Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
SlideShare a Scribd company logo

Need For Ethical & Security Issue In It

Sonali Srivastava
Sonali Srivastava

This document discusses various ethical and security issues related to information technology. It raises questions about privacy and monitoring user activity online. It also covers different types of security threats like viruses, hacking, and spam emails. Various security measures are described such as encryption, access control, password policies, antivirus software, firewalls, and auditing user activity. Cyber crimes in India have been increasing and the document outlines some key cyber security statistics. Overall it provides an overview of important ethical and security concerns for information technology.

Related slideshows

Computer Security and Safety, Ethics & Privacy
Computer Security and Safety, Ethics & PrivacyComputer Security and Safety, Ethics & Privacy
Computer Security and Safety, Ethics & Privacy
 
Chapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and SecurityChapter 4 Computer Science :: Computer Ethics and Security
Chapter 4 Computer Science :: Computer Ethics and Security
 
Security and ethical challenges
Security and ethical challengesSecurity and ethical challenges
Security and ethical challenges
 
1 of 25
Need For Ethical & Security Issue in IT
Introduction
ETHICAL ISSUES Ethics in society holds each person responsible for his or her actions. Each person is accountable for everything he or she does. If anything that is illegal or immoral in the real world it is illegal in the computer world too. IT and computer personnel often have access to much confidential data and knowledge about individuals and companies networks and system that give them a great deal of information. This raises ethical questions.
Such As: • SHOULD YOU READ THE PRIVATE E-MAIL OF YOUR NETWORK USERS JUST BECAUSE YOU HAVE THE ACCESS? • IS IT RIGHT TO MONITOR THE WEBSITES VISITED BY NETWORK USERS?
Security Issue • Security issues related to computerized system involves protecting all parts of the computer system. This includes data, the software and the hardware. • The abuse of computers has also given birth to a new ages crimes that are addressed by the Information Technology act, 2000. Defining cyber crimes as “acts that are punishable by the information technology act” would be unsuitable as the Indian penal code also covers many cyber crimes, such as email spoofing and cyber deformation, sending threatening e mail etc. .
Security Threats • A network security threat is any potentially adverse occurrence that can harm or interrupt the systems using the network, or cause a monetary loss to an organization. • Once the threats are identified they are then ranked according to their occurrence. • For example, the average cost to clean up a virus that slips through a security system and infects an average number of computers is $150,000/virus
Types of Threats • Fabrication – An unauthorized party inserts counterfeit objects into the system – Attack on authenticity – Insertion of spurious messages in a network – Addition of records to a file
• Interruption – An asset of the system is destroyed of becomes unavailable or unusable – Attack on availability – Destruction of hardware – Cutting of a communication line – Disabling the file management system
• Interception – An unauthorized party gains access to an asset – Attack on confidentiality – Wiretapping to capture data in a network – Illicit copying of files or programs
• Modification – An unauthorized party not only gains access but tampers with an asset – Attack on integrity – Changing values in a data file – Altering a program so that it performs differently – Modifying the content of messages being transmitted in a network
• Disruptions are the loss or reduction in network service. • Some disruptions may also be caused by or result in the destruction data. • Natural (or manmade) may occur that destroy host computers or large sections of the network is often viewed as hackers gaining access to organizational data files and resources. However, most unauthorized access incidents involve employees.
SYSTEM GETS INFECTED THROUGH  Viruses  Worms  Trojan  Zombies
HACKING Hacking is the gaining of access(wanted or unwanted) to a computer and viewing, copying, or creating data(leaving a trace) without the intention of destroying data or maliciously harming the computer. Cases of hacking reported in 2011 was 157 and reported in 2012 was 435 thereby % variation in increase in cases over 2011 is 177.1%
Top Countries In Cyber Crime
Targets Of Cyber Criminals
