Computer Security and Safety,

Ethics, and Privacy

 COMPUTER SECURITY RISKS
 A computer security risk is any event or action that could
cause a loss of or damage to computer hardware, software,
data, information, or processing capability
 A cybercrime is an online or Internet-based illegal act

Script Kiddies Corporate Spies

Crackers
Hackers

Unethical Employees Cyberextortionists Cyberterrorists

COMPUTER SECURITY RISKS
 INTERNET AND NETWORK ATTACKS
 Information transmitted over networks has a higher degree
of security risk than information kept on an organization’s
premises
 An online security service is a Web site that evaluates
your computer to check for Internet and e-mail
vulnerabilities
 INTERNET AND NETWORK ATTACKS
Computer
Worm Trojan Horse Rootkit
Virus
• Affects a • Copies itself • A malicious • Program that
computer repeatedly, program that hides in a
negatively using up hides within computer
by altering resources or looks like and allows
the way the and possibly a legitimate someone
computer shutting program from a
works down the remote
computer or location to
network take full
control
 INTERNET AND NETWORK ATTACKS
 An infected computer has one or more of the following symptoms:

Operating system Available memory Screen displays

Files become
runs much slower is less than unusual message or
corrupted
than usual expected image

Unknown
Music or unusual Programs or files
Existing programs programs or files
sound plays do not work
and files disappear mysteriously
randomly properly
appear

Operating system
System properties Operating system
shuts down
change does not start up
unexpectedly
INTERNET AND NETWORK ATTACKS
 Users can take several
precautions to protect
their home and work
computers and mobile
devices from these
malicious infections
 INTERNET AND NETWORK ATTACKS
 A botnet is a group of compromised computers connected to a
network
 A compromised computer is known as a zombie
 A denial of service attack (DoS attack) disrupts computer access
to Internet services
 Distributed DoS (DDoS)
 A back door is a program or set of instructions in a program that
allow users to bypass security controls
 Spoofing is a technique intruders use to make their network or
Internet transmission appear legitimate
 INTERNET AND NETWORK ATTACKS
 A firewall is hardware and/or software that protects a network’s
resources from intrusion
 INTERNET AND NETWORK ATTACKS

Intrusion detection software

• Analyzes all network traffic
• Assesses system vulnerabilities
• Identifies any unauthorized intrusions
• Notifies network administrators of suspicious behavior
patterns or system breaches

Honeypot
• Vulnerable computer that is set up to entice an intruder to
break into it
UNAUTHORIZED ACCESS AND USE

Unauthorized access is Unauthorized use is the

the use of a computer or use of a computer or its
network without data for unapproved or
permission possibly illegal activities
UNAUTHORIZED ACCESS AND USE
 Organizations take
several measures to help
prevent unauthorized
access and use
 Acceptable use policy
 Disable file and printer
sharing
 Firewalls
 Intrusion detection
software
 UNAUTHORIZED ACCESS AND USE
 Access controls define who can access a computer, when they can
access it, and what actions they can take
 Two-phase processes called identification and authentication
 User name
 Password
 Passphrase
 CAPTCHA
UNAUTHORIZED ACCESS AND USE
 A possessed object is any  A biometric device
item that you must carry to authenticates a person’s
gain access to a computer or identity by translating a
computer facility personal characteristic into a
 Often are used in combination digital code that is compared
with a personal identification with a digital code in a
number (PIN) computer
 UNAUTHORIZED ACCESS AND USE
 Digital forensics is the discovery, collection, and analysis of
evidence found on computers and networks
 Many areas use digital forensics

Law Criminal Military

enforcement prosecutors intelligence

Information
Insurance
security
agencies
departments
 HARDWARE THEFT AND VANDALISM

Hardware vandalism
Hardware theft is the
is the act of defacing or
act of stealing computer
destroying computer
equipment
equipment
 HARDWARE THEFT AND VANDALISM
 To help reduce the of chances of theft, companies and schools use a
variety of security measures

Physical access controls Alarm systems Cables to lock equipment

Passwords, possessed
Real time location system
objects, and biometrics
 SOFTWARE THEFT
 Software theft occurs when someone:

