Cybersecurity and computer misuse
GOOD DAY, students. This is lesson 15 in our series of lessons. In this week’s lesson, we will be examining the concepts of computer security, cybersecurity, computer misuse and the potential impact of computer systems misuse which come from section 3 of the syllabus: Social and Economic Impact of Information and the Impact on Individuals and Organisations.
You will be learning about this concept for the first time. However, you have personal experiences and basic knowledge of possible computer security and threats.
Computer security, which is also known as cybersecurity or information technology security, describes the techniques employed for protecting computers, networks, programs, information systems and data from unauthorised access or attacks, theft, or damage to the hardware, the software and the information stored on them. Additionally, it protects against any form of disruption or misdirection of the services they provide.
Companies or organisations will ensure that computer security is implemented to minimise the risk of the following elements: vulnerability, threat, attack and countermeasure.
COMPUTER MISUSE
Computers make it so easy for you to collect, store and share information; likewise, they also make it easy for the misuse of information or the committing of computer crimes. For example, information is collected on people who use the Internet, whether they know it or not.
Information may be misused in the following ways:
■ By collecting information about people without their permission.
■ By vengeful employees or employers who want to spread propaganda on suspecting persons.
■ By (willfully or unwittingly) storing incorrect information on an innocent person that may be made available to the public
■ When unauthorised persons are able to view and/or change information.
■ By using information for purposes other than those for which it was intended.
Misuse can occur in the following ways:
1. CYBERBULLYING
This is the use of cell phones, emails and social network sites to bully a person, typically by sending messages of an intimidating or threatening nature. By definition, it occurs among young people. When an adult is involved, it may meet the definition of cyber harassment or cyberstalking, a crime that can have legal consequences and involve jail time. Severe, long-term or frequent cyberbullying can leave both victims and bullies at greater risk for anxiety, depression, and other stress-related disorders. In some rare but highly publicised cases, some kids have turned to suicide.
2. COPYRIGHT INFRINGEMENT
A copyright infringement is a violation of an individual or organisation’s copyright. It describes the unauthorised use of copyrighted material, such as text, photos, videos, music, software and other original content. In the computer industry, copyright often refers to software programs and websites.
3. DATA THEFT
This is the act of stealing computer-based information from an unknowing target with the intention of compromising privacy or obtaining confidential information. This misuse act is increasingly a problem for individual computer users, as well as large corporations.
4. DENIAL-OF-SERVICE ATTACK
A denial-of-service attack is a security event that occurs when an attacker prevents legitimate users from accessing specific computer systems, devices, services or other IT resources.
5. MALWARES AND COMPUTER VIRUSES
Malware is an abbreviated term meaning ‘malicious software’. This is software that is specifically designed to gain access to or damage a computer without the knowledge of the owner. A virus is a type of malicious software program that, when executed, replicates by reproducing itself (copying its own source code) or infecting other computer programs by modifying them.
6. IDENTITY THEFT
This is the crime of obtaining the personal (name, identifying number, etc) or financial information, such as a credit card number, of another person for the
main purpose of assuming the person’s name or identity to make transactions or purchases, without their permission, to commit fraud or other crimes.
7. ONLINE PUBLICATION OF OBSCENE MATERIALS 8. PHISHING ATTACKS
This is the fraudulent use of electronic communications to deceive and take advantage of users, often to steal the user’s data, including login credentials and credit card numbers. It occurs when an attacker poses as a trusted entity and deceives a victim into opening an email, instant message or text message.
9. SOFTWARE AND MUSIC PIRACY
Software piracy is the act of illegally using, copying or distributing programs (software) without the consent of the owner. The majority of software today is purchased as a single-user licence, meaning that only one computer may have that software installed on it at one time. Copying that software to multiple computers or sharing it with your friend without multiple licences is considered software piracy, which is illegal. It has become a huge problem for software manufacturers because it causes loss of revenue and jobs.
Some measures have been put in place to reduce software piracy, such as:
■ Use of registration keys that are only available with the purchase of the software.
■ Severe penalties, such as heavy fines and/or imprisonment for anyone found selling or knowingly using pirated software.
Music piracy is the copying and distributing of copies of a piece of music for which the composer, recording artiste, or copyright-holding record company did not give consent.
10. FINANCIAL ABUSES
This may be defined as where a current or former partner controls someone’s ability to acquire, use or maintain financial resources by preventing victims from earning or accessing their own money.
11. VIOLATION OF PRIVACY
This is the intrusion into the personal life of another, without just cause, which can give the person whose privacy has been invaded a right to bring a lawsuit for damages against the person or entity that intruded. It encompasses workplace monitoring, Internet privacy, data collection, and other means of disseminating private information.
12. PROPAGANDA
The use of computer systems to distribute information has inevitably resulted in their use for spreading both beneficial and harmful material. The widespread use of the Internet by computer users has created a readily accessible means of transmitting such material. In some countries, such propaganda may be used to sway public support in favour of one party group or another in an attempt to discredit the opposing groups.
13. INDUSTRIAL ESPIONAGE
Some organisations take on this practice to ascertain pertinent information about their competitors such as their marketing strategies, research and future plans to gain a profit or marketing edge. Industrial espionage is when secret information is obtained by spying on competitors or opponents.
14. ELECTRONIC EAVESDROPPING
Electronic eavesdropping is the tapping into a communication channel to retrieve information. Data may be encrypted before it is transmitted to prevent eavesdropping on that data. Hackers commonly use electronic eavesdropping.
For example, good hackers can collect information that you type at websites, such as your credit card number, password or personal data.
The entities that such misuse acts would impact include individuals, organisations and government. Thus, measures have to be put in place against such acts.
KEY WORDS/VOCABULARY:
■ Computer/cyber or IT security
■ Cyberbullying
■ Copyright infringement
■ Data theft
■ Denial-of-service attacks
■ Viruses and malware
■ Phishing attacks
■ Software and music piracy
■ Financial abuses
■ Violation of privacy
■ Propaganda
■ Electronic eavesdropping
■ Industrial espionage
We have come to the end of this lesson. Next week we will look at suitable countermeasures to mitigate effects of identified threats. Remember, if you fail to prepare, you prepare to fail.