SECURITY AND

ETHICS
DEFINITION

 DATA SECURITY:
 methods taken to prevent unauthorised access to data and to recover
data if lost or corrupted.
KEY WORDS

 Data privacy – the privacy of personal information, or other

information stored on a computer, that should not be accessed by
unauthorised parties.
 Data protection laws – laws which govern how data should be kept
private and secure
 User account – an agreement that allows an individual to use a
computer or network server, often requiring a user name and
password.
CONT..

 Authentication – a way of proving somebody or something is who or

what they claim to be.
 Access rights (data security) – use of access levels to ensure only
authorised users can gain access to certain data.
 Malware – malicious software that seeks to damage or gain
unauthorised access to a computer system.
 Firewall – software or hardware that sits between a computer and
external network that monitors and filters all incoming and outgoing
activities.
 Anti-spyware software – software that detects and removes spyware
programs installed illegally on a user’s computer system
CONT….

 Encryption – the use of encryption keys to make data meaningless

without the correct decryption key.
 Biometrics – use of unique human characteristics to identify a user
(such as fingerprints or face recognition).
 Phishing – legitimate-looking emails designed to trick a recipient into
giving their personal data to the sender of the email.
 Pharming – redirecting a user to a fake website in order to illegally
obtain personal data about the user.
 DNS cache poisoning – altering IP addresses on a DNS server by a
‘pharmer’ or hacker with the intention of redirecting a user to their
fake website
CONT….

 Hacking – illegal access to a computer system without the owner’s

permission.
 Malicious hacking – hacking done with the sole intent of causing harm
to a computer system or user (for example, deletion of files or use of
private data to the hacker’s advantage).
 Ethical hacking – hacking used to test the security and vulnerability of
a computer system. The hacking is carried out with the permission of
the computer system owner, for example, to help a company identify
risks associated with malicious hacking of their computer systems..
DATA PRIVACY

 Data privacy
 Data stored about a person or an organisation must remain private
and unauthorised access to the data must be prevented – data
privacy is required.
 This is achieved partly by data protection laws.
 These laws vary from country to country, but all follow the same eight
guiding principles
LAW GUIDIG PRINCIPLES

 1 Data must be fairly and lawfully processed.

 2 Data can only be processed for the stated purpose.
 3 Data must be adequate, relevant and not excessive.
 4 Data must be accurate.
 5 Data must not be kept longer than necessary.
 6 Data must be processed in accordance with the data subject’s
rights.
 7 Data must be kept secure.
 8 Data must not be transferred to another country unless that
country also has adequate protection.
Preventing data loss and restricting
data access
 Data security refers to the methods used to prevent unauthorised
access to data, as well as to the data recovery methods if it is lost.
USER ACCOUNTS

 User accounts
 User accounts are used to authenticate a user (prove that a user is
who they say they are).
 User accounts are used on both standalone and networked computers
in case the computer can be accessed by a number of people.
 This is often done by a screen prompt asking for a username and
password:
 User accounts control access rights
USE OF PASSWORDS

 Use of passwords
 Passwords are used to restrict access to data or systems.
 They should be hard to crack and changed frequently to retain
security.
 Passwords can also take the form of biometrics (such as on a mobile
phone, ). Passwords are also used, for example, when • accessing
email accounts • carrying out online banking or shopping •
accessing social networking sites.
CONT..

 It is important that passwords are protected.

 Some ways of doing this are to
 • run anti-spyware software to make sure your passwords are not
being relayed to whoever put the spyware on your computer
 • regularly change passwords in case they have been seen by
someone else, illegally or accidentally
 • make sure passwords are difficult to crack or guess (for example,
do not use your date of birth or pet’s name)
 . Passwords are grouped as either strong (hard to crack or guess) or
weak (relatively easy to crack or guess)
CONT…

 . Strong passwords should contain

 • at least one capital letter
 • at least one numerical value
 • at least one other keyboard character (such as @, *, &)
 Example of a strong password: Sy12@#TT90kj=0
 Example of a weak password: GREEN
DIGITAL SIGNATURES

 Digital signatures
 Digital signatures protect data by providing a way of identifying the
sender of, for example, an email.
FIREWALLS

 Use of firewalls
 A firewall can be software or hardware.
 It sits between the user’s computer and an external network (such as
the internet) and filters information in and out of the computer.
 This allows the user to decide to allow communication with an
external source and warns a user that an external source is trying to
access their computer.
 Firewalls are the primary defence to any computer system to protect
from hacking, malware (viruses and spyware), phishing and pharming
CONT….

