The Ict Security Issues And Concerns

Published Date: 02 Nov 2017

ICT security and protection of individual privacy are assuming increasing performance. E-government programmes typically incorporate approaches to issues such as uniform privacy practices, digital signature standards and cryptography standards for sensitive information.

is to discuss ICT security issues and concerns are becoming more prevalent and increasingly complex as the pace of technology implementation continues to accelerate and this phenomenon has affected the public sector and the private sector in our country.

ICT security issues and concerns are becoming more prevalent and increasingly complex as the pace of technology implementation continues to accelerate. This phenomenon has affected the public sector and the private sector in our country. ICT systems are now basic core and the reservoir of all pieces of information that are fundamental to organizations. According to the Computer Emergency Response Team – Coordination Centre (CERT), the current generation of information system is based on the Internet and this raises quite worrying sevulnerable with a growing presence of bugs at a developing stage as well as in their production. The range of wireless radio networks has unlocked new outbreak fronts, which are problematic to protect, as it is more fundamentally available to everybody. The internet itself has a more categorised structure and has twisted into a net of secure keys that are virtually unreachable from external trespassers. The extensive introduction of open source and marketable goods before they are prepared to rout opposition, in a period that drives by quicker thanks a lot to global connection has produced users to come to be more habituated to ever-faulty software, which always need to be sustained through the use of patches. Even with all of that, record number of the assaults still take recompenses of familiar points of flaw that still have no explanation, in the endless race among attackers and defenders.

Back Door

A back door is a means of access to a computer program that bypasses security mechanisms. A programmer may sometimes install a back door so that the program can be accessed for troubleshooting or other purposes. However, attackers often use back doors that they detect or install themselves, as part of an exploit. In some cases, a worm is designed to take advantage of a back door created by an earlier attack. For example, Nimdagained entrance through a back door left by Code Red.

Bots

Bots is an automated process that interacts with other network services. Bots often automate tasks and provide information or services that would otherwise be conducted by a human being. A typical use of bots is to gather information (such as web crawlers), or interact automatically with instant messaging (IM), Internet Relay Chat (IRC), or other web interfaces. They may also be used to interact dynamically with websites.

Bots can be used for either good or malicious intent. A malicious bot is self-propagating malware designed to infect a host and connect back to a central server or servers that act as a command and control (C&C) center for an entire network of compromised devices, or "botnet." With a botnet, attackers can launch broad-based, "remote-control," flood-type attacks against their target(s). In addition to the worm-like ability to self-propagate, bots can include the ability to log keystrokes, gather passwords, capture and analyze packets, gather financial information, launch DoS attacks, relay spam, and open back doors on the infected host. Bots have all the advantages of worms, but are generally much more versatile in their infection vector, and are often modified within hours of publication of a new exploit. They have been known to exploit back doors opened by worms and viruses, which allows them to access networks that have good perimeter control. Bots rarely announce their presence with high scan rates, which damage network infrastructure; instead they infect networks in a way that escapes immediate notice.

Internet fraud

The use of Internet services or software with Internet access to defraud victims or to otherwise take advantage of them, for example by stealing personal information, which can even lead to identity theft. A very common form of Internet fraud is the distribution of rogue security software. Internet services can be used to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or to others connected with the scheme. Internet fraud can occur in chat rooms, email, message boards, or on websites

Eavesdropping

Eavesdropping is the act of surreptitiously listening to a private conversation, typically between hosts on a network. For instance, programs such as Carnivore and NarusInsight have been used by the FBI and NSA to eavesdrop on the systems of internet service providers. Even machines that operate as a closed system (i.e., with no contact to the outside world) can be eavesdropped upon via monitoring the faint electro-magnetic transmissions generated by the hardware such as TEMPEST

Trojans

A Trojan is another type of malware named after the wooden horse the Greeks used to infiltrate Troy. It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems. After it is activated, it can achieve any number of attacks on the host, from irritating the user (popping up windows or changing desktops) to damaging the host (deleting files, stealing data, or activating and spreading other malware, such as viruses). Trojans are also known to create back doors to give malicious users access to the system.

Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. Trojans must spread through user interaction such as opening an e-mail attachment or downloading and running a file from the Internet

Firewall

A firewall can either be software-based or hardware-based and is used to help keep a network secure. Its primary objective is to control the incoming and outgoing network traffic by analysing the data packets and determining whether it should be allowed through or not, based on a predetermined rule set. A network's firewall builds a bridge between the internal network or computer it protects, upon securing that the other network is secure and trusted, usually an external (inter)network, such as the Internet, that is not assumed to be secure and trusted.

Antivirus Software

Antivirus software is a type of utility used for scanning and removing viruses from your computer. While many types of antivirus (or "anti-virus") programs exist, their primary purpose is to protect computers from viruses and remove any viruses that are found.

Most antivirus programs include both automatic and manual scanning capabilities. The automatic scan may check files that are downloaded from the Internet, discs that are inserted into the computer, and files that are created by software installers. The automatic scan may also scan the entire hard drive on a regular basis. The manual scan option allows you to scan individual files or your entire system whenever you feel it is necessary.

Conclusion

The security technologies employed by the government represent the forefront of what is leading edge and yet practical. However, it is an axiom that ICT security is a never ending process. The first step in securing data systems is to acknowledge the job is never complete and that hacker and other malicious entities will discover new ways to penetrate even the most secured systems.

As such e-governments security mechanisms will have to be continually enhanced to employ new technologies such as biometrics, security tokens and so on. Similarly, e-government related security policies, standards and procedures are living documents that have to be reviewed and updated at regular intervals.

Introduction

Malaysia’s e-Government initiative was launched to improve government internal operations, that is, the speed and quality of policy produced, coordinated, enforced and implemented. Secondly, the initiative aimed to enhance the convenience and accessibility of interactions between government and citizens, and between government and businesses. In line with this aim, government therefore must improve its internal communications, and this is allied to many elements, some of which are infrastructure, telecommunication lines, human factors such as skill and culture, organisational structure, and institutional factors, such as understanding between agencies.

Different angency’s have their own framework. Few framework we have to discuss are:

Programme management

Technology

Process

People

Question 2

An implementation framework intended to direct and cope the implementation of the e-government strategy. This framework is a revision of Accenture’s Business Integration Framework which is made up of 4 categories:

Programme management

Technology

Process

People

Every e-government venture has its very own form of the framework, whenever components within the four apparatuses may change according to the single agency’s business or procedural requirements.

Programme management

The programme management component is imperative in safeguarding that the progress of the e-government leading project as a whole is synchronised, appropriate and sees its goals. A programme management group in MAMPU, offers management, supervision and counselling facilities to project teams as well as safeguards the request of mutual principles and procedures for all the projects. Such mutual principles and procedures comprise systems design and testing, graphical user interface (GUI), business process reengineering, transition planning, security, benefits capture and numerous other.

Every tender or project in e-government is regulated by a chief organisation, which wears the project manager’s hat and has its own project supervision team. While the proprietorship of the projects lies with the principal agencies, as curator of the e-government leading, MAMPU contributes by providing consultancy and project management amenities.

In corporatism today commerce agreement with many undertakings immediately with shared or overlying assets, frequently in various terrestrial sites. Today's out-dated project management practises and methods do not know the confidence of organisational structures and workplace primacies, nor do they effect the probable profits that follows from multi-skilled and multi-location groups. Programme management is a practise that lets institutes to run many, linked projects concomitantly to get significant benefits from them as a group.

Technology

The technology component talks about the application of innovative developing technologies in the government environment, discovering the precise technology that backs the new procedures, including acquiring or providing data and implements that maintains the users.

