A Introduction To Security Threats Computer Science Essay


This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

In storage and transmission of information or data is concerned it is always 0 s and 1s and which impose special need of securing those 0s and 1s to make sure the information is secured. Information technology (IT) is one of the main infrastructures that organizations rely on to continue their operations. As an organization IT can be used to provide their service to customer and the same time to manage their internal operations which support producing their product. In such situation the security of their IT systems would be really crucial.

Malware Types

Malware (abbreviation for MALicious SoftWARE) is a type of computer software that make no good as other useful software. Viruses and worms are the most popular malwares and at the same time which makes the highest damage. A virus or worm may spread in the bank network causing deleting the data in the data sources or stealing valuable data of the customers and sending them to another entity. Apart from the viruses and worms, Trojan horses, spyware and Rootkits are few of those malwares.

Trojan horse is also a software which runs in the background will collect data passing through the computer or the data that user enters and then send to a destination, so that the outsiders can get the information. Spyware spys on the information which out the user knows and steal the information. Rootkit is also software which enables the outsiders to alter, execute various applications in a system; the best part of Rootkit is it is hard to discover such program is running.

Most of the time those malware will steal, slow performances, destroy data in a system while some of those malwares are harmless but trying to promote a product with an advertisement and etc..

In the bank if an attacker is able to deploy such a software in their network they will be able to alter customer accounts information and various information related with their service and as well as they are able to access to internal information related with their operation.

There can be possibilities that a defected employee in the bank to deploy such a malware to the network and try to damage the system.

Security conceptual framework

A conceptual security framework can be used to secure an IT system. Where number of units ensure the security of the system. Not only software but also hardware can be introduced to mitigate the risk. However it is nearly impossible to make a 100% secure system but it is possible to be pro active by monitoring and upgrading the security framework often and make it more secure.

Section 2

Vulnerabilities to Eavesdropping

In IT systems eavesdropping attacks commonly take places when data is transmitted though data transmission channels. There is a high vulnerability that data can be stolen while transmitting with out the knowledge of the parties who are transferring the data. This can be easily done by sniffing to data transmission cables in the network or in WiFi network with a simple WiFi interface.

When customers use the bank web site to check their account information via the web site the information is transferred between the customer web browser and the company web servers. This is vulnerable to eavesdrop so that the attackers can steal the information high has high value. Bank electronic payment gateways may be another top target.

With in the bank premises most of the time employees may use WiFi network to access to the internal systems. WiFi access is more vulnerable than data passing through wires. An attacker may steal user information by eavesdropping to the WiFi network and gain access to internal systems.

Yes this cannot be considered means of eavesdropping secretly stealing user credentials such as system passwords, ATM pin by secretly watching others entering their credentials also a vulnerable and a threat.

Eavesdropping is much dangerous since it can used to steam valuable information by sniffing to the data transmission channels and again it can be used for a Man In The Middle attack. In such attack the attacker may eavesdrop and create a connection as another entity in between the bank and the customer without the knowledge of any party. Wifi networks are much vulnerable for such attacks.

Application Vulnerabilities

Applications are vital to deal with information. A bank should uses plenty of applications in order to deliver their services to the customer and as well as to keep their internal operations going. The applications may be developed by the Bank IT section or brought from the out side. Therefore it is required to make sure to understand threats that the application can be subjected to.

Vulnerabilities in Encryption methods

Even though lengthy keys are used to encrypt data still there is a threat of breaking the security by discovering the keys and therefore

Vulnerabilities in configuration

The configuration of the system is consists of software, hardware and live-ware (users).

When software is considered the operating systems that run on the computer system is vulnerable to various treats. Therefore it is required to decide which software runs on the system and what kind of combination should be exercised.

Hardware should be chosen with compatibility of the system and software and vise versa. Further it is good separating the systems using hardware (hardware firewalls), using additional hardware to monitor system parameters. The network which connects the systems is one of the most important. The configuration of the network should mitigate the risk. For an example it is good to separate bank internal system as an intranet and the system which customer uses (website). Therefore it is not possible to outsiders to access to the bank internal system.

Further users management should be done assigning rights to user based on their roles in the system so that ensures information are used and accessed by the right users and not all users can access all information.

Section 3

There are massive set of steps that can be taken to make an IT system secured. However in some techniques it is not possible to devide for which category it falls since it may be mixed.

Writing Services

Essay Writing

Find out how the very best essay writing service can help you accomplish more and achieve higher marks today.

Assignment Writing Service

From complicated assignments to tricky tasks, our experts can tackle virtually any question thrown at them.

Dissertation Writing Service

A dissertation (also known as a thesis or research project) is probably the most important piece of work for any student! From full dissertations to individual chapters, we’re on hand to support you.

Coursework Writing Service

Our expert qualified writers can help you get your coursework right first time, every time.

Dissertation Proposal Service

The first step to completing a dissertation is to create a proposal that talks about what you wish to do. Our experts can design suitable methodologies - perfect to help you get started with a dissertation.

Report Writing

Reports for any audience. Perfectly structured, professionally written, and tailored to suit your exact requirements.

Essay Skeleton Answer Service

If you’re just looking for some help to get started on an essay, our outline service provides you with a perfect essay plan.

Marking & Proofreading Service

Not sure if your work is hitting the mark? Struggling to get feedback from your lecturer? Our premium marking service was created just for you - get the feedback you deserve now.

Exam Revision

Exams can be one of the most stressful experiences you’ll ever have! Revision is key, and we’re here to help. With custom created revision notes and exam answers, you’ll never feel underprepared again.