Computer Security

Learn the basics of Internet Security.

Computer security is a division of computer technology that is concerned with the protection and safety of computer, its digital components including its operating system, software and data.

This term is also referred to as branch of computer that deals with security of digital information.


During the years following the inception of computers, computer security was not a major problem.

The computer of that era, the first generation, second and third generation computers were large and bulky and were often placed in special premises designed for these machines.


The only threat that they faced was from a natural disaster like fire or earthquake or power disruption.

During that era computer security was only limited to providing those machines adequate resources for operation and a proper and synchronized environment.

After the invention of transistors and micro chips that size of computer started to reduce dramatically along with the costs of development and operating and a computer that once needed a full room for its operation now could be operated from a desk.


This evolution exposed the computers to a whole new variety of threats. Theft of confidential information and even whole system was the major concern so security measures and standard operating procedures were adopted to secure the computers from these emerging threats. But these threats were of conventional nature and could be guarded by implementing security measures like secure premises and personals who would ensure the security of the system.


But with the launch of ARPANET in 1970s and opening of this network for public sector in 1980s the whole scenario changed. In 1990s World Wide service was introduced by CERN and by the end of that decade usage of internet became a phenomenon and a common place.


During this development the internet accommodated all the previously operating networks forming a giant internetwork of networks. The involvement of public sector helped internet users grew by almost 50% in the decade and by the end of that century almost every user be it domestic user with his personal desktop computer or an organization, it was part of the internet. According to an estimate the population of internet users in 2010 is 1.97 billion.


These dramatic and spectacular developments in fields of computer technology brought threats for computers that it never faced before in their history. These threats were not only for the home users but for the offices and organizations the severity of these threats was colossal.


Industrial espionage became the ultimate nightmare for software companies and organizations. To cope up with these new challenges there was need of a total revamp of computer security. The threat became so intense and severe that the time between when a computer is turned on and connected to the internet and the first attack is underway was estimated to be less than 10 minutes.


Today the internet is plagued with millions of such users who leave no chance of causing harm to someone's computer and breaching their privacy, stealing valuable private information and using their computer for crimes.

Due to these emerging and dynamic threats the governments and corporate sector bonded together to enhance security and protect their valuable assets but an ever growing sector, the domestic users of internet were left alone to cope up with alarming situation.


Private companies started making billions of dollars by developing and selling internet security programs, antivirus programs and anti spywares, but as we can see the issue is still unresolved, we the domestic users of computers along with governments and corporation are as insecure and vulnerable as we were before.

To address this drastic situation we have categorized the threats that computers faced in two major categories and we will also suggest measures which will help us secure our vital assets from these threats.


Based on their nature the computer security threats are basically categorized in two main classes.

1. Accidental

2. Malicious events


Accidental:

Accidental threats are caused by natural disaster like fire, earthquake, floods and other natural calamities. These kinds of threats are directed towards the physical structure of a computer system or an individual computer system. By following standard rules and implementing proper data backup techniques we can protect our computers and data from these threats.


Malicious Events:

This category contains the most dire and critical threat to computers. Threats under this category are innumerable and it is really hard to categories all these dynamic threats under one class. Some of the major threats of this kind are:


1. Hacking

2. Malicious software

3. Spywares

4. Eavesdropping

5. Denial of Service Attacks

6. Rootkits


Now let us discuss these computer security threats one by one and see what measures could be taken to protect our computers from these threats.


Hacking:

Hacking is the mechanism of gaining control of one's computer or website and then reengineering or reprogramming it to function in a way not facilitated by its legal owner. Computer users from all categories like domestic, corporate sector, government and organizations face this threat. Hacking is also a threat for websites.


To hack a computer the hacker would send you a malicious code in form of an attachment or a software personating something useful for you, upon downloading this code or program would install itself in the victimized machine and would transfere all or partial control to hacker.


This person is than enabled to reprogram that machine, steal valuable information like credit card numbers and gain personal information. Hacking a website is a bit different, popular methods to hack a website are:


1. SQL Injection

2. Cross Site Scripting (XSS)

3. Authorization Bypass

4. Password Cracking

5. Using Key loggers


We can protect our computers from hackers by using good quality and state of the art anti virus and internet security programs. Firewalls also help us from intruders. We should also be very careful in downloading attachments and programs for our computer and should verify the publisher of that software before downloading it to our computer.


Malicious Software:

Malicious software is a program or piece of code written to disrupt the normal functionality of a computer system. These malicious softwares than in turn can handle the control of our machine to prospective hackers. Malicious software are further categorized in following classes.


* Viruses

* Trojans (What is trojan?)

* Adware (What is adware?)

* Worms


We can protect our computers from malicious programs by using modern antivirus programs, some computer security recommendations are bit defender antivirus, kaspersky antivirus, Norton Antivirus and webroot antivirus.


Spywares:

Spywares are programs that secretly monitor and record the activities of a computer user, make a log file of all these activities, record passwords, email ids, pin numbers and other confidential information. These spyware programs then can send this information to someone sitting hundreds of miles away. These programs are really hard to detect as they often work in stealth mode.


We can download or purchase a good anti spyware program to protect our computer from spywares. Modern and good antivirus solutions like Norton and Bit defenders have their own anti spyware programs and you don't need to buy another anti spyware program while using one of these. Stand alone anti spyware programs are also available.


Eavesdropping:

Eavesdropping is the process of secretly listening or recording communicating between your computer and a remote server. Computers could be protected from eavesdropping by using strong encryption techniques and secure procedures to communicate with servers like SSL.


Denial Of Service Attacks:

Denial of service or DDoS, Distributed Denial of Service attacks are targeted against websites. The mechanism of these attacks is that the prospective hacker first creates a pool of computers by sending malicious code, upon installation the computer becomes the part of that pool then he sends requests from these computers, all of them, to the server and ultimately the server is knocked off due to excessive requests.


Rootkits:

Rootkits are specially written programs that conceal the activities of malicious software like viruses and spywares. These programs are extremely hard to locate and remove and you need a very good and quality antivirus solution to detect and remove rootkits. Among the recommendations are again Bit defender and Norton Antivirus.