What Are Ict Security Issues

Published Date: 02 Nov 2017

Scientific and technological progress is the main driving force of social development. The process of social development, in a certain sense, is the process of scientific and technological progress. It is widely accepted, the technology has been the impact on society, these effects would be limited, in order to make people's lives more material prosperity, but also significantly affect the ability of humans and other animal species, in order to control and adapt to the natural environment. However, the relationship between technology and society is not all one way. Throughout human history, social factors also play an integral role in the process of technological change. The technology development is dependent on the progress of culture and education. It is assumed that the technology will be prone to a direct impact on the process of technological development in response to market demand, but also social development level and quality of education.

Define Question 1

It is the set of products, services, organization rules and individual behaviors that protect the ICT system of a company. It has the duty to protect the resources from undesired access, guarantee the privacy of information, ensure the service operation and availability in case of unpredictable events (C.I.A. = Confidentiality, Integrity, Availability). The objective is to guard the information with the same professionalism and attention as for the jewelry and deposit certificates stored in a bank caveat. The ICT system is the safe of our most valuable information; ICT security is the equivalent of the locks, combinations and keys required to protect it.

Answer Question 1

What are ICT security issues?

Information Technology and Communication (ICT), introduced in the second half of last century have substantially the way they interact with each other, do business, entertain and learn. ICTs promote globalization, information exchange and proliferation of cyberspace. The benefits of using these technologies are immense and they are here to stay. We are living in the era of digital revolution when every day we increasingly dependent on these technologies and products. Furthermore, these technologies have matured into a range of such domains specialized niche networking, mobile communications, wireless communications, satellite broadcasting and so on. However, alongside benefits and opportunities a broad range of issues and drawbacks have limited to some extent full extraction of benefits from ICT use.

One of the main problems with ICT is security. In the past twenty years, we have Witnessed vigorous development of electronic attacks, malware, vulnerabilities, and countless of information and communication technologies in the field of intrusion. According to Cryptography expert Bruce Schneider, a well-known, this is mainly due to supply Attack tools, automation, and action at a distance (Schneider,). This is worth Mentioning ICT security did not encounter problems, these problems are only in cyberspace, but its impact is most noticeable and significant in this area. At least five different problems areas in security issues are negatively impacting how ICT these areas are: Lack of security awareness and training, operating system design and safety issues open source design complexity and multilayer approach.

How this phenomena has affected the public and private sector in country

People around the world for many years, and continues to become more dependent on the ICT (information communication technology) systems, e-mail service banking, self-pay detected, in the supermarket, or even a computer-controlled weapons systems. Information and communication technology system has been under attack because of their presence and continue to attack for various reasons. This report will be the investigation of historical information and communication technology security, some of the motivation of the attacker, and some are in use today, as well as other related information and communication technology security issues, most successful attacks.

The ICT security Issues and affect of public and private sector, explain security issues below:-

*Viruses*

A computer virus is a small software program, designed to spread from one computer to another to interfere with computer operation. What do computer viruses do? Through the process of using the Internet and computer, you may come with a computer virus. Many computer virus stopped before they can start, but there is more and more concern about what a computer virus and a list of symptoms of the common computer viruses. Computer viruses may corrupt or delete data on your computer, use your e-mail program to spread it to other computers, or even delete all content on your hard drive.

By definition, a virus program is the ability to clone self. This means that the computer virus propagation by making copies of itself. This copy is intentional; it is part of the virus program. In most cases, if a file that contains viruses’ execution or copy it to another computer, then the computer will be "infected" by the same virus.

*Human error*

Human error can be simply described as the error made ​​by a person. But it becomes a bit more complicated than that. People make mistakes. But why they make mistakes is very important. Keep in mind that human error is when a person made ​​a mistake, because that person has committed an error. As opposed to being confused or influenced by other factors of the design. It is also called operator error.

Human error as a corresponding manufacturing defects, design flaws, equipment failure or damage to the environment. The error may be due to the human body or mentally incapacitated the right to perform the desired operation. It may also occur when the program or the direction does not follow the correct or ignore warning labels and safeguards.

*Phishing*

Phishing is a type of online identity theft. Using the e-mails and fraudulent websites designed to steal your personal data or information, such as credit card numbers, passwords, account data, or other information.

