Cyber-threats and Security in Computing

Posted by under Blog on January 4, 2019

Tablets, smartphones, TV set-top boxes, GPS navigation devices, exercise monitors, home security stations all have your data. This data is freely shared to devices and you have no control over this.

With cyber-threats like Ransomware doing the rounds, a lot needs to be done in the field of Computer Security.

On the one hand people want the convenience and benefits that added connectivity brings, while on the other hand, people are worried, and some are seriously harmed by the impact of such incidents.

Ransomware

It is a type of malicious software from cryptovirology that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. While some simple ransomware may lock the system in a way which is not difficult for a knowledgeable person to reverse, more advanced malware uses a technique called cryptoviral extortion, in which it encrypts the victim’s files, making them inaccessible, and demands a ransom payment to decrypt them.  In a properly implemented cryptoviral extortion attack, recovering the files without the decryption key is an intractable problem – and difficult to trace digital currencies such as Ukash and cryptocurrency are used for the ransoms, making tracing and prosecuting the perpetrators difficult.

Examples:
Reveton
CryptoLocker
CryptoLocker.F or TorrentLocker
CryptoWall
Fusob
WannaCry
Petya
BadRabbit
SamSam

Computer security brings the two threads together as technology races forward with smart products whose designers omit the basic controls that can prevent or limit catastrophes.

Vulnerability: weakness
Threat: condition that exercises vulnerability
Incident: vulnerability + threat
Control: reduction of threat or vulnerablity

Computer security is the protection of the items you value, called the assets of a computer or computer system. There are many types of assets, involving hardware, software, data, people, processes, or combinations of these. To determine what to protect, we must first identify what has value and to whom. A computer device (including hardware, added components, and accessories) is certainly an asset. Because most computer hardware is pretty useless without programs, the software is also an asset. Software includes the operating system, utilities and device handlers; applications such as word processing, media players or email handlers; and even programs that you may have written yourself.

The thing that makes your computer unique and important to you is its content:

photos, tunes, papers, email messages, projects, calendar information, ebooks (with your annotations), contact information, code you created, and the like. Thus, data items on a computer are assets, too. Unlike most hardware and software, data can be hard—if not impossible—to recreate or replace.

Emerging Topics:

Medical Devices
Mobile Phones Security
Economics
Electronic Voting

Books and References:

Information Security by Mark RhodesOusley,  McGrawHill Publications

Essential Cybersecurity Science by Josiah Dykstra, O’Reilly Publications

Principles of Computer Security: CompTIA Security+ and Beyond Wm.Arthur Conklin, Greg White, McGraw Hill Publications

Reference: Security in Computing, Fifth Edition by Jonathan Margulies, Shari Lawrence Pfleeger, Charles P. Pfleeger


1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Leave a Reply

avatar
  Subscribe  
Notify of