Учебники

2) Potential Security Threats

A computer system threat is anything that leads to loss or corruption of data or physical damage to the hardware and/or infrastructure. Knowing how to identify computer security threats is the first step in protecting computer systems. The threats could be intentional, accidental or caused by natural disasters.

In this article, we will introduce you to the common computer system threats and how you can protect systems against them.

Topics covered in this tutorial

What is a Security Threat?

Security Threat is defined as a risk that which can potentially harm computer systems and organization. The cause could be physical such as someone stealing a computer that contains vital data. The cause could also be non-physical such as a virus attack. In these tutorial series, we will define a threat as a potential attack from a hacker that can allow them to gain unauthorized access to a computer system.

Potential Security Threats To Your Computer Systems

What are Physical Threats?

A physical threat is a potential cause of an incident that may result in loss or physical damage to the computer systems.

The following list classifies the physical threats into three (3) main categories;

  • Internal: The threats include fire, unstable power supply, humidity in the rooms housing the hardware, etc.
  • External: These threats include Lightning, floods, earthquakes, etc.
  • Human: These threats include theft, vandalism of the infrastructure and/or hardware, disruption, accidental or intentional errors.

To protect computer systems from the above mentioned physical threats, an organization must have physical security control measures.

The following list shows some of the possible measures that can be taken:

  • Internal: Fire threats could be prevented by the use of automatic fire detectors and extinguishers that do not use water to put out a fire. The unstable power supply can be prevented by the use of voltage controllers. An air conditioner can be used to control the humidity in the computer room.
  • External: Lightning protection systems can be used to protect computer systems against such attacks. Lightning protection systems are not 100% perfect, but to a certain extent, they reduce the chances of Lightning causing damage. Housing computer systems in high lands are one of the possible ways of protecting systems against floods.
  • Humans: Threats such as theft can be prevented by use of locked doors and restricted access to computer rooms.

What are Non-physical threats?

A non-physical threat is a potential cause of an incident that may result in;

  • Loss or corruption of system data
  • Disrupt business operations that rely on computer systems
  • Loss of sensitive information
  • Illegal monitoring of activities on computer systems
  • Cyber Security Breaches
  • Others

The non-physical threats are also known as logical threats. The following list is the common types of non-physical threats;

  • Virus
  • Trojans
  • Worms
  • Spyware
  • Key loggers
  • Adware
  • Denial of Service Attacks
  • Distributed Denial of Service Attacks
  • Unauthorized access to computer systems resources such as data
  • Phishing
  • Other Computer Security Risks

To protect computer systems from the above-mentioned threats, an organization must have logical security measures in place. The following list shows some of the possible measures that can be taken to protect cyber security threats

To protect against viruses, Trojans, worms, etc. an organization can use anti-virus software. In additional to the anti-virus software, an organization can also have control measures on the usage of external storage devices and visiting the website that is most likely to download unauthorized programs onto the user’s computer.

Unauthorized access to computer system resources can be prevented by the use of authentication methods. The authentication methods can be, in the form of user ids and strong passwords, smart cards or biometric, etc.

Intrusion-detection/prevention systems can be used to protect against denial of service attacks.There are other measures too that can be put in place to avoid denial of service attacks.

Summary

  • A threat is any activity that can lead to data loss/corruption through to disruption of normal business operations.
  • There are physical and non-physical threats
  • Physical threats cause damage to computer systems hardware and infrastructure. Examples include theft, vandalism through to natural disasters.
  • Non-physical threats target the software and data on the computer systems.