Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Part I
Securing e-Business
Content Outline
8/31/2016 2
Securing e-Business
Objective
8/31/2016 3
Securing e-Business
8/31/2016 4
Securing e-Business
8/31/2016 5
Securing e-Business
8/31/2016 6
Securing e-Business
8/31/2016 7
Securing e-Business
8/31/2016 8
Securing e-Business
Think-Pair-Share
Learners Task:
8/31/2016 9
Securing e-Business
Need for Securing e-Business
To gain a competitive
advantage
To keep your job
8/31/2016 10
Securing e-Business
Confidentiality of information
8/31/2016 11
Securing e-Business
8/31/2016 12
Securing e-Business
8/31/2016 14
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
8/31/2016 15
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
8/31/2016 16
Securing e-Business
8/31/2016 17
Securing e-Business
Webquest
Learners Task:
Refer the webquest ppt and follow the instructions given
in it.
8/31/2016 19
Securing e-Business
Debriefing
Online Vulnerabilities
and Attacks that can
Cripple e-Business
8/31/2016 20
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Attacks
Hackers
Computer enthusiasts who take pleasure in gaining access
to other peoples computers or networks
Someone who attempts to break into computer systems
Crashes entire computer system, steals or damages
confidential data, defaces Web pages, and
ultimately disrupts business
8/31/2016 22
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Unaware Staff
Unconscious attack by human errors
Most common ways to pick up a virus is from a floppy disk
or by downloading files from the Internet, using simple
passwords
Crashes entire computer system, data can be hacked
8/31/2016 23
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Disgruntled Staff
Angry employees, often those who have been
reprimanded, fired, or laid off, might vindictively infect
their corporate networks with viruses or intentionally
delete crucial files
More dangerous group as they are aware of the network,
the value of the information within it, where high-priority
information is located and the safeguards protecting it
8/31/2016 24
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Password Crackers
Very common type of attack on unsuspecting users
Easily available on the Internet
Password cracking is illegal and the accused can be tried
under the provisions of the IT Act 2000 in India
8/31/2016 25
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Viruses
A computer program that can copy itself and infect a
computer without permission or knowledge of the user.
The original virus may modify the copies, or the copies
may modify themselves, or some viruses may act as a
mere nuisance while some can totally damage your
system and all the data inside it.
8/31/2016 26
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Viruses
A virus can only spread from one computer to another
when its host is taken to the uninfected computer,
By a user sending it over a network or the Internet, or by carrying
it on a removable medium such as a floppy disk, CD, or USB drive.
Spread to other computers by infecting files on a network file
system or a file system that is accessed by another computer.
8/31/2016 27
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Worms
A worm can spread itself to other computers without
needing to be transferred as part of a host.
Instead of infecting existing files, a worm replicates itself
and infects a network, consuming system resources in
the process.
An e-mail worm will spread from an infected computer by
sending itself to all email addresses in the infected machines
address book.
8/31/2016 28
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Trojan
Trojan horse is a file that appears harmless until executed.
Trojans attack by masquerading as legitimate programs
hoping to obtain sensitive information from an unsuspecting
user or even take control over his system.
8/31/2016 29
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Rootkit
A set of programs designed to corrupt the legitimate
control of an operating system by its operators.
Usually, a rootkit will obscure its installation and
attempt to prevent its removal through a subversion of
standard system security.
Techniques include concealing running processes, files
or system data from the operating system.
8/31/2016 30
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Rootkit
Rootkits exist for a variety of operating systems,
such as Microsoft Windows, Mac OS, Linux and Solaris.
Rootkits often modify parts of the operating system or
install themselves as drivers or kernel modules.
Tip: Kernel Modules are usually those files that are typically
used to add support for new hardware. Its important element
in your operating system.
8/31/2016 31
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Adware
Adware or advertising-supported software is any software
package which automatically plays, displays, or
downloads advertising material to a computer after the
software is installed on it or while the application is being used.
Some types of adware are also spyware and can be
classified as privacy-invasive software.
8/31/2016 32
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Adware
It is usually seen by the programmer as a way to recover
programming development costs, and in some cases it may
allow the program to be provided to the user free of charge
or at a reduced price.
The advertising income may allow or motivate the
programmer to continue to write, maintain and upgrade
the software product.
Users may also be given the option
to pay for a "registered" or "licensed"
copy to do away with the
advertisements.
8/31/2016 33
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Spyware
Computer software that is installed secretly on a personal
computer to intercept or take partial control over the user's
interaction with the computer, without the user's informed
consent.
As name suggests - software that secretly monitors the
user's behavior, the functions of spyware extend well beyond
simple monitoring.
8/31/2016 34
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Spyware
Spyware programs collect various types of personal
information and interfere with user control, such as:
Installing additional software,
Redirecting Web browser activity,
Accessing websites blindly which cause more harmful viruses, or
Diverting advertising revenue to a third party.
Spyware can even change computer
settings, resulting in slow connection
speeds, different home pages, and
loss of Internet or other programs.
8/31/2016 35
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
8/31/2016 36
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Malware
A software designed to infiltrate or damage a computer
system without the owner's informed consent.
It is a blend of the words "malicious" and "software
to mean a variety of forms of hostile, intrusive, or annoying
software or program code.
8/31/2016 37
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Malware
Software is considered Malware based on the perceived
intent of the creator that includes computer viruses, worms,
trojan horses, spyware, dishonest adware, and other
malicious and unwanted software.
Malware should not be confused with defective software,
that is, software which has a legitimate purpose but
contains harmful bugs.
8/31/2016 38
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Phishing
The act of fraudulently acquiring sensitive information
from a user, such as passwords and credit card details,
by masquerading as a trustworthy person or business with
real need for such information in a seemingly official
electronic notification or message.
8/31/2016 39
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Phishing
Such attacks are classified as social engineering attacks
because perpetrators acquire the details by gaining the
victim's trust. The term phishing comes from the fact
that these internet scammers use sophisticated lures as
they fish for users' financial information and passwords.
8/31/2016 40
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Pharming
It is another fraudulent activity where the Pharmer instead
of setting up a similar Website,
Exploits the DNS Server software
Acquires the domain name of a Website
Redirects traffic from that site to another site.
Once the user falls prey to this, the rest of the fraudulent
activity is similar to phishing.
8/31/2016 41
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
8/31/2016 42
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
8/31/2016 43
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
8/31/2016 44
Securing e-Business
Online Vulnerabilities and Attacks that can Cripple e-Business
Pornography
Pornographic Websites are some of the biggest spammers
on the Internet today causing detrimental effect on an
individual's personal and social life.
Pornography constitutes not only images but also videos
and text.
8/31/2016 45
Securing e-Business
Any Doubts?
8/31/2016 46
Securing e-Business
Summary
8/31/2016 47
Securing e-Business
Resources
http://eitechonline.com/solutions/security/who_enemies
_are.asp
http://www.itsecurity.com/features/the-top-5-internal-
security-threats-041207/
8/31/2016 48
Securing e-Business
Self Learning and Debate
Thank You!!
8/31/2016 50