COMPUTER

SECURITY, ETHICS
AND PRIVACY,
CYBERSECURITY
ESSENTIALS
 COMPUTER SECURITY RISK
COMPUTER SECURITY RISKS

- Is any event or action that could cause a loss of

or damage to computer hardware, software,
data, information, or processing capability.

Computer Crime - Any illegal act involving a

computer.

Cybercrime - refers to online or Internet-based

illegal acts.
 SEVEN BASIC CATEGORIES OF
PERPETRATORS OF CYBERCRIME AND
OTHER INTRUSIONS:
• Hacker - someone who accesses a computer or network illegally.
• Cracker - someone who accesses a computer or network illegally
but has the intent of destroying data, stealing information, or other
malicious action.
• Script Kiddie - has the same intent as a cracker but does not have
the technical skills and knowledge.
• Corporate Spy – someone who have excellent computer and
network skills and are hired to break into a specific computer and
steal its proprietary data and information.
• Unethical Employee – someone who break into their employers’
computers for a variety of reasons.
• Cyberextortionist- someone who uses e-mail as a vehicle for
extortion.
• Cyberterrorist - someone who uses the Internet or network to
destroy or damage computers for political reasons
 INTERNET AND NETWORK ATTACKS

Computer Viruses, Worms, and Trojan Horses

 Computer Virus - a potentially damaging
computer program that affects, or infects, a
computer negatively by altering the way the
computer works without the user’s knowledge or
permission.
 Worm - a program that copies itself repeatedly,
for example in memory or on a network, using up
resources and possibly shutting down the
computer or network.
 Trojan Horse - a program that hides within or
looks like a legitimate program.
 Malware (Malicious Software) - are programs
that act without a user’s knowledge and
deliberately alter the computer’s operations.
Payload - is the destructive event or prank
the program is intended to deliver.

Symptoms of an Infected Computer:

• Screen displays unusual message or image
• Music or unusual sound plays randomly
• Available memory is less than expected
• Existing programs and files disappear
• Files become corrupted
• Programs or files do not work properly
• Unknown programs or files
Four Basic Ways How Payload is Delivered on
a Computer:
When a user;
1. Opens an infected file
2. Runs an infected program
3. Boots the computer with infected removable
media inserted in a drive or plugged in a port
4. Connects an unprotected computer to a network
 SAFEGUARDS AGAINST COMPUTER
VIRUSES, WORMS, AND TROJAN HORSES

Antivirus Program - protects a computer against

viruses by identifying and removing any computer
viruses found in memory, on storage media, or on
incoming files.
Virus Signature or Virus Definition - a known
specific pattern of virus code.
Quarantine - a separate area of a hard disk that
holds the infected file until the infection can be
removed
Virus Hoax - an e-mail message that warns users
of a nonexistent virus, worm, or Trojan horse.
 BOTNETS

- a group of compromised computers connected to a network

such as the Internet that are being used as part of a network
that attacks other networks, usually for nefarious purposes.
Zombie - is one whose owner is unaware the computer is
being controlled remotely by an outsider.
DoS Attack (Denial of Service Attack) - an assault whose
purpose is to disrupt computer access to an Internet service
such as the Web or e-mail.
Back Door - a program or set of instructions in a program that
allow users to bypass security controls when accessing a
program, computer, or network.
Spoofing - a technique intruders use to make their network or
Internet transmission appear legitimate to a victim computer
or network.
 SAFEGUARDS AGAINST BOTNETS, DOS
ATTACKS, BACK DOORS, AND SPOOFING

Firewall - is hardware and/or software that protects a

network’s resources from intrusion by users on
another network such as the Internet.
Intrusion Detection Software - automatically
analyzes all network traffic, assesses system
vulnerabilities, identifies any unauthorized access
(intrusions), and notifies network administrators of
suspicious behavior patterns or system breaches.
Unauthorized Access - is the use of a computer or
network without permission.
Unauthorized Use - is the use of a computer or its
data for unapproved or possibly illegal activities.
IDENTIFYING AND AUTHENTICATING
USERS

Access Control - is a security measure that

defines who can access a computer, when they
can access it, and what actions they can take
while accessing the computer.
Audit Trail – it records in a file both successful
and unsuccessful access attempts.
USER NAMES AND PASSWORDS

