Threats To Ict System And Organisations Information Technology Essay

Threats To Ict System And Organisations Information Technology EssayS displaceners Various regularitys be spendd by stack to onset schemas using s tail assemblyners. People be able to download s croupners from the profits in club to s tramp addresses and r from each one info about TCP ports. People washstand discover IP addresses by mapping using DNS. Hackers practice session this potential tactic assure what systems be active and available to hack.Range of addresses This is a s discountner which is actu ally simple, visual and fast at s drop as it searches for a domain of addresses.Deep dig into in crop to reveal es moveial information of a device then completing a deep probe is the useful course moreover, it git also be utilise when on that point is a remote fault.S nominatening a wireless system If on that point is no encryption quarter result wireless systems to be really vulnerable. When formulaing at mobile intercommunicateing, wireless access points fatality to be established as they brook be accessed when connected to the laptop, PDA, or mobile. Windows has a feature that contains a tool that rotter allow you to click on a web icon for your wireless vane joining.ARP poisoning indoors the system these argon know as switch based networks that argon precise secure as they create micro-segments. However, thither is still an issues of attack in some networks. In magnitude to tackle this problem, the wargonhousing must(prenominal)(prenominal) be monitored of more network by hiting MAC address as they appear in locations more than once here is a plat to help your understatingDefault entranceVictimVictimDefault GatewayMan in the middleMagic disk are know to be boot disks that can be downloaded on the internet for the finding of restarting the electronic computer and subvert the operating system. in that location are some genuinely good magic disks for lawsuit the ultimate boot CD that can resolve issues o f computer viruses and Trojans moreover, drive, hardware and operating system failures. In order to nullify anyone using a magic disk it is vital is word of honor fix the BIOS and also USB sticks, floppy disks and CD/ videodisks should non be used as boot devices.Key loggers Key loggers are applications that are used to put down key stroke also can be used for cower activities then interestingly sends the information to a file or in some case that are often used remote network location. there are really difficult to track as they are hidden moreover can be found using anti-virus package application. If suspecting there is a threat, run a protocol image scanner, which works by looking at contents of every information packet.Access create malign to info or jamming resourcesUnauthorised access to software product product can result to alter data or restricting resources. at that place are attacks that can access systems without the need of damaging however, an onsl aught can ever so have an effect on the system.computer virus Attacks in all computer systems, virus attacks can occur when rogue code has entered in to the system. Viruses work by hiding themselves in ordinary executable code. They can damage the system by go-ahead and closing the CD/DVD door, swapping key responses or can spread themselves by self reproducing and can serious damage the hard drive. There are virus scanners which leave alone detect a virus by opening the file and scanning the code.Trojans Trojans are programs with a hidden identity and seem to look as a program or a file in which it can be normal or blameless to your PC.Worms Worms have a make of forwarding through with(predicate) the use of emails from the data of your contact rock.Piggy corroborateing, Tunnels and probes Knowledge is take for data for when forging data or spoofing and that knowledge network scheduling languages ranging from Java, C++ or VB.NET. Hackers have the ability to hand craft a data packet in order for an application to be coerce or information given away by server, lead to a service attack or piggy game/tunnel in which that happens into a system via an acceptable protocol.Phishing and Identity theft This is a recent positive method that allows unauthorised to systems. Phising works by luring people into showing their personalized information in which this is through through social engineering for deterrent example when you receive emails supposedly to be from banks saying ISP etc. asking you to derive this link to lead you to their set in order for you to counterchange your enlarge in which that can be a HTTPS which that can be in operational.Natural Disasters Natural disasters can occur to many systems ranging from power outage, pelter or fire leading to serious major damage. Organisations have computer systems that are specifically built to cope with these series of issues. The disaster insurance policy have disperseal ways to implement th e followingRemote stock of all data to be done in daily linchpin upDuplication of critical serversMalicious damage constantly there are malicious damages occurring internal and external to systems. Malicious damage can be caused by external hackers. The hackers then attack the systems. There are many hostage ways of preventing this however, hackers always find a way to do what they do best.Technical Failure There is always technical failure that occurs a lot now at long time for instance when sever storages are lost, or bad internet connection that can cause disruption to the whole organisation. The large use of network technology for instance voice, video and CCTV can lead to a mercantile damage and disrupt the trade protection of the system.Human Errors Human errors occur erratically however, it does happen very frequently due(p) many things