SECURITY

THREATS IN
INFORMATION
SYSTEM
Information security threats are actions or
events that
can compromise the confidentiality, integrity, or
availability of data and systems. These threats
can originate from various sources, such as
individuals, groups, or natural events.
Information Security threats can be many like
Software attacks, theft of intellectual property,
etc.
 What is a Threat?

Threats are actions carried out primarily by

hackers or attackers with malicious intent, to
steal data, cause damage, or interfere with
computer systems. A threat can be anything that
can take advantage of a vulnerability to breach
security and negatively alter, erase, or harm
objects.
 What is
Informati
on
Security?

Information Security is the practice of

protecting information by mitigating
information risks. It involves protecting
information systems and the information
processed, stored, and transmitted by
these systems from unauthorized access,
use, disclosure, disruption, modification, or
destruction.
Principles of Information
Security
o Information Security programs are built
around 3 objectives, commonly known
as CIA – Confidentiality, Integrity, and
Availability.
 Principles of Information Security
o Confidentiality – means information is not
disclosed to unauthorized individuals,
entities and process. For example if we say I
have a password for my Gmail account but
someone saw while I was doing a login into
Gmail account. In that case my password
has been compromised and Confidentiality
has been breached.
 Principles of Information Security

• Integrity – means maintaining accuracy and

completeness of data. This means data cannot be
edited in an unauthorized way. For example if an
employee leaves an organization then in that case
data for that employee in all departments like
accounts, should be updated to reflect status to JOB
LEFT so that data is complete and accurate and in
addition to this only authorized person should be
allowed to edit employee data.
 Principles of Information Security
o Availability – means information must be available when
needed. For example if one needs to access information of a
particular employee to check whether employee has outstand
the number of leaves, in that case it requires collaboration from
different organizational teams like network operations,
development operations, incident response and policy/change
management. Denial of service attack is one of the factor that
can hamper the availability of information.
Denial of Service (DoS) is a
cyber-attack on an individual
Computer or Website with
the intent to deny services to
intended users.
 9 Common Information Security Threats

• Virus: They have the ability to replicate themselves by

hooking them to the program on the host computer
like songs, videos etc and then they travel all over the
Internet. The Creeper Virus was first detected on
ARPANET. Examples include File Virus, Macro Virus, B
oot Sector Virus, Stealth Virus etc.
 Common Information Security Threats

• Worms: Worms are also self-replicating in nature but

they don’t hook themselves to the program on host
computer. Biggest difference between virus and
worms is that worms are network-aware. They can
easily travel from one computer to another if
network is available and on the target machine they
will not do much harm, they will, for example,
consume hard disk space thus slowing down the
computer.
 Common Information Security Threats

• Bots: Bots can be seen as advanced form of

worms. They are automated processes that are
designed to interact over the internet without the
need for human interaction. They can be good or
bad. Malicious bot can infect one host and after
infecting will create connection to the central
server which will provide commands to all infected
hosts attached to that network called Botnet.
 Common Information Security Threats

• Adware: Adware is not exactly malicious but they do breach

privacy of the users. They display ads on a computer’s
desktop or inside individual programs. They come attached
with free-to-use software, thus main source of revenue for
such developers. They monitor your interests and display
relevant ads. An attacker can embed malicious code inside
the software and adware can monitor your system activities
and can even compromise your machine.
 Common Information Security Threats

• Spyware: It is a program or we can say software that

monitors your activities on computer and reveal
collected information to an interested party. Spyware
are generally dropped by Trojans, viruses or worms.
Once dropped they install themselves and sits silently
to avoid detection. One of the most common example
of spyware is KEYLOGGER. The basic job of keylogger
is to record user keystrokes with timestamp.
 Common Information Security Threats

• Ransomware: Ransomware is
type of malware that will either
encrypt your files or will lock
your computer making it
inaccessible either partially or
wholly. Then a screen will be
displayed asking for money i.e.
ransom in exchange.
 Common Information Security Threats

• Scareware: It masquerades as a tool to

help fix your system but when the
software is executed it will infect your
system or completely destroy it. The
software will display a message to
frighten you and force to take some
action like pay them to fix your system.
 Common Information Security Threats

• Rootkits: Rootkits are designed

to gain root access or we can say
administrative privileges in the
user system. Once gained the
root access, the exploiter can do
anything from stealing private
files to private data.
 Common Information Security Threats

• Zombies – They work similar to Spyware.

Infection mechanism is same but they
don’t spy and steal information rather
they wait for the command from hackers.
7 Information Security Solutions

o Data Security Solutions: These

protect sensitive data from
unauthorized access. Examples
include encryption, access controls,
and data loss prevention tools.
Information Security Solutions

o Network Security: Focuses on

securing communication channels
and devices within a network. Firew
alls, intrusion detection systems,
and VPNs fall into this category.
 Information Security Solutions

o Endpoint Security: Protects individual

devices (e.g., laptops, smartphones) from
threats. Antivirus software and device
management tools are common here.
 Information Security
Solutions
o Cloud Security: Ensures data
security in cloud
environments. Encryption,
access controls, and
monitoring play key roles.
Information
Security • Identity and Access
Management (IAM):
Solutions Manages user access
to systems and data.
IAM solutions
include single sign-
on (SSO) and multi-fa
ctor authentication (
MFA).
 Information Security
Solutions
o Security Information and Event
Management (SIEM): Security Information
and Event Management (SIEM) Collects and
analyzes security-related data to detect and
respond to threats.
Information Security
Solutions
o Physical Security:
Protects physical assets
(e.g., servers, data
centers) through access
controls, surveillance, and
alarms.
1.Actions or events that can compromise the confidentiality, integrity, or availability of
data and systems
2.One of the factor that can hamper the availability of information.
3.Maintaining accuracy and completeness of data.
4.Designed to gain root access or we can say administrative privileges in the user
system.
5.Protects physical assets (e.g., servers, data centers) through access controls,
surveillance, and alarms.
6. They have the ability to replicate themselves by hooking them to the program on the
host computer like songs, videos etc and then they travel all over the Internet.
7.Actions carried out primarily by hackers or attackers with malicious intent, to steal
data, cause damage, or interfere with computer systems.
8.Protect sensitive data from unauthorized access.
9.It is a program or we can say software that monitors your activities on computer and
reveal collected information to an interested party.
10.Means information is not disclosed to unauthorized individuals, entities and process.
1. Information Security Threats
2. Denial of Service Attack
3. Integrity
4. Rootkits
5. Physical Security
6. Virus
7. Threats
8. Data Security Solutions
9. Spyware
10.Confidentiality