Free Essay

Introduction to Computer Security

In:

Submitted By chancetorain22
Words 622
Pages 3
CSS150-1302B-04
Introduction to Computer Security
Phase 3: Discussion Board 3
Networks, Cryptography, and Malicious Activity
Professor: Shawn Murray
June 5, 2013

In this paper I will discuss a malicious computer worm that spread rather quickly and affected thousands of people and targeted a company in Utah. I will discuss how the worm spread in detail. Lastly, I will discuss how to prevent / defend against such worms.

On January 26, 2004 MyDoom, also known as W32.MyDoom@mm, Novarg, Mimail.R and Shimgapi was a computer worm that affected Microsoft Windows (wildammo.com, 2010).
MyDoom in 2004 had set the record for spreading the fastest through email. It was said to be started by e-mail spammers through junk mail being sent. That was one way the worm was sent.
MyDoom was also sent out as failure sent messages. One of the messages that MyDoom had sent out was “Andy; I’m just doing my job, nothing personal, sorry.” (wildammo.com, 2010).
With messages such as that and sent failure / system error messages, one whom was not knowledgeable of such worms would foolishly open it. These messages including but not limited to the one mentioned above brought suspicion to a lot of people and it was believed that the maker of the worm was paid. To date, the author of MyDoom is not known. It is thought though that MyDoom was created in Russia by a programmer (wildammo.com, 2010).

In the result of MyDoom globally internet access had slowed down immensely and had affected the access of several websites. Once the MyDoom worm infection begun, it would search for random addresses then send itself. Also upon loading MyDoom, it would launch
Notepad and show random characters (www.CNN.com, 2004). Even worse, the complexity of this worm was significant because MyDoom had the capability to replicate then install a
“keystroke” program as well. Once this took place the program caused by MyDoom then gave hackers full access to break in and get any information that was being typed. Such information included but was not limited to credit card numbers, and passwords, anything that was being typed (www.cnn.com, 2004).

MyDoom made numerous companies / corporations / businesses close or completely shut down their e-mail network / gateway in order to stop or prevent MyDoom for infecting and spreading. One of MyDoom’s targets was on a website for the SCO Group that was a company in Utah. The SCO Group’s website on January 26, 2004 became inaccessible because of the worm. MyDoom challenged the companies’ intellectual property in parts of Linux
(ww.CNN.com, 2004).

MyDoom had spread fast had it was said to have infected anywhere from 300,000 to
500,000 computers nationwide (www.businessweek.com, 2004).

In order to prevent or defend against a worm like MyDoom, antivirus programs along with firewall programs are vitally important to have. Due to the fact that so many people are uneducated as far as recognizing worms and etc., this is why they are easily uploaded and ultimately spread. This can be prevented by educating people perhaps by a training program.
Proper training is necessary for people to be able to identify if a source is reliable / credible whether it is in the form of an e-mail, attachment, or a failure message of some sort.

If in the event firewalls and antivirus programs are already in place, they need to be updated regularly / daily. If those programs are done updated, they are basically useless as they are not able to serve their purpose. Having all antivirus and firewall programs updated is vitally important in order to protect all computers.

References www.businessweek.com, 2004. www.CNN.com, 2004. www.wildammo.com, 2010.

Similar Documents

Premium Essay

Introduction to Computer Security

...Introduction to Computer Security CSE 3482 Introduction to Information/Computer Security Instructor: N. Vlajic, Winter 2014 Learning Objectives Upon completion of this material, you should be able to: • Describe the key security requirements of confidentiality, integrity and availability (CIA). • Describe the CNSS security model (McCumber Cube). • Identify today’s most common threats and attacks against information. • Distinguish between different main categories of malware. Required Reading Computer Security, Stallings: Chapter 1 Computer Security, Stallings: Chapter 6 Introduction • Information Technology – technology involving development & use of computer systems & networks for the purpose of processing & distribution of data  in many organizations, information/data is seen as the most valuable asset categories of IT jobs:  IT administrator - installs, maintains, repairs IT equipment  IT architect - draws up plans for IT systems and how they will be implemented  IT engineer - develops new or upgrades existing IT equipment (software or hardware)  IT manager - oversees other IT employees, has authority to buy technology and plan budgets  Introduction (cont.) • Information System – entire set of data, software, hardware, networks, people, procedures and policies that deal with processing & distribution of information in an organization  each component has its own strengths, weaknesses, and its own security requirements information...

