1. Computer Security protection
Computer security (also known as cybersecurity or IT security) is information security as applied to computing devices such as computers and smartphones, as well as computer networks such as private and public networks, including the whole Internet. The field covers all the processes and mechanisms by which digital equipment, information and a service are protected from unintended or unauthorized access, change or destruction, and is of growing importance in line with the increasing reliance on computer systems of most societies worldwide.
1.1 Security and systems design
Although there are many aspects to take into consideration when designing a computer system, security can prove to be very important. According to Symantec, in 2010, 94 percent of organizations polled expect to implement security improvements to their computer systems, with 42 percent claiming cyber security as their top risk. At the same time, many organizations are improving security and many types of cyber criminals are finding ways to continue their activities. Almost every type of cyber-attack is on the rise. In 2009 respondents to the CSI Computer Crime and Security Survey admitted that malware infections, denial-of-service attacks, password sniffing, and web site defacements were significantly higher than in the previous two years.
1.2 Security measures
A state of computer "security" is the conceptual ideal, attained by the use of the three processes: threat prevention, detection, and response. These processes are based on various policies and system components, which include the following: User account access controls and cryptography can protect systems files and data, respectively. Firewalls are by far the most common prevention systems from a network security perspective as they can shield access to internal network services, and block certain kinds of attacks through packet filtering. Intrusion Detection Systems (IDSs) are designed to detect network attacks in progress and assist in post-attack forensics, while audit trails and logs serve a similar function for individual systems. "Response" is necessarily defined by the assessed security requirements of an individual system and may cover the range from simple upgrade of protections to notification of legal authorities, counter-attacks, and the like.
2. Difficulty with response
Responding forcefully to attempted security breaches (in the manner that one would for attempted physical security breaches) is often very difficult for a variety of reasons: 2.1 Backdoors
Identifying attackers is difficult, as they are often in a different jurisdiction to the systems they attempt to breach, and operate through proxies, temporary anonymous dial-up accounts, wireless connections, and other anonymising procedures which make backtracking difficult and are often located in yet another jurisdiction. If they successfully breach security, they are often able to delete logs to cover their tracks.
2.2 Denial-of-service attack
The sheer number of attempted attacks is so large that organisations cannot spend time pursuing each attacker a typical home user with a permanent connection will be attacked at least several times per day, so more attractive targets could be presumed to. However, that most of the sheer bulks of these attacks are made by automated vulnerability scanners and computer worms. 2.3 Direct access attacks
Law enforcement officers are often unfamiliar with information technology, and so lack the skills and interest in pursuing attackers In addition, the identification of attackers across a network may require logs from various points in the network and in many countries, the release of these records to law requires a search warrant and, depending on the circumstances, the legal proceedings required can be drawn out to the point where the records are either regularly destroyed, or the information is no longer relevant.
3. Threats to users
Please join StudyMode to read the full document