government, and government sanctions when they start monitoring all our conversations and activity, when they start censoring and ruling over what we can and cant do or see or say.....when they manipulate what we do hear.....oh wait they already do that....we're doomed.

But then there is also the other possibilities, like the whole system crashing, or being hacked and infected by people who are just evil and have no conscious.

Humans (biggest threats)

There are those that use computers for good - to produce work etc and there ae those that use computers for bad for example they may wish to hack or add a virus to a system.

A threat would be open access which would allow these kinds of people access to the information system so they can upload a worm trojan or virus that could bring down the system and the data.



Other threats (also human) are:

People who work with information systems but don't back up the data on a regular basis

People who work with a new Information system but don't trust it or want it

People who work with an Information system that are not trained correctly



Software threats:

Lack of data validation and verification mean users can enter rogue data amounts

Lack of firewall can lead to attacks on the data or the data being stolen (If a company system the data may be very valuable with perhaps customers details)



Hardware threats:

Lack of surge protection may mean that an electrical storm could put out the whole system

Hiyah



Humans (biggest threats)

There are those that use computers for good - to produce work etc and there ae those that use computers for bad for example they may wish to hack or add a virus to a system.

A threat would be open access which would allow these kinds of people access to the information system so they can upload a worm trojan or virus that could bring down the system and the data.



Other threats (also human) are:

People who work with information systems but don't back up the data on a regular basis

People who work with a new Information system but don't trust it or want it

People who work with an Information system that are not trained correctly



Software threats:

Lack of data validation and verification mean users can enter rogue data amounts

Lack of firewall can lead to attacks on the data or the data being stolen (If a company system the data may be very valuable with perhaps customers details)



Hardware threats:

Lack of surge protection may mean that an electrical storm could put out the whole system



Just a few ideas here hope they help.

Link here for more information: http://www.teach-ict.com/btec/level%203/unit_3/btec_level3_unit3.html

1. Pharming



Pharming redirects you from a legitimate website to a bogus copy, allowing criminals to steal the information you enter.



Pharming exploits the way that website addresses are composed.



Each computer on the internet has a numerical “IP address”, e.g. 127.0.0.1. However,

these are not easy to remember, so web addresses also have a domain name, like

sophos.com. Every time you type in an address, the domain name has to be turned

back into the IP address. A DNS or Domain Name Server on the internet handles this,

unless a “local host file” on your computer has already done it.



Hackers can subvert this process in two ways. They can send out a Trojan horse that

rewrites the local host file on your PC, so that it associates the domain name with a

bogus website. You are then directed to that site, even though you enter the correct

address. Alternatively, they can “poison” the DNS directory, i.e. alter it so that anyone

who tries to visit that address is directed to the bogus site.



To avoid pharming, make sure that you use secure web connections when you access

sensitive sites. Just look for the https:// prefix in the web address. If a hacker tries to

mimic a secure site, a message will warn you that the site’s certificate does not match

the address being visited.



If you see a warning that a site’s certificate is not valid or not issued by a trusted

authority, you should not enter the site.



There are also software solutions. Some software can display a warning if you enter

personal information in reply to an unknown email address. Other utilities can check to

see if websites or IP addresses are blacklisted.



2. Phishing



Phishing is the use of bogus emails and websites to trick you into supplying confi dential or personal information.



Typically, you receive an email that appears to come from a reputable organization,

such as a bank. The email includes what appears to be a link to the organization’s

website. However, if you follow the link, you are connected to a replica of the website.

Any details you enter, such as account numbers, PINs or passwords, can be stolen and

used by the hackers who created the bogus site.



Sometimes the link displays the genuine web site, but superimposes a bogus pop-up

window. You can see the address of the real website in the background, but details you

enter in the pop-up window can be stolen.



Sometimes the hacker uses a technique called “cross-site scripting (XSS)”: the link takes you to the correct website, but subverts it by pulling in content from elsewhere. Once again,

the part of the site where you enter information is controlled by the hacker.



Phishing had its origins in the 1990s, when scammers used the technique to collect

AOL account details so that they could gain free internet access. The details were

called “phish” because they were gathered by “fishing” for users. The “ph” imitates the

spelling of “phreaker”, the term for those who used to hack into the telephone network.



You should always be wary about emails that use generic salutations, e.g. “Dear

Customer”, and about following links sent to you in emails. Instead, you should enter

the website address in the address field and then navigate to the right page, or use a

bookmark or a “Favorite” link. Even if you enter the address, there is a risk of being

redirected to a bogus site (see Pharming above), so you should always exercise caution.