Words: 1194 - Pages: 5

Premium Essay

An Introduction to the Computer Security Problem

...Essay 1 What Is There to Worry About? An Introduction to the Computer Security Problem Donald L. Brinkley and Roger R. Schell This essay provides an overview of the vulnerabilities and threats to information security in computer systems. It begins with a historical presentation of past experiences with vulnerabilities in communication security along with present and future computer security experiences. The historical perspective demonstrates that misplaced confidence in the security of a system is worse than having no confidence at all in its security. Next, the essay describes four broad areas of computer misuse: (1) theft of computational resources, (2) disruption of computational services, (3) unauthorized disclosure of information in a computer, and (4) unauthorized modification of information in a computer. Classes of techniques whereby computer misuse results in the unauthorized disclosure and modification of information are then described and examples are provided. These classes are (1) human error, (2) user abuse of authority, (3) direct probing, (4) probing with malicious software, (5) direct penetration, and (6) subversion of security mechanism. The roles of Trojan horses, viruses, worms, bombs, and other kinds of malicious software are described and examples provided. In the past few decades, we have seen the implementation of myriads of computer systems of all sizes and their interconnection over computer networks. These systems handle and are required to protect...

Words: 13185 - Pages: 53

Premium Essay

Hello Hello

...Principles of Information security textbook problems Chapter ... www.cram.com/.../principles-of-information-security-textbook-problems... Study Flashcards On Principles of Information security textbook problems Chapter 1 & 2 at ... What is the difference between a threat and a threat agent? A threat ... 01_Solutions - Principles of Information Security, 4 th Edition ... www.coursehero.com › ... › ISIT › ISIT 201 Unformatted text preview: Principles of Information Security, 4 th Edition Chapter 1 Review Questions 1. What is the difference between a threat agent and a ... Chapter 1-Introduction to Information Security Principles of ... www.termpaperwarehouse.com › Computers and Technology Jun 16, 2014 - Chapter 1-Introduction to Information Security: 1. What is the difference between a threat and a threat agent? A threat is a constant danger to an ... Category:Threat Agent - OWASP https://www.owasp.org/index.php/Category:Threat_Agent May 15, 2012 - The term Threat Agent is used to indicate an individual or group that can ... Organized Crime and Criminals: Criminals target information that is of value ... Threat Risk Modeling is an activity to understand the security in an application. ... NET Project · Principles · Technologies · Threat Agents · Vulnerabilities ... Threat (computer) - Wikipedia, the free encyclopedia https://en.wikipedia.org/wiki/Threat_(computer) A more comprehensive definition, tied to an Information assurance point of view, can be found ... National...

Words: 598 - Pages: 3

Premium Essay

Operating System Comparisons

...Operating System Comparisons PRG/355 January 14, 2013 Steven Kernan Operating System Comparisons Table of Contents Introduction 3 Memory Management 3 File Management 4 Security 4 Conclusion 4 Reference 5 Introduction An operating system (OS) is software that manages the hardware and software resources of a computer system. Basically an OS is a set of libraries or functions which programs may use to perform specific tasks relating to interfacing with computer system components (The Computer Technology Documentation Project, n.d.). Advantages and disadvantages exist in every operating system. Reviewed in this paper is a comparison of some of the primary responsibilities of popular operating systems. The review includes Unix/Linux, Mac, and Microsoft Windows operating systems. Memory Management An important function of the OS is to manage the computer systems memory. Programs, processes, and resource do not simply float around in memory haphazardly. Memory is shared among these processes and resources. Accordingly, managed by the OS is an organized structure of locating processes in computer memory locations. The two primary types of memory controlled by an OS are main memory and virtual memory. Main memory is… (need general definition). Virtual (secondary) memory is… (need general definition). Intended memory management requirements include relocation, protection, sharing, logical organization, and physical organization. Processes may...