SPAM Email spam, also known as junk email or unsolicited bulk email (UBE), is a subset of electronic spam involving nearly identical messages sent to numerous recipients by email. Clicking on links in spam email may send users to phishing web sites or sites that are hosting malware. Spam email may also include malware as scripts or other executable file attachments. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk.
A HISTORICAL ARTIFACT: THE FIRST SPAM The first spam, (sent to Usenet news groups, not to email accounts, BTW). It was sent by lawyers… Grr! From: Laurence Canter (nike@indirect.com) Subject: Green Card Lottery- Final One? Newsgroups: alt.brother-jed, alt.pub.coffeehouse.amethyst View: Complete Thread (4 articles) | Original Format Date: 1994-04-12 00:40:42 PST Green Card Lottery 1994 May Be The Last One! THE DEADLINE HAS BEEN ANNOUNCED. The Green Card Lottery is a completely legal program giving away a certain annual allotment of Green Cards to persons born in certain countries. The lottery program was scheduled to continue on a permanent basis. However, recently, Senator Alan J Simpson introduced a bill into the U. S. Congress which could end any future lotteries. THE 1994 LOTTERY IS SCHEDULED TO TAKE PLACE SOON, BUT IT MAY BE THE VERY LAST ONE. [continues]
Ankit Fadia The author of The Unofficial Guide to Ethical Hacking Said “ I could hack a stateowned bank’s website or government communications website which shows the vulnerability, thousands of Indian websites are being hacked each day”.
SECURITY MEASURES AND TECHNIQUES Encryption- Encryption is the process of making information indecipherable to protect it from unauthorized viewing or use, especially during transmission or when it is stored on a transportable magnetic medium. • Encryption is usually based on a key without which the information cannot be decoded or decrypted. • Someone intercepting it may not be able to understand or misuse it. • Institute of standards and technology has created an extremely complex encryption standard called DES(Data Encryption Standard) that provides virtually unlimited ways to secure computer files.
ACCESS CONTROL • Access to computer systems should be physically controlled by use of measures like entry passes and ID cards being checked by security staff. • Authorization is the act of granting the permission to a person or a group or a programme so that the required activity can be done. • Common means used to restrict access to computer systems and sensitive file is a password.
Users must not display there passwords at easily accessible places. System developers must ensure that passwords are never displayed on a screen. Password should also not be printed on reports. Password should to be held in in the system in an encrypted form, so that even if someone reaches the password table/file, all that be seen is garbage. System developers must ensure that short passwords are not permitted. System administrators must deactivate the usernames/passwords of employees who have resigned, have retired, have been transferred or have departed for any reason.
PROECTION FROM VIRUSES A computer virus is a programme that infects computer files and runs executable programmes by inserting in those files copies of it. This is usually done in such a manner that the copies will be executed when the file is loaded into memory. A virus cannot exist by itself It infects an executable file. When the file is executed, the virus gets transmitted. Virus spreads through CDs, pendrive, local area network and intenet.
FIREWALL  A Firewall is a barrier to keep destructive forces away from a system.  Its job is similar to physical firewall that keeps a fire spreading from one area to another. A firewall is simply a programme or a hardware device that filters the information coming through the internet connection into a computer system. Firewalls can be implemented in both hardware and software or a combination of both. Firewalls are frequently used to prevent unauthorized internet from accessing private networks connected to internet. users
ADULT TRIAL Adult Trial is a means of tracing all activities affecting a piece of information such as data recorded from a time in enters the system from the time in enters the system to the time it leaves. An adult trial documents the path from input to output and should provide information to reconstructed or verify the entire sequence either manually or through automated tracking procedures. Adult trial can often be used to identify the cause, timing and location of security breaches.
Need For Ethical & Security Issue In It