Anti-spam software can block many phishing-related emails. Some software can detect

phishing content on web pages or in email, and can provide a toolbar that shows the

real domain for the website you are following a link to.

Threat Matrix

The most common information security threats these days are viruses, worms, and phishing. Because there have been so many electronic viruses and worms created in the past few years, it isn't difficult for malicious hackers to simply take the code, play around with it, and launch a new variant of the bug. Part of the problem is that viruses and worms aren't being stopped as effectively as they could be. Viruses and worms aren't just an annoyance, Cluley notes. If a machine gets infected, it can affect the network and bring the company to a standstill. This has happened at a number of companies in the past few years, and each of them has suffered lost revenue from down-time while the systems were cleaned up. "Anything that brings your network to a halt is going to make you suffer," Cluley says. "And viruses and worms can definitely do that."



Phishing is a whole different animal, says Vincent Weafer, senior director of Symantec Security Response. Unlike viruses and worms, which tend to be written by bored programmers or security researchers, phishing attacks are done for money. Phishers spoof a Web site or employ other tactics to trick users into giving up their personal information such as bank account numbers and passwords. A particularly disturbing trend in phishing attacks has been the use of tactics that require no user action. Typically, a user will receive an email and have to launch a program or visit a site in order to be duped. But now phishers are finding a way to wriggle onto systems without users knowing about it. Security firm MessageLabs reported in November 2004 that a new, sophisticated technique dupes users with an email that appears blank when opened but actually launches software on a user's computer that overwrites Web site addresses for any bank information stored on the machine.



Apply Here



Phishers and virus writers have also begun to target applications, as well as specific devices. Recently, Symantec reported that a vulnerability had been discovered in nearly 30 of its flagship products, including Norton AntiVirus, Symantec Web Security, Anti-Virus Corporate Edition, and BrightMail AntiSpam. Fortunately, Symantec created patches quickly, but such widely used programs are likely to be eyed by hackers in the future, says Thomas Kristensen, researcher at security firm Secunia. Instant messaging is especially likely to become a high-profile target, says Mikko Hypponen, researcher at security firm F-Secure. Recently, some IM applications were hit by a variant of the Bropia worm, which sent itself to users' IM contacts disguised as a funny picture of a roasted chicken with a bikini tan line. The worm carried another threat, the Agobot worm, as part of its payload, in order to open a backdoor on infected systems. The Agobot worm can also steal the Windows Product ID, as well as CD keys of certain applications. This kind of attack on IM applications might be rare now, but given the widespread use of instant messaging, it's not likely to be unusual for long.The threats are numerous, and the delivery methods for getting into a user's system are growing. Although it can be difficult to plug every hole, doing prevention is a necessary part of protecting a company's network.

1. Page-jacking

Page-jacking is the use of replicas of reputable web pages to catch users and redirect them to other websites.

Scammers copy pages from an established website and put them on a new site that

appears to be legitimate. They register this new site with major search engines, so that

users doing a search find and follow links to it. When the user arrives at the website,

they are automatically redirected to a different site that displays advertising or offers

of different services. They may also find that they cannot escape from the site without

restarting their computer (just like mousetrapping).

Scammers use page-jacking to increase the number of visitors to a website. That

means that their site commands more advertising revenue and is also more valuable if

they decide to sell it. Alternatively, the scammer can redirect users to another site and

claim a fee for “referring” visitors to that site.

Page-jacking annoys users and can confront them with offensive material. It also

reduces revenue for legitimate websites, and makes search engines less useful.

In some cases, page-jacking is used in phishing attacks.

To avoid page-jacking, use a bookmark or “Favorite” (but you must be sure that you did

not set up the favorite at a page-jacked site), or type the desired website address (the

URL) in directly.



18. Palmtop viruses

Palmtops or PDAs provide new opportunities for viruses, but so far

virus writers have shown little interest.

Palmtops or PDAs run special operating systems – such as Palm and Microsoft

PocketPC. These are vulnerable to malicious code, but so far the risks are low.

There are currently only a few items of known malware written for Palm. Virus writers prefer to target desktop systems, perhaps because they are more popular and allow viruses to spread rapidly via email and the internet.

The real risk at present is that your palmtop will act as a carrier. When you connect

it to a home or office PC to synchronize data, a virus that is harmless on the palmtop

could spread to the PC, where it can do harm.



3. Parasitic viruses

Parasitic viruses, also known as fi le viruses, spread by attaching themselves to programs.

When you start a program infected with a parasitic virus, the virus code is run. To hide

itself, the virus then passes control back to the original program.

