SAFETY, SYSTEM

SECURITY AND
SAFE
COMPUTING
SYSTEM SECURITY.

This refers to the processes and mechanisms by

which computer-based equipment, information
and services are protected from unintended or
unauthorized access, change or destruction.

Computer security also includes protection

from unplanned events and natural disasters.
Physical security, network security and security
of computer systems and files all need to be
considered to ensure security of data and
prevent unauthorized access, changes to data,
disclosure or destruction of data.
FORMS OF COMPUTER SECURITY

1 Physical security
Physical security is the protection of personnel, hardware,
programs, networks, and data from physical circumstances and
events that could cause serious losses or damage to an
enterprise, agency, or institution. This includes protection from
fire, natural disasters, burglary, theft, vandalism, and terrorism.
2 Data Security:
Data security is the means of ensuring that data is kept safe
from corruption and that access to it is suitably controlled. Thus
data security helps to ensure privacy. It also helps in protecting
personal data. Data security is part of the larger practice of
Information security.
3 Common security threats:
These are threats that may cause system failure, data loss or
un authothised access to data.
I Hardware failure due to improper use
II Network breakdown: This May be due to a faulty component
in the network, e.g. switch, cables, network card etc.
III Programme failure: This may be due to poor software.
ivVirus and malware. Computer viruses are small software
programs that are designed to spread from one computer to
another and to interfere with computer operation.
V Industrial espionage: spying on the competitor to get
information that can be used to cripple the competitor.
Vi Hacking – gaining unauthorized access to information just
for fun. It may be done by manipulating passwords.
Vii Password cracking. This is a technique attacker’s use to
surreptitiously gain system access through another user's
account. This is possible because users often select weak
passwords. It is mainly done for malicious reasons.
Viii Eavesdropping. . Tapping into communication channels to get
information. Those who do it take advantage of poor security systems.
Contents of a message can be read or altered in transit. The message can also
be re directed.
IxBack doors: Programme that allows hidden access to a computer system.
X Spoof attack / IP spoofing: In a spoof attack, the hacker modifies the source
address of the packets he or she is sending so that they appear to be coming
from someone else. This may be an attempt to bypass your firewall rules.
X1 Phishing: In phishing attack the hacker creates a fake web site that looks
exactly like a popular site . When the user attempts to log on with their
account information, the hacker records the username and password and
then tries that information on the real site.
Xii Alteration /Illegal modification of private/confidential data with the aim
of misinforming users. It is a sabotage tool.
Xiii Physical threats like theft/burglary, vandalism, ware/ageing, sabotage
etc.
xivElectrical fluctuations. such as voltage spikes, insufficient supply voltage
(brownouts), unconditioned power (noise), and total power loss
Xv Weather problems like chance in temperature.
Xvi Denial of Service: when someone maliciously makes the system unusable
for others.
NETWORK SECURITY

A security policy defines what people can

and can't do with network components and
resources.

An adversary
A person that is interested in attacking your
network; his motivation can range from
gathering or stealing information, creating a
DoS, or just for the challenge of it.
CLASSIFICATIONS OF NETWORK ATTACK:
 
1 Passive Attack
A passive attack
The intruder just taps the data channels and gets the information without
modifications or copies, eg Eavesdropping.
 
2 Active Attack
In an active attack, the attacker tries to bypass or break into secured systems. This
can be done through stealth, viruses, worms, or Trojan horses. Active attacks include
attempts to break protection features, to introduce malicious code, and to steal or
modify information.
 
3 Insider Attack
An insider attack involves someone from the inside, such as a disgruntled employee,
attacking the network. Insider attacks can be malicious or no malicious. It may be
intentional or out of ignorance.
4 Hijack attack
Hijack attack In a hijack attack, a hacker takes over a session between you and
another individual and disconnects the other individual from the communication. You
still believe that you are talking to the original party and may send private
information to the hacker by accident. Eavesdroppers use it.
COMPUTER VIRUS

Computer viruses are small software

programs that are designed to spread from
one computer to another and to interfere
with computer operation.
HOW COMPUTER VIRUS IS SPREAD
1 From storage devices
USB, Floppy, CD’s, etc. are the usual sources of virus spread from one computer to another.
When you use disks to copy files from an infected computer, chances are, you can also copy the
virus.
2 Through networks
Networks such as peer to peer, LAN, WAN, wireless network, and internet are not safe. As they
all serve the purpose of sharing network and information between computers, they are also
sharing viruses.
 
