Upload
miles-rodgers
View
218
Download
0
Tags:
Embed Size (px)
Citation preview
Caring forTechnology
Malware
Malware
In this Topic we examine: Viruses (or Malware) Virus Detection Techniques When a Virus is Detected Updating anti-virus software
Have you had a PC virus ?
What happened ?
How did you fix it ?
Computer Security Risks
A Computer security risk is…
p. 556 Fig. 11-1
An Action that causes loss of or damage to a computer system
Computer Viruses, Worms, and Trojan Horses
Viruses, worms, and Trojan horses are:
p. 558
VirusVirus is a potentially damaging computer program
WormWorm copies itself repeatedly,
using up resources
and possibly shutting down computer or
network
Trojan horseTrojan horse hides within or looks like
legitimate program until
triggered
PayloadPayload (destructive event) that is
delivered when you open file, run infected program, or boot computer with infected disk
in disk driveCan
spread and
damage files
Does not replicate itself on
other computer
s
Computer Viruses, Worms, and Trojan Horses
How can a virus spread through an e-mail message?
p. 559 Fig. 11-2
Step 1. Unscrupulous programmers create a virus program. They hide the virus in a Word document and attach the Word document to an e-mail message.
Step 2. They use the Internet to send the e-mail message to thousands of users around the world.
Step 3b. Other users do not recognize the name of the sender of the e-mail message. These users do not open the e-mail message. Instead they delete the e-mail message. These users’ computers are not infected with the virus.
Step 3a. Some users open the attachment and their computers become infected with the virus.
Computer Viruses, Worms, and Trojan Horses
To protect your system from a macro virus…
p. 560 Fig. 11-3
Set macro security level in applications that allow you to write macros
At medium security level, warning displays that document contains macro Macros are instructions
saved in an application, such as word processing or spreadsheet program
Computer Viruses, Worms, and Trojan Horses
An antivirus program…
p. 560 - 561 Fig. 11-4
Identifies and removes computer viruses
Most also protect against worms and Trojan horses
Computer Viruses, Worms, and Trojan Horses
A virus signature is…
p. 561 Fig. 11-5
A specific pattern of virus code Also called virus definition
Antivirus programs look for virus signatures
Keeps file in separate area of hard disk
Computer Viruses, Worms, and Trojan Horses
An antivirus program inoculates a program file by…
p. 561
Recording Recording information information
about program such about program such as file size and as file size and
creation creation datedate Attempts Attempts
to remove to remove any detected any detected
virusvirus
Using Using information information to detect if to detect if
virus tampers virus tampers with filewith file
QuarantinesQuarantines infected infected
files that it files that it cannot cannot removeremove
Computer Viruses, Worms, and Trojan Horses
Tips to prevent virus, worm, and Trojan horse infections…
p. 562
Install a personalfirewall program
If the antivirus program flags an e-mail attachment as infected, delete
the attachment immediately
Set the macro security in programs so you can enable or
disable macros
Never open an e-mail attachment
unless you are expecting it and
it is from a trusted source
Install an antivirus program on all of your computers
Check all downloaded programs for
viruses, worms, or Trojan horses
Computer Viruses, Worms, and Trojan Horses
What is a denial of service attack and back door?
p. 562
A denial of service attack is an assault whichdisrupts access to an Internet service such as
the Web or e-mail
A back door is a program or set of instructionsin a program that allow users to bypass
security controls when accessing a computerresource
Computer Viruses, Worms, and Trojan Horses
Spoofing is…
p. 563
MakingMaking a network a network or Internet or Internet
Transmission appear legitimateTransmission appear legitimate
IP spoofing occurs when an intruderIP spoofing occurs when an intrudercomputer fools a network into computer fools a network into
believing its IP address is from believing its IP address is from a trusted sourcea trusted source
Perpetrators of IP spoofing trick their victims into interacting
with a phony Web site
Computer Viruses, Worms, and Trojan Horses
A firewall is…
p. 563 Fig. 11-7
A security system consisting of hardware and/or software that prevents unauthorised network access
Computer Viruses, Worms, and Trojan Horses
A personal firewall utility is…
p. 564 Fig. 11-8
A program that protects personal computers and its data from unauthorised intrusions
Monitors transmissions to and from computer Informs you of attempted intrusion
Activity
Complete Activity 1 in OneNote
Unauthorized Access and Use
Companies protect themselves against hackers by…
p. 564
Intrusion detection softwareIntrusion detection softwareanalyzes network traffic, assesses analyzes network traffic, assesses
system vulnerabilities, and identifies system vulnerabilities, and identifies intrusions and suspicious behaviorintrusions and suspicious behavior
Access controlAccess control defines who defines who can access computer and can access computer and what actions they can takewhat actions they can take
Audit trailAudit trail records records access attemptsaccess attempts
Unauthorized Access and Use
Other ways to protect your personal computer are…
