As use of internet and related telecommunications technologies and systems has become pervasive, use of these networks now creates a new vulnerability for organizations or companies. These networks can be infiltrated or subverted a number of ways. As a result, organizations or companies will faced threats that affect and vulnerable to information system security. Threats to information system can come from a variety of places inside and external to an organizations or companies. In order to secure system and information, each company or organization should analyze the types of threats that will be faced and how the threats affect information system security. Examples of threats such as unauthorized access (hacker and cracker), computer viruses, theft, sabotage, vandalism and accidents.
- Unauthorized Access (Hacker and Cracker): One of the most common security risks in relation to computerized information systems is the danger of unauthorized access to confidential data. The main concern comes from unwanted intruders, or hackers, who use the latest technology and their skills to break into supposedly secure computers or to disable them. A person who gains access to information system for malicious reason is often termed of cracker rather than a hacker.
- Computer Viruses: Computer virus is a kind of nasty software written deliberately to enter a computer without the user’s permission or knowledge, with an ability to duplicate itself, thus continuing to spread. Some viruses do little but duplicate others can cause severe harm or adversely affect program and performance of the system. Virus program may still cause crashes and data loss. In many cases, the damages caused by computer virus might be accidental, arising merely as the result of poor programming. Type of viruses, for example, worms and Trojan horses.
- Theft: The loss of important hardware, software or data can have significant effects on an organization’s effectiveness. Theft can be divided into three basic categories: physical theft, data theft, and identity theft.
- Sabotage: With regard to information systems, damage may be on purpose or accidental and carried out an individual basis or as an act of industrial sabotage. Insiders have knowledge that provide them with capability to cause maximum interruption to an agency by sabotaging information systems. Examples include destroying hardware and infrastructure, changing data, entering incorrect data, deleting software, planting logic bombs, deleting data, planting a virus etc.
- Vandalism: Deliberate damage cause to hardware, software and data is considered a serious threat to information system security. The threat from vandalism lies in the fact that the organization is temporarily denied access to someone of its resources. Even relatively minor damage to parts of a system can have a significant effect on the organization as a whole.
- Accidents: Major of damage caused to information systems or corporate data arises as a result of human error. Accidental misuse or damage will be affected over time by the attitude and disposition of the staff in addition to the environment. Human errors have a greater impact on information system security than do man-made threats caused by purposeful attacks. But most accidents that are serious threats to the security of information systems can be mitigated.
How these Threats affect Information Systems
1. Unauthorized Access (Hacker and Cracker)
Hackers and crackers gain unauthorized access by finding weaknesses in the security protections employed by Web sites and computer systems, often taking advantage of various features of the Internet that make it an open system that is easy to use.
- Spoofing and Sniffing: Hackers attempting to hide their true identity often spoof, or misrepresent themselves by using fake e-mail addresses or masquerading as someone else. Spoofing redirecting a Web link to an address different from the intended one, with the site masquerading as the intended destination. Links that are designed to lead to one side can be reset to send users to a totally unrelated site, one that benefits the hacker. For example, if hackers redirect customers to a fake Web site that looks almost exactly like the true site, they can collect and process orders effectively stealing business as well as sensitive customer information from the true site. While a sniffer is a type of eavesdropping program that monitors information travelling over a network. When used legitimately, sniffers can help identify potential network trouble-spots or criminal activity on network, but when used for criminal purposes, they can be damaging and very difficult to detect. Sniffer enable hackers to steal proprietary information from anywhere on a network, including e-mail messages, company files, and confidential reports.
- Denial of Service Attacks (DOS): The main aim of this attack is to bring down the targeted network and make it to deny the service for legitimate users. Hackers flood a network server or Web server with many thousands of false communications or requests for services to crash the network. They will install a small program called zombies on some computers those are in intermediate level in the networks, whenever they want to attack, they will run those programs remotely and will make the intermediate computers to launch the attacks simultaneously.
2. Computer Viruses
- Worms: A variation of virus that is targeted at networks, take advantage of security holes in operating systems and other software to replicate endlessly across the Internet, thus causing servers to crash, which denies service to Internet users. Worms can destroy data and programs as well as disrupt or even halt the operation of computer networks. A worm is similarly constructed to get into data-processing programmes and to modify or destroy the data, but it differs from a virus in that it does not have the ability to duplicate itself. The consequences of worm attack can be as serious as those of the virus attack. For example, a bank computer can be instructed, by a worm program me that consequently destroys itself, to continually transfer money to an illegal account.
