LECTURE COMP 1: SECURITY ISSUES AND THREATS

SECURITY ISSUES: THREATS TO COMPUTERS & COMMUNICATIONS SYSTEMS

There are many threats to computer and the communication system which are error, accident
and natural hazards.

HUMAN ERRORS

Humans often are not good at assessing their own information

Humans emotions effect their performance
Humans perceptions are slower compared to the equipment information overload to
humans can sometimes be a problem

PROCEDURAL ERRORS

• When people fail to follow the steps and instruction prepared, error tends to occur

SOFTWARE ERRORS

• Software malware or bug : causes a program or software to not run properly

DIRTY DATA PROBLEMS

• Incomplete, out-dated or inaccurate source of data

ELECTROMECHANICAL PROBLEMS

Mechanical system can wear out or become damaged after a period of usage
They can sometimes be badly designed or constructed
Power surges and failures can damage the equipment connected

NATURAL HAZARDS

• Unpredictable and often lead to disaster when occurs

COMPUTER CRIMES

Computer crimes can be categorized into two which is illegal perpetrated against computer

or telecommunications and use of computer and telecommunications to accomplish illegal acts
by using the computer as a tool

Other examples of computer crimes are theft of hardware, theft of software, theft
of intellectual properties, theft of time and services, theft of information and many more.
SECURITY SAFEUARDS: PROTECTING COMPUTER AND COMMUNICATION

Security is a system or software of safeguard for protecting information technology against

facing disaster, system failures, and also unauthorized access that can result in damage and
lost.
Computer security can be divided into five components:

1. Deterrent (a thing that discourages or is intended to discourage someone from doing

something) to computer crime

1. Enforcing the law

2. CERT to provide round the clock information on international computer security threats
3. Tools used to fight fraudulent and unauthorized  online uses
4. Rule base detection software
5. predictive statistical model software
6. Employee internet management 
7. Internet browsing filtering software
8. Electronic surveillance

2. Identification and access

1. scan Verify legitimate right of access by what you have, what you know, and who you are
2. What you have like keys, cards, signatures, badges
3. What you know like pin numbers and passwords
4. Who are you like bio metrics such as face scan and finger print

3. Encryption

1. The process of altering and changing a data into unreadable form to prevent unauthorized
access
2. Advantage is data is available over the internet 
3. Disadvantage is law officer may not be able to read the data. 

4. Protection of software and data

1. Restrict access to online files; use transaction logs

2. Use audit controls to track who used what programs and servers, which files were opened,
and so on
3. Use people controls—screen applicants; do background checks; monitor Internet, email, and
computer usage; use shredders for discarded documents and materials

5. Disaster recovery plan

1. Method of retrieving important data and information after a disaster has happened

2. Data storage system must be kept separately and data have to be backed up
3. Back up all data and keep in mainframes in different positions

(TOPIC) Privacy Surveillance: Data Collectors and Spies

1. As surveillance becomes a common element of our daily lives, privacy is in danger of no

longer being considered an intrinsic right.

2. Everything from our web browsing to mobile devices and the Internet of Things (IoT)
products installed in our homes have the potential to erode our privacy and personal security,
and you cannot depend on vendors or ever-changing surveillance rules to keep them intact.

3. Having "nothing to hide" doesn't cut it anymore. We must all do whatever we can to
safeguard our personal privacy. Taking the steps outlined below can not only give you some
sanctuary from spreading surveillance tactics but also help keep you safe from cyber attackers.

PERSONALLY IDENTIFIABLE Information

Known as PII, this can include your name, physical home address, email address, telephone
numbers, date of birth, marital status, Social Security numbers (US)/National Insurance
numbers (UK), and other information relating to your medical status, family members,
employment, and education

Data management is at the heart of privacy

Data is a vague concept and can encompass such a wide range of information that it is worth
briefly breaking down different collections before examining how each area is relevant to your
privacy and security.

WHY DOES IT MATTER?

All this data, whether lost in different data breaches or stolen piecemeal through
phishing campaigns, can provide attackers with enough information to conduct identity theft,
take out loans using your name, and potentially compromise online accounts that rely on
security questions being answered correctly. In the wrong hands, this information can also
prove to be a gold mine for advertisers lacking a moral backbone.

BROWSING HABITS AND WEBSITE VISITS

Internet activity is monitored by an Internet Service Provider (ISP) and can be hijacked. While
there is little consumers we can do about attacks at this level, the web pages you visit can also
be tracked by cookies, which are small bits of text that are downloaded and stored by your
browser. Browser plugins may also track your activity across multiple websites.
SECURE OTHER BROWSERS

Cookies: Clearing out your cookie caches and browser histories can prevent ad networks from
collecting too much information about you. The easiest way to do so is to clear the cache
(Firefox, Chrome, Opera, Safari, Edge).

HTTP v. HTTPS: When you visit a website address, you will be met with either Hypertext
Transfer Protocol (HTTP) or Hypertext Transfer Protocol Secure (HTTPS). The latter option uses
a layer of encryption to enable secure communication between a browser and a server.

WHY DOES IT MATTER?

Cookies are used to personalize internet experiences and this can include tailored advertising.
However, such tracking can go too far, as shown when the unique identifiers added to a cookie
are then used across different services and on various marketing platforms. Such practices are
often considered intrusive.