Threats To Data And Information

Published Date: 02 Nov 2017

Scanners

A scanner is a threat to a system because it allows individuals to gain information about how your computer system works and it also identifies the vulnerabilities in a system. The impact of this means that the system is more prone to attacks. Because the hackers know the vulnerabilities of the system the system would be at risk for data to be stolen or destroyed.

ARP Poisoning

The impact of an ARP poison is that an unauthorised user can pretend to be another device that is known on the network. The impact of this is that potentially the hacker can gain access to all areas of the network, and have access to sensitive information or customer details. If a hacker then sold this information to another company, they could potentially lose their customer base.

Key Logging

Key logging can have a huge impact on network security. If a key logger is left undetected, criminals could gain access to multiple passwords which could allow access to sensitive information and compromise the security of the network. If left undetected, any password changes by the staff would be made redundant. Key loggers could also extend to things like bank cards, for example if a Chip & Pin device had a key logger you could be victim to fraud.

Viruses

The impact of a computer virus on a network is quite unpredictable since viruses themselves can do multiple things. In the worst cases the impact is that the system goes down, and the network cannot be used.

Trojans

The potential impact of Trojans is that they can impact the security of the system by making it easier for other malware to gain access to the system. Unless the threat is identified, other potential threats such as key loggers could be put into the system, which means that the customer details could be at risk.

Worms

The impact of worms is that it leaves your system vulnerable to attacks from hackers. This is because worms detect the vulnerabilities of the system. If a vulnerability is found it would be possible for the system to be exploited, which means the sensitive data on the system could be stolen. This could lead to the loss of customers.

Piggybacking

Although piggybacking may not lead to any data being stolen or lost, piggybacking indicates that your system does not have sufficient security measures in place to keep out attackers. Also, if a small company has a download limit from its ISP and someone is using the company wifi to download large files, it may cost the company extra money.

Data Forging

Data forging has significant threats to an organisation. For example, if someone was to forge company documents they could be used for purposes that the company never intended which could damage the company reputation. More importantly, if someone was to forge an account on the company system it would give attackers a much easier way into the system which could threaten the security of the entire organisation.

Phishing

Phising could have a large impact on an organisation, depending on how it is applied. Because phising requires the user to input their details into the scammers system, depending on what details it asks for it could potentially gain information about employees which could then lead to other issues such as data forging. For example, a phisher could send out a entry into a fake company raffle that could get them a "cruise", but requires them to enter their company credentials. These credentials could then be used to gain access to the system, or used for fraudulent activities

Natural Disasters

Natural Disasters have monumental effects on an organisation. A natural disaster can potentially wipe out a whole city. If the organisation has an office in a place that has an organisation, potentially that whole office could be destroyed. This would mean any work from that office would be lost. Also, to relocate the office would cost the company lots of money, and would require significant man power, and new equipment.

Malicious damage

Malicious damage would have a huge impact on an organisation. Damage to equipment within the organisation could cost vast amounts of money to be repaired or replaced. Because the malicious damage could be from employees, it could be possible that they have specialist knowledge about the system and could cause major faults that could take many hours to rectify. This would mean that the company would have many hours where employees are unable to work, meaning that all workflow comes to a halt, and the company stops making profit.

Technical failure

Technical failure can have a large impact on an organisation. Much like malicious damage, technical failure can take many hours to rectify and get the system running smoothly again. Whilst the system is not running , the company cannot do the work that needs to be done in order to make profits. For example, a company that takes orders and ships goods would be unable to take the orders which means all the goods they have won't be able to be shipped out, so no money will be made.

Human error

Human error could impact on the organisation. While human error may not have malicious intent, the damage it causes can have the same impact. For example, spilling coffee all over expensive equipment would mean that the equipment would have to be replaced, which would cost the company money.

Theft

Theft can be a big issue for an organization. Within departments there will often be expensive, specialist equipment that could cost vast amounts of money to purchase. If this equipment is stolen it would cost the organization to replace the equipment, and all the while the equipment is gone that department cannot run to full productivity. On top of that, the company would also wish to pursue the matter, and this would cost the company time and man power to pursue.

Threats to e-commerce

E-commerce has threats related specifically to it. Below are a few examples of threats to e-commerce and how it would impact and effect a company.

Fake goods

Fake goods are a significant threat to an e-commerce site. If fake goods are sold the company maybe liable, although not necessarily always the case. This could mean that the company would have to refund the buyer and could face legal action. However, in the case of websites such as Ebay the company may not be liable, but it would still affect the company. This is because it would affect the company’s reputation, which then could deter future customers from buying from the site, especially if the company is just starting out.

DDOS

Another threat to e-commerce is a DDOS attack. A DDOS attack uses up the bandwidth and congests the network. This means that genuine customers will find the website slow or not working at all. This would then mean that the customers would get fed up, and wouldn’t bother looking for items to buy. The company would lose money because customers cannot access the site properly and would have an adverse effect on the customers experience and could give the company a bad name.

Threats To Data and Information

Many types of threats are threats to data and information. These threats can occur in multiple ways, and gain access to data and information in various ways too. For example, a threat could be that someone manages to remote access the full system, while another threat could just have access to read some files.

Currently, there is a few acts and legislation that helps to protect the data of personal information. Most notably is the Data Protection Act. The Data Protection Act of 1998 gives legal requirement to businesses to ensure that the data is held properly. This act is also designed to require companies or organisations to give the information held about an individual to that person, if they request it. It is also required that any company that holds data about individuals are registered under the DPA and ensure that they comply with the eight principles.

These principles ensure that personal information must be:

• Processed for limited purposes

• Accurate and up to date

• Not kept for longer than needed

• Fairly and lawfully processed

• Adequate, relevant and not excessive

• Processed in line with your rights secure

• Not transferred to other countries without protection being adequate.

