WATER INSTITUTE

GENERAL STUDIES
DEPARTMENT

Module Code :- GDT04102

Name: - Basic Computer Application
COMPUTER AND INTERNET
SECURITY
 NETWORK SECURITY
Network security is protection of the access to files and directories in a
computer network against hacking, misuse and unauthorized changes to the
system
OR
Protecting the computer systems in the network from unwanted intrusions
The essential technology underlying virtually all automated network and
computer security applications is encryption

12/17/23 3
 WHY SECURITY?
• Fundamental aspects of information must be protected
– Confidential data
– Employee information
– Business models
– Protect identity and resources
• We can’t keep ourselves isolated from the Internet
– Most business communications are done online
– We provide online services
– We get services from third-party organizations online

12/17/23 4
• Internet usage has increased drastically in the last few years, and
therefore Internet criminal activities are developing. Most people
think that cybercrime is just a criminal activity in which hackers steal
the user's financial information. But that is not the only thing.
Cybercrime is constantly evolving with new threats coming up every
yea
 INTERNET SECURITY
Cybercrime is a type of crime involving a computer or a computer network.. The
computer may have been used in committing the crime, or it may be the target
Internet security -refers to security designed to protect systems and the activities
of employees and other users while connected to the internet, web browsers, web
apps, websites, and networks.
Internet security solutions protect users and corporate assets from cybersecurity
attacks and threats
 Crimes in which the computer acts as a weapon, i.e., performing DoS
(denial-of-service)
attack, etc.
• Crimes in which computer is an accessory to a crime, i.e., storing
illegally obtained data into
the computer.
• Crimes in which the computing device is the target, i.e., to get access
to a computer or
network.
TYPES OF CYBERCRIME TECHNIQUES
DDoS Attacks
The DDoS (Distributed Denial of Service) attack is a blatant attempt by
cybercriminals to take down a system or network temporarily or completely. This
overwhelms a system with multiple connections requests that it cannot handle.
Additionally, there may be spam traffic coming from various sources.
Identity Theft
•Identity theft is a specific type of cybercrime in which attackers gain access to the
victim’s personal information, including passwords, financial accounts, credit cards,
and other confidential information. In most cases, cybercriminals use these details to
steal money from your accounts, without your knowledge
Online Scams/Frauds
These are crimes that involve spam advertisements or emails offering large rewards or
high amounts of money. These offers are presented in such a way that they look very
real. Once users click on these malicious advertisements or links, the malware
reaches their system and compromises the information.
• Spamming
This cybercrime involves criminals using electronic messaging systems to send messages to users.
These messages usually consist of malware, fake links of websites, and other malicious software.
Email spamming is one of the common spamming methods in which bulk messages are sent to large
numbers of users. These messages include deals, and promos from trusted companies to attract
users to click on the attachments or the fake links.
• Social Engineering

• This type of cybercrime involves criminals making direct contact with the victim through phone,
• emails, or even in person. Cybercriminals first try to earn trust and then they steal confidential
• information like passwords, financial accounts data, etc. In most cases, cybercriminals act like a
• customer service agent of any legitimate company and ask for the important information. Once
• they get the desired information, they might sell your information or try to steal money from your
What is malicious software
“A Malware is the set of instructions that run on
your computer and make system do something
that an attacker wants it to do”
Types of malicious software

The following are the types of malicious software:

Virus
Trojan Horse
Worm
Spyware
Cookie
Bots
Computer Virus
“Computer viruses are small software programs that
are designed to spread from one computer to
another and to interfere with computer
operation”.
WORM
“It is one of the most dangerous malicious program. It
has the capability to spread, without any human
action”
How worm spread?
Effect of worm
Consumes system memory/network bandwidth.

Cause Tunnel into computer.

Stealing data, information.

Damage of worm past
Worm attack in jan.2003, Infecting most of its 75,000 victims
within ten minutes. In the shaded areas of the world.
 Trojan horse
“Trojan is a malicious software, which at first glance
will appear to be the useful software but will actually
damage once installed or run on your computer”
Impacts of Trojan horse
Trojan performs the following actions :
Deleting data
Active silly icons and change desktop
Modifying data
Copying data
Disrupting the performance of computers
Create backdoor
Difference between virus and worm
1)Virus: Attaches to an executable file.
Require human action to spread.

2)Worm: Replicate itself on system.

3)Trojan: Do not self replicate.

Difference between worm and virus
 SPYWARE
“Spyware is the type of programme which can collect
information about you and your browsing habits .It can
tract everything you do without your knowledge and
send it to the remote user”.
Cookie
 A tracking cookie is the cookie which keeps track
of your browsing information and this is used by
hackers and companies to get personal
information
BOTS

 Bots are the software that allows an attacker to

take control of the infected computer
 They are usually known as web robots
Removal of viruses

Following are the ways to remove viruses:

Backup of data
Operating system reinstallation
Antivirus
Online virus removal tools
MEASURES TO PROTECT COMPUTER SECURITY
1) End-user education
End-user education is building awareness among employees by equipping them with the necessary tools and
skills required to protect themselves and the company data from loss or attack
2) Antivirus
Antivirus is a Computer program intended to identify and eliminate computer viruses

.
MEASURES TO PROTECT COMPUTER SECURITY ……
3) Password protection
Password protection is the first line of defense against cyber-attacks by restricting
unauthorized individuals from accessing personal or confidential information stored in user
accounts
4) 2FA
2FA is an extra layer of security used to make sure that people trying to gain access to an
online account are who they say they are. First, a user will enter their username and a
password. Then, instead of immediately gaining access, they will be required to provide
another piece of information.

•Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a

security process in which users provide two different authentication factors to verify themselves
5) encryption
Encryption is the process of protecting information or data by using
mathematical models to scramble it in such a way that only the
parties who have the key to unscramble it can access it
• End-to-end encryption is any form of encryption in which only the
sender and intended recipient can read the message. No third
party, even the party providing the communication service, has
knowledge of the encryption key. End-to-end encryption is the
most secure form of encryption that you can use
6) Keep up-to-date
•Update your system, browser, and important apps regularly, taking advantage of automatic updating when
it's available. These updates can eliminate software flaws that allow hackers to view your activity or steal
information.

7) Access control
Access control is a data security process that enables organizations to manage who is authorized to access
corporate data and resources. Secure access control uses policies that verify users are who they claim to be and
ensures appropriate control access levels are granted to users.
• The following are some tips that will help you protect your computer and
your personal data:
i. Make use of Anti-virus software and keep it updated.
[Link] the operating system and other installed software updated.
iii. Do not install software from untrusted sources.
iv. Be cautious while browsing the website.
v. Make sure that websites are safe and genuine before you enter any credentials.
vi. Always use strong passwords with 14+ characters, including upper case, lower
case, and numbers

vii. Flag and report suspicious emails and do not open any attachments.
viii. Do not click on any unfamiliar links or ads.
ix. Do not share suspicious information via digital means unless you are completely
sure that it is safe.
x. Use a VPN service whenever possible.
xi. Keep on tracking your bank statements and other financial accounts.