User Name or User ID (Identification) - is a

unique combination of characters, such as letters
of the alphabet or numbers, that identifies one
specific user.
Password - is a private combination of
characters associated with the user name that
allows access to certain computer resources.
Possessed Object - is any item that you must
carry to gain access to a computer or computer
facility access to your bank account.
Personal Identification Number (PIN) - is a
numeric password, either assigned by a
company or selected by a user.
Biometric Device - authenticates a person’s
identity by translating a personal characteristic,
such as a fingerprint, into a digital code that is
then compared with a digital code stored in the
computer verifying a physical or behavioral
characteristic.
Biometric Payment - where the customer’s
fingerprint is read by a fingerprint scanner that
is linked to a payment method such as a
checking account or credit card.
TYPESCOMPUTER SECURITY
OF COMPUTER RISKS
SECURITY
RISK
• Hardware theft- is the act of stealing computer
equipment.
• Hardware vandalism- is the act of defacing or
destroying computer equipment.
• Software theft- occurs when someone steals
software from media, intentionally erases
programs, or illegally copies a program.
• Information theft- is yet another type of
computer security risk occurs when someone
stelas personal information.
• System failure- is a prolonged malfunction of a
computer.
 Safeguards against Software Thefts
COMPUTER SECURITY RISKS
• License agreement- provide specific conditions
for use of the software ,which user must accept
before using the software.

Safeguards against Information Thefts;

• Encryption: is the process of converting readable
data into unreadable characters prevent
unauthorized access.
• Pretty Good Privacy (PGP): is freeware for
personal, noncommercial users. Home users can
download PGP from Web at no cost.
• Digital Signature: is an encrypted code that that
a person Web site, or company attaches to an
electronic message to verify the identity of the
messenger.
 COMPUTER
Safeguards SECURITY RISKS
against Information
Thefts;
Encryption: is the process of converting
readable data into unreadable characters prevent
unauthorized access.
• Pretty Good Privacy (PGP): is freeware for
personal, noncommercial users. Home users
can download PGP from Web at no cost.
• Digital Signature: is an encrypted code that
that a person Web site, or company attaches
to an electronic message to verify the identity
of the messenger.
 COMPUTER SECURITY RISKS

Secure site - a website that uses encryption

techniques to secure its data.

Digital Certificate - is a notice that

guarantees a user or a Web site is legitimate.

Certificate Authority (CA) - is an

authorized person or a company that issues
and verifies digital certificates from a CA.
 COMPUTER SECURITY RISKS
Safeguard against System
Failure

• Surge protector
- uses special electrical components to
provide a stable current flow to the computer
ant other electronic equipment.

• Uninterruptible Power Supply

(UPS):
- is a device that contains surge
protection circuits and one more batteries
that can provide power during loss of power.
 COMPUTER SECURITY RISKS
 BACKING UP- THE ULTIMATE
SAFEGUARD
- to prevent against data loss caused
by a system failure or
hardware/software/information
theft/computer users should back up files
regularly.

• Backup- is a duplicate of a file,

program, or a disk that can be used if
the original is lost, damaged, or
destroyed.
 WIRELESS SECURITY
• Wireless security involves protecting wireless networks and the
data transmitted over them from unauthorized access and
threats.
• War driving- is an activity that involves searching for and
mapping Wi-Fi networks, sometimes with the intent of exploiting
unsecured ones.
• Wireless Access Point (WAP)- is a device that enables wireless
devices, like smartphones, laptops, and tablets, to connect to a
wired network using Wi-Fi.
• Wired Equivalent Privacy (WEP)- is a security standard that
defines how to encrypt data as it travels across wireless
networks.
• Wifi Protected Access (WPA)- is a security standard that improves
on WEP by authenticating network users and providing more
advanced encryption techniques.
IMPORTANCE OF CYBERSECURITY IN
COMPUTING
 Protection of Sensitive Data - It protects personal,
financial, and private information from unauthorized access,
theft, or harm.
 Prevention of Cyber Attacks - It helps defend against
various threats which can compromise systems and data
integrity.
 Maintaining Trust - Ensuring robust security measures
helps maintain trust between organizations and their
customers or users by protecting data and privacy.
 Regulatory Compliance - Effective cybersecurity helps in
adhering to legal and regulatory standards related to data
protection and avoiding legal consequences.
 Operational Continuity - It minimizes the risk of
disruptions to services and operations caused by security
breaches, ensuring that business processes remain
uninterrupted.
 ETHICS AND SOCIETY
• The standards that determine whether an action
is good or bad are known as ethics.
• Computer Ethics- are the moral guidelines that govern
the use of computers and information systems.
• Information Accuracy- is a concern because many
users access information maintained by other people
or companies, such as on the internet.
• Intellectual Property Rights (IP)- refers to unique and
original works such as ideas, inventions, art, writings,
processes, company and product names, and logos.
• Copyright- gives authors and artists exclusive rights to
duplicate, publish, and sell their materials. A copyright
protects any tangible form of expression.
• Data right Management (DRM)- a strategy designed to
prevent illegal distribution of movies, music, and other
digital content.
 INFORMATION PRIVACY
- refers to the right of individuals and
companies to deny or restrict the collection and use
of information about them