The operating system on your computer sees the virus as part of the program you were

trying to run and gives it the same rights. These rights allow the virus to copy itself,

install itself in memory or make changes on your computer.

Parasitic viruses appeared early in virus history but they can still pose a threat.

-Boot Sector Viruses-

Boot sector viruses spread by modifying the program that enables your

computer to start up.

When you switch on a computer, the hardware looks for the boot sector program –

which is usually on the hard disk, but can be on a floppy disk or CD – and runs it. This

program then loads the rest of the operating system into memory.

A boot sector virus replaces the original boot sector with its own, modified version (and

usually hides the original somewhere else on the hard disk). When you next start up,

the infected boot sector is used and the virus becomes active.

You can only become infected if you boot up your computer from an infected disk, e.g.

a floppy disk that has an infected boot sector.

Boot sector viruses were the first type of virus to appear, and they are mostly quite old.

They are rarely encountered today.



- Browser Hijackers-

Browser hijackers change the default home and search pages in your

internet browser.

Some websites run a script that changes the settings in your browser without your

permission. This hijacker can add shortcuts to your “Favorites” folder or, more seriously,

can change the page that is first displayed when you open the browser.

You may find that you cannot change your browser’s start page back to your chosen

site. Some hijackers edit the Windows registry so that the hijacked settings are restored

every time you restart your computer. Others remove options from the browser’s tools

menu, so that you can’t reset the start page.

In every case, the intention is the same: to force you to visit a website. This inflates

the number of “hits” and the site’s ranking with search engines, which boosts the

advertising revenue that the site can earn.

Browser hijackers can be very tenacious. Some can be removed automatically by

security software. Others may need to be removed manually. In some cases, it is easier

to restore the computer to an earlier state or reinstall the operating system.



-Chain Letters-

An electronic chain letter is an email that urges you to forward copies

to other people.

Chain letters, like virus hoaxes, depend on you, rather than on computer code, to

propagate themselves. The main types are:

Hoaxes about terrorist attacks, premium-rate phone line scams, thefts from ATMs

and so forth.

False claims that companies are offering free flights, free mobile phones, or cash

rewards if you forward email.

Messages, which purport to be from agencies like the CIA and FBI, warning about

dangerous criminals in your area.

Petitions. Even if genuine, they continue to circulate long after their expiry date.

Jokes and pranks, e.g. the claim that the internet would be closed for maintenance

on 1 April.

Chain letters don’t threaten your security, but they can waste time, spread

misinformation and distract users from genuine email.

They can also create unnecessary email traffic and slow down mail servers. In some

cases the chain letter encourages people to send email to certain addresses, so that

these are deluged with unsolicited mail.

The solution to the chain letter problem is simple: don’t forward such mail.



-Cookies-

Cookies are files on your computer that enable websites to remember

your details.

When you visit a website, it can place a fi le called a cookie on your computer. This

enables the website to remember your details and track your visits. Cookies can be a

threat to confidentiality, but not to your data.

Cookies were designed to be helpful. For example, if you submit your ID when you visit

a website, a cookie can store this data, so that you don’t have to re-enter it next time.

Cookies also have benefits for webmasters, as they show which web pages are well used,

providing useful input when planning a redesign of the site.

Cookies are small text files and cannot harm your data. However, they can compromise

your confidentiality. Cookies can be stored on your computer without your knowledge or

consent, and they contain information about you in a form you can’t access easily. And

when you revisit the same website, this data is passed back to the web server, again

without your consent.

Websites gradually build up a profile of your browsing behavior and interests. This

information can be sold or shared with other sites, allowing advertisers to match ads

to your interests, ensure that consecutive ads are displayed as you visit different sites,

and track the number of times you have seen an ad.

If you prefer to remain anonymous, use the security settings on your internet browser to

disable cookies.

Viruses



A computer virus is a software code that can multiply and propagate itself. A virus can spread into another computer via e-mail, downloading files from the Internet, or opening a contaminated file. It is almost impossible to completely protect a network computer from virus attacks; the CSI/FBI survey indicated that virus attacks were the most widespread attack for six straight years since 2000.



Viruses are just one of several programmed threats or malicious codes (malware) in today’s interconnected system environment. Programmed threats are computer programs that can create a nuisance, alter or damage data, steal information, or cripple system functions. Programmed threats include, computer viruses, Trojan horses, logic bombs, worms, spam, spyware, and adware.



