IT Security

Computer Basics
Learning Objectives
 Define Computer security
 Explain how the Virus Spreads
 List types of Viruses and other Malicious Programs
 List Cyber Crime Prevention tips
 Explain Firewall
 Define Phishing

Definition
Computer security, also known as cyber security or IT security, is the protection of computer
systems from the theft or damage to their hardware, software or information, as well as from
disruption or misdirection of the services they provide.

Cyber security includes controlling physical access to the hardware, as well as protecting against
harm that may come via network access, data and code injection. Also, due to malpractice by
operators, whether intentional, accidental, IT security is susceptible to being tricked into
deviating from secure procedures through various methods.

How the Virus Spreads

The virus can cause damage in many forms. A mild version, like the Melissa virus, can spam other
email addresses and social media accounts. Other worms can spread into your computer to
delete files, erase hard disks, cause malfunction, and steal private information. Let's look at a
more serious virus.

Have you heard of ILOVEYOU, born a year after the Melissa virus? Like Melissa, The ILOVEYOU
malware program came in the form of an email attachment. Instead of stealing 50 email
addresses, ILOVEYOU stole all of your email addresses. It deleted your images saved as jpeg or jpg
and corrupted your music files. It also controlled your Internet browser to make you click on
other viruses and shared your passwords. It is estimated that the ILOVEYOU virus caused billions
of dollars' worth of damages.

Most Common Types of Viruses and Other Malicious Programs

1. Resident Viruses
This type of virus is a permanent which dwells in the RAM memory. From there it can
overcome and interrupt all of the operations executed by the system: corrupting files and
programs that are opened, closed, copied, renamed etc.
Examples include: Randex, CMJ, Meve, and MrKlunky.

2. Direct Action Viruses

The main purpose of this virus is to replicate and take action when it is executed. When a
specific condition is met, the virus will go into action and infect files in the directory or folder
that it is in and in directories that are specified in the AUTOEXEC.BAT file PATH. This batch file
is always located in the root directory of the hard disk and carries out certain operations when
the computer is booted.

3. Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain
macros. These mini-programs make it possible to automate series of operations so that they
are performed as a single action, thereby saving the user from having to carry them out one
by one.
Examples of macro viruses: Relax, Melissa.A, Bablas, O97M/Y2K.

4. File Infectors
This type of virus infects programs or executable files (files with an .EXE or .COM extension).
When one of these programs is run, directly or indirectly, the virus is activated, producing the
damaging effects it is programmed to carry out. The majority of existing viruses belongs to
this category, and can be classified depending on the actions that they carry out.

5. Encrypted Viruses
This type of viruses consists of encrypted malicious code, decrypted module. The viruses use
encrypted code technique which make antivirus software hardly to detect them. The antivirus
program usually can detect this type of viruses when they try spread by decrypted
themselves.

6. Network Virus
Network viruses rapidly spread through a Local Network Area (LAN), and sometimes
throughout the internet. Generally, network viruses multiply through shared resources, i.e.,
shared drives and folders. When the virus infects a computer, it searches through the network
to attack its new potential prey. When the virus finishes infecting that computer, it moves on
to the next and the cycle repeats itself.
The most dangerous network viruses are Nimda and SQLSlammer.

7. FAT Virus
The file allocation table or FAT is the part of a disk used to connect information and is a vital
part of the normal functioning of the computer.

This type of virus attack can be especially dangerous, by preventing access to certain sections
of the disk where important files are stored. Damage caused can result in information losses
from individual files or even entire directories.

8. Worms
A worm is technically not a virus, but a program very similar to a virus; it has the ability to self-
replicate, and can lead to negative effects on your system and most importantly they are
detected and eliminated by antiviruses.
Examples of worms include: PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson.

9. Trojans or Trojan Horses

Another unsavoury breed of malicious code (not a virus as well) are Trojans or Trojan horses,
which unlike viruses do not reproduce by infecting other files, nor do they self-replicate like
 worms.

10. Logic Bombs

They are not considered viruses because they do not replicate. They are not even programs in
their own right but rather camouflaged segments of other programs.

Their objective is to destroy data on the computer once certain conditions have been met.
Logic bombs go undetected until launched, and the results can be destructive.