Phishing messages usually take the form of fake notification banks, suppliers, electronic payment systems, and other organizations. Notification will try to encourage the recipient, or other reasons, the emergency input / update their personal information. This excuse is usually related to data loss, system crashes.

The phishers use various techniques to trick users into visiting fake website, such as email, pretending to be from the bank. These emails often use legitimate symbol of good business style, often spoof the title of the e-mail, making it look like it came from a legitimate bank. Under normal circumstances, these letters inform the recipients; the bank has changed the IT infrastructure, and requires all customers to reconfirm their user information. When the recipient clicks on the link in the email, they are directed to a fake website, where they disclose their personal information, the system prompts.

*Hacking*

Hacking is the practice of modifying the features of a system, in order to accomplish a goal outside of the creator's original purpose. The person who is consistently engaging in hacking activities, and has accepted hacking as a lifestyle and philosophy of their choice, is called a hacker.

The term hacker had been used to describe a clever programmer. Today, it applies to those who use security vulnerabilities to break into the computer system. You may take it as electronic burglary. Hackers often break into personal computers and large networks. Once they have the opportunity, they may install malicious programs, steal confidential data, or use the infected computer to send spam.

Concern from the media to the general public due to blackhat hackers, the entire hacker term is often mistaken for any security-related cybercrime. This damages the reputation of all hackers, law-abiding; they are very cruel, unfair, from the word itself. The purpose of this site is to introduce people to want to clear their names, and give them of their social status, their real philosophical and ethical hackers.

*Sniffing*

Sniffing simple process is used in which the network interface card to receive and handle data not intended for that machine. The device or software that known as sniffer smells or simply over a network analyzer. Sniffing programs are very useful to gather sensitive information such as user name and password for telnet, username and password. Credit card numbers, bank account details. And so on.

Hence sniffing techniques are widely used by attackers and hackers to control the key information that the hacker is interested in. In a whole network NIC (network interface card) have the MAC (Media Access Control) address. In general, IAS responds to packets containing only its own MAC address in the destination field frames or broadcast address in the destination field. The network interface cards also supports a so called promiscuous mode in which it can receive all the data packets and the traffic traveling through the network. In promiscuous mode NIC generates an interrupt to the CPU package are located under each (instead of only the frames with the MAC address or broadcast address) so that the sniffer puts the NIC in promiscuous mode and capture / control data packets that travel around the network traffic passing all OS TCP / IP. Therefore a network sniffer or analyzer is also useful in solving network and used by network administrators.

*Spoofing*

The deception thought it was a deceptive practice, e-mail or Web site from a source, it will not. The most common type is the e-mail spoofing, spoofing, but also a common web of deception and IP spoofing.

Deception in e-mail spoofing commonly used software to complete the harvest or generate the message you want to send the e-mail address. Web page spoofing, hackers will use the software to show that they have created a web page to copy the actual goal of the page. And the use of software in IP spoofing, hacker website visitors redirected to a false web page.

Define Question 2

Integration Framework enables the integration of applications and data across the enterprise, thereby maximizing the ability of an organization to protect their components and help improve operational efficiency.

Answer Question 2

What is e-government?

E-government is a general word describing that is use of technology to facilitate the functioning of the government and the disbursement of government information and services. The term is an abbreviation for the phrase "electronic government", and has to do largely with Internet applications to help governments. It also includes a number of concerns that do not use Internet.

In a general sense, the e-government can refer to this extraordinary application, large-scale use of e-government telephones and fax machines, surveillance systems, tracking systems, such as RFID tags, and even the use of television and radio to spread government-related information. In this sense, it is not in any way a new phenomenon. The use of radio wave propagation disaster warning, or to vote is one aspect that has been in use for many years. In many countries, the state-run media, the entire media, become the form of e-government, to help the pro-government information dissemination.

Newer Internet applications do not offer the promise of simplifying government procedures and improve functionality. Systems of government to track citizens, omnipresent surveillance, and biometric identification are some applications that have many privacy advocates concerned about the growing role of government in people's lives.

Malaysian e-government

Malaysia’s e-Government initiative was launched to improve the internal operations of government, that is, the speed and quality of policy produced, coordinated, implemented and implemented. Second, the initiative is to improve the convenience and accessibility of the interactions between government and citizens, and between government and business. In line with this objective, therefore, the government should improve its internal communications, and this is an ally of many elements, some of which are infrastructure, telecommunication lines, human factors, such as the ability and culture, organizational structure and institutional factors, such as understanding across agencies.