It also relegates the assemblage of such tools, together with machinery, modifications, schedule and processes. Technologies considerably influences human perception along with other animal species' skill to regulate and come to be more familiarised to their usual environments. The word can either be practical generally or in unambiguous capacities, examples include construction technology, medical technology, and information technology.

Man’s diverse use of technology initiated with the adaptation of natural resources into meek apparatuses. The pre-historical discovery of the ability to regulate fire augmented the existing springs of nourishment and the innovation of the wheel aided humans in voyaging and also giving the ability to control their environment. New technological advances, comprising of the printing press, the telephone, and the Internet, have broken all corporeal obstructions to communication and has permitted humanity to interrelate on a massive scale. Nonetheless, not all of humanities technological advances has been used for peaceful purposes, the development of weapons of mass destruction with advancement in sophistication and ever-increasing disparaging clout has advanced during the course of history.

Technology has changed society and the environment in a myriad of different means. In numerous cultures, technology has aided in the development of more progressive economies and has indorsed the growth of a middle class. Several technological procedures create undesirable spinoffs, identified as contamination, and exhausts the world’s natural assets, to the damage of the Earth and its environs. Several enactments of technology effects the morals of a society and new technology every so often gives rises to new ethical queries.

Process

The process component searches for prospects where government procedures can be enhanced, reengineered or restructured, eroding away the out-dated worthless limits. Processes are the functioning business ethics and processes required to encounter the business goals and the purposes of the agenda. Cooperatively, these components will direct and move the establishment to its wanted position.

In the process component, frameworks and locus simulations assists in the support of process analysis, design, and modeling undertakings. Beginning with a progression framework or reference prototype hastens these happenings by allowing specialists to be given a foundation on which to construct. At more experienced organizations, the approved framework is normally well studied and supported by a referring company, standards body, or industry association. The price of not consuming a process framework is the period it would take the development description group to advance their very own process model and gain approval from the numerous stakeholders about the procedures encompassed inside it.

The current cyber laws are mutually part of the process component and a new component on its own. This is a capacity of the digital world that is still very much in its first phase, considerable thought, analysis exercise and alteration are still continuing.

People

The concluding component of the framework is people, and it is every so often thought to be the most significant component within the framework. This component incorporates all the people-friendly features that will guarantee the realisation of a new system, particularly one that conveys transformation and influence to human performance.

This component consist of systematising, inspiring and endowing people to help themselves prosper in accepting and nourishing e-government services framework. Such advantages take into account undoubtedly communicating objectives and aims of e-government and their corresponding pilot projects, primary and frequently, as well as representing their remunerations. Two variables, change and human resources, have the biggest impact on human performance. Thus, handling these two variable, will eventually tip to handling human performance.

The framework is positioned on people, it does not work in a lined method and has never tried to show a model of reality. Its goal is to assist stakeholders with diverse vantage points to participate in organized and intelligible discussion about the numerous issues that touch sources of revenue, their comparative standing and the method in which they intermingle. This, in turn, should have to aid in the identification of appropriate admission arguments for the backing of employments.

History has shown time and time again that the success of a project ultimately depends on people. Regardless of how well the processes have been reengineered or how well new technology applications have been applied, it is finally people who run the business and deliver the goods. It can never be stressed enough to give due importance to the processes and technologies, but never underestimate the worth of investing the people.

CONCLUSION

There is a need for an integrated approach in implementing a large-scale programme like e-government unlike the early computerisation initiatives that were essentially agency-specific. It calls for effective planning and coordination across multiple agencies where both technical and non-technical implementation aspects need to be given serious consideration.

At the same time the proposed solutions required a meticulous evaluation by a multi-skilled team that could balance the innovative potential of the proposals with the minimum thresholds and standards that were set. The execution of the e-government strategy relies on an integrated implementation framework that address the programme management, process, technology and people components. This in turn would be followed by effective scaling of initial pilots to a broader rollout programme both in terms of functionality and reach.