Computer Security/Ethical and Social Issues in ICT

 

COMPUTER SECURITY

Computer Security refers to protecting computer system (hardware and software) and its resources such as information (data and programs), against unwanted access, damage, modification or destruction.

Computer Security Goals:

a)               Confidentiality

b)               Integrity

c)               Availability

Computer security threats

a)       Phishing : Phishing is the fake attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. 

b)            Rootkit: A set of software tools that enable an unauthorized user to gain control of a computer system without being detected.

c)            Botnet :A botnet is a network of computers infected with malware that are controlled by a bot herder. 

d)               Keylogger : Keylogger is hardware or software for recording the keys pressed on a keyboard secretly so that person using the keyboard does not know that their actions are being monitored.

e)               Hacking : Unauthorized means of accessing others system resources for illicit purposes.

f)              Malicious code : Malicious code is the kind of harmful computer code or web script designed to create system vulnerabilities leading to back doors, security breaches, information and data theft, and other potential damages to files and computing systems.

g)          Malware : The word Malware is short for malicious software and is a general term used to describe all of the viruses, spyware, worms, adware, nagware, trojan, and pretty much anything that is specifically designed to cause harm to your PC or steal your information

Computer virus -Computer Virus is a self-replicating computer program that interferes with the computer’s hardware or the operating system resulting in the malfunctioning of a computer system.Viruses are designed to replicate and elude detection.

Examples of viruses: TIME BOMB, C-BRAIN,DATA CRIME,  WIN32 VIRUS etc.

                                               i.     Worm-A worm only makes a copy of itself so it cramps the computer’s memory and slows down the processes. 

                                             ii.     Trojan horse -A Trojan is a type of malicious code or software it appears to be something interesting, such as a game but when it runs it may have harmful effects on your data or network.   

                                           iii.       Ransomware -Ransomware is a malware designed to deny a user or organization access to files on their computer. By encrypting these files and demanding a ransom payment for the decryption key,

                                         iv.         Spyware - Spyware is malicious software that enters a user's computer, gathers data from the device and user, and sends it to third parties without their consent.

 

Security mechanisms

a)User identification and authentication (password/email/sms codes for verification etc.)

b)Biometric techniques (finger print/face recognition etc.)

c) Firewall- A firewall is software or firmware that prevents unauthorized access to a network. It inspects incoming and outgoing traffic using a set of rules to identify and block threats

d)               Cryptography/data and information security (cipher /coded message/ encrypted)

cryptography is used to protect digital data. It transforms data into formats that cannot be recognized by unauthorized users. An example of basic cryptography is a encrypted message in which letters are replaced with other characters.

de-cipher/de-code/ de-encryption- the process converting encrypted content to readable/understandable form.

a)              Data/software backup (copy of original data and software) Backup is the process of creating a copy of the data on your system that you use for recovery in case your original data is lost or corrupted.

b)              Hardware security

Regular maintenance

Power protection devices

UPS-an uninterruptible power supply, is a device used to backup a power supply to prevent devices and systems from electricity failure.UPS saves the system from any electric damages to any unit or circuits and from loss of data. 

Voltguard- Volt Guard: Volt Guard is another power protection device. It provides constant output voltage to the computer system in case of high input voltage coming from the source.

surge/spike protector-A Spike Guard is an electrical device used to protect electrical equipments from voltage spikes, surges, and fluctuations.

 

Antivirus software : Antivirus software’s are the best possible means of protecting a computer system and its resources from viruses.

Antivirus software are capable of detecting and eliminating viruses. Antivirus software’s needs to be updated constantly (daily).

Examples of antivirus software:

AVAST, AVIRA,AVG, MCAFEE,KASPERSKY, BIT DEFENDER, NORTRON ANTIVIRUS, PC-CILLIN,CPAV, MSAV etc

 

Computer Security Questions

1.     Explain the term computer security.

2.     What are computer security goals?

3.     List the computer security threats

4.     Define the following terms

a)      Phishing

b)     Rootkit

c)      Botnet

d)     Keylogger

e)     Ransomware

f)      Spyware

g)     spam

h)     Malware/malicious code/computer virus

i)      Worm

j)      Trojan horse

k)     Hacking

5.     List two computer hardware security measures.

6.     List two software security measures.

7.     What is password?

8.     List two biometric technique used for authentication.

9.     What is data encryption?

10. What is data de-encryption?

11. What is the importance of backup in terms of computer security?

12. Why do we need power protection devices like UPS in a computer system?

13. Mention the use of voltguard and spike guard.

14. Explain the importance of an anti virus software in a computer system.

 

.

 

Ethical and social issues in ICT

Cyber Law- Cyber law may be defined as the law or acts or rules framed and adopted by the concerned authority like the individuals, organizations or Government for safeguarding against digital crime or any crimes concerned with computers or any other digital media that are performed by the people willfully to damage, make loss or steal information etc.

Cyber Crime- Cyber -crime relates to the criminal activity involving the use of computers and other electronic media. Cyber Crime may be defined in a general way as an unlawful act wherein the computer is either a tool or a target or both.

Cyber- crime involves activities such as theft of money, services, data and programs , destruction of data and programs by computer viruses, violation of privacy (hacking) and violation of anti-trust or International law etc.

Cyberbullying: Cyberbullying includes sending, posting, or sharing negative, harmful, false, or mean content about someone else. It can include sharing personal or private information about someone else causing embarrassment or humiliation.

