Computer

Security Threats
& Prevention
By: M.Jawad & Adnan
What is a Threat?
In computer security a threat is a possible
danger that might exploit a vulnerability to
breach security and thus cause possible harm.
A threat can be either "intentional" (i.e.,
intelligent; e.g., an individual cracker or a
criminal organization) or "accidental" (e.g., the
possibility of a computer malfunctioning, or the
possibility of a natural disaster such as an
earthquake, a fire, or a tornado) or otherwise a
circumstance, capability, action, or event
History of computer security
threats.
1986 The first virus for PCs
The first virus for IBM PCs, Brain, was written by two
brothers in Pakistan, when they noticed that people
were copying their software. The virus put a copy of
itself and a copyright message on any floppy disk
copies their customers made.
1971 The first worm
Bob Thomas, a developer working on ARPANET, a
precursor to the Internet, wrote a program called
Creeper that passed from computer to computer,
displaying a message.
 1988 The Internet Worm
Robert Morris, a 23-year-old student, released a
worm on the US DARPA Internet. It spread to
thousands of computers and, due to an error, kept
re-infecting computers many times, causing them to
crash.
1999 Email viruses
Melissa, a virus that forwards itself by email, spread
worldwide. Bubbleboy, the first virus to infect a
computer when email is viewed, appeared.
2000 Denial-of-service attacks
Distributed denial-of-service attacks by hackers
put Yahoo!, eBay, Amazon and other high profile
websites offline for several hours.
Love Bug became the most successful email virus
yet.
Threats and their types
There are so many types of threats but we will discus here today about
software threats.
Malware
Trojans
Virus
Firewall breech
Computer Policy Disturbance
Bugs and Flaws
Adware
Backdoors
Email Trojans
DDOS
Cookies
Keylogging
ect.
Definitions and theory
Virus:
Perhaps the most well known computer
security threat, a computer virus is a program written
to alter the way a computer operates, without the
permission or knowledge of the user. A virus
replicates and executes itself, usually doing damage
to your computer in the process.
Spyware:
A serious computer security threat, spyware is
any program that monitors your online activities or
installs programs without your consent for profit or to
capture personal information.
 Backdoors:
A backdoor Trojan allows someone to
take control of another users computer via the
internet without their permission.
A backdoor Trojan may pose as legitimate
software, just as other Trojan horse programs.
Cookies:
Cookies are les on your computer that
enable websites to remember your details.
When you visit a website, it can place a le
called a cookie on your computer. This enables
the website to remember your details and track
your visits. Cookies can be a threat to
condentiality, but not to your data.
 DDOS (Denial-of-service attack):
A denial-of-service (DoS) attack prevents
users from accessing a computer or website. In
a DoS attack, a hacker attempts to overload or
shut down a computer, so that legitimate users
can no longer access it. Typical DoS attacks
target web servers and aim to make websites
unavailable. No data is stolen or compromised,
but the interruption to the service can be costly
for a company.
Email Trojans:
Many of the most prolic viruses distribute
themselves automatically by email. Typically,
email-aware viruses depend on the user
double-clicking on an attachment.
This runs the malicious code, which will then mail
itself to other people from that computer.
 Boot Sector Malware:
When you turn on a computer, the hardware
looks for the boot sector program, which is usually on
the hard disk (but can be on a CD/DVD or
FlashDrive), and runs it. This program then loads the
rest of the operating system into memory.
Boot sector malware replaces the original boot
sector with its own, modified version (and usually
hides the original somewhere else on the hard disk).
The next time you start up, the infected boot sector is
used and the malware becomes active.
Autorun worm:
Autorun worms are malicious programs that
take advantage of the Windows AutoRun feature.
They execute automatically when the device on
which they are stored is plugged into a computer.
 Keylogging:
Keylogging is the proces of secretly
recording keystrokes by an unauthorized
third party. Keylogging is often used by
malware to steal usernames, passwords,
credit card details and other sensitive data.
Statics and Reports from all
over the Globe. (2013)
Threats Ratio
Targeted operating systems and softwares
By countries
Computer Infection level TOP 20
World Map
Prevention
Identify your weaknesses. Like a fort that surrounds a castle, your protection is
only as strong as your weakest point. Review how your company and your clients
access your network. Make sure every entry point is secured with passwords and
encryption.

Install anti-virus software on your computers. Many Internet service providers

supply these with your agreement. But if they dont, invest in an anti-virus
program to prevent malware attacks on your system.

Install perimeter security solutions. There are three types of network perimeter
security:

1) Firewall Prevents unauthorized Internet users from accessing your private

network via the Internet
2) Intrusion Detection System Monitors and reports on threats to your network
3) Intrusion Prevention Program Stops threats as well as reports on them
Use a spam filter. You can either install spam filtering
software on your computer or network server, buy a
dedicated appliance or outsource spam filtering to
an online service provider. The software option is
typically more budget-friendly, but online services
may be more effective and more suitable for higher
volumes of emails.

Backup your important data. Identify the vital data

you need to protect - accounting information,
business plans, customer databases, vendor
information, marketing documents, etc. Then,
choose from offline and online data backup
solutions to ensure the security and availability of
your critical business information. Set a backup
schedule and test your solutions regularly.
Encrypt your files, hard drives and backup disks. By
encrypting your hardware and data, only people with
a valid password will have access. Its a necessary step.

Set up a virtual private network (VPN). By creating a

VPN, team members working from home or on the road
using Wi-Fi in public wont be exposing your business to
security threats.

Automate security updates. By enabling auto updates,

your computer will always have the most recent form of
software and anti-virus programs installed.

Restrict total access. Dont give all team members

universal access to every part of your network. Protect
sensitive files and databases with passwords that only
your key people know.
Monitor network traffic. Install software or
hardware that keeps an eye on whos visiting
which sites and which of your computers
theyre using.

Review your security periodically. Stay aware of

new security threats and improved solutions by
visiting your security software/service vendor
websites. As your business grows, you may need
to take new security measures.

Dont host your business website. Consider using

a website hosting service that will take care of
your websites security needs and provide
redundancy, which will allow your website to be
properly restored if attacked.
Add example video from
YouTube
Web and Document
References
Wikipedia
Kaspersky Lab
Kaspersky Security Bulletin (2013)
Security Magazine (2013)
Webroot
Sophos
Norton
ESET NOD 32
Securelist
Youtube