Essay Unit 7 - IT Systems Security and Encryption - Distinction
117 views 1 purchase
Course
Unit 7 - IT Systems Security and Encryption
Institution
PEARSON (PEARSON)
In this assignment, you will delve into the fascinating world of IT systems and encryption. You will explore the fundamental concepts, principles, and technologies associated with securing digital information in various computer systems. This assignment aims to develop your understanding of IT syst...
Essay Unit 7 - IT Systems Security and Encryption - Distinction, Cyber Threats
Flashcards10 Flashcards
$12.890 sales
Flashcards10 Flashcards
$12.890 sales
Some examples from this set of practice questions
1.
What is a cyber threat?
Answer: A cyber threat refers to any malicious activity or potential occurrence that targets computer systems, networks, or digital information with the intent to compromise their security or cause harm.
2.
What is malware?
Answer: Malware, short for malicious software, is any type of software designed to disrupt, damage, or gain unauthorized access to computer systems or networks. Examples include viruses, worms, ransomware, and spyware.
3.
What is a phishing attack?
Answer: A phishing attack is a cyber threat where attackers masquerade as legitimate entities through deceptive emails, messages, or websites to trick individuals into revealing sensitive information, such as passwords or financial details.
4.
What is a DDoS attack?
Answer: A Distributed Denial of Service (DDoS) attack involves overwhelming a targeted system or network with a flood of internet traffic from multiple sources, rendering it inaccessible to users and disrupting its normal functioning.
5.
What is social engineering?
Answer: Social engineering is a tactic employed by cybercriminals to manipulate and deceive individuals into divulging sensitive information or performing actions that compromise security. It often relies on psychological manipulation and exploiting human trust.
Content preview
Unit 07: IT Systems Security and Encryption
Different types of Threats 2
Internal Threats 2
External Threats 4
Physical Threats 5
Social engineering 6
Software-Driven Threats 10
Computer network-based threats 15
Passive threats 15
Active threats 16
Cloud computing security risks 20
Principles of Confidentiality, Integrity and Availability of Information 21
Information Security 21
Confidentiality 21
Integrity 22
Availability 22
Legal Requirements 23
Data Protection Act 1998 24
Copyright,Design and Patents Act 1988 25
Telecommunications (Lawful Business Practice) (Interception Of Communications) Regulations 2000 25
Computer Misuse Act 1990 26
Fraud Act 2006 26
Legal Liability and contractual obligations 27
Revenue 28
Reputation 29
Requirements 29
Principles of Cryptography 30
Cryptographic Principles 30
Uses of Encryption 30
Cryptographic Methods 32
Applications of Cryptography 34
Techniques Used to Protect IT Systems and Data 36
Physical security 36
Redundancy, Resilience, Robustness 37
Backup and Data Recovery 38
PolP or Principle of Least Privilege 38
Device Hardening 38
Software Protection 39
Network Security 39
Authentication 41
Cryptography 41
Security Policy Document or SPD 41
1
,Application of the Security Tools and Techniques 42
Penetration Testing 42
Risk Management 42
Conclusion 46
References 47
Different types of Threats
The IT systems can be at risk of different threats from various sources and this threats come in a
number of different types such as internal, external, physical or social engineering and
software-driven threats. These different types of threats are explained below.
Internal Threats
An internal threat means a risk of somebody from the inside of a business organisation who could
exploit the system in a way that may cause damage to the company or steal data. There are various
threats within the business organisation which can be deliberate and accidental and these kinds of
threats are troubling as the employees of an organisation are expected to be trusted individuals that
have the access to the organisations or customers sensitive details, which can be easily misused.
The deliberate actions of the employees can be such actions that they might have done it on purpose
for example the employee may be recently dismissed by the organisation and they might deliberately
try to cause damage to the companies data or delete the files as a form of revenge. They could also
cause harmful damage to the company's software. The employees also have access to a wide range of
physical equipment within the organisation, which means that the hardware like hard drives,
containing a lot of important and sensitive information which can be physically stolen or the data
from them can be transferred on a USB flash drive and then revealed. Also the employees can
purposely damage the business equipment or data by deleting the data or by smashing the hard drive.
For example the employee can steal the data of their colleague or a customer such as bank details.
The employees might steal the data which they can then sell it to the cybercriminals or the
companies competitors.
There are many real life high profile cases of employee sabotage such as the Yahoo email leaks.
Ex-Yahoo employee pleads guilty to hacking accounts for sexual images
500 Million Yahoo Users Affected by Data Breach – Password Change Recommended - Wiadomości
bezpieczeństwa
Here is an example below of employees sabotaging company’s data maliciously.
