Computer Application

Assignment

Name ID
Amanuel Kassahun RAC/042/23

Submitted To:- Mr. Gulelat Yohannes

Submission Date: June 07,2024

1
What is Information security?

Information security is the practice of protecting information by mitigating information risks. It

involves the protection of information systems and the information processed, stored and
transmitted by these systems from unauthorized access, use, disclosure, disruption, modification or
destruction. This includes the protection of personal information, financial information, and sensitive
or confidential information stored in both digital and physical forms. Effective information security
requires a comprehensive and multi-disciplinary approach, involving people, processes, and
technology.

Information Security is not only about securing information from unauthorized access. Information
Security is basically the practice of preventing unauthorized access, use, disclosure, disruption,
modification, inspection, recording or destruction of information. Information can be a physical or
electronic one. Information can be anything like Your details or we can say your profile on social
media, your data on mobile phone, your biometrics etc. Thus Information Security spans so many
research areas like Cryptography, Mobile Computing, Cyber Forensics, Online Social Media, etc.

During First World War, Multi-tier Classification System was developed keeping in mind the
sensitivity of the information. With the beginning of Second World War, formal alignment of the
Classification System was done. Alan Turing was the one who successfully decrypted Enigma
Machine which was used by Germans to encrypt warfare data.

Effective information security requires a comprehensive approach that considers all aspects of the
information environment, including technology, policies and procedures, and people. It also requires
ongoing monitoring, assessment, and adaptation to address emerging threats and vulnerabilities.

Why we use Information Security?

We use information security to protect valuable information assets from a wide range of threats,
including theft, espionage, and cybercrime. Information security is necessary to ensure the
confidentiality, integrity, and availability of information, whether it is stored digitally or in other
forms such as paper documents. Here are some key reasons why information security is important:

Protecting sensitive information: Information security helps protect sensitive information from being
accessed, disclosed, or modified by unauthorized individuals. This includes personal information,
financial data, and trade secrets, as well as confidential government and military information.

Mitigating risk: By implementing information security measures, organizations can mitigate the risks
associated with cyber threats and other security incidents. This includes minimizing the risk of data
breaches, denial-of-service attacks, and other malicious activities.

Compliance with regulations: Many industries and jurisdictions have specific regulations governing
the protection of sensitive information. Information security measures help ensure compliance with
these regulations, reducing the risk of fines and legal liability.

2
Protecting reputation: Security breaches can damage an organization’s reputation and lead to lost
business. Effective information security can help protect an organization’s reputation by minimizing
the risk of security incidents.

Ensuring business continuity: Information security helps ensure that critical business functions can
continue even in the event of a security incident. This includes maintaining access to key systems
and data, and minimizing the impact of any disruptions.

Information Security programs are build around 3 objectives, commonly known as CIA –
Confidentiality, Integrity, Availability.

Confidentiality – means information is not disclosed to unauthorized individuals, entities and

process. For example if we say I have a password for my Gmail account but someone saw while I was
doing a login into Gmail account. In that case my password has been compromised and
Confidentiality has been breached.

Integrity – means maintaining accuracy and completeness of data. This means data cannot be edited
in an unauthorized way. For example if an employee leaves an organisation then in that case data for
that employee in all departments like accounts, should be updated to reflect status to JOB LEFT so
that data is complete and accurate and in addition to this only authorized person should be allowed
to edit employee data.

Availability – means information must be available when needed. For example if one needs to
access information of a particular employee to check whether employee has outstanded the number
of leaves, in that case it requires collaboration from different organizational teams like network

3
operations, development operations, incident response and policy/change management. Denial of
service attack is one of the factor that can hamper the availability of information.

What is a computer virus?

A computer virus is a malicious code or program designed to spread from one computer to another,
causing damage to data and system operations. My paper shows how viruses work, signs to look out
for, and the main types.

A computer virus is a type of malware created to replicate and spread itself across computers.
Computer viruses spread digitally from host to host, infecting systems and replicating themselves as
they go, similar to how a flu virus spreads through a population.

And, just as a flu virus relies on a host cell for reproduction, a computer virus requires specific
programming—often embedded in files or documents—to replicate and spread through digital
systems.

Below, we’ll discuss common computer virus symptoms, examples of well-known viruses, and tips to
get rid of a virus if your device gets infected.

What causes a computer virus?

Hackers spread computer viruses by creating malicious code that can get inside a computer system,
modify it, and spread to other computers. A virus infects devices and spreads by attaching itself to
legitimate programs or documents that support macros, enabling it to execute its code.

Most people unknowingly spread viruses from one computer to another by opening links to infected
sites, installing unsafe software, or not taking the right steps to protect themselves from computer
viruses.

4
How do computer viruses spread?

Malicious software spreads when unsuspecting users interact with infected digital assets. When a
virus makes its way onto a device, it creates copies of itself and begins filling the computer’s hard
drive, spreading to other devices, or both. Viruses are commonly spread through email, text
messages, and by downloading infected software.

Here’s how computer viruses work.

1. A virus infects a file or system

Computer viruses attach themselves to a piece of software, an online program, a file, or a piece of
code. They can spread through email and text message attachments, files you download online, or
scam links sent on social media.

2. An unsuspecting user executes the virus’s code

Once attached, the virus lies dormant until an unsuspecting user executes the code or program. The
user must run the infected program to infect your computer, activating the virus code. This means a
virus can remain dormant without showing any noticeable signs.

