Potenital threats to an IT system can include such threats like: malicious damage , threats related to e-commerce , counterfeit goods , technical failures or errors caused by people and theft of equipment.
So what is malicious damage?
Malicious damage is situation when someone delete electronic files, data or software programs. Most of times it could be done by someone who have direct access to the system but also it could be done with a virus worm , Trojan horses , ransomware , adware or spyware file-less malware .
A Trojan horse is one of the most common and dangerous types of threats that can infect your computer or mobile device. Trojans are usually disguised as benign or useful software that you download from the Internet, but they actually carry malicious code designed to do harm—thus their name.
Malicious Damage can be internal or external
The different between an internal threat andan external threat is that an internal threat is usually caused by staff members who have access to the company’s data, usually the attacker sells the company’s data to a person or to another organisations, this could be a competitor in the market.
An external threat is a threat which is caused by a person or group outside the organisation, they usually attack by hacking into a company’s website and stealing information to sell, or put up on the internet for people to read and look at.
| Access Causing Damage | Access Without Damage |
| Access causing damage is a threat caused by hackers who damage the system this could be an internal or an external damage, internal damage when hackers get into the system and damage data and also damage software’s or the computer operating systems. Big companies are can sometimes get fined for not having a secure security software.An Example: | Access without damage is caused by hackers who are just curious, and want to know what an organisation is up to. Many times curious hackers are just sneaking around picking up customer information like customer bank information.An Example: |
| NBC.com was hacked and embedded with malicious iframe code that spread the Citadel Trojan. | Hackers gained access to customer names, addresses, dates of birth and passwords. Sony has been fined £250,000 – and the company’s data protection policies criticised |
Technical Failures & Human Error
| Technical Failures | Human Error |
| Technical failures can be very embarrassing especially when it is caused by network server shut downs, these can cause businesses to lose a lot of money and this is because when big organizations like PCWorld & Curry’s server shuts down its leaves people thinking that this store is unreliable and they search for their product elsewhere, overall technical failures lose credibility trust. Example: When in the system appear an error. | Human error is known to be the biggest threat towards a company due to it being as easy as getting a cold, very crucial information can be easy sent to the wrong person and a major crisis can be unleashed. However a hacker can be sitting out watch until an employee of a certain company trips and shuts off their firewall, without a notice the company is hacked and the hacker is gone without a trail.. Example: When a member of a company had to do his work but he has done it wrong. |
| Identity Theft | Technical Theft |
| There have been many people who have had their bank accounts drained unexpectedly due to people hacking, hackers who have stolen credit card information and used it to purchase goods or transfer a lot of many online, this is called identity theft this is usually caused by phishing, about it we will talk later. Identity theft happens everywhere, and sometimes untraceable which leads to people losing their money completely. | Every minute of every day an item and all sorts of goods are stolen, and a workplace is thought to be a place where none of that happens however it does and many equipment are easily stolen. From laptops to expensive hardware and software and maybe even cabling are stolen. Theft of equipment can cause a business to lose hundreds to thousands of pounds. |
Product Risk
Being an organization in the market which sells goods like software’s, DVDs, games or music can be quite troublesome especially when you resell pre-owned items, some stores check them by trying them out, however some just look for scratches and go on with their day. Counterfeit goods would put the businesses reputation down and customers will not be pleased and may never trust the store again, counterfeit goods can be made even at home due to today’s technologies and software’s.
Distribution Mechanism
Though the web is open free and innovative it can make many businesses frustrated and can hurt it, this is because of online peer-to-peer sharing, though this is useful it also allows software’s like torrent download movies, games, software’s, book’s or music, for free and because of this some businesses have to add additional activation codes.
Website Defacement
There are many people who have the knowledge to crack systems and some are able to crack and hack their way into a website, sometimes security just can’t handle the job. There have been many incidents where there site goes down for an unknown reason and then once back up the company and customers are left with a website which has been sometimes completely defaced or if not it is sometimes tagged with virtual graffiti. People who do this normally don’t want to steal anything or damage the company permanently but usually they just try to send out a message for people around the globe to see.
Phishing
People who creep around company business with software or loitering around private information or a locked down section which after all these days most websites are, nobody wants a stranger wandering around their house. This is called phishing, phishing is usually done by hackers who redirect a user from one source to another which contains some sort of malware which steals information such as usernames, passwords, and credit card details. This is maily done by taking valuable information from customers through email.
Denial of Service Attacks
Denial of service attacks are quiet common, however they don’t have qualities like phishing or identity theft but however can shut down websites and many business’s how this is not permanent but can be quite damaging and thousands of pounds can be lost and also no work can be done and that means no company income, there also will probably be many customers on the line who are confused and maybe really frustrated by this.
How to Prevent Malicious Damage
Another way to protect your device from malware is to use a firewall. A firewall prevents malicious attacks by blocking all unauthorised access to or from a private computer network. In addition to anti-virus software, a firewall provides an extra barrier against malware, reducing the chance of attack.
10 Steps for Preventing Loss of Service
1.Keep your computer clean and dust-free
2.If your PC gets hot, take it apart and clean it
3.Save and backup your files regularly, to multiple locations
4.Create an image backup BEFORE the first signs of hard drive failure
5.Keep your anti-virus software up to date
6.Don’t open suspicious emails or attachments
7.Don’t leave your laptop unattended
8.Use a surge protector
9.Don’t delete files you don’t know what are, especially system files
10.Don’t keep liquids close to your laptop
Information Security
Confidentiality refers to protecting information from being accessed by unauthorized parties. In other words, only the people who are authorized to do so can gain access to sensitive data. Nearly all the major security incidents reported in the media today involve major losses of confidentiality.
Integrity is the assurance that the information is trustworthy and accurate, and availability is a guarantee of reliable access to the information by authorized people.
In this context, confidentiality is a set of rules that limits access to information, integrity is the assurance that the information is trustworthy and accurate. And Availability is a guarantee of reliable access to the information by authorized people.
ICT BLOG 