In this example below, the employee deleted all the business-critical data in cloud storage of his
ex-former employee after he was dismissed from his job for poor performance and he was
sentenced for 2 years in prison. The employ was working as IT consultant at a digital marketing and
software agency called Voova and after being laid off from his job, he used his former coworkers
Amazon Web Services (AWS) account to access 23 AWS servers and deleted all the data related to
2
,the Voova’s customers and this costed the company a total loss of £500,000 in lost contrats and this
data was never restored. Due to the huge loss to the company, many employees had to give up their
jobs. What the employ did was just a matter of clicks on the computer but resulted in a major
financial lose to the company and people losing their jobs. This kind of disgruntled insiders are a
major threat to the company and could be very damaging.
Man jailed for destroying former employer's data
Also the employees might override the security controls which are in place by the organisation as
they find it too restrictive. For example if they want to download something from the internet such
as games that they enjoy playing during their break.
To combat the deliberate internal threats, the organisation should do background checks on their
employees while hiring them or on those employees who look like they potentially might leak the
company’s data. Also they should frequently do the behavioural checks on the employees in order to
stop them from developing a vendetta against the company and they might be a liability to the
company.
The accidental actions of the employees may cause the threats in numerous ways such as the
accidental loss of data. The employees may accidentally delete the important data of the company
containing various important and sensitive information for the company, employees and customers.
The accidental deletion by the employees might be the result of poor training or misunderstanding of
the procedures. Also it could be because of the poor software application design for example, most
of the operating systems provide the users with the recycle bin facility where deleted files can be
retrieved within 30 days but some of the software applications that are used by the organizations
may not have the facility of the recycle bin. The employees can unintentionally disclose the
confidential information such as their login details or they may damage the data by corrupting it. The
employees can unintentionally disclose their passwords by writing them down on a piece of paper
and keep it by their desks or by leaving their computer logged in when they are not on their desk. If
they disclose their passwords to anyone that does not have the legitimate access to the computer
system then the employee is risking the companies information that might fall in the hands of the
cybercriminals. To avoids these threats the company should be cautious about the amount of training
the employees receive as this can be a threat to the company because they might make more
vulnerability within the organisation’s system or website and also they might get tricked into believing
a phishing email asking them to pay for shipment out of the companies account which will then
provide the cybercriminals the private credentials. Also an employee who may carry their personal
laptop to and from work, they may forget it on the public transport when doing so which may be a
danger of anybody getting hold of the laptop which has all the access to the information of the
organization and potentially exposing important data. Following link shows that the public transport
people at least finds two laptops on the tube which are left behind by the passengers.
Two laptops left on the tube every day, reveals Transport for London
The employees might carry out some unsafe practices such as using an external flash storage
device(USB) which may have been infected by malware when used on another system, visiting
websites which are not secured or untrusted as these websites may attempt to infect the system
3
, with malware and also downloading files from an untrusted websites may also introduce malware to
the computer system. These unsafe practices leave the company’s computer system open to the
security attacks by the cybercriminals. Also when the employees use their own devices such as
laptops, tablets or smartphones which they connect to the business organisation’s network, it
exposes the network to any malware that is on those devices. Therefore the companies should
address such issues with the acceptable use policy. To avoid these threats the company should
restrict the employees just to get the company devices and also restrict what an employee at the
company is allowed to download and view.
External Threats
An external threat to the company refers to the risk of somebody outside of the company who tries
to exploit the company’s system vulnerabilities through the use of malicious software, sabotage or
social engineering and hacking. These external threats come from a variety of sources and in most
cases there is a financial motivation in which the cybercriminals intend to either steal the
data/information which can be used to obtain money such as the bank details or credit card details
or to hold the company or individual to ransom by encrypting the data or preventing the access to
services. The external threats can also come from the company’s competitors who may wish to
attack the organization in order to gain a competitive financial advantage and try to damage the
company’s reputation so that they can get rid of their competitors and grow their business. There
are also cases where an organisation was attacked for political motive, for example if the
organisation disagrees with the political, ethical or on the basis of religion then they become the
target of the demonstrations or protests groups. There are cyberattacks that may be used as a form
of warfare when one country attacks the other country. A real life example of these will be the
Stuxnet computer worm which is said to have been developed by the intelligence agencies of the
United States and Israeli government to attack the Iranian nuclear programme although they have
never admitted this.
What is Stuxnet, who created it and how does it work?
Cyberterrorism has many benefits for the attacker not least of which is that there is a bit of risk of
loss of life for the attacker but the chaos that would be caused if the transportation or other
financial or safety critical system were destroyed or disrupted by an attack would be a huge damage
to the country.
These external threats are much harder to deal than the internal threats because the organisation
cannot monitor the people outside their company nor they can predict what they could do next to
disrupt the data.
Physical Threats
The physical threats can be an internal threat or external threat to the company as anyone can cause
damage to the equipment such as computers, hard discs and so on. The company’s computer
equipment can be valuable to the company as it stores all the data which can be either stolen or
4
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller tinadsouza. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $77.43. You're not tied to anything after your purchase.