3 Through Downloading
other sources of virus spreads are downloading software, pirated programs, or even mp3 songs
and videos. As a matter of fact, the fastest growing sources of virus infections are the files and
software downloaded directly from the internet
 
4 Through e-mail attachments
Many of the most dangerous viruses are primarily spread through e-mail attachments - files that
can be sent along with an e-mail message. In such cases, the user of an infected computer
unknowingly attaches an infected file to an email message, and then sends the email to a friend
or colleague.
5 Boot Infectors
Every disk (hard disk, CD, DVD) contains a section called a boot sector whether it is a bootable
disk or not. When a computer is turned on, it looks for boot information (start-up instructions).
If the it finds a disk with boot information, it reads that information and uses it to properly start
the computer. If for some reason that boot information is infected with a virus, the virus is
activated and possibly transferred to the computer's hard drive
 
TYPES OF VIRUS

1. Droppers: programmes that have been designed to perform useful tasks like file
compression but in the process they introduce the viruses in the system.
2. Failed virus: Virus that does not accomplish its task because poor designing by its
author or encountering a stronger antivirus.
3. Packagers: hide the existence of their harm from virus guards by masking some
codes around the actual software programmes. They strike after some time like
time bombs.
4. Test virus: text files written to test the effectiveness of virus guard software.
They are not harmful.
5. Time bombs: a programme code that is activated at a particular time. They
target specific moments like Valentine’s Day, fools day, etc.
6. Trojan Horses: Small programme code hidden within the legitimate software. It
may direct the legitimate software to damage the system.
7. Trojans: A programme that performs annoying actions like flickering of the
screen, the cursor disappearing, etc. some of them are incomplete computer
programs.
8. Jokes: harmless programme that perform amusing things on the screen. Eg “your
computer is about to explode in five minutes, please run away”
9. Worms: A Progamme that writes itself in the computer memory re-writes itself
continuously into the memory until the system runs out of memory and crashes.
10. Boot sector virus. They destroy the booting information on the storae media,
11. File viruses: viruses that attach themselves to useful files.
SYMPTOMS OF COMPUTER VIRUS.

I. Deletes the files or programs from the system.

II. Decreases the space in the main memory.
III. Appearance of strange message or strange patterns on
the screen.
IV. Slows down the system performance.
V. Frequent hanging/freezing of the system, that is the
system stops functioning.
VI. Formatting the hard disk, thus destroying data.
VII. Unexpected messages or images are suddenly displayed.
VIII. Missing of files or appearing of unexpected files.
IX. Displaying low memory message frequently.
X. Programs start on suddenly.
PROTECTION OF COMPUTERS
AGAINST VIRUS virus infections can be stopped
The spread of computer
through the practice of safe computing. The following
are a list of some recommendations for safe computing:

I. Install software scanning software/ anti virus.

II. Scan all external storage devices before using them.
III. Do not load pirated software on your machine. The
pirated software may contain viruses.
IV. Always update your antivirus.
V. Always scan files downloaded from the Internet or
transferred over the network.
VI. Scan all e-mail attachments before executing them
on your machine.
MEASURES AGAINST HARDWARE THREATS

1. The room should not be accessible via a

dropped ceiling, raised floor, window point of
entry other than the secured access point.
2. The room should be well burglar-proofed to
guard against theft.
3. If possible, use electronic access control with
all entry attempts logged by security systems
and monitored by security personnel.
4. If possible, security personnel should monitor
activity via security cameras with automatic
recording.
MEASURES AGAINST ELECTRICAL THREATS

Electrical threats Electrical threats, such as

voltage spikes, insufficient supply voltage
(brownouts), unconditioned power (noise),
and total power loss, can be limited by
adhering to these guidelines
1. Install uninterruptible power supply (UPS)
2. Install backup generator systems
MEASURES AGAINST ENVIRONMENTAL THREATS

Environmental threats Environmental threats,

such as temperature extremes (too hot or too
cold) or humidity extremes (too wet or too dry),
also require mitigation. Take these actions to
limit environmental damage to ICT devices:
I. Supply the room with dependable
temperature and humidity control systems
such as Air conditioners (AC systems).
II. Remove any sources of electrostatic and
magnetic interference in the room.
III. If possible, remotely monitor and alarm the
environmental parameters of the room.
CYBER CRIME/COMPUTER CRIME

Cybercrime also called computer crime, is

the use of a computer as an instrument to
conduct illegal activities, such as committing
fraud, spreading pornography, stealing
identities, or violating privacy.
FORMS OF CYBER CRIME.
1. Hacking and cracking: This is a type of crime wherein a person’s computer
is broken into so that his personal or sensitive information can be accessed.
The criminal uses a variety of software to enter a person’s computer and
the person may not be aware that his computer is being accessed from a
remote location.
2. Theft/pirating: This crime occurs when a person violates copyrights and
downloads music, movies, games and software.
3. Cyber Stalking: This is a kind of online harassment wherein the victim is
subjected to a barrage of online messages and emails which are of
threatening nature.
4. Identity Theft: This has become a major problem with people using the
Internet for cash transactions and banking services. In this cyber crime, a
criminal accesses data about a person’s bank account, credit cards, Social
Security, debit card and other sensitive information to siphon money or to
buy things online in the victim’s name.
5. Malicious Software: These are Internet-based software or programs that
are used to disrupt a network. The software is used to gain access to a
system to steal sensitive information or data or causing damage to software
present in the system.
6. Child soliciting and Abuse: This is also a type of cyber crime wherein
criminals solicit minors via chat rooms for the purpose of child pornography.
WHO ARE COMPUTER CRIMINALS?