- Trojan Horses: A Trojan appears as a legitimate in order to gain access to computer. The use of Trojans to disrupt company activities or gain access to confidential information has grown sharply in the past few years. Most of the Trojans encountered by business organization are designed to gather information and transmit regular reports back to the owner. Typically, a Trojan will incorporate a key logging facility, which also called a ‘keystroke recorder’ to capture all keyboard input from a given computer. Capturing keyboard data allows the owner of the Trojan to gather a great deal of information, such as passwords and the contents of all outgoing e-mail messages. Trojans are often used as delivering systems for spyware and other forms of malware. When a Trojan horse is being as spyware, it monitors someone computer activities. It is designed to give owners control over the target computer system. Effectively, the Trojan act as a remote control application, allowing the owner to carry out actions on the target computer as if they were sitting in front of it. Sometimes, the owner of the Trojan will make no effort to conceal their activities, for example, the victims sees actions being carried out but is unable to intervene, short of switching off the computer. More often, however, the Trojan operates silently and the victim is unaware that their computer is running programs, deleting files, sending e-mail, and so on. Trojan horses can destroy files and data, but commonly contain spyware, and an even backdoor program. Trojans is usually contained in software downloads from unknown or entrusted source.
- Physical Theft: Physical theft, as the term implies, involves the theft of hardware and software. It is worth nothing than physical theft is not restricted to computer systems alone, components are often targeted by criminals because of their small size and relatively high value. Physical theft results in the loss of confidentially and availability and make the integrity of the data stored on the disk suspect.
- Data Theft: Data theft normally involves making copies of important files without causing any harm to the originals. This can involve stealing sensitive information and confidential data or making unauthorized changes to computer records. Such data can include passwords activation keys to software, sensitive correspondence, and any other information that is stored on a victim’s computer. However, if the original files are destroyed or damaged, then the value of the copied data is automatically increased. Service organizations are particularly vulnerable to data theft since their activities tend to rely heavily upon access to corporate databases. The impact is if a competitor gaining access to a customer list belonging to a sales organization cannot be imagined. The immediate effect of such an event would be to place both organizations on an essentially even footing. However, in the long term, the first organization would no longer enjoy a competitive edge and might, ultimately, cease to exist.
- Identity Theft: Identity theft is a crime in which an imposter obtains key pieces of personal information, such as social security identification numbers, driver’s license numbers, or credit card numbers, to impersonate someone else. The information may be used to obtain credit, merchandise, or service in the name of the victim or provide the thief with false credentials. The Internet has made it easy for identity thieves to use stolen information because goods can be purchased online without any personal interaction. Credit card files are a major target Website hackers. Moreover, e-commerce sites are wonderful sources of costumers personal information-name, address, and phone numbers. Armed with this information, criminals can assume a new identity and establish new credit for their own purposes. A serious problem related to identity theft is spam. Spam electronic junk mail or junk newsgroup postings, usually for the purpose advertising for some product and / or service. Spammers commonly use zombie computers to send out millions of e-mail messages, unbeknown to the computer users.
- Individual Sabotage: Individual sabotage is typically carried out by a disgruntled employee who wishes to do some form of revenge upon their employer. The logic bomb, is a destructive computer program that activates at a certain or in reaction to a specific event, which is a well-known example of haw an employee may cause deliberate damage to the organization’s information systems. In most cases, the logic bomb is activated some months after the employee has left the organization. This tends to have the effect of drawing suspicion away from the employee. Another well-known example is known as a back door which is a section of program code that allows a user to circumvent security procedures in order to gain full access to an information system. Although back doors have legitimate uses, such as for program testing, they can also be used as an instrument of sabotage. If should be noted, however, that individual sabotage is becoming more infrequent due to various legislation’s.
- Industrial Sabotage: Industrial sabotage is considered rare, although there have been a number of well publicized cases over the past few years. Industrial sabotage tends to be carried out for some kind of competitive or financial gain. The actions of those involved tend to be highly organized, targeted at specific areas of a rival organization’s activities, and supported by access to a substantial resource base.
- Unintentional Sabotage: An intent to cause loss or damage need not be present for sabotage to occur. Imagine the case of an organization introducing a new information system at short notice and without proper consultation. Employees may feel threatened by the new system and may wish to avoid making use of it. A typical reaction might be to enter data incorrectly in an attempt to discredit the new system. Alternatively, the employee might continue to carry out tasks manually, claiming that this is a more efficient way of working. In such cases, the employee’s primary motivation is to safeguard their position-the damage or loss caused to the organization’s information systems is incidental to this goal.
In a small network system, for example, damage to server or share storage device might effectively halt the work of all those connected to the network. In larger systems, a reduced flow of work through one part of the organization can create bottlenecks, reducing the overall productivity of the entire organization.
Damage or loss of data can have more severe effects since the organization cannot make use of the data until they have been replaced. The expense involved in replacing damaged or lost data can far exceed any losses arising from damage to hardware or software. As an example, the delays caused by the need to replace hardware or data might result in an organization’s being unable to compete for new business, harming the overall profitability of the company.
Some examples of the ways in which human errors can occur included:
- Inaccurate Data Entry: As an example, consider a typical relational database management system, where update queries are used to change records, tables reports. If the contents of the query are incorrect, errors might be produced within all of the data manipulated by the query. Although extreme, significant problems might be caused by adding or removing even a single character to a query.
- Attempts to carry out tasks beyond the ability of the employee: In smaller computer-based information systems, a common cause of accidental damage involves users attempting to install new hardware items or software applications, existing data may be lost when the program is installed or the program may fail to operate as expected.