Computer Security Threats
Computer security threats are potential threats to your computer’s efficient operation and performance. These could be harmless adware or dangerous trojan infection. As the world becomes more digital, computer security concerns are always developing. A threat in a computer system is a potential danger that could jeopardize your data security. At times, the damage is irreversible.
Types of Threats:
A security threat is a threat that has the potential to harm computer systems and organizations. The cause could be physical, such as a computer containing sensitive information being stolen. It’s also possible that the cause isn’t physical, such as a viral attack.
1. Physical Threats: A physical danger to computer systems is a potential cause of an occurrence/event that could result in data loss or physical damage. It can be classified as:
- Internal: Short circuit, fire, non-stable supply of power, hardware failure due to excess humidity, etc. cause it.
- External: Disasters such as floods, earthquakes, landscapes, etc. cause it.
- Human: Destroying of infrastructure and/or hardware, thefts, disruption, and unintentional/intentional errors are among the threats.
2. Non-physical threats: A non-physical threat is a potential source of an incident that could result in:
- Hampering of the business operations that depend on computer systems.
- Sensitive – data or information loss
- Keeping track of other’s computer system activities illegally.
- Hacking id & passwords of the users, etc.
The non-physical threads can be commonly caused by:
(i) Malware: Malware (“malicious software”) is a type of computer program that infiltrates and damages systems without the users’ knowledge. Malware tries to go unnoticed by either hiding or not letting the user know about its presence on the system. You may notice that your system is processing at a slower rate than usual.
(ii) Virus: It is a program that replicates itself and infects your computer’s files and programs, rendering them inoperable. It is a type of malware that spreads by inserting a copy of itself into and becoming part of another program. It spreads with the help of software or documents. They are embedded with software and documents and then transferred from one computer to another using the network, a disk, file sharing, or infected e-mail. They usually appear as an executable file.
(iii) Spyware: Spyware is a type of computer program that tracks, records, and reports a user’s activity (offline and online) without their permission for the purpose of profit or data theft. Spyware can be acquired from a variety of sources, including websites, instant chats, and emails. A user may also unwittingly obtain spyware by adopting a software program’s End User License Agreement.
Adware is a sort of spyware that is primarily utilized by advertising. When you go online, it keeps track of your web browsing patterns in order to compile data on the types of websites you visit.
(iv) Worms: Computer worms are similar to viruses in that they replicate themselves and can inflict similar damage. Unlike viruses, which spread by infecting a host file, worms are freestanding programs that do not require a host program or human assistance to proliferate. Worms don’t change programs; instead, they replicate themselves over and over. They just eat resources to make the system down.
(v) Trojan: A Trojan horse is malicious software that is disguised as a useful host program. When the host program is run, the Trojan performs a harmful/unwanted action. A Trojan horse, often known as a Trojan, is malicious malware or software that appears to be legal yet has the ability to take control of your computer. A Trojan is a computer program that is designed to disrupt, steal, or otherwise harm your data or network.
(vi) Denial Of Service Attacks: A Denial of Service attack is one in which an attacker tries to prohibit legitimate users from obtaining information or services. An attacker tries to make a system or network resource unavailable to its intended users in this attack. The web servers of large organizations such as banking, commerce, trading organizations, etc. are the victims.
(vii) Phishing: Phishing is a type of attack that is frequently used to obtain sensitive information from users, such as login credentials and credit card details. They deceive users into giving critical information, such as bank and credit card information, or access to personal accounts, by sending spam, malicious Web sites, email messages, and instant chats.
(viii) Key-Loggers: Keyloggers can monitor a user’s computer activity in real-time. Keylogger is a program that runs in the background and records every keystroke made by a user, then sends the data to a hacker with the intent of stealing passwords and financial information.
How to make your system secure:
In order to keep your system data secure and safe, you should take the following measures:
1. Always keep a backup of your data.
2. Install firewall software and keep it updated every time.
3. Make use of strong and difficult to crack passwords (having capital & small alphabets, numbers, and special characters).
4. Install antivirus/ anti-spyware and keep it updated every time.
5. Timely scan your complete system.
6. Before installing any program, check whether it is safe to install it (using Antivirus Software).
7. Take extra caution when reading emails that contain attachments.
8. Always keep your system updated.
Question 1. How can we protect our system against phishing attacks?
While sending of fake & spam messages can be done commonly via text message, emails, social media, or phone.
Filtering or blocking phishing emails, ensuring that external email is clearly designated as such, preventing attackers from ‘spoofing’ emails, and assisting employees with training. Companies can also mitigate the impact of successful phishing attacks by employing a proxy server that blocks access to known malicious websites, ensuring that employees do not browse the web or check emails from an account with administrator privileges, and implementing two-factor authentication (2FA) on critical accounts and services.
Question 2. To control access to systems and data, what authentication mechanisms are used?
We can use Password mechanisms. But passwords aren’t the only safeguard, and they must be supplemented by other safeguards in order to protect your business. Companies should encourage employees to adopt strong passwords and replace any default passwords. To avoid making unreasonable demands on users, businesses should only require password access when it is absolutely necessary, and need regular password changes only if there is a suspicion of compromise.
Wherever practical, use two-factor authentication (two-factor authentication): “The single most useful thing you can do to secure crucial accounts is to set up 2FA.”
Question 3. List the causes of non-physical threads.
The following are the causes of non-physical threads:
Question 4. Compare and contrast Worms and Viruses.
Definition A malicious program(s) that connects to a legal program in order to harm the computer system or network. Rather than committing damaging operations, it consumes a system’s resources to bring it down. Remotely Controlled No Yes Spread Rate Moderate Fast Purpose Information Modification Halt the CPU, memory and other resources Execution It is dependent on the file transfer. Self-replicates without the need for human intervention.
Question 5. How to make your system secure?
- Always keep your system updated
- Use firewall
- Use good antivirus software
- Always keep a backup of your data.
- Always use strong passwords.