Some type of computer system threat is something that causes loss or problem of data or physical damage to the hardware and/or infrastructure. Understanding how to identify security threats is the first step in protecting computer systems. The threats could be deliberate, accidental or caused by natural disasters.In this article, we will expose you to the common personal computer threats and how you can protect systems against them.
In this article, we will expose you to the common personal computer threats and how you can protect systems against them.What is threat
What is threat
The ISO 27005 defines a threat potential cause of an incident that may bring about the harm of systems and organization. The cause could be physical such as someone stealing a computer that contains essential data. The cause could also be non-physical like a computer virus attack. In these short training series, we will determine a threat as any attack from a hacker that can allow them to gain unauthorized gain access to a computer system.
What are Physical Threats?
A physical threat is a potential cause of an incident that may result in loss or physical damage to the computer systems.
The physical threats defined into three main categories;
- Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.
- External: These threats include lightening, floods, earthquakes etc.
- Internal: The threats include fire, unstable power supply.
What are Non-physical threats?
A non-physical threat is a potential cause of an incident that may result in;
- Illegal monitoring of activities on computer systems
- Loss or corruption of system data
- Loss of sensitive information
- Disrupt business operations that rely on computer systems
Non-physical threats are known as logical threats. Some common threats are:
Adware (short for advertising-supported software) is a type of malware that automatically offers advertisements. Common examples of adware include pop-up advertising on websites and adverts that are displayed by the software.
Inside the context of software, a bug is a flaw produces an unwanted outcome. These flaws are usually the consequence of human mistake and problem and typically exist in the source code or compilers of a program.
A rootkit is a type of malicious software designed to remotely access or control a computer without being detected by users or security programs.
Spyware is a type of malware that functions by spying on user activity without their knowledge. These spying capabilities can include activity monitoring, capturing keystrokes, data theft (account information, logins, financial data), and much more.
A Trojan horse, commonly known as a “Trojan,” is a type of malware that a normal file or program to trick users into downloading and installing malware. An attacker can send to the victim with bind some other software, and victim install the original file but behind the software, Trojan is installed and the attacker can access your system.
A virus is a form of malware that is capable of copying itself and spreading to other computers. Viruses often spread to other computers by attaching themselves to various programs and executing code when a user launches one of those infected programs
Computer worms are among the most common types of malware. They spread over computer networks by exploiting operating system vulnerabilities.
To shield computer systems from the above-mentioned threats, an organization must have reasonable security measures in place. The following list shows some of the possible measures that can be taken
Against viruses, Trojan viruses, worms etc, a business can use anti-virus software. In additional to the anti-virus software, a business can also have control measures on the use of external storage devices and visiting a website that is most likely to download unauthorized programs onto the user’s computer.
Unauthorized access to computer system resources can be avoided by the use of authentication methods. The authentication methods can be, in form of user ids and strong passwords, smart cards or biometric and so on.
Intrusion detection/prevention systems can be used to protect against denial of service episodes. You will find other measures too which can be put in location to avoid denial of service attacks.