Words: 1019 - Pages: 5

Premium Essay

Threats to Computer Networks

...TABLE OF CONTENT Introduction 2 Threats 2 • State-sponsored espionage and sabotage of computer networks 2 • Monster DDoS attacks 2 • The loss of visibility and control created by IT consumerization and the cloud 2 • The password debacle 3 • The insider threat 3 UAE CASE 3 Precaution 4 Conclusion 4 Bibliography 5   Introduction As the requirement of the paper I will explain the types of fraud may face by the organisation computer networks. Along with I will discuss two cases of such fraud in UAE and finally I will discuss possible precautions to mitigate the risk of such frauds. In recent year the computer network threats become technically more advanced, sophisticated, more organised and at the same time difficult to detect. It is important to mention that these attacks not only damage network security for financial frauds but this also aim to disable and reliability of the infrastructure as well, which may cause worse type of threat to the national security. (Tom Cross and Eric Savitz, Forbes Staff, 2012) Threats Most respected financial magazine FORBES has mentioned five main security threats to the computer networks which includes. • State-sponsored espionage and sabotage of computer networks o In 2012 a very famous virus called Flame was discovered which was not traced by the software in years. Similarly virus named Shamon destroyed the data of oil and energy companies and made the machines unbootable. • Monster DDoS attacks o DDos stands for the...

Words: 1014 - Pages: 5

Premium Essay

Introduction to Cyber Crime

...CSE-Dept, RBCENTW Hoshiarpur ------------------------------------------------- e-mail.: amneetb2@gmail.com ------------------------------------------------- ------------------------------------------------- ------------------------------------------------- Abstract: This Paper is a review paper on the topic of Cybercrime and its forms. The paper describes very basic information about cybercrime. It includes introduction to cyber crime, its brief history, its types along with their brief description, today’s scenario regarding cybercrime and an introduction to cyber security as a weapon against cybercrime . The paper is best suited for those who want to understand what cybercrime exactly is at the beginners’ level and what are the prevailing cybercrimes. ------------------------------------------------- Keywords: Cybercrime, cyber security, Hacking, spoofing, Cyber stalking, DOS Attack, Computer Vandalism, Cyber terrorism, Softaware Piracy, Phishing, Data diddling, Virus/ Worms, Trojan ,Cyber Laundering, Cyber contraband. ------------------------------------------------- Introduction: Today , the world is moving towards a point where everything from banking, stock exchanges, traffic control, telephones to electric power, health care, welfare and education depends on software. Undoubtedly, this advancement and globalization offers many benefits to consumers and businesses but, unfortunately it also offers plenty of opportunities to organized crime. Globalization has promoted and strengthened...

Words: 1944 - Pages: 8

Premium Essay

Introduction to Cyber Crime

...cybercrime. It includes introduction to cyber crime, its brief history, its types along with their brief description, today’s scenario regarding cybercrime and an introduction to cyber security as a weapon against cybercrime . The paper is best suited for those who want to understand what cybercrime exactly is at the beginners’ level and what are the prevailing cybercrimes. Keywords: Cybercrime, cyber security, Hacking, spoofing, Cyber stalking, DOS Attack, Computer Vandalism, Cyber terrorism, Softaware Piracy, Phishing, Data diddling, Virus/ Worms, Trojan ,Cyber Laundering, Cyber contraband. Introduction: Today , the world is moving towards a point where everything from banking, stock exchanges, traffic control, telephones to electric power, health care, welfare and education depends on software. Undoubtedly, this advancement and globalization offers many benefits to consumers and businesses but, unfortunately it also offers plenty of opportunities to organized crime. Globalization has promoted and strengthened the economics of illegal activities; offenders have become international entrepreneurs. The Internet provides money and information to all sorts of customers and businesses. It is notably the home of virtual worlds and their economies, which have attracted many people, including criminals. The unholy marriage of the Internet and crime has created a new form of crime -“CYBERCRIME” What is Cyber Crime? Cyber Crime is an unlawful act commited using a computer (and/or internet)...

Words: 1930 - Pages: 8

Free Essay

Corporate Security

...Introduction the world today and the ballistic use of information systems networks has made several countries progressively interconnected and mostly in technologically advanced countries, computer network perform a key role in how companies carry out business, how services are provided by government to its citizens and how different individual communicate and trade important information (Downing, 2005). this exchange of information through the use of computer/internet brings about what is known as cybercrime Speer (2005) defines cybercrime as activities in which computers, telephones and other technological devices are used for illegal objectives such as theft, fraud, electronic defacement and breach into computer system and networks. however, security managers need to have a full knowledge of cybercrime because it is the rising mode of crime and the least reported (Phair, 2007). Security managers and cybercrime security managers need to understand that cybercrime has become a profanity in the society which affects everyone both nationally and internationally, individuals, institution, companies as well as the government and this is however a rumination of the growth of criminals practices (Helle et al, 2012). there are various characteristics of cybercrime that need to be understood by security managers and they include: it is usually a distinct/singular event from the victim's perspective, it is often facilitated by crime-ware program introduction and its introduction...