Another act that was introduced was the Computer Misuse Act 1990.

The Computer Misuse Act makes certain activities using a computer a crime. This helps to protect data by making it illegal to access any data without authorisation. The act includes three offences:

• Unauthorised access to any data (or program). This includes using someone else’s username and password to access their account.

• Unauthorised access with intent to commit a crime

• Unauthorised modification of computer contents. Basically, this means that it is illegal to modify any files or information on the computer without permission of the owner of that information.

Data and information security is designed to prevent threats to data and information. We would need to have proper and up-to-date security and also to consider the areas below which help to protect data and information.

Confidentiality

Confidentiality is about ensuring that only the right people know and have access to the data. This means giving passwords and usernames to people who need to access the data (access control) and not giving access to people who do not really need to access it. This prevents unauthorised access to the files from people who do not need to view them. This also helps to ensure that the integrity of the data is kept private.

Integrity

Integrity means that we can ensure that the data has not been tampered with inappropriately, or for malicious activity. To ensure data has integrity we would need to ensure that the data uses security like encryption. This helps to prevent tampering with the data, and also ensure that the data has come from where you think it has come from. For example, if Dave says he is going to send you an encrypted file, with the password "davidsfile", when you get a file from Dave and its unencrypted the data may not have come from Dave but an imposter.

Availability

Availability, as the name suggests, is about making sure the system is available when the users need to access it. Certain attacks such as DDOS limit the availability of the data for the users. Some services require constant access to the system to function correctly, so the effect of not having access could mean that the company cannot function correctly. To prevent this it’s important to have regular backups to the system so that in the event that the system fails the company has a copy of the data to access.

Physical Security

To keep systems secure we need to consider the physical security of the system. This includes things like physical locks and CCTV etc. Below is a list of measures and how they can help to keep the system secure.

Locks

Locks on doors are a simple way of controlling who can and cannot get into rooms or the building. Locking rooms whilst they aren’t in use means that users who do not have a key cannot get in, preventing unauthorised access. Combining this with an audit on who has which keys and for when allows for the company to identify who had access to a room, if an incident occurs.

Along with door locks you can also get a lock for the physical system called a Kingston lock. These locks attach to the computer, which are then physically attached to the table. This helps to prevent systems being stolen as it makes it more difficult for the thief.

Visitor Passes

Visitor passes keep a log of when visitors enter and leave the building. This helps to keep systems secure because it helps keep a log of when they were in the building and as such can provide the company with information about the person if systems were stolen, and gives a timeframe. Also, when signing out of the building it gives the company the chance to check that the visitor only leaves with what they came in with.

Sign In And Out System

Similar to a visitor pass, however this works for members of staff, and helps to keep track of what staff is on the premise. Using this system on a departmental basis, for example signing into each department can help to track movements of staff members. This means that if an incident occurs the company can identify who was where in the department.

Biometric

Biometric systems help keep the system secure because it can help to prevent unauthorised access to departments without having to audit keys. Biometrics work in multiple ways, either retinal or finger print scanning. These work by taking an image of your retina’s or scanning your fingerprint, because every person’s retina and fingerprints are different it means it can keep authorised people out. However these systems are expensive and usually only used in government facilities that require maximum security.

Voice Recognition

Voice recognition works much like biometric systems, however using a voice clip recorded of a person previously it looks to match pitch and other features of the voice to allow a user access to an area. This helps to control who has access rights to areas of the company.

CCTV

CCTV helps to secure the systems because it gives recorded video evidence if an incident does occur. This means that the CCTV can be used to identify a criminal, and can be used in a court of law providing that notices of CCTV in operation is provided. CCTV also works as a deterrent for thieves.

Software Security

Along with physical security we also need to consider the security of the data on the system, to do that we can use some of the methods described below to make sure that the system is more difficult to access for unauthorised users.

Encryption

Encryption is a method of security that secures data and files. There are many different ways to encrypt data, one of the most basic ways to encrypt is the Caesar Cypher method. This replaces characters with other characters. For example, L might become E. This can then be deciphered using the cypher.

Encryption secures data because it means that only the people with the correct information can view the data, which helps to prevent identify theft and general interception of data. However, the security of the encryption depends on the type of encryption used and what programme used to encrypt it.

Firewalls

A firewall monitors and manages network traffic and connections that are being made in the network, and stops unauthorised connections occurring on the network without proper details being provided (Passwords, usernames etc).

This helps to secure a network because it means that files on the network are protected even if they have been intercepted by hackers. This also ensures that only the people who need to see the file have access to it, even within the company.

VPN

A virtual Private network allows the network to create a smaller, hidden network on the already existing network. This means that departments and certain groups can effectively be separated on the network.

This secures the network because it means that users have a point-to-point connection that is secure from unauthorised outside sources.

Intrusion Detection

Intrusion Detection is a piece of equipment that monitors traffic coming into the network and logs everything that appears suspicious.

This helps to secure the network because it means that technical staff can identify suspicious connections and terminate them quickly, before any security issue occurs.

Password Management

Password management means putting passwords for user accounts and areas of the network. This helps to control who can and can’t access files by not giving the password to people who do not need access. Setting the network to change the password after a set time gives added protection

This helps to secure a network because it means that access to areas are limited, and not everyone can access area of the network that is not relevant to them.

Levels of Access

Levels of access means that different groups of people have access to different levels of the resources within the organisation. For example, on a college network, students will have limited access to resources on the network while lecturers will have access to more areas and programmes.

This helps to secure a network because it helps to protect the information that some users do not need access to. For example, this prevents students from accessing other students personal information that is help on the network. This prevents information being leaked or stolen.

.