Spyware is a computer program that secretly gathers users’ personal information and relays it to third parties, such as advertisers. Common functionalities of spyware include monitoring keystrokes, scanning files, snooping on other applications such as chat programs or word processors, installing other spyware programs, reading cookies, changing the default homepage on the Web browser, and consistently relaying information to the spyware home base. Unknowing users often install spyware as the result of visiting a website, clicking on a disguised pop-up window, or downloading a file from the Internet.



Adware is a program that can display advertisements such as pop-up windows or advertising banners on webpages. A growing number of software developers offer free trials for their software until users pay to register. Free-trial users view sponsored advertisements while the software is being used. Some adware does more than just present advertisements, however; it can report users’ habits, preferences, or even personal information to advertisers or other third parties, similar to spyware.



Laptop or Mobile Theft



Because they are relatively expensive, laptops and PDAs have become the targets of thieves. Although the percentage has declined steadily since 1999, about half of network executives indicated that their corporate laptops or PDAs were stolen in 2005 (Network World Technology Executive Newsletter, 02/21/05). Besides being expensive, they often contain proprietary corporate data, access codes

to company networks, and sensitive information.



The following suggestions can help minimize the chance of theft when outside the office:



Never leave a notebook or PDA unattended, including in a car or hotel room.

Install a physical protection device such as a lock and cable or an alarm.

Put the notebook in a nondescript bag or case.

Install stealth-tracking software.

If notebooks are stolen, automatic logins make it easy for a thief to access sensitive information. Password protection does not deter a theft, but it does make it more difficult for thieves to use the stored information. Biometric security, such as the fingerprint readers included in some new ThinkPad models, is even better.

Back up data regularly, or install a desktop/notebook/PDA sync program.



.System Penetration



Hackers penetrate systems illegally to steal information, modify data, or harm the system. The following factors are related to system penetration:



System holes: the design deficiency of operating systems or application systems that allow hijacking, security bypass, data manipulation, privilege escalation, and system access.

Port scanning: a hacking technique used to check TCP/IP ports to reveal the services that are available and to identify the weaknesses of a computer or network system in order to exploit them.

Network sniffing: a hardware and software program to collect network (traffic) data in order to decipher passwords with password-cracking software, which may result in unauthorized access to a network system.

IP spoofing: a technique used to gain unauthorized access to computers, whereby hackers send messages to a computer with a deceived IP address as if it were coming from a trusted host.

Back door/trap door: a hole in the security of a computer system deliberately left in place by designers or maintainers.

Tunneling: a method for circumventing a firewall by hiding a message that would be rejected by the firewall inside another, acceptable message.



For more info please click here http://www.nysscpa.org/cpajournal/2006/706/essentials/p58.htm

1. Internet Worms

Worms are programs that create copies of themselves and spread via internet connections.

Worms differ from computer viruses because they can propagate themselves, rather

than using a carrier program or file. They simply create exact copies of themselves and

use communication between computers to spread.

Internet worms can travel between connected computers by exploiting security “holes”

in the computer’s operating system. The Blaster worm, for example, takes advantage of

a weakness in the Remote Procedure Call service that runs on unpatched Windows NT,

2000 and XP computers and uses it to send a copy of itself to another computer.

Many viruses, such as MyDoom or Bagle, now behave like worms and use email to

forward themselves.

A worm can have malicious effects. For example, it may use affected computers to

deluge websites with requests or data, causing them to crash (a “denial-of-service”

attack). Alternatively, it can encrypt a user’s files and make them unusable. In either

case, companies can be blackmailed.

Many worms open a “back door” on the computer, allowing hackers to take control of

it. Such computers can then be used to send spam mail.

Quite apart from such effects, the network traffic generated by a fast-spreading worm

can slow down communications. The Blaster worm, for example, creates a lot of traffic

on the internet as it spreads, slowing down communications or causing computers to

crash. Later it uses the affected computer to bombard a Microsoft website with data,

with the aim of making it inaccessible.

Microsoft (and other operating system vendors) issue patches to fix security loopholes in

their software. You should update your computer regularly by visiting the vendor’s website.



2. Mobile Phone Viruses

Mobiles can be infected by worms that spread themselves via the mobile phone network.

In 2004, the first mobile phone worm was written. The Cabir-A worm affects phones

that use the Symbian operating system, and is transmitted as a telephone game file (an

SIS file). If you launch the file, a message appears on the screen, and the worm is run

each time you turn the phone on thereafter. Cabir-A searches for other mobile phones

nearby using Bluetooth technology, and sends itself to the first it finds.

There are also conventional viruses that send messages to mobile phones. For example,

Timo-A uses computer modems to send text (SMS) messages to selected mobile

numbers, but in cases like these the virus can’t infect or harm the mobile phone.