Words: 564 - Pages: 3

Premium Essay

Nt 1110 Unit 9 Video Summary 7

...Security Introduction Security introduction is what the first video is about; it tells us what topics the next seven videos will cover. * Local Security Policy * Physical Security * Firewall * Wireless Security * Authentication * Encryption * Viruses Physical Security & Authentication In this video we learn about how to secure your computer and servers theft or tampering. You would do this by locking and controlling access to servers and locking computer cases as well. To protect them even further you should put server locations in high traffic areas, and create administrative alerts with audible alarms. You should also store backup in a separate and secure location, and lock user operating systems. Always physically destroy hard drives. This video also teaches us about CMOS password and how to set them up. We can create limits to the access through CMOS with full, limited, view only, and no access. We also learn about password protecting the hard drive. * Physical Security * Authentication * CMOS Password * Kerberos-Method used to encrypt passwords What I learned from this video is that companies go through great lengths to protect their computers and servers from intrusion. This video was basic and straight forward and not confusing at all, if anything its confusing that we should have to do so much to secure our files. I guess this information would best be used if you working for security...

Words: 613 - Pages: 3

Premium Essay

Nt 1110 Unit 9 Video Summary 7

...Security Introduction Security introduction is what the first video is about; it tells us what topics the next seven videos will cover. * Local Security Policy * Physical Security * Firewall * Wireless Security * Authentication * Encryption * Viruses Physical Security & Authentication In this video we learn about how to secure your computer and servers theft or tampering. You would do this by locking and controlling access to servers and locking computer cases as well. To protect them even further you should put server locations in high traffic areas, and create administrative alerts with audible alarms. You should also store backup in a separate and secure location, and lock user operating systems. Always physically destroy hard drives. This video also teaches us about CMOS password and how to set them up. We can create limits to the access through CMOS with full, limited, view only, and no access. We also learn about password protecting the hard drive. * Physical Security * Authentication * CMOS Password * Kerberos-Method used to encrypt passwords What I learned from this video is that companies go through great lengths to protect their computers and servers from intrusion. This video was basic and straight forward and not confusing at all, if anything its confusing that we should have to do so much to secure our files. I guess this information would best be used if you working for security...

Words: 613 - Pages: 3

Premium Essay

Introduction to Information Security Student

...Principles of Information Security Sherwin R. Pineda Introduction to Information Security Do not figure on opponents not attacking; worry about your own lack of preparation. Learning Outcomes 嗗Define information security 嗗Recount the history of computer security, and explain how it evolved into information security 嗗Define key terms and critical concepts of information security Introduction 嗗The History of Information Security –The 1960 –The 1970 to 80 –The 1990 –2000 to present The History of Information Security The need for computer security — that is, the need to secure physical locations, hardware, and software from threats arose during World War II when the first mainframes, developed to aid computations for communication code breaking were put to use The History of Information Security 嗗 Multiple levels of security were implemented to protect these mainframes and maintain the integrity of their data. 嗗 Access to sensitive military locations was controlled by means of badges, keys, and the facial recognition of authorized personnel by security guards. 嗗 The growing need to maintain national security eventually led to more complex and more technologically sophisticated computer security safeguards. The History of Information Security During these early years, information security was a straightforward process composed predominantly of physical security and simple document classification schemes. The primary threats to security were physical theft of...

Words: 1230 - Pages: 5

Free Essay

Data and Privacy

...Privacy and Security Table of Contents Introduction 3 Why Protection 4 Computer Virus 4 How Viruses Infect Computer 5 How People Hack Computer Systems 6 How to Keep Computers Safe from Online Predators 7 Conclusion 10 REFERENCES 11 Introduction The role of computer systems is very vital in our daily lives. Since computers help us to deal with approximately all the major functions of our lives as well as are so inevitable that spending even a day or two away from the computer can leave us feeling powerless. In this prospect, many people control their routine lives by means of their personal computers. However, at the present computer security has become a very critical issue. Additionally, security refers to the technique to discover as well as stop illicit utilization of our secret information or computer. In this scenario, some preventive measures enable us to stop criminal users (as well known as "intruders") from accessing and using some part of our computer system. In addition, recognition of such intrusions helps us in deciding whether or not somebody tried to gain access into our computer system, if they were successful in their attempt, as well as what they could have acquired from the system (ComputerSecurityService, 2011), (Armor2net Software Ltd., 2004) and (Norton, 2001). In addition, the term “computer security” is very commonly used, though; the information and data saved on a computer are in danger...