There is no accurate date when the e-government initiative launched in Malaysia. One possible date is the 1996 launch of the Multimedia Super Corridor (MSC). E-government has initiatives seven (telemedicine, multi-purpose card, smart school, the flagship of the R & D cluster technology entrepreneur development and E-Business) applications launched, set off the development of the MSC.

Overall, the structure of e-government has two key committees. There is a steering committee with representatives of the main political bodies. The role of the steering committee is to provide policy guidance and approval for programmer’s e-Government and activities, and to monitor progress in implementing e-government projects, including pilot projects.

An Integration Framework

An integration framework is used to manage and guide the execution of the E-government strategy. This integration framework has contain 4 component differ according to the individuals agency’s business or technical needs. Below are the four main components:-

Programmed Manager

Technology

Process

People

*Programmed Manager*

Programmed Manager is the most critical compare with other component. Programmed Manager is ensuring to the development of the e-government flagship is coordinated, timely and meet its objectives.

A programmed Manager as MAMPU group members, provide standard guidelines in system design and testing, GUI, BPR, transition planning, security and benefit capture.

Each application or project within e-government is the head of a governing body, which bears the project manager's hat and has its own project management team. Although, the ownership of the projects committed a serious mistake, as a custodian of the insignia of the e-government, MAMPU providing consultancy support and project management.

*Technology*

Being a good e-government must have a good technology. I believe having furtherance of technology, e-government become more efficient and more reality. The technology component addresses implementation of new technology in the government environment, such like find the right technology to help new program, or provide information and to support the users. There are a few of element play the role of important such like:-

Shared infrastructure

Security and privacy

Technologies usage

*Process*

Even though having a good technology but exile of people to control, e-government is still can’t process. The process component looks for opportunities where government process can be improved, reengineered or redesigned.

Define operating business standards and procedures to meet business objective of the programmed. Having these few elements may guide you:-

Business model

Business Process Reengineering (BPR)

Cyber laws

Process Reengineering involves changes in the structures and processes within the business environment. The whole dimensions technological, human, and the organization can be changed in BPR. Information technology plays an important role in the

Process Reengineering, providing office automation, but also allows the company to perform in different places, provides manufacturing flexibility, allowing faster delivery to customers and supports rapid and paperless transactions. In general, it allows efficient and effective change in the way in which work is performed.

Cyber laws are both part of the process component. Although in this advance generation, cyber is still in adolescence. Cyber laws refer to any laws relating to protecting the internet and other online communication technologies, much thought, analysis, practice and modification still on going.

*People*

The final component is people. Above we have discussed about technology and process. In this digital generation everything is related with technology, to processing a program we need some people who know that kind of knowledge in need.

This component encapsulates all relevant factors, in order to ensure the success of a new system, especially bring change and affect people's behavior. This component related organizing, motivating and empowering people to help them succeed in embracing and sustaining e-government. These measures include clearly communicate the goals and objectives of e-government and the respective pilot projects, early and often. There have two variables:-

Managing change

HR and training

These two variables have the biggest impact on human performance.History has shown time and again that the success of a project depends ultimately on people. Regardless of how well the processes are redesigned, or how well the applications of new technologies have been applied, it is ultimately people who run the business and deliver the goods. Cannot be stressed enough to give due importance to the processes and technologies, but never underestimate the value of investing in people.

Conclusion

Information Technology and Communication (ICT) have dramatically several aspects of our lives and contributed to important discoveries in science. While the benefits are immense, several factors are impacting negatively on ICT, limiting their profits and curb their proliferation. The lack of security awareness and training, operating system design and security, open source issues, design complexity and multi-layered approach are some of the current problems with ICT. These problems tend to persist in the future, because technology is changing so rapidly and in different directions, the difficulties in changing operating system design approach, the life cycles of products and software development issues.

The success of e-government rides heavily on a comprehensive development and execution schedule that affects all aspects of government. System requires new processes, structures, training to develop new skills and values. Following the principle of "Think big, Scale fast and Start small" one of the pilot projects have been implemented successfully, but can be done, eventually expanding to a broader deployment program covering all departments and services government at the federal, state and local.