Information System Security


Information system security processes and  invitees provide valuable input into managing IT systems and their development, enabling g risk identification, planning and mitigation. A risk management approach involves continually balancing the protection of agency information and assets with the cost of security controls and mitigation strategies throughout the complete information system development life cycle (see Figure 2-1). The most effective way to implement risk management is to identify critical assets and operations, as well as systemic vulnerabilities across the agency. Risks are shared and not bound by organization, revenue source, or topologies. Identification and verification of critical assets and operations and their interconnections can be achieved through the system security planning process, as well as through the compilation of information from the Capital Planning and Investment Control (CPIC) and Enterprise Architecture (EA) processes to establish insight into the agency’s vital business operations, their supporting assets, and existing interdependencies and relationships. With critical assets and operations identified, the organization can and should perform a business impact analysis (BIA). The purpose of the BIA is to relate systems and assets with the critical services they provide and assess the consequences of their disruption. By identifying these systems, an agency can manage security effectively by establishing priorities. This positions the security office to facilitate the IT program’s cost-effective performance as well as articulate its business impact and value to the agency.Executing a risk management-based approach for systems and projects means integrating security early and throughout the agency’s established system and CPIC life cycles. Integration enables security to be planned, acquired, built in, and deployed as an integral part of a project or system. It plays a significant role in measuring and enforcing security requirements throughout the phases of the life cycle.  Life cycle management helps document security-relevant decisions and provides assurance to management that security was fully considered in all phases. System managers can use this information as a self-check reminder of why decisions were made so that the impact of changes in the environment can be more readily assessed

Malware, trojans and threats


Most PCs are now connected to the Internet and networks, making easier the spread of malicious software (malware), which includes trojans (also known as trojan horses), viruses, worms, spyware, adware, rootkits and other malicious or unwanted programs.
Like spyware and adware, trojans can get onto your computer in a number of ways, including from a web browser, via e-mail, or in a bundle with other software downloaded from the Internet. You may also inadvertently transfer malware via a USB flash drive or other portable media. It is possible that you could be forced to reformat your USB flash drive or other portable device in order to eliminate the infection and avoid transferring it to other machines. (After all, you don't want to be the one who infected your network at work because you were bringing in some music to listen to.)
Unlike viruses or worms, trojans do not replicate themselves but they can be just as destructive. On the surface, trojans appear benign and harmless, but once the infected code is run, trojans kick in and perform malicious functions to harm the computer system without the user's knowledge.
For example, waterfalls.scr is a waterfall screen saver as originally claimed by the author, but it can be associated with malware and become a trojan to unload hidden programs and allow unauthorized access to the user's PC.
Some typical examples of threats by trojans are as follows:
1.Erase, overwrite or corrupt data on a computer
2.Help to spread other malware such as viruses (by a dropper trojan)
3.Deactivate or interfere with anti-virus and firewall programs
4.Allow remote access to your computer (by a remote access trojan)
5.Upload and download files without your knowledge
6.Gather e-mail addresses and use them for spam
7.Log keystrokes to steal information such as passwords and credit card numbers
8.Copy fake links to false websites, display porno sites, play sounds/videos, display images
9.Slow down, restart or shut down your computer
11.Re-install themselves after being disabled
12.Disable the task manager
13.Disable the control panel

    Malware types



    Adware Malware
    Adware Malware is the class of programs that place advertisements on your screen. These may be in the form of pop-ups, pop-unders, advertisements embedded in programs, advertisements placed on top of ads in web sites, or any other way the authors can think of showing you an ad. The pop-ups generally will not be stopped by pop-up stoppers, and often are not dependent on your having Internet Explorer open. They may show up when you are playing a game, writing a document, listening to music, or anything else. Should you be surfing, the advertisements will often be related to the web page you are viewing.
    Spyware Malware
    Programs classified as Spyware Malware send information about you and your computer to somebody else. Some Spyware Malware simply relays the addresses of sites you visit or terms you search for to a server somewhere. Others may send back information you type into forms in Internet Explorer or the names of files you download. Still others search your hard drive and report back what programs you have installed, contents of your e-mail client's address book (usually to be sold to spammers), or any other information about or on your computer – things such as your name, browser history, login names and passwords, credit card numbers, and your phone number and address.


