless devices such as cameras, Web phones, networked computers, PDAs, and input and
output peripherals are inherently less secure than wired devices. Security is quite lax, and
in some cases nonexistent, in new wireless technologies for handheld computers and cell
phone systems. In a rush to match competition, manufacturers have tended to sacrifice
security to move a product to the marketplace faster. Already, viruses are appearing in
emails for cell phones and PDAs. With little protection available for these new systems,
hackers and spies are enjoying a free hand with the new technology. One of the few
available security protocols for wireless networks is Wired Equivalent Privacy (WEP),
developed in conjunction with the standard for wireless local area networks. Newer
versions of WEP with enhanced security features make it more difficult for hackers to
intercept and modify data transmissions sent by radio waves or infrared signals.
Northland Security Systems | Confidential
3
DATA BROWSING
Data browsing is a less damaging form of information theft that involves an invasion of
privacy. Workers in many organizations have access to networked databases that contain
private information about people. Accessing this information without an official reason is
against the law. The IRS had a particularly large problem with data browsing in the late
1990s. Some employees were fired and the rest were given specialized training in
appropriate conduct.
SECTION 3: COMPUTER VIRUSES
One of the most familiar forms of risk to computer security is the computer virus. A
computer virus is a program written by a hacker or cracker designed to perform some kind
of trick upon an unsuspecting victim. The trick performed in some cases is mild, such as
drawing an offensive image on the screen, or changing all of the characters in a document
to another language. Sometimes the trick is much more severe, such as reformatting the
hard drive and erasing all the data, or damaging the motherboard so that it cannot operate
properly. Computer Virus Presentation
TYPES OF VIRUSES
Viruses can be categorized by their effect, which include nuisance, data-destructive,
espionage, and hardware-destructive. A nuisance virus usually does no real damage, but is
rather just an inconvenience. The most difficult part of a computer to replace is the data on
the hard drive. The installed programs, the documents, databases, and saved emails form
the heart of a personal computer. A data-destructive virus is designed to destroy this data.
Some viruses are designed to create a backdoor into a system to bypass security. Called
espionage viruses, they do no damage, but rather allow a hacker or cracker to enter the
system later for the purpose of stealing data or spying on the work of the competitor. Very
rarely, a virus is created that attempts to damage the hardware of the computer system
itself. Called hardware-destructive viruses, these bits of programming can weaken or
destroy chips, drives, and other components. (For more information, refer to
Data Browsing.)
METHODS OF VIRUS OPERATION
Viruses can create effects that range from minor and annoying to highly destructive, and
are operated and transmitted by a variety of methods. An email virus is normally
transmitted as an attachment to a message sent over the Internet. Email viruses require
the victim to click on the attachment and cause it to execute. Another common form of virus
transmission is by a macro, a small subprogram that allows users to customize and
automate certain functions. A macro virus is written specifically for one program, which
then becomes infected when it opens a file with the virus stored in its macros. The boot
Northland Security Systems | Confidential
4
sector of a floppy disk or hard disk contains a variety of information, including how the disk
is organized and whether it is capable of loading an operating system. When a disk is left in
a drive and the computer reboots, the operating system automatically reads the boot sector
to learn about that disk and to attempt to start any operating system on that disk. A boot
sector virus is designed to alter the boot sector of a disk, so that whenever the operating
system reads the boot sector, the computer will automatically become infected.
Other methods of virus infection include the Trojan horse virus, which hides inside another
legitimate program or data file, and the stealth virus, which is designed to hide itself from
detection software. Polymorphic viruses alter themselves to prevent antivirus software
from detecting them by examining familiar patterns. Polymorphic viruses alter themselves
randomly as they move from computer to computer, making detection more difficult.
Multipartite viruses alter their form of attack. Their name derives from their ability to
attack in several different ways. They may first infect the boot sector and then later move
on to become a Trojan horse type by infecting a disk file. These viruses are more
sophisticated, and therefore more difficult to guard against. Another type of virus is the
logic bomb, which generally sits quietly dormant waiting for a specific event or set of
conditions to occur. A famous logic bomb was the widely publicized Michelangelo virus,
which infected personal computers and caused them to display a message on the artist’s
birthday.
SECTION 4: HARDWARE AND SOFTWARE SECURITY
RISKS
Although hackers, crackers, and viruses garner the most attention as security risks, a
company faces a variety of other dangers to its hardware and software systems. Principally,
these risks involve types of system failure, employee theft, and the cracking of software for
copying. Click to view types of unauthorized access
SYSTEMS FAILURE
A fundamental element in making sure that computer systems operate properly is
protecting the electrical power that runs them. Power interruptions such as blackouts and
brownouts have very adverse effects on computers. An inexpensive type of power strip
called a surge protector can guard against power fluctuations and can also serve as an
extension cord and splitter. A much more vigorous power protection system is an
uninterruptible power supply (UPS), which provides a battery backup. Similar in nature to
a power strip, but much more bulky and a bit more expensive, a UPS provides not only
steady spike-free power, but also keeps computers running during a blackout.
EMPLOYEE THEFT
Although accurate estimates are difficult to pinpoint, businesses certainly lose millions of
dollars a year in stolen computer hardware and software. Often, in large organizations,
Northland Security Systems | Confidential
5
such theft goes unnoticed or unreported. Someone takes a hard drive or a scanner home for
legitimate use, then leaves the job sometime later, and keeps the machine. Sometimes,
employees take components to add to their home PC systems or a thief breaks into a
business and hauls away computers. Such thefts cost far more than the price of the stolen
computers because they also involve the cost of replacing the lost data, the cost of the time
lost while the machines are gone, and the cost of installing new machines and training
people to use them.
CRACKING SOFTWARE FOR COPYING
A common goal of hackers is to crack a software protection scheme. A crack is a method of
circumventing a security scheme that prevents a user from copying a program. A common
protection scheme for software is to require that the installation CD be resident in the drive
whenever the program runs. Making copies of the CD with a burner, however, easily fools
this protection scheme. Some game companies are taking the extra step of making
duplication difficult by scrambling some of the data on the original CDs, which CD burners
will automatically correct when copying. When the copied and corrected CD is used, the
software checks for the scrambled track information. If the error is not found, the software
will not run.
Hold down the Ctrl key and then click the logo shown below to display a list of training
courses offered by Northland Security Systems
Click to send an email
Northland Security Systems | Confidential