The most common places where cyberbullying ­­occurs are:

 Social Media, such as Facebook, Instagram, Snap Chat, and Twitter

 SMS (Short Message Service) also known as Text Message sent through cell phone

Instant Message, Email etc.

 

Examples of cyberbullying:

*Sending rude emails, texts or instant messages online or on the phone

* Offensive chat on online gaming Posting hurtful things about someone on social media

Spreading rumours or gossip about someone online

Making fun of someone in an online chat that includes multiple people 

Pretending to be another person by creating a fake online profile

Threatening or intimidating someone online or in a text message

 Taking an embarrassing photo or video and sharing it without permission

 

Effects of cyber crime

         Loss of time and resources (money/information) in tracing, fixing and managing the safety mechanisms.

      Privacy of public and important governmental information can be leaked and used for ulterior motives.

 

Safety from cyber crime:

         Controlling the access of computer and its resources with authentication system such as the username and password.

         Using firewalls and antivirus programs etc.

 

Cyber Space-In computer jargon, the community of networked computers and the culture that has developed among the users of these computers is termed as cyberspace.

***note***

The term cyber space was coined by an American writer William Gibson and is first published in his 1984 science fiction novel Neuromancer. In which he described cyberspace as a place of unthinkable complexity.

The term has given rise to a vocabulary of cyber terms such as cyber-cafes, cyber-malls etc.

  

Computer Ethics

Computer ethics is a set of moral principles or code of conducts that regulate the use of computers systematically without making/ causing harm to other users.

Computer ethics emphasizes to use computer for performing only legal and accepted activities, and it encourages users to abstain from illegal activities such as :

a)      Plagiarism

b)      Copyright Infringement

c)      Software Piracy

d)      Hacking etc.

 

Important points (commandments) of computer ethics:

a)               Do not use a computer to harm other people.

b)               Do not copy or use proprietary software for which you have not paid.

c)           Be responsible about the social consequences of the program you are writing or the system you are designing.

d)         Be mindful to use a computer in ways that demonstrate consideration and respect for your fellow humans.

Cyber ethics: Cyber ethics is a code of behaviour for using the Internet for performing only legal and accepted activities.

Cyber ethics Do’s

a)               Use the Internet responsibly and respect others privacy.

b)               Tell someone if you are being bullied online

c)               Use chat-room site that are public, monitored and are child friendly.

 

Don’t

a)               Don’t copy any material and call it your own.

b)               Don’t give/share personal information to others.

c)               Don’t fake identity and pretend to be someone else.

Digital citizenship- Digital citizenship is the responsible use of technology and etiquette pertaining to an online presence.

Nine elements of digital citizenship

a)               Digital access

b)               Digital commerce

c)               Digital communication and collaboration

d)               Digital etiquette

e)               Digital fluency

f)                Digital health and welfare

g)               Digital law

h)               Digital rights and responsibilities

i)                Digital security and privacy

Digital footprint – Digital footprint is the trace you leave with your online activity. It can include:

a)               What you post to social network or blogs.

b)               What other people post about you on social networks. (photos, videos, comments etc.)

Categories of digital footprint.

a)               Active – Active digital footprint is created when a user willingly releases personal data for the purpose of sharing information.

b)           Passive- Passive digital footprint is created when data is collected about online activity without client activation.

 

Cyber law of Nepal – cyber law of Nepal commonly known as the Electronic Transaction and Digital Signature act-ordinance was enacted in Nepal in 2061 BS (2004)

 

Electronic Transaction Act (ETA)

ETA 2063 (2006) commenced from Bhadra 2063  it was formulated to deal with issues related to cybercrime and also help in making and implementing laws over cybercrime and other IT related issues.

 

IT policy- It policy is a set of rules and guidelines on how IT resources should be used and how daily operations should be conducted.

IT policy of Nepal 2072 (2015)

The latest IT policy of Nepal was formulated and published in the year 2015. It was named “Nepal Information and Communication Technology Policy 2015.

 

The vision of this policy is to transform Nepal into an information and knowledge based society and economy.

 

Social media- social media is an Internet based technology that supports the sharing of ideas, thoughts and information by building the virtual networks and communities.

 

Social media opportunities: Great opportunities for individuals and organizations to connect and exchange information.

 

a)               Brand development

b)               Target Audience

c)               Customer interaction

d)               Attracting customer

e)               Research

 

Social media threats:

Social Engineering - One of the biggest threats of social media is social engineering. It allows attackers to find personal information that can be used to target specific individuals.

Targeted Phishing Attacks

Fake Accounts

Social Media used for spreading spam and malware

 

 

Ethical and social issues in ICT Questions:

1.     Define cyber crime.

2.     List effects of cybercrime.

3.     Explain safety measures from cybercrime.

4.     Why is cyber law needed? (what is cyber law)

5.     Explain the term cyber bullying. Cite examples of cyber bullying.

6.     What is computer ethics?

7.     Write four important points of computer ethics

8.     Mention three do’s of cyber ethics.

9.     Mention three don’t  of cyber ethics.

10.  Explain the term digital citizenship.

11.  List four elements of digital citizenship.

12.  What is digital footprint?

13.  Explain active and passive digital footprints.

14.  Write a note on cyber law of Nepal.

15.  Write a note of electronic transaction act of Nepal.

16.  Write a note on IT policy of Nepal.

17.  What is social media.

18.  List the scope social media.

19.  What are social media threats?

20.  Explain the term social engineering