for instance creation forgetful, ignorant, or having lack of knowledge. This then results to system failure. Users can forget to b ack up data which then leads to loss of data is something happens to the system etc.Theft An Organisation or individuals can be damaged heavy in which that can be long lasting impact due to theft of data. Theft occurs in the cyber sense in which that is known as to be hacking, or physically removing data by CD/DVDs, stock sticks etc.Integrity and completeness of data This is a critical matter impartiality and completeness of data as damaged can be caused if there is awry(p) data. Incorrect data can result to distress and legal accomplish especially the data in medical records, police systems as strong as credit reports. You need to have appropriate people to check the data correctly maybe of customers or personal details by asking a colleague or customer to check if correct. natural shelterSystems can be safe with the latest the latest anti virus and firewall however, that is all useless if anyone can have access to the sever room and manages to get critical data on to a U SB memory stick by copying the data. In organisations there should be security features that need to be present lock and key security, equipment identificatyion, CCTV, Detection of intrusion etc.Lock and Key Security There is a need to secure devices such as laptops by inserting a padlock chain. In buildings there are many locks and key systems that moulds a system that is cut across/submaster system.Equipment Identification this involves stolen properties identified for instance if a computer from school/college is stolen, it can be identified from the marking clearly showing ownership and line of products which can lead to prosecution. Equipment can be identified through the use of indelible ink which labels the property of the owner in which it is invisible and ultra-violet sharp ink.CCTV (Closed go television) This involves cameras used 24/7 in monitoring people or events. There are several advantages to its use for instance, central centres that are centralised can be m onitored, a record of 24/7 events are maintained, and lastly mentioning that CCTV is at present to prevent bad deportment to occur.Intrusion maculation systems intrusion detections are used by many organisations which can detect human presence in many ways. The operate through various ways for instance, body heat is sensed by passive infrared, detect many movements through the use of microphones, doors and windows have circuit breakers for access etc.Staff visitor identification systems many from small to large organisations have systems that can line staff or visitors in order to prevent unknown people to access. People can be identified through the use of identity cards in which it is a must for everyone in the premises to wear them. biometricsBiometrics involves the use of riffle bulls eyeing to recognise, retinal scans and voice intelligence.Fingerprint recognition this biometric form is commonly used in spy in execration scenes. Our fingers contain a water solution w hich enables the detection on finger printing to work. There are several scanners that finger prints by detecting ridges in our fingers. Finger printing can also work in identification for passports and visa.Retinal Scans The retina is located at the rear of the eye and it is very similar to a finger print as it contains unique configuration. However, there is a difference between them as a finger print can be changed when the skin is transferd through cuts or burn whereas it is impossible for the retina to be changed unless someone attempts to tamper with the eye bow which is extremely unlikely.Iris scanning This is a nonher unique identification eye method which is the iris. The difference between the retina is that the iris can be scanned when the recipient is corrosion glasses or contact lenses.Voice Recognition This form of biometric is not being commonly used as voice can change due to various reasons for instance if someone is ill, stressed or has a throat infection tha t can affect someones voice.Software and network securityOrganisations all need to have security, techniques to manage data and technologies in order to combat intrusion and superverion of computers that are networking to prevent data being damaged or resources being affected.Encryption Encryption involves the conversion text, images and media information in to a format. RSA encryption is a Ron Rivest, Adi Shamir and Len Adleman in they are mathematicians who enforced the ordinary/private key encryption through the use of prime heels. In encryption there are many ciphers that exist for instance Caesar cipher, in which relies on simple key of changing one letter with the letter a fixed number of places down the alphabet. The operation of this works by using shift of four places meaning A becomes E and B becomes F etc. DES (Data Encryption Standard) is a cipher uses key 56 tours in length in which this can be mathematically explained. A public/private key can be used by RSA encryp tion with an example of how the security certificate is issued by a website. As the creation of a key is done the certificate is a public key part of the exchange.Call back Dial up systems use call back where remote workers or network administrators are able to dial into a network or devices that have network and it will then call them back. In order to call back the number is pre-configuared. Users are unable to connect from any location but only the ones which are certain and registered lines.Handshaking When data is being sent through a medium in WAN systems it in which it is not trusted, in order to obtain the trust the devices are each tried and true in a challenge as it carriers username and countersignature in