More Related Content

Need For Ethical & Security Issue In It

  • 1. Need For Ethical & Security Issue in IT
  • 3. ETHICAL ISSUES Ethics in society holds each person responsible for his or her actions. Each person is accountable for everything he or she does. If anything that is illegal or immoral in the real world it is illegal in the computer world too. IT and computer personnel often have access to much confidential data and knowledge about individuals and companies networks and system that give them a great deal of information. This raises ethical questions.
  • 4. Such As: • SHOULD YOU READ THE PRIVATE E-MAIL OF YOUR NETWORK USERS JUST BECAUSE YOU HAVE THE ACCESS? • IS IT RIGHT TO MONITOR THE WEBSITES VISITED BY NETWORK USERS?
  • 5. Security Issue • Security issues related to computerized system involves protecting all parts of the computer system. This includes data, the software and the hardware. • The abuse of computers has also given birth to a new ages crimes that are addressed by the Information Technology act, 2000. Defining cyber crimes as “acts that are punishable by the information technology act” would be unsuitable as the Indian penal code also covers many cyber crimes, such as email spoofing and cyber deformation, sending threatening e mail etc. .
  • 6. Security Threats • A network security threat is any potentially adverse occurrence that can harm or interrupt the systems using the network, or cause a monetary loss to an organization. • Once the threats are identified they are then ranked according to their occurrence. • For example, the average cost to clean up a virus that slips through a security system and infects an average number of computers is $150,000/virus
  • 7. Types of Threats • Fabrication – An unauthorized party inserts counterfeit objects into the system – Attack on authenticity – Insertion of spurious messages in a network – Addition of records to a file
  • 8. • Interruption – An asset of the system is destroyed of becomes unavailable or unusable – Attack on availability – Destruction of hardware – Cutting of a communication line – Disabling the file management system
  • 9. • Interception – An unauthorized party gains access to an asset – Attack on confidentiality – Wiretapping to capture data in a network – Illicit copying of files or programs
  • 10. • Modification – An unauthorized party not only gains access but tampers with an asset – Attack on integrity – Changing values in a data file – Altering a program so that it performs differently – Modifying the content of messages being transmitted in a network
  • 11. • Disruptions are the loss or reduction in network service. • Some disruptions may also be caused by or result in the destruction data. • Natural (or manmade) may occur that destroy host computers or large sections of the network is often viewed as hackers gaining access to organizational data files and resources. However, most unauthorized access incidents involve employees.
  • 12. SYSTEM GETS INFECTED THROUGH  Viruses  Worms  Trojan  Zombies
  • 13. HACKING Hacking is the gaining of access(wanted or unwanted) to a computer and viewing, copying, or creating data(leaving a trace) without the intention of destroying data or maliciously harming the computer. Cases of hacking reported in 2011 was 157 and reported in 2012 was 435 thereby % variation in increase in cases over 2011 is 177.1%
  • 14. Top Countries In Cyber Crime
  • 15. Targets Of Cyber Criminals
  • 16. SPAM Email spam, also known as junk email or unsolicited bulk email (UBE), is a subset of electronic spam involving nearly identical messages sent to numerous recipients by email. Clicking on links in spam email may send users to phishing web sites or sites that are hosting malware. Spam email may also include malware as scripts or other executable file attachments. Definitions of spam usually include the aspects that email is unsolicited and sent in bulk.
  • 17. A HISTORICAL ARTIFACT: THE FIRST SPAM The first spam, (sent to Usenet news groups, not to email accounts, BTW). It was sent by lawyers… Grr! From: Laurence Canter (nike@indirect.com) Subject: Green Card Lottery- Final One? Newsgroups: alt.brother-jed, alt.pub.coffeehouse.amethyst View: Complete Thread (4 articles) | Original Format Date: 1994-04-12 00:40:42 PST Green Card Lottery 1994 May Be The Last One! THE DEADLINE HAS BEEN ANNOUNCED. The Green Card Lottery is a completely legal program giving away a certain annual allotment of Green Cards to persons born in certain countries. The lottery program was scheduled to continue on a permanent basis. However, recently, Senator Alan J Simpson introduced a bill into the U. S. Congress which could end any future lotteries. THE 1994 LOTTERY IS SCHEDULED TO TAKE PLACE SOON, BUT IT MAY BE THE VERY LAST ONE. [continues]
  • 18. Ankit Fadia The author of The Unofficial Guide to Ethical Hacking Said “ I could hack a stateowned bank’s website or government communications website which shows the vulnerability, thousands of Indian websites are being hacked each day”.
  • 19. SECURITY MEASURES AND TECHNIQUES Encryption- Encryption is the process of making information indecipherable to protect it from unauthorized viewing or use, especially during transmission or when it is stored on a transportable magnetic medium. • Encryption is usually based on a key without which the information cannot be decoded or decrypted. • Someone intercepting it may not be able to understand or misuse it. • Institute of standards and technology has created an extremely complex encryption standard called DES(Data Encryption Standard) that provides virtually unlimited ways to secure computer files.
  • 20. ACCESS CONTROL • Access to computer systems should be physically controlled by use of measures like entry passes and ID cards being checked by security staff. • Authorization is the act of granting the permission to a person or a group or a programme so that the required activity can be done. • Common means used to restrict access to computer systems and sensitive file is a password.
  • 21. Users must not display there passwords at easily accessible places. System developers must ensure that passwords are never displayed on a screen. Password should also not be printed on reports. Password should to be held in in the system in an encrypted form, so that even if someone reaches the password table/file, all that be seen is garbage. System developers must ensure that short passwords are not permitted. System administrators must deactivate the usernames/passwords of employees who have resigned, have retired, have been transferred or have departed for any reason.
  • 22. PROECTION FROM VIRUSES A computer virus is a programme that infects computer files and runs executable programmes by inserting in those files copies of it. This is usually done in such a manner that the copies will be executed when the file is loaded into memory. A virus cannot exist by itself It infects an executable file. When the file is executed, the virus gets transmitted. Virus spreads through CDs, pendrive, local area network and intenet.
  • 23. FIREWALL  A Firewall is a barrier to keep destructive forces away from a system.  Its job is similar to physical firewall that keeps a fire spreading from one area to another. A firewall is simply a programme or a hardware device that filters the information coming through the internet connection into a computer system. Firewalls can be implemented in both hardware and software or a combination of both. Firewalls are frequently used to prevent unauthorized internet from accessing private networks connected to internet. users
  • 24. ADULT TRIAL Adult Trial is a means of tracing all activities affecting a piece of information such as data recorded from a time in enters the system from the time in enters the system to the time it leaves. An adult trial documents the path from input to output and should provide information to reconstructed or verify the entire sequence either manually or through automated tracking procedures. Adult trial can often be used to identify the cause, timing and location of security breaches.