3. The virus spreads

Once a computer is infected, the virus can spread to other computers on the same network and
cause damage by stealing passwords, logging keystrokes, corrupting files, or sending spam emails to
contacts. While some viruses can be relatively harmless, others can have profound and damaging
effects, leading to data loss, permanent hard disk damage, or financial losses.

5
What are the signs of a computer virus?

While computer viruses can work discreetly, they often come with a few tell-tale signs. Slow
performance, unexpected pop-ups, and unexplained changes in settings can indicate a potential
threat.

Recognizing a computer virus infection begins with paying attention to unusual system behavior.
Watch for the following computer virus warning signs:

Frequent pop-ups: Intrusive or suspicious pop-up windows are common signs of a computer virus.
These pop-ups might encourage you to visit unusual sites or prod you to download fake antivirus
software.

Sluggish performance: A slow computer, or slower-than-normal processing speed, could be a sign

that your computer has a virus.

Unusual system crashes: Frequent and unexpected crashes or freezes on your device can indicate a
computer virus has damaged your hard drive. It may also prevent your device from coming back on.

Unknown programs: If new, unsolicited, and unfamiliar software or icons appear on your desktop
when you start your computer, it may indicate a virus.

Unprompted password changes: Unexplained password changes that prevent you from logging into
your computer are often signs of a virus. (Maintaining strong password security can help prevent
this.)

Unexplained settings changes: An infected computer may lead you to find alterations to system
settings that you didn’t do yourself.

6
3 Most Dangerous Virus & Malware Threats in 2024

1. Clop Ransomware

Ransomware is malware which encrypts your files until you pay a ransom to the hackers. “Clop” is
one of the most dangerous ransomware threats. It’s a variant of the well-known CryptoMix
ransomware, which frequently targets Windows users.

Before beginning the encryption process, the Clop ransomware blocks over 600 Windows processes
and disables multiple Windows 10 and 11 applications, including Windows Defender and Microsoft
Security Essentials — leaving you with zero chance of protecting your data.

The Clop ransomware has evolved since its inception, now targeting entire networks — not just
individual devices. Even the Maastricht University in the Netherlands became a victim of the Clop
ransomware, with almost all Windows devices on the university’s network being encrypted and
forced to pay a ransom.

2. Fake Windows Updates (Hidden Ransomware)

Hackers have been increasingly sending emails that instruct readers to install urgent Windows OS
updates. The emails trick readers into installing the “latest” Windows updates, which are actually
ransomware ‘.exe’ files in disguise.

The ransomware contained in these emails is known as “Cyborg”. It encrypts all of your files and
programs and demands a ransom payment to un-encrypt the files.

Unfortunately, many email service providers and basic antivirus software aren’t able to detect and
block these emails. This is why you must be using an antivirus that provides proper internet security,
protecting you from dangerous emails.

3. Zeus Gameover

Zeus Gameover is part of the “Zeus” family of malware and viruses. This piece of malware is a Trojan
— malware disguised as something legitimate — that accesses your sensitive bank account details
and steals all of your funds.

The worst thing about this particular variant of the Zeus malware family is that it doesn’t require a
centralized “Command and Control” server to complete transactions — which is a flaw found in
many cyberattacks that authorities can target. Instead, Zeus Gameover can bypass centralized
servers and create independent servers to send sensitive information. In essence, you cannot trace
your stolen data.

How we stay safe from computer viruses

Enable automatic scanning

Configure your antivirus software to automatically scan email attachments or file downloads. You
can usually find this feature in the settings or preferences menu of the antivirus program.

7
Stay on top of software updates

Staying on top of your software updates is a simple way to patch up potential vulnerabilities on your
computer. Be sure your operating system, browsers, and other software are regularly updated.

Be wary of email attachments

Email attachments are a common target for viruses to attach themselves to. Avoid opening
attachments or clicking links from unknown or suspicious senders, because it could be a phishing
attack. Use your antivirus software to scan attachments before opening them.

Don’t click on pop-ups

Unprompted or unwanted pop-ups can contain viruses. Avoid clicking pop-ups on your phone or
computer while online. And don’t visit unsafe or dangerous websites.

Download wisely

Only download software and files from trustworthy sources, and always scan the files you download
using your antivirus software.

Backup your data

It’s wise to regularly back up your data and important files to an external drive or a secure cloud
storage service. That way, you can lessen the impact of potential data loss if your computer is
impacted by a virus or another form of malware, like a type of ransomware.

Defend your digital space

Once you understand how computer viruses work, you can take the simple (but crucial) steps to stop
them. Maintaining software updates, ensuring you have proper email security and downloads, and
backing up important data are practical ways to secure your digital space.

But parts of the internet are awash with viruses, and new stains are appearing all the time. That’s
why you should use reliable antivirus software.

8
Reference :

“Handbook of Information Security, Volume 1” edited by Hossein Bidgoli

“Information Security Principles and Practice” by Mark Stanislav and Mark Merkow.

“Computer Security Fundamentals” by Chuck Easttom.

“Cybersecurity and Cyberwar: What Everyone Needs to Know” by P.W. Singer and Allan Friedman.

The National Institute of Standards and Technology (NIST) Cybersecurity Framework.

ISO/IEC 27001 Information Security Management Systems Standard.

SANS Institute, which offers a variety of information security resources and training programs.

OWASP Foundation, which provides information and tools to help organizations improve their
application security.