 The tasks carried out by a firewall include

 • examining the traffic between the user’s computer (or internal
network) and a public network (such as the internet)
 • checking whether incoming or outgoing data meets a given set of
criteria
 • blocking the traffic if the data fails to meet the criteria, and giving
the user (or network manager) a warning that there may be a
security issue
 • logging all incoming and outgoing traffic to allow later interrogation
by the user (or network manager)
 • preventing access to certain undesirable sites – the firewall can
keep a list of all undesirable IP addresses
CONT…

 • helping to prevent viruses or hackers entering the user’s computer

(or internal network)
 • warning the user if some software on their system is trying to
access an external data source (such as an automatic software
upgrade).
 The user is given the option of allowing it to go ahead or request that
such access is denied.
 The firewall can be a hardware interface which is located somewhere
between the computer (or internal network external link) and the
internet connection. In these cases, it is often referred to as a
gateway. Alternatively, the firewall can be software installed on a
computer, sometimes as part of the operating system.
CONT..

 However, sometimes the firewall cannot prevent potential harmful

traffic.
 It cannot
 • prevent individuals, on internal networks, using their own modems
to by-pass the firewall
 • control employee misconduct or carelessness (for example, control
of passwords or user accounts)
 • prevent users on stand-alone computers from disabling the firewall.
 These issues require management and/or personal control to ensure
the firewall can work effectively.
ANTVIRUS

 Antivirus software
 Running antivirus software in the background on a computer will
constantly check for virus attacks.
 Although different types of antivirus software work in different ways,
they all • check software or files before they are run or loaded on a
computer
 • compare possible viruses against a database of known viruses
 • carry out heuristic checking (check software for behaviour that
could indicate a virus, which is useful if software is infected by a virus
not yet on the database)
CONT..

 • quarantine files or programs which are possibly infected and

 – allow the virus to be automatically deleted, or
 – allow the user to make the decision about deletion (it is possible
that the user knows that the file or program is not infected by a virus
 – this is known as a false positive and is one of the drawbacks of
antivirus software).
ANTI-SPYWARE

 Anti-spyware software
 Anti-spyware software detects and removes spyware programs
installed illegally on a user’s computer system.
 The software is either based on rules (it looks for typical features
associated with spyware) or based on known file structures which can
identify common spyware programs
ENCRYPTION

 Encryption
 If data on a computer has been accessed illegally (by a hacker, for
example) it is possible to encrypt the data, making it virtually
impossible to understand without encryption keys to decode it.
 This cannot stop a hacker from deleting the files, but it will stop them
using the data for themselves.
BIOMETRICS

 Biometrics
 In an attempt to stay one step ahead of hackers and malware writers,
many modern computer devices use biometrics as part of the
password system.
 Biometrics rely on the unique characteristics of human beings.
 Examples include fingerprint scans,
 retina scans (pattern of blood capillary structure),
 face recognition
 and voice recognition
Risks to the security of stored data

 Hacking
 There are two types of hacking:
1.malicious and
2. ethical
MALICIOUS HACKING

 Malicious hacking is the illegal access to a computer system without

the user’s permission or knowledge.
 It is usually employed with the intention of deleting, altering or
corrupting files, or to gain personal details such as bank account
details.
 Strong passwords, firewalls and software which can detect illegal
activity all guard against hacking.
ETHICAL HACKING

 Ethical hacking is authorised by companies to check their security

measures and how robust their computer systems are to resist
hacking attacks.
 It is legal, and is done with a company’s permission with a fee paid to
the ethical hackers
Malicious Code Software (Malware)
DEFINITON