1) Employees – disgruntled or dishonest --the

largest category
2) Outside users - customers or suppliers
3) “Hackers” and “crackers” - hackers do it
“for fun” but crackers have malicious
intent
4) Organized crime - tracking illegal
enterprises, forgery, counterfeiting
5) Damage to computers, programs or files
CYBER CRIME PREVENTION TIPS

1) Education
2) Use a firewall
3) Click with caution / Practice safe surfing
4) Practice safe shopping
5) Use comprehensive security software
and keep your system updated
6) Secure your wireless
7) Use strong passwords and encrypt data
8) Use common sense / BE suspicious
ICT ETHICAL ISSUES

These are situations where you have to consider the

'rights and wrongs' of ICT.
On a personal level,
I. Copying and pasting other people's work as your own
II. Downloading copyrighted music and films
III. Cyber-bullying on social networks
IV. Taking mobile video or pictures to embarrass or
humiliate someone
V. Using someone else's password
VI. Spreading malicious gossip about someone
VII. Circulating corrupted files on computer networks.
VIII. Hacking into people’s ICT systems
FROM A WIDER VIEWPOINT, ARE THE
FOLLOWING THINGS ETHICAL?

I. Governments blocking or shutting down the

internet
II. Governments blocking search engine
queries on certain topics
III. People using social networks to organize
demonstrations
IV. Using a wiki to leak sensitive information
 These are issues to do with 'freedom of speech' and
government behavior and often there are no clear
black and white answers.
Important ethical issues include.
 Privacy – responsibility to protect data about
individuals
 Accuracy - responsibility of data collectors to
authenticate information and ensure its accuracy
 Intellectual Property - who owns information and
software and how can they be sold and exchanged
 Access - responsibility of data collectors to control
access and determine what information a person has
the right to obtain about others and how the
information can be used
PRIVACY AND CONFIDENTIALITY

Privacy means that data or information

which belongs to a person should not
because by or disclosed to other people. It is
the individual’s right to determine what
should be disclosed to others.
Confidentiality means that sensitive data or
information belonging to an organization or
government
should not be accessed by, or disclosed to
other people
ASPECTS OF INFORMATION PRIVACY AND
CONFIDENTIALITY.
I. Industrial espionage: spying on the competitor to get
information that can be used to cripple the competitor.
II. Hacking – gaining unauthorized access to information just for
fun. It may be done by manipulating passwords.
III. Password cracking. This is a technique attacker’s use to
surreptitiously gain system access through another user's
account. This is possible because users often select weak
passwords. It is mainly done for malicious reasons.
IV. Eavesdropping. E-mail headers and contents are transmitted
in the clear text if no encryption is used. As a result, the
contents of a message can be read or altered in transit. The
header can be modified to hide or change the sender, or to
redirect the message
V. Alteration /Illegal modification of private/confidential data
with the aim of misinforming users. It is a sabotage tool.
WAYS TO PROTECT YOUR DATA

Applications can always be reinstalled, but your

data is the most important thing on your
computer or network. Here's a look at ways you
can protect that data.
I. Save as you work. You should always save your work as you go and learn how to use the 'auto-
save' features in your application.
II. Make a backup. Before you make changes to critical data always make a duplicate
III. Never open email attachments by habit. If your email reader has an option to automatically
open attachments you should disable that feature. Always run any attachments and
downloaded files through a virus scanner first.
IV. Never trust disks from other people. Anytime you receive a file on any type of media check it
first for viruses!
V. Update! Make sure you have the latest updates for your software - especially for your virus
checking software.
VI. Protect your passwords. The key to your identity is your password. Anytime your account
accesses the network you are responsible for any activity from that account!. Remember:
change your password on a regular basis.
VII. Perform regular maintenance. Learn how to use the utilities that diagnose your system for
problems. It is a good idea to run a disk-scanning program, defragment your hard drive, or
whatever else your system might need.
VIII. Encrypting data. Encryption is the process of encoding messages (or information) in such a
way that eavesdroppers or hackers cannot read it, but that authorized parties can.
The process of turning it from code for to a readable form is called data decryption.
IX Use firewalls. The firewall is a device or software that uses rules to filter information flow
into and out of the private network, to protect the private network users and data from
hackers.
X Use biometric security: It is a protection measure that employs a user’s attributes like finger
prints, voice and facial recognition, etc.
COPYRIGHT LAW:

This is a law that spells out proper ownership

of property/services, and how other users
can access them. In ICT, software is
protected by copyright laws is it is obtained
at a fee. Downloading it free from the
internet is unethical.
 