Top 10 Cyber Crime Prevention Tips

1. Use Strong Passwords
Use different user ID / password combinations for different accounts and avoid writing them
down. Make the passwords more complicated by combining letters, numbers, special
characters (minimum 10 characters in total) and change them on a regular basis.

2. Secure your computer

 Activate your firewall
Firewalls are the first line of cyber defence; they block connections to unknown or bogus
sites and will keep out some types of viruses and hackers.
 Use anti-virus/malware software Prevent viruses from infecting your computer by
installing and regularly updating anti-virus software.
 Block spyware attacks Prevent spyware from infiltrating your computer by installing
and updating anti-spyware software.
3. Be Social-Media Savvy
Make sure your social networking profiles (e.g. Facebook, Twitter, YouTube, MSN, etc.) are set
to private. Check your security settings. Be careful what information you post online. Once it
is on the Internet, it is there forever!
4. Secure your Mobile Devices
Be aware that your mobile device is vulnerable to viruses and hackers. Download applications
from trusted sources.

5. Install the latest operating system updates

Keep your applications and operating system (e.g. Windows, Mac, Linux) current with the
latest system updates. Turn on automatic updates to prevent potential attacks on older
software.

6. Protect your Data

Use encryption for your most sensitive files such as tax returns or financial records, make
regular back-ups of all your important data, and store it in another location.

7. Secure your wireless network

Wi-Fi (wireless) networks at home are vulnerable to intrusion if they are not properly secured.
Review and modify default settings. Public Wi-Fi, a.k.a. “Hot Spots”, are also vulnerable. Avoid
conducting financial or corporate transactions on these networks.

8. Protect your e-identity

 Be cautious when giving out personal information such as your name, address, phone number
or financial information on the Internet. Make sure that websites are secure (e.g. when
making online purchases) or that you’ve enabled privacy settings (e.g. when accessing/using
social networking sites).

9. Avoid being scammed

Always think before you click on a link or file of unknown origin. Don’t feel pressured by any
emails. Check the source of the message. When in doubt, verify the source. Never reply to
emails that ask you to verify your information or confirm your user ID or password.

10. Call the right person for help

Don’t panic! If you are a victim, if you encounter illegal Internet content (e.g. child
exploitation) or if you suspect a computer crime, identity theft or a commercial scam, report
this to your local police. If you need help with maintenance or software installation on your
computer, consult with your service provider or a certified computer technician.

Firewall
A firewall is a network security system designed
to prevent unauthorized access to or from a
private network. Firewalls can be implemented as
both hardware and software, or a combination of
both. Network firewalls are frequently used to
prevent unauthorized Internet users from
accessing private networks connected to the
Internet, especially intranets.
All messages entering or leaving the intranet pass through the firewall, which examines each
message and blocks those that do not meet the specified security criteria.

Hardware and Software Firewalls

Firewalls can be either hardware or software but the ideal configuration will consist of both. In addition to
limiting access to your computer and network, a firewall is also useful for allowing remote access to a
private network through secure authentication certificates and logins.

Hardware firewalls can be purchased as a stand-alone product but are typically found in broadband
routers, and should be considered an important part of your system security and network set-up. Most
hardware firewalls will have a minimum of four network ports to connect other computers, but for larger
networks, a business networking firewall solution is available.

Phishing
Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit
card details (and, indirectly, money), often for malicious reasons, by disguising as a trustworthy
entity in an electronic communication. The word is a neologism created as a homophone of
fishing due to the similarity of using a bait in an attempt to catch a victim.

Phishing types
1. Spear phishing
 Phishing attempts directed at specific individuals or companies have been termed spear
phishing. Attackers may gather personal information about their target to increase their
probability of success. This technique is by far the most successful on the internet today,
accounting for 91% of attacks.

2. Clone phishing
Clone phishing is a type of phishing attack whereby a legitimate, and previously delivered,
email containing an attachment or link has had its content and recipient address taken and
used to create an almost identical or cloned email. The attachment or link within the email is
replaced with a malicious version and then sent from an email address spoofed to appear to
come from the original sender. It may claim to be a resend of the original or an updated
version to the original. This technique could be used to pivot (indirectly) from a previously
infected machine and gain a foothold on another machine, by exploiting the social trust
associated with the inferred connection due to both parties receiving the original email.