Words: 2264 - Pages: 10

Premium Essay

Ict Architecture and Security

...ARCHITECTURE AND SECURITY Prepared for: Justin Debuse Submitted: 31. October 2008 Prepared by: André Nordal Sylte University of the Sunshine Coast Word count: 1665 Executive summary This report, authorised by Justin Debuse in Introduction to ICT, BUS108, looks at ICT architecture and security in an organisation. This report found that the major security threats within an organisation’s ICT are; Cracking into an organisation’s wireless intranet in search for vital corporate information; Former employees accessing wireless intranets and extranets without authorization; Information sent via an extranet could be intercepted in its transit; Viruses and Trojans accidentally downloaded by employees and been spread around the LAN. Solutions to these threats are; WiFi protected access (WPA) password and hide the network; ICTs should be protected with a login screen for the users; To secure an extranet, organisations should use a virtual private network (VPN); Any organisation should provide basic training in how to detect viruses and Trojans. This is a proactive way to prevent an infection in a whole organisation’s LAN. This report also found that the major legal and ethical issues within an organisation’s ICT are; Employee monitored by computer technology and in the building; Privacy on e-mail stored on an organisation’s computer; Illegal and offensive use of an organisation’s computer. Solutions...

Words: 2419 - Pages: 10

Free Essay

Information Technology

...eboatengadjei@yahoo.com , eboatengadjei@hotmail.com CAREER OBJECTIVE A computer science graduate, who is keen to find a position as an IT Manager. I am very reliable, industrious, trustworthy, respectful young man and receptive to new but brilliant ideas. I can work with little or without supervision and also work as part of a team. EDUCATIONAL BACKROUND • 2007 – 2011 Kwame Nkrumah University of Science and Technology • 2002 – 2005 Kumasi Polytechnic • 1999 – 2001 Akwamuman Senior High School • 1995 – 1998 Senchi-Ferry Methodist Junior High School • 1988 – 1994 B. Akoto Experimental QUALIFICATION BSc. (Hons) in Computer Science at KNUST Course content includes: Database Management and Administration, Programming in C++, Java and Visual Basic .NET, System Analysis, Networking, Computer Security and Management Science, Business Management and Economics, Management Information System, Etcetera. HND ELECTRICAL/ELECTRONIC ENGINEERING Course content includes: Network Analysis, Engineering Mathematics, Digital Electronics, Telecommunications, Power Systems, Computer Technology, Computer Literacy, Microcomputer, Computer Applications, Fault Diagnosis, Control Systems, Equipment Maintenance, Power Electronics, Etcetera. CISCO (CCNA Exploration: Network Fundamentals) at College of Engineering, KNUST Course content includes: Internetworking, Introduction to TCP/IP, Subnetting, Variable Length Subnet Masks (VLSMs)...

Words: 649 - Pages: 3

Premium Essay

Forensics

...TABLE OF CONTENTS Introduction 1 Purpose 1 Methodology 1 Organization_______________________________________________________________ 2 Body 2 Computer Forensics 2 Internet Security 2 Conclusion_________________________________________________________________ 4 Sources 5 Introduction In this report I will be writing on two jobs: computer forensics and information Security. I am writing on these two due to the fact that these are two job considerations for my degree. I will be discussing benefits of each job, average pay, and description of each job. I will take time to go into detail into each of the jobs that I would like to have. I will be going into the origin of each job, degrees required for each job, and the different fields that these jobs cover. Purpose The purpose of this report is to educate others and myself on what these two jobs are about. To better inform others of the importance of each of these jobs in the digital world. It will hopefully allow others to have a better understanding of the two jobs that I have chosen. There are many things about each of these jobs that people would deem as boring or not interesting, but the digital world is a very interesting place. It is like another world laid on top of this one, there but just out of reach unless you have the technology to access it. There are many things one can gleam from the internet and the digital world, and I will expound upon...

Words: 1629 - Pages: 7