Security Issues And Affection To Private Sectors

Published Date: 02 Nov 2017

Introduction

ICT also known as information and communications technologies is an education that is typically our society’s job to teach its emerging and current citizens some very valuable knowledge and skills about communication and computing devices, the software that operates them, systems that built on them and applications that run on them.

How do they work? What are those things? How do we utilize the productively? How are they assembled, deployed, managed and maintained to get productive systems? What are those underlying science and technologies behind them and how to develop those to advance ICT field.

ICT changes very quickly and it is very complex, and it will confuse many people. In this modern world, is very pervasive that all of us understand it, but these understandings are always wildly divergent.

There are few important dimensions to information and communications technologies education that includes ICT/digital literacy, specialized business and industry that uses ICT, ICT infrastructure and support applied technologies and ICT research and development scientists. All modern industries and business, and in the modern society, ICT has key strategic roles virtually. Development of the workers and citizens who can efficiently and competently operate and by adding value in these environments and system is strategically very important.

Security issues & affection to private and public sectors

One of the main issues with ICT today is security. In the last twenty years we have witnessed the flourishing of a myriad of electronic attacks, malware, vulnerabilities and intrusions in the domain of information and communication technologies. According to Bruce Schneier, a well known cryptographer, this is mainly due to the availability of attacking tools, automation and action at distance (Schneier, 2004). It is worth mentioning also that ICT security issues are not encountered only in the cyber space, but their impact is more noticeable and considerable in this domain. There are at least five distinct problem areas where security related issues are currently impacting in a negative way ICT. These areas are: lack of security awareness and training, operating system design and security, open source issues, design complexity and multiple layer approach.

This is perhaps the most concerning and often overlooked issue, with serious implications on ICT infrastructures. In December 2007, a government wide data security review revealed nine NHS trusts in England had lost the medical records of hundreds of thousands of patients (Turle, 2009). Also in 2007 twelve British banks (including HBOS, Alliance & Leicester, Royal Bank of Scotland, Natwest, Barclays, and Nationwide) were named and shamed for failing to dispose electronic data regarding their customers properly(Turle,2009). Other episodes include the disappearance of top secret electronic information, by Home Office or security services officials in Britain. CD, USB or Laptops containing very sensitive data were stolen jeopardizing the lives of thousands of people. These facts demonstrate the lack of security awareness and training by some of the top governmental organizations or financial operators in the country. If this is the situation with top government bodies we can imagine what is happening with the private sector, small enterprises or individuals.

Likewise, training is another pungent issue amongst network administrators and technical staff that are in charge of ICT infrastructure and security. Because of a variety of factors, including lack of funding, awareness or support from top management, these people lack training and often fail to deal adequately with security issues. On the other hand, the situation gets worst by the fact that ICT is evolving very fast and in different directions. It is difficult to keep up to date with these changes; therefore a certain degree of commitment and dedication is required to follow the progress. It is relatively easily to demonstrate with facts the above statements above the lack of training and awareness by the above mentioned professionals. There are various security issues that I am going to mention, for example, virus, hacking, human error, hardware failure and many others.

Virus

A virus is a program or programming code that copy by being replicated or it’s copying to another computer boot sector, program or document in computers. Viruses can be transmitted as attachments to a downloaded file, an e-mail note, or also may be present on a CD or a diskette. The diskette, CDs, files doesn’t know that there are viruses usually. There are some viruses wreak their effort after their code is executed. There are some viruses that are playful or benign. They may be really harmful to our computers by erasing our data or causing our hard-disk to reformat. A worm, is a virus that duplicates itself by sending once more as an e-mail attachment or a network message.

Hacking

The term "Hacking" refers to the practice of changing a system’s features, to achieve a goal outside of the original creator’s actual purpose. A hacker, is a person that doesn’t stop engaging in activities of hacking, and a hacker also sees hacking as their lifestyle and philosophy. Nowadays, the most popular form of hacking is computer hacking, mainly on computer security. However, hacking does exist in plenty other forms for example sniffing, spoofing, phishing and many others, it is not limited to either of them.

Sniffing

Since the release of the Ethernet, a packet sniffer is a utility that has been utilized. Individuals to capture data as it is transmitted to a network is what packet sniffing allows. Normally is the network professionals that utilize packet sniffer program to help solve network issues and are also utilized by the malicious users to get unencrypted data like the usernames and passwords in the network traffic. Users Packet sniffer programs are commonly used by network professionals to help diagnose network issues and are also used by malicious users to capture unencrypted data like passwords and usernames in network traffic. Users are able to get access to the network or system when this information is captured.

Spoofing

Spoofing, is an act to deceive someone that is on the web, whether it is through hoaxes, trickery, online identify theft or any other purely mischievous purposes. There are many forms spoofing can take, the most normally used are fake identity, e-mail and fake website. Fake identity is misrepresentation of an organization, corporation or non-profit for the purpose of mud-slinging. Next is e-mail, information of e-mail is managed to make it appear that an email comes from a source; but the email has fraudulent information. And lastly is fake website, every website is built to look legitimate but it may have wrong information and is to trap users by submitting their personal information.