• Electronic Profiles- refer to digital representations of

individuals, organizations, or entities, typically created
from personal or identifying information gathered online or
through electronic means.
• Cookie- is a small text file that a web server stores on your
computer.
• Spyware- is a program placed on a computer without the
user’s knowledge that secretly collects information about
the user.
• Adware- is a program the displays an online advertisement
in a banner or pop-up window on the web pages, e-mail
messages, or other internet services.
• Phishing- is a scam in which a perpetrator sends
COMPUTER SECURITY RISKS
an official looking e-mail message that attempts
to obtain your personal and financial information.
• Pharming- is a scam, similar to phishing, where a
perpetrator attempts to obtain your personal and
financial information, except they so via
spoofing.
• Spam- is an unsolicited e-mail message or
newsgroup posting sent to multiple recipients or
newsgroups at once.
• E-mail filtering- is a service that blocks e-mail
messages from designated sources. An
alternative to email filtering is to purchase an
anti-spam program that attempts to remove
spam before it reaches your inbox.
PRIVACY LAWS
COMPUTER SECURITY RISKS
Common points in some of these laws include the following;
1. Information collected and stored about individuals
should be limited to what is necessary to carry out the
function of the business or government agency
collecting the data.
2. Once collected, provisions should be made to restrict
access to the data to those employees within the
organization who need access to it perform their job
duties.

3. Personal information should be released outside the

organization collecting the data only when the person
has agreed to disclosure.
4. When information is collected about an individual, the
individual should know that the data is being collected
and have the opportunity to determine the accuracy of
the data.
• Social Engineering- is defined as a gaining
unauthorized
COMPUTERaccess orSECURITY
obtaining confidential
RISKS
information by taking advantage of the trusting
human nature of some victims and the naivety of
others.
• Employee monitoring- refers to the various
methods and tools that employers use to track
and assess employee activities and performance
in the workplace.
• Content Filtering- is the process of restricting
access to certain material on the web.
• Web Filtering software- is a program that restricts
access to specified web sites.
• Computer Forensics- is also called digital
forensics, network forensics, or cyber forensics, is
the discovery, collection, and analysis of
evidence found on computers and networks.
HEALTH CONCERNS OF COMPUTER
USE
 Computer and Health
RisksStrain Injury (RSI)- is an injury or
• Repetitive
disorder of the muscles, nerves, tendons,
ligaments, and joints.
Some of symptoms are; Pain or Tenderness,
Stiffness, Throbbing or Tingling, Weakness,
Cramping
• Carpal Tunnel Syndrome (CTS)- is inflammation of
the nerve that connects the forearm to the palm of
the wrist.
Some symptoms are; Numbness or Tingling,
Pain, Weakness, Clumsiness
• Computer Vision Syndrome (CVS)
Symptoms of CVS:
Sore, tired, burning, itching, or dry eyes
Blurred or double vision
Distance blurred vision after prolonged staring at a display
device
Headache or sore neck
Difficulty shifting focus between a display device and
documents
Difficulty focusing on the screen image
Color fringes or after-images when you look away from the
display device
Increased sensitivity to light.
• Ergonomics - is an applied science devoted to
incorporating comfort, efficiency, and safety
into the design of items in the workplace.
• Computer Addiction - occurs when the
computer consumes someone’s entire social
life. It is a growing health problem.
• Green Computing - involves reducing the
electricity and environmental waste while
using a computer. People use, and often
waste, resources such as electricity and paper
while using a computer
• Computer vision syndrome(CVS)- also known as
digital eye strain,COMPUTER SECURITY
refers to a group RISKS
of eye and
vision-related problems that result from prolonged
use of digital devices like computers, smartphones,
and tablets. Some of examples are;
THANK YOU!
Eye strain, Headaches, Blurred vision, Dry eyes,
Nick and shoulder pain.
• Ergonomics- is an applied science devoted to
incorporating comfort, efficiency, and safety into the
design of items
ITE in111
the workplace
– Introduction to
• Computer addiction- occurs when the computer
Computing
consumes someone’s entire social life. Computer
GROUP
addiction is a growing health 6
problem.
• Green computing- involves reducing the electricity
and environmental waste while using a computer.