 
FREEWARE:
This is software that is available at no cost.
Examples include demonstration software.
 
Shareware:
Software that is freely available and is designed
to let you use the product freely for a period
while you decide to use it or not. After this
period, you either pay for it legally or uninstall it.
 
Freeware and shareware have a disadvantage of
easily spreading virus since many people easily
download them free from the internet.
GREEN COMPUTING
Green computing is the environmentally
responsible and eco-friendly use of
computers and their resources. In broader
terms, it is also defined as the study of
designing, manufacturing/engineering, using
and disposing of computing devices in a way
that reduces their environmental impact.
Green computing is also known as green
information technology (green IT).
WHY GREEN COMPUTING?

 Reduce production of harmful gases to the

atmosphere.
 Manufacture recyclable products to maintain
the echo system
 Devise energy saving ICT practices

To promote green computing concepts at all

possible levels, the following four
complementary approaches are employed:
 Green use: Minimizing the electricity consumption
of computers and their peripheral devices and using
them in an eco-friendly manner
 Green disposal: Re-making an existing computer or
appropriately disposing of, or recycling, unwanted
electronic equipment
 Green design: Designing energy-efficient
computers, servers, printers, projectors and other
digital devices
 Green manufacturing: Minimizing waste during the
manufacturing of computers and other subsystems
to reduce the environmental impact of these
activities
Government regulatory authorities also actively
work to promote green computing concepts by
introducing several voluntary programs and
regulations for their enforcement.

Average computer users can employ the following

general tactics to make their computing usage
greener:
 
Us e f
l a t - sc
conve reen
ntion or LC

Bu y e a l ca D mo
nergy t ho d e nitor
of de r a y s, in s
s e fficie tu b e tead
k to p c nt no ( CR T of

Activ ompu teboo ) mon
ate t ters k com itors
contr he p o puter
o lling w e r ma s , in s

Make energ nage tead
p ro p e y con ment
dispo r a s um p featu
s al r range tion res fo

Turn ment r
off co s for sa

Refill m p ut fe ele
p r in t e rs a ctron
ones er ca t th e ic wa
rtridg en d o st e
e s, r a f eac
ther h d ay
th a n
buyin
g new
CAREER OPPORTUNITIES IN INFORMATION
COMMUNICATION TECHNOLOGY (ICT)

THESE ARE REASONS TO CHOOSE ICT FIELD. THERE ARE

MANY PATHS YOU CAN CONSIDER
1. Software Engineering
2. Network Engineering
3. System security
4. Project Management
5. Quality assurance and Testing
6. System administration
7. Website development
8. Database administration
9. Technical support
10. Client management
11. IT consultancy
12. IT instructor
EMERGING TECHNOLOGIES.

 These are the most prominent ongoing

developments, advances, and innovations in
various fields of modern information and
communications technology. They include:
1 Artificial intelligence
It is the science and engineering of making intelligent machines,
especially intelligent computer programs. It is related to the similar
task of using computers to understand human intelligence. Examples
of AI include:
I Expert systems
Software designed to make a computer operate at the level of a
human being in a specific area of specialization. An expert system can
do the accounting work that should have been done by a human
expert. 
II Natural language processing.
A program that makes computers understands and recognizes natural
languages, whether written or spoken.
III Robotics / Perception systems
The design of computer controlled devices that emulate human beings
in carrying out tasks that would otherwise be dangerous and difficult.
IV Artificial neural systems.
A system that detects patterns such as weather changes, light
intensity etc and then suggests appropriate action.
2 DIGITAL FORENSICS

Process of using electronic means in courts of

law to collect data and maintain it in its most
original form so as to avoid tampering with
evidence
3 Virtual Reality

This is where a client can use a simulated

environment to provide service. For example
one can be taught how to drive using a
simulated environment that looks like a real
vehicle. The computer pool game is also virtual
reality.
4 MOBILE TECHNOLOGIES

I Bluetooth: A technology that uses short

wavelength radiations to enable computers,
mobile phones and other devices to
communicate with each other without wire
connections.
II Infrared: A technology that uses
electromagnetic radiations to enable
wireless communication of devices over
relatively longer distance compared to
Bluetooth.
5 E-COMMERCE

Online advertising and selling of goods and

services has become a huge growth area. It
involves internet banking, mobile banking,
electronic fund transfer (EFT) such as mobile
money, electronic cheque processing.
6 GOOGLE MAPS

This is common now, where organizations use

links to Google maps to help users find
locations. This can be used on websites and
mobile devices.