3. Whaling
Several phishing attacks have been directed specifically at senior executives and other high-
profile targets within businesses, and the term whaling has been coined for these kinds of
attacks. In the case of whaling, the masquerading web page/email will take a more serious
executive-level form. The content will be crafted to target an upper manager and the person's
role in the company. The content of a whaling attack email is often written as a legal
subpoena, customer complaint, or executive issue. Whaling scam emails are designed to
masquerade as a critical business email, sent from a legitimate business authority. The
content is meant to be tailored for upper management, and usually involves some kind of
falsified company-wide concern. Whaling phishers have also forged official-looking FBI
subpoena emails, and claimed that the manager needs to click a link and install special
software to view the subpoena.

1.

Do’s & Don’ts

Computers are indispensable learning tools nowadays, and it is of utmost importance to understand how
to secure the computers, the data, and other electronic devices. Below are some tips to help raising the
awareness against information leakage and IT security attacks.

1. General
 People is the weakest link in information security as in many cases the leakage can be avoided if the
person involved can have better knowledge in data protection. Users are recommended to develop
information security mindset, build and reinforce good practice through regular updates of
information security awareness.

2. Computer/Data Usage

Risk DOs DON'Ts

o Loss of data o Be accountable for your IT assetso
o Compromise and data
security policies o Adhere to Policy on Use of IT
o Misuse of data Services and Facilities
o Use good judgement to protect
your data
o Protect your laptop during trip
o Ensure sensitive information on
the computer screen is not
visible to others
o Protect your user ID and
password
Don’t store sensitive information in
portable device without strong
encryption
o Don’t leave your computer / sensitive
documents unlocked
o Don’t discuss something sensitive in
public place. People around you may
be listening to your conversation

3. Surfing Web

Risk DOs DON'Ts

o Virus o Validate the website you are accessing o Don't download data from doubtful
o Worms o Install personal Firewall sources
o Trojan o Be cautious if you are asked for o Don't visit untrustworthy sites out
o Spyware personal information of curiosity, or access the URLs
o Malware o Use encryption to protect sensitive provided in those websites
data transmitted over public networks o Don't use illegal software and
and the Internet programs
o Install anti-virus, perform scheduled o Don't download programs without
virus scanning and keep virus permission of the copyright owner
signature up-to-date or licensee (e.g. the use of BT
o Apply security patching timely software)
o Backup your system and data, and
store it securely

4. Email

Risk DOs DON'Ts

o Junk mail o Do scan all email attachments for viruses o Don't open email
o Spam mail before opening them attachments from unknown
o Virus o Use email filtering software sources
 o Only give your email address to people you o Don't send mail bomb,
know forward or reply to junk
o Use PGP or digital certificate to encrypt email or hoax message
emails which contain confidential o Don’t click on links
information; staff can use confidential email embedded in spam mails
o Use digital signature to send emails for o Don’t buy things or make
proving who you are charity donations in
response to spam email

5. E-Commerce

Risk DOs DON'Ts

o Identity theft o Check the terms and disclaimers of an o Don’t make any e-shopping
e-shopping site before acquiring its transactions using computers in
service Internet cafe
o Choose well-known or trustworthy e- o Don't visit untrustworthy sites
shopping sites out of curiosity
o Check the trustworthiness of the e- o Don’t use easily-guessed
commerce website (e.g. checking the password, such as HKID card
SSL certificate) number, phone number, date of
o Use digital certificate for executive birth
transactions over the web o Don’t share your IDs with others
o Use strong password, and change
your password on a regular basis
o Logout immediately after you finished
your e-shopping activities
o Retain and review your transaction
records
o Use different passwords for bank
accounts, university accounts and
external accounts

6. Public Terminals

Risk DOs DON'Ts

o Account Access o Always reboot when o Don’t leave without closing all browsers
o Information Loss starting to use the public and logging out from the public PCs
 PCs o Don't let others watch over your
o Clean up cache files after shoulder while logging in or doing
use online transactions

7. How to Secure Your Computer

 Patch the system regularly

 Install security software (e.g. web filtering, anti-Virus, anti-Spam, anti-Spyware, personal firewall
etc.)
 Beware of P2P software (e.g. BT, Foxy, eMule)