Computer Security

Overview

Malware

Malware is short for malicious software designed to harm computer sys…

Definition of Malware Types include viruses, worms, Trojans, ransomware, and spy…

It disrupts, damages, or gains unauthorized access to sys…

Viruses: Attach to legitimate programs and replicate upon execu…

Worms: Self-replicating malware that spreads across networks with-

Types of Malware human action.
out

Spyware: Monitors user activity and collects sensitive information with-

consent.
out

Hackers

Individuals who exploit vulnerabilities in computer sys…

Definition of Hackers
Categories include white-hat, black-hat, and gray-hat hack…

White-hat Hackers: Ethical hackers who test and improve secu…

Types of Hackers Black-hat Hackers: Malicious actors who exploit systems for personal…

Gray-hat Hackers: Operate in a legal gray area, sometimes violating

without
laws malicious intent.

Security Goals

Confidentiality: Protecting sensitive information from unauthorized ac…

Key Security Goals Integrity: Ensuring data accuracy and consistency over its lifecy…

Availability: Ensuring authorized users can access information when…

These goals help organizations protect their data and maintain…

Importance of Security Goals
They guide the implementation of security measures and poli…

Countermeasures Against Threats

Preventive Measures: Policies, firewalls, and antivirus software to pre-

attacks.
vent

Detective Measures: Intrusion detection systems and logging to iden-

Types of Countermeasures breaches.
tify

Responsive Measures: Incident response plans and forensic investigations

mitigate
to damage.

Organizations must adopt a layered security ap…

Implementation of Countermea…
Regular updates and training are essential for effective…

Employee Risks

Insider Threats: Employees with malicious intent can exploit their ac…

Employee-Related Security Risks Negligence: Careless actions can lead to security breaches.

Social Engineering: Employees may be manipulated into revealing sensi-

information.
tive

Regular training and awareness programs can reduce…

Mitigating Employee…
Implementing strict access controls helps limit expo…

Cyber-Crime

Illegal activities conducted via the internet or involving computer sys…

Definition of Cyber-Crime
Includes hacking, identity theft, financial fraud, and malware distribu…

Can lead to financial loss, reputational damage, and compromised secu…

Impact of Cyber-Crime
Affects individuals, businesses, and governmen…

Risks to Computer Security

Individuals: Risk of identity theft and personal data expo…

Types of Risks Businesses: Data breaches can lead to financial losses and legal is…

Government Agencies: Sensitive data targeted by hackers can threat-

national
en security.

Third-party Vendors: Weak security practices can expose businesses

supply
to chain attacks.
Examples of Risks
Operational Disruption: Cyber-attacks can lead to significant downtime
loss
and of productivity.

Firewalls vs. Gateways

Firewalls: Monitor and control network traffic based on security…

Definition and Functionality
Gateways: Facilitate communication between different networks
protocols.
or

Firewalls act as barriers to unauthorized access, while gateways primar-

route
ily data.
Key Differences
Firewalls focus on security, whereas gateways may have broad-
communication
er roles.

Influence of Social Media on Security

Data Privacy Risks: Users share personal information that can be ex…

Risks Associated with Social Media Phishing Attacks: Cybercriminals use social media for phishing cam…

Reputation Damage: Companies risk reputational harm from em-

actions
ployee on social media.

Organizations should implement social media policies and train…

Mitigating Social Media Risks
Monitoring and managing social media presence can help protect
risks.
against

Security Control Measures

Access Controls: Role-based access to sensitive data.

Types of Security Controls Encryption: Protecting data in transit and at…

Intrusion Detection Systems (IDS): Monitoring network traffic for suspi-

activities.
cious

Effective controls help prevent unauthorized access and data…

Importance of Security Controls
Regular training and updates are essential for maintaining secu…

Damages to Computer Systems

Data Loss: Critical data loss can severely impact operations.

Types of Damages Financial Loss: Cyber-attacks can lead to significant financial repercus…

Reputation Damage: Security breaches can harm an organiza-

reputation.
tion's

Organizations may face legal actions for failing to protect data.

Legal and Operational Consequences
Cyber-attacks can disrupt business operations and affect productiv…

Database Security Threats

Unauthorized Access: Weak authentication can lead to…

Top Database Security Threats SQL Injection: Malicious code can manipulate data…

Data Breaches: Sensitive data can be exfiltrated by attack…

Malware Attacks: Target databases to compromise data in…

Additional Threats Insider Threats: Employees may leak or corrupt…

Denial-of-Service (DoS): Attacks can overwhelm database re…

Vulnerability Categories

Risks from natural disasters that can damage infrastruc…

Physical Natural Vulnerabilities
Organizations should have disaster recovery plans and data back…

Flaws in physical components or applications can lead to security is…

Hardware/Software Vulnerabili…
Regular updates and maintenance are necessary to mitigate
vulnerabilities.
these

Actions or negligence by individuals can compromise secu…

Human Vulnerabilities
Training and a culture of security awareness can help reduce…