order to indentify the device.Diskless networks There are common ways data is stolen for instance when data is transferred from a computer to a mobile device storage.Backups Backing up data is important in order to restore critical data to assure that it is safe and secure, if data is not backed up very frequently will result the organisation loosing data in which that can be costly.Audit logs Audit logs are used for the purpose to celebrate records of network and database activity to also have a record of who has done what, when they did it and where. There are various purposes for instance, to maintain records that are detailed on how many systems are being used. Syslog is a commonly used system that is able to store simple, auditable records system activities.Firewall Configuration This enables users to be able to remove filters depending on various conditions IP Addresses Every machinery running of the internet each has an assigned address called the IP address. The IP addresses lie of 32 bit number and can be understood as octets in number which is decimal dotted. Domain Names The sequence of numbers that produces the IP addresses can be hard to be remembered since a change of IP addresses tends to occur. Norton Security has a fire wall as well as the Norton 360.How to check your FIREWALL settingsWindows has a firewall that can be configured through control panel by opening it.The exceptions tab need to be selected and you will view a list of automatically configured expectations.You then select the add pot option.Virus surety softwareFirstly, computers can be a victim of virus, worms and Trojan attack from the internet access as well as emails. There are various ways of protecting the computer from such things which are sadly created by virus writersA virus scanner can only be used when the user initiates it. There is a virus start up scanner that begins to run as soon as the booting process begins by checking for sector viruses. A memory resident scanner software checks for incoming emails as well as browser catalogue by doing an automatic check on the environment of the computer. There are various types anti viruses all ranging with different abilities and some are much more secure than others and can be downloaded on the internet. These anti viruses can work through doing file emulation, file analysis, Heuristic-based detection, Malicious activity detection and Signature based detection.An anti virus basically examines the files for known recognizable viruses through the virus dictionary as well as to identify unrecognisable activities of behaviour in the computer to see if an infection may be occurring. A virus dictionary consist of list of viruses known and to be put by the producer of the software and so when an anti virus detects a virus it then refers to the dictionary to confirm, then initiates the cut of meat of the infection or it can quarantine the virus in order for it not to be accessible to other programs as well as stopping it from spreading or the attempt re-creating its self. Anti viruses also consist of suspicious alert in which it immediately alerts the user if it is suspecting or has surmise of a threat occurring then it ask the user if they want to lead or w hat to do. The most destructive and spreads widely is argued to be the macro viruses, and broadly affects Microsoft as they need to overcome their security flaws in the out look in order to prevent this destruction occurring to the documents. A common way how viruses normally access the computers is through networking of local networks even through the internet by going through unprotected security patches which can be holes in the software or having an infected sent thought the use of email, downloads or disk sharing. Some of the viruses may set in to pass or word file or has been created to initiate through email, and as soon as the computer it is infected it can carry on its destruction to other computers without the awareness from the user. Anti virus software updates are highly vital as new viruses can be created and the honest-to-goodness softwares may not be able to protect you from it.VIRUS It is called a virus because it spreads everywhere and enables data to be deleted as well as corrupt files.WORM Worms have a process of forwarding through the use of emails from the data of your contact list.TROJANS Trojans are programs with a hidden identity and seem to look as a program or a file in which it can be normal or harmless to your PC.POLYMORPHING This is a clever ability a virus has for when changing its appearance, size, contact for every turn it attacks the computer because it makes it difficult for a virus software to recognise it.Software UtilityPurposeScreenshotVIRUS PROTECTIONAnti-Virus ProtectionAnti-SpywareE-mail ScannerID ProtectionLink ScannerResident carapaceVIRTUAL PRIVATE NETWORKS (VPNs)Organisations are able to communicate from site to site in a public system through the use of VPN for instance the internet, via tunnel in which that is the route for all encrypted traffic. VPNs have a trusted connection on a system that has not been trusted.PasswordsManaging passwords is very essential, organisations must ensure that the protection of the password is very safe to prevent troublesome. If the password is forgotten will lead to many problems.The password must not be written downChange the password for at least every 3 monthsPut a very strong passwordSoftware UpdateSoftware update is very important as it ensures that the system is safe from possible faults and vulnerabilities from various application. When the software updates it is an automatic update in order to remove the need of worrying on the update of the system.REFERENCES USEDBTEC National Information Technology Practitioners Book 1 by Jenny Lawson