Phishing

The term "phishing" is a fraudulent attempt, typically made through email, to get our personal information. What should we do to protect our self from phishing is by learning how to understand a phish. Phishing emails will normally appear from an organization and ask for our personal information like social security number, credit card number, password or account number. Phishing attempts appear to come from services, sites and companies very often which we don’t even have an account. If the internet criminals want to successfully "phish" our personal information, what they need to do is getting us to go from an email to a website. Phishing emails will ask us to click on a link that will take us to another site that will request our personal information almost every time. These personal information will not be requested via email if it is a legitimate organization.

Trojan horse

Trojan horse is a program that contained harmful and malicious code seemingly harmless programming or data in a way that it can gain control and do it’s chosen form of damage, such as corrupting the file allocation table on our hard disk in computers. A Trojan horse is supposedly a program to find and destroy computer virus in a celebrated case. A Trojan horse may be redistributed as part of a computer virus.

Hardware failure

The risk of hardware failure is the most frequently discussed reason to perform backups. Nothing will jolt someone into realizing the importance of backups more than an unrecoverable hard disk failure. Since a hard disk keeps our main data and programs, it is the hardware whose failure hurts the most. And this is the one that gets most attention.

There are some hardware problems that may cause permanent data loss, and some of them may be hard to figured out, since they doesn’t look like they have any responsibilities for the problem. There are a few:

Memory Errors: Many systems nowadays run without error detection or correction, there may be a chance of memory error corrupting the data in the hard disk. Although it doesn’t happen always, but it does happens.

System Timing Problems: Setting the timing for cache or memory access too aggressively, or by utilizing a hard disk transfer mode that is too fast for the device or system, may face the problem of data loss. This is not something that will always be realized until after some amount of damage has been complete.

Resource Conflicts: Conflicts resulting from peripherals that attempt to utilize the same interrupt requests, DMA channels or input/output addresses, data may be caused to be corrupted.

Power Loss: Losing power at not a right time, for example when we are doing sensitive work on our hard disk, it may easily result in many loss of files.

Human error

Human error can easily and simply be described as an error that is made by a human. But it doesn’t get as simple as that. People do make mistakes, but is important why they make mistakes. With that in mind, human error means when a person makes a mistake because that person made a mistake.

Conclusion

With the advancement of technology nowadays, there are still many problems about security issues, however on the other way because of the advancement of technology nowadays, people has the ability to hack us with these high technologies. There are plenty of security issues nowadays, all of them cause us and our computers many problems. But the main problem is hacking, hackers will have many ways to hack on either personal computers or tougher task like hacking into government or any big organization’s system to satisfy themselves, or whatever reasons. More solution should be created to prevent this.

Components of integration framework to run E-government

e-Government is the introduction of electronic methods of improving the way Government performs it's business. Why e-Government?

e-Government can offer services to citizens by providing them with greater access to information; to businesses by providing a single point of access for administrative information and requirements and between administrations, here, e-Government can provide ways to enable a structured interaction between national, regional and local Government.

Malaysia’s e-Government initiative was launched to improve government internal operations, that is, the speed and quality of policy produced, coordinated, enforced and implemented. Secondly, the initiative aimed to enhance the convenience and accessibility of interactions between government and citizens, and between government and businesses. In line with this aim, government therefore must improve its internal communications, and this is allied to many elements, some of which are infrastructure, telecommunication lines, human factors such as skill and culture, organisational structure, and institutional factors, such as understanding between agencies.

There is no definitive date as to when the Malaysian e-Government initiative was launched. A possible date is 1996 following the launching of the Multimedia Super Corridor (MSC). This e-Government initiative was one of the seven (Telehealth, Multi-purpose Card, Smart School, R&D Cluster, Technopreneur Development and E-Business) flagship applications introduced to set off the development of MSC.

Broadly speaking, the structure of e-Government consists of two key committees. There is a steering committee with representatives from key policy level agencies. The steering committee’s function is to provide policy direction and approval for e-Government programmes and activities and to monitor implementation progress of e-Government projects including pilot projects. The Government IT and Internet Committee’s (GITIC) function is to facilitate and coordinate ICT development in the public sector. In addition to the two committees, there was a strategic team established to review/study the setting of Malaysia’s e-Government.

Infrastructure Supporting Malaysian e-Government Applications

While people were starting to learn about Malaysian e-Government in the 1990s, the framework to support the applications had already commenced as early as the 1980s. Advancement of technology enhances the creation and dissemination of information, which in turn improves public knowledge for the betterment of individual livelihoods and national development. Thus, as people in Malaysia became more aware of the potential benefits of e-Government, they increased their demands for integrated government that would promote efficient and effective service and goods delivery. For example, in the case of land data, many user communities have come to realize that the disorganized geo-spatial information is the main cause for ineffective planning and development mishaps. In response to the demands, the government has pushed relentlessly towards system integration and the doing away of stand-alone systems.

One concerted effort towards integration came via the construction of a telecommunication infrastructure. This infrastructure could support inter- and intra-governmental agency communication and introduced the Government Integrated Telecommunications Network (GITN); please see Figure 1. The implementation of GITN set in motion the e-Government applications. It enables the integration of networking and the channeling of information flow in the public sector and improves the efficiency and effectiveness of inter-departmental and intra-departmental communication.