Until now, the risks for mobile phones have been few. The reason could be that they

use many different operating systems, and that the software and device characteristics

change so rapidly.



3. Mousetrapping

Mousetrapping prevents you from leaving a website.

If you are redirected to a bogus website, you may find that you cannot quit with the

back or close buttons. In some cases, entering a new web address does not enable you

to escape either.

The site that mousetraps you will either not allow you to visit another address, or will

open another browser window displaying the same site. Some mousetraps let you quit

after a number of attempts, but others do not.

To escape, use a bookmark or “Favorite”, or open the list of recently-visited addresses

and select the next-to-last. You can also press Ctrl+Alt+Del and use the Task Manager

to shut down the browser or, if that fails, restart the computer.

To reduce the risk of mousetrapping, you can disable Javascript in your internet

browser. This prevents you from being trapped at sites that use this script, but it also

affects the look and feel of websites.

There are still 19 types of computer security threats that i will share to you next time. Keep on visiting this site or you can subscribe to our RSS feeds or follow us on twitter.

Share your thoughts on the comment section below.

1. Adware

Adware is software that displays advertisements on your computer.

Adware, or advertising-supported software, displays advertising banners or pop-ups on

your computer when you use the application. This is not necessarily a bad thing. Such

advertising can fund the development of useful software, which is then distributed free

(for example, the Opera web browser).

However, adware becomes a problem if it:



installs itself on your computer without your consent

installs itself in applications other than the one it came with and displays advertising

when you use those applications

hijacks your web browser in order to display more ads (see Browser hijackers)

gathers data on your web browsing without your consent and sends it to others via

the internet (see Spyware)

is designed to be difficult to uninstall.

Adware can slow down your PC. It can also slow down your internet connection by

downloading advertisements. Sometimes programming flaws in the adware can make

your computer unstable.

Advertising pop-ups can also distract you and waste your time if they have to be closed

before you can continue using your PC.

Some anti-virus programs detect adware and report it as “potentially unwanted

applications”. You can then either authorize the adware program or remove it from the

computer. There are also dedicated programs for detecting adware.



2. Backdoor Trojans







A backdoor Trojan allows someone to take control of another user’s

computer via the internet without their permission.

A backdoor Trojan may pose as legitimate software, just as other Trojan horse programs

do, so that users run it. Alternatively – as is now increasingly common – users may

allow Trojans onto their computer by following a link in spam mail.

Once the Trojan is run, it adds itself to the computer’s startup routine. It can then

monitor the computer until the user is connected to the internet. When the computer

goes online, the person who sent the Trojan can perform many actions – for example,

run programs on the infected computer, access personal files, modify and upload files,

track the user’s keystrokes, or send out spam mail.

Well-known backdoor Trojans include Subseven, BackOrifice and, more recently,

Graybird, which was disguised as a fix for the notorious Blaster worm.

To avoid backdoor Trojans, you should keep your computers up to date with the latest

patches (to close down vulnerabilities in the operating system), and run anti-spam

and anti-virus software. You should also run a firewall, which can prevent Trojans from

accessing the internet to make contact with the hacker.



3. Bluejacking

Bluejacking is sending anonymous, unwanted messages to other users

with Bluetooth-enabled mobile phones or laptops.

Bluejacking depends on the ability of Bluetooth phones to detect and contact other

Bluetooth devices nearby. The Bluejacker uses a feature originally intended for

exchanging contact details or “electronic business cards”. He or she adds a new entry

in the phone’s address book, types in a message, and chooses to send it via Bluetooth.

The phone searches for other Bluetooth phones and, if it fi nds one, sends the message.

Despite its name, Bluejacking is essentially harmless. The Bluejacker does not steal

personal information or take control of your phone.

Bluejacking can be a problem if it is used to send obscene or threatening messages or

images, or to send advertising. If you want to avoid such messages, you can turn off

Bluetooth, or set it to “undiscoverable”.

Bluetooth-enabled devices may also be at risk from the more serious Bluesnarfing.



4. Bluesnarfing

Bluesnarfing is the theft of data from a Bluetooth phone.

Like Bluejacking, Bluesnarfing depends on the ability of Bluetooth-enabled devices to

detect and contact others nearby.

In theory, a Bluetooth user running the right software on their laptop can discover a

nearby phone, connect to it without your confirmation, and download your phonebook,

pictures of contacts and calendar.

Your mobile phone’s serial number can also be downloaded and used to clone the

phone.

You should turn off Bluetooth or set it to “undiscoverable”. The undiscoverable setting

allows you to continue using Bluetooth products like headsets, but means that your

phone is not visible to others.