p. 565 Fig. 11-9
Disable file and printer sharing on Internet connection
File and printer sharing
turned off
Unauthorized Access and Use
A user name is…
p. 566 Fig. 11-10
A unique set of characters that identifies a user Password is private
combination of characters associated with the user name that allows access to computer resources
Unauthorized Access and Use
Make your password more secure by…
p. 567 Fig. 11-11
Using longer passwords to provide greater security
Unauthorized Access and Use
A possessed object is…
p. 567 Fig. 11-12
An item that you must carry to gain access to a computer or facility
Often used with a numeric password called a Personal Identification Number (PIN)
Unauthorized Access and Use
A biometric device can…
p. 567 - 568 Fig. 11-13
Authenticate a person’s identity using personal characteristics Fingerprint, hand geometry,
voice, signature, and iris
Activity
Complete Activity 2 in OneNote
Hardware Theft and Vandalism
Hardware theft and hardware vandalism…
p. 569 Fig. 11-14
Hardware theft is act of stealing computer equipment Cables sometimes used to lock
equipment Some notebook computers use
passwords, possessed objects, and biometrics as security methods
For PDAs, you can password-protect the device
Hardware vandalism is act of defacing or destroying computer equipment
Software Theft
Software theft is…
p. 570
The act of stealing or The act of stealing or illegally copying illegally copying
software or software or intentionally intentionally
erasing erasing programsprograms
Software Software piracypiracy is illegal is illegal duplication duplication of copyrighted of copyrighted softwaresoftware
Software Theft
A licence agreement gives…
p. 570 Fig. 11-15
You the right to use software A standard single-user licence agreement allows users to
install software on one computer, make backup copy, and sell software after removing from computer
Software Theft
Some safeguards against software theft include…
p. 571
Product activationProduct activation allow users to input allow users to input product identification numbers online or by product identification numbers online or by
phone and receive a unique installation phone and receive a unique installation identification number in returnidentification number in return
Business Software AllianceBusiness Software Alliance (BSA) (BSA) promotes better understanding of promotes better understanding of
software piracy problemssoftware piracy problems
Information Theft
Encryption…
p. 571 - 572 Fig. 11-16
Safeguards against information theft Is the process of converting plaintext (readable data)
into ciphertext (unreadable characters) Encryption key (formula) often uses more than one method To read the data, the recipient must decrypt, or decipher, the data
Information Theft
This is what an encrypted file looks like…
p. 573 Fig. 11-17
Activity
Complete Activity 3 in OneNote
Secure siteSecure site – a Web site using
encryption to secure data
Internet Security Risks
How do Web browsers provide secure data transmission?
p. 573
Digital certificateDigital certificate is notice that guarantees Web site is legitimate
Many Web browsers use encryption
Internet Security Risks
A certificate authority (CA)…
p. 573 Fig. 11-18
Authorized person or company that issues and verifies digital certificates
Users apply for digital certificate from CA
Internet Security Risks
Secure Sockets Layer (SSL)…
p. 574 Fig. 11-19
Provides encryption of all data that passes between client and Internet server Web addresses
beginning with “https” indicate secure connections
Undervoltage—drop in electrical supply
System Failure
A system failure…
p. 574
Overvoltage or power surge—
significant increase in electrical power
Noise—unwanted electrical signal
Caused by aging hardware, Caused by aging hardware, natural disasters, or electrical natural disasters, or electrical
power disturbancespower disturbances
Can cause loss of hardware, Can cause loss of hardware, software, or datasoftware, or data
The prolonged malfunction The prolonged malfunction of a computerof a computer
System Failure
A surge protector…
p. 574 - 575 Figs. 11-20–11-21
Protects computer and equipment from electrical power disturbances
Uninterruptible power supply (UPS) is surge protector that provides power during power loss
Backing Up — The Ultimate SafeguardA backup…
p. 576
Is a duplicate of file(s), program(s), or disk(s)
Full backupFull backupall files in the
computer
Full backupFull backupall files in the
computer
Selective Selective backupbackupselect
which files to back up
Selective Selective backupbackupselect
which files to back up
Three-generation Three-generation backupbackup
preserves three copies
of important files
Three-generation Three-generation backupbackup
preserves three copies
of important files
In case of system failure or corrupted files, restore files by copying to original location
Wireless Security
To ensuring wireless communication is secure…
p. 577 Fig. 11-22
Secure your wireless access point (WAP) WAP should not broadcast your network name Enable Wired Equivalent Privacy
Updating anti-virus software
Software needs to be continually updated since new viruses are being written all the time
It has been suggested that up to 200 new viruses are written every week
Most vendors of anti virus software have a website from where you can download the most current version of their software
Activity
Complete Activity 4 in OneNote