Steals software Intentionally

media erases programs

Illegally registers
Illegally copies a
and/or activates a
program
program
 SOFTWARE THEFT
 A single-user
license agreement typically contains the
following conditions:
Permitted to
• Install the software on one computer
• Make one copy of the software
• Remove the software from your computer before giving it away or selling it

Not permitted to
• Install the software on a network
• Give copies to friends or colleagues while continuing to use the software
• Export the software
• Rent or lease the software
SOFTWARE THEFT
 Copying, loaning,
borrowing, renting, or
distributing software can
be a violation of
copyright law
 Some software requires
product activation to
function fully
 INFORMATION THEFT
 Information theft occurs when someone steals personal or
confidential information
 Encryption is a process of converting readable data into unreadable
characters to prevent unauthorized access
INFORMATION THEFT
 INFORMATION THEFT
 A digital signature is an encrypted code that a person, Web site, or
organization attaches to an electronic message to verify the identity
of the sender
 Often used to ensure that an impostor is not participating in an Internet
transaction
 Web browsers and Web sites use encryption techniques
 INFORMATION THEFT
 Popular security techniques include

Digital Transport Layer

Certificates Security (TLS)

Secure HTTP VPN

 SYSTEM FAILURE
 A system failure is the prolonged malfunction of a computer
 A variety of factors can lead to system failure, including:
 Aging hardware
 Natural disasters
 Electrical power problems
 Noise, undervoltages, and overvoltages
 Errors in computer programs
 SYSTEM FAILURE
 Two ways to protect from system failures caused by electrical
power variations include surge protectors and uninterruptable
power supplies (UPS)
 BACKING UP – THE ULTIMATE
SAFEGUARD
 A backup is a duplicate of a file, program, or disk that can be used
if the original is lost, damaged, or destroyed
 To back up a file means to make a copy of it
 Offsite backups are stored in a location separate from the computer
site
BACKING UP – THE ULTIMATE
SAFEGUARD
 Twocategories of  Three-generation backup
backups: policy
 Fullbackup
 Selective backup Grandparent

Parent

Child
 WIRELESS SECURITY
 Wireless access poses additional security risks
 About 80 percent of wireless networks have no security
protection
 Wardriving allows individuals to detect wireless networks
while driving a vehicle through the area
 WIRELESS SECURITY
 In additional to using firewalls, some safeguards improve security
of wireless networks:

A wireless access
Change the default
point should not
SSID
broadcast an SSID

Configure a WAP
so that only certain Use WPA or WPA2
devices can access security standards
it
HEALTH CONCERNS OF COMPUTER USE
 Thewidespread use of
computers has led to
health concerns
 Repetitive strain injury
(RSI)
 Tendonitis
 Carpal tunnel syndrome

(CTS)
 Computer vision
syndrome (CVS)
HEALTH CONCERNS OF COMPUTER USE
HEALTH CONCERNS OF COMPUTER USE
 Ergonomics is an
applied science devoted
to incorporating
comfort, efficiency, and
safety into the design of
items in the workplace
 HEALTH CONCERNS OF COMPUTER USE
 Computer addiction occurs when the computer consumes
someone’s entire social life
 Symptoms of users include:

Unable to stop
Craves Overjoyed when
computer
computer time at the computer
activity

Irritable when
Neglects family Problems at
not at the
and friends work or school
computer
ETHICS AND SOCIETY
 Computer ethics are the
moral guidelines that
govern the use of
computers and
information systems
 Information accuracy is
a concern
 Notall information on the
Web is correct
 ETHICS AND SOCIETY
 Green computing involves reducing the electricity and
environmental waste while using a computer
 ETHICS AND SOCIETY
 Information privacy refers to the right of individuals and
companies to deny or restrict the collection and use of information
about them
 Huge databases store data online

 It is important to safeguard your information

ETHICS AND SOCIETY
ETHICS AND SOCIETY
 When you fill out a
form, the merchant that
receives the form usually
enters it into a database
 Many companies today
allow people to specify
whether they want their
personal information
distributed
 ETHICS AND SOCIETY
 A cookie is a small text file that a Web server stores on
your computer
 Web sites use cookies for a variety of reasons:

Allow for Store users’ Assist with

personalization passwords online shopping

Track how often Target

users visit a site advertisements
ETHICS AND SOCIETY