 Malware (short for malicious software) are pieces of software that

have been written and coded with the intention of causing damage to
or stealing data from a computer or system.
 There are several different types of malware that criminals have
coded and used against users and systems.
Malware

 VIRUSES
 Programs or program code that can replicate and/or copy themselves
with the intention of deleting or corrupting files or causing the
computer to malfunction.
 They need an active host program on the target computer or an
operating system that has already been infected before they can run.
 Worms A type of stand-alone virus that can replicate themselves with
the intention of spreading to other computers; they often use
networks to search out computers with weak security.
 Logic bombs Code embedded in a program on a computer. When
certain conditions are met (such as a specific date) they are activated
to carry out tasks such as deleting files or sending data to a hacker..
CONT…

 Trojan horses Malicious programs often disguised as legitimate

software.
 They replace all or part of the legitimate software with the intent of
carrying out some harm to the user’s computer system.
 Bots (internet robots) Not always harmful and can be used, for
example, to search automatically for an item on the internet.
However, they can cause harm by taking control over a computer
system and launching attacks.
CONT..

 Spyware Software that gathers information by monitoring, for

example, key presses on the user’s keyboard.
 The information is then sent back to the person who sent the
software – sometimes referred to as key logging software
PHISHING

 Phishing
 Phishing is when someone sends legitimate-looking emails to users.
 They may contain links or attachments which, when clicked, take the
user to a fake website, or they may trick the user into responding
with personal data such as bank account details or credit card
numbers.
 The email often appears to come from a trusted source such as a
bank or service provider.
 The key is that the recipient has to carry out a task (click a link, for
example) before the phishing scam causes harm.
WAYS TO PREVENT PHISHING

 There are numerous ways to help prevent phishing attacks:

 • Users need to be aware of new phishing scams.
 Those people in industry or commerce should undergo frequent
security awareness training to become aware of how to identify
phishing (and pharming) scams.
 • Do not click on links unless certain that it is safe to do so; fake
emails can often be identified by greetings such as ‘Dear Customer’
or ‘Dear emailperson@gmail.com’, and so on.
 • It is important to run anti-phishing toolbars on web browsers (this
includes tablets and mobile phones) since these will alert the user to
malicious websites contained in an email
CONT…

 • Look out for https and/or the green padlock symbol in the address
bar (both suggest that traffic to and from the website is encrypted).
 • Regularly check online accounts and frequently change passwords.
 • Ensure an up-to-date browser, with all of the latest security
upgrades, is running, and run a good firewall in the background at all
times. A combination of a desktop firewall (usually software) and a
network firewall (usually hardware) considerably reduces risk.
 • Be wary of pop-ups – use the web browser to block them; if pop-
ups get through your defences, do not click on ‘cancel’ since this
often leads to phishing or pharming sites – the best option is to select
the small X in the top right hand corner of the pop-up window, which
closes it down.
PHARMING

 Pharming
 Pharming is malicious code installed on a user’s computer or on a
web server.
 The code redirects the user to a fake website without their knowledge
(the user does not have to take any action, unlike phishing).
 The creator of the malicious code can gain personal data such as
bank details from users. Often, the website appears to belong to a
trusted company and can lead to fraud or identity theft.
PROTECTION AGAINST PHARMING

 Protection against pharming

 It is possible to mitigate the risk of pharming by
 • using antivirus software, which can detect unauthorised alterations
to a website address and warn the user
 • using modern web browsers that alert users to pharming and
phishing attacks • checking the spelling of websites
 • checking for https and/or the green padlock symbol in the address
bar.
 It is more difficult to mitigate risk if the DNS server itself has been
infected (rather than the user’s computer).
DATA RECOVERY

 Data recovery
 It covers the potential impact on data caused by accidental mal-
operation, hardware malfunction and software malfunction.
 In each case, the method of data recovery and safeguards to
minimise the risk are considered
CONT…
CONT…
DATA RECOVERY SOFTWARES