    Spyware Malware often works in conjunction with Toolbars Malware. It may also use a program that is always running in the background to collect data, or it may integrate itself into Internet Explorer, allowing it to run undetected whenever Internet Explorer is open.


    Hijackers Malware
    Hijackers Malware take control of various parts of your web browser, including your home page, search pages, and search bar. They may also redirect you to certain sites should you mistype an address or prevent you from going to a website they would rather you not, such as sites that combat malware. Some will even redirect you to their own search engine when you attempt a search. NB: Hijackers Malware almost exclusively target Internet Explorer.


    Toolbars Malware
    Toolbars Malware plug into Internet Explorer and provide additional functionality such as search forms or pop-up blockers. The Google and Yahoo! Toolbars Malware are probably the most common legitimate examples, and malware Toolbars Malware often attempt to emulate their functionality and look. Malware Toolbars Malware almost always include characteristics of the other malware categories, which is usually what gets it classified as malware. Any toolbar that is installed through underhanded means falls into the category of malware.


    Dialers Malware 
    Dialers Malware are programs that set up your modem connection to connect to a 1-900 number. This provides the number's owner with revenue while leaving you with a large phone bill. There are some legitimate uses for Dialers Malware, such as for people who do not have access to credit cards. Most Dialers Malware, however, are installed quietly and attempt to do their dirty work without being detected.

    Malware


    Malware is short for “malicious software."  It includes viruses and spyware that get installed on your computer, phone, or mobile device without your consent. These programs can cause your device to crash and can be used to monitor and control your online activity. Criminals use malware to steal personal information, send spam, and commit fraud.
    Avoid Malware
    Scam artists try to trick people into clicking on links that will download malware and spyware to their computers, especially computers that don't use adequate security software. To reduce your risk of downloading unwanted malware and spyware:


    Keep your security software updated. At a minimum, your computer should have anti-virus and anti-spyware software, and a firewall. Set your security software, internet browser, and operating system (like Windows or Mac OS) to update automatically.
    Don't click on any links or open any attachments in emails unless you know who sent it and what it is. Clicking on links and opening attachments – even in emails that seem to be from friends or family – can install malware on your computer.
    Download and install software only from websites you know and trust. Downloading free games, file-sharing programs, and customized toolbars may sound appealing, but free software can come with malware.
    Minimize "drive-by" downloads. Make sure your browser security setting is high enough to detect unauthorized downloads. For Internet Explorer, for example, use the "medium" setting at a minimum.
    Use a pop-up blocker and don't click on any links within pop-ups. If you do, you may install malware on your computer. Close pop-up windows by clicking on the "X" in the title bar.
    Resist buying software in response to unexpected pop-up messages or emails, especially ads that claim to have scanned your computer and detected malware. That's a tactic scammers use to spread malware.
    Talk about safe computing. Tell your kids that some online actions can put the computer at risk: clicking on pop-ups, downloading "free" games or programs, opening chain emails, or posting personal information.
    Back up your data regularly. Whether it's text files or photos that are important to you, back up any data that you'd want to keep in case your computer crashes.
    Detect Malware
    Monitor your computer for unusual behavior. Your computer may be infected with malware if it:
    slows down, crashes, or displays repeated error messages
    won't shut down or restart
    serves up a barrage of pop-ups
    displays web pages you didn't intend to visit, or sends emails you didn't write
    Other warning signs of malware include:
    new and unexpected toolbars
    new and unexpected icons in your shortcuts or on your desktop
    a sudden or repeated change in your computer's internet home page
    a laptop battery that drains more quickly than it should
    Get Rid of Malware
    If you suspect there is malware is on your computer, take these steps:


    Stop shopping, banking, and doing other online activities that involve user names, passwords, or other sensitive information.
    Update your security software, and then run it to scan your computer for viruses and spyware. Delete anything it identifies as a problem. You may have to restart your computer for the changes to take effect.
    If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem.
    Many companies – including some affiliated with retail stores – offer tech support on the phone, online, at their store, and in your home. Decide which is most convenient for you. Telephone and online help generally are the least expensive, but you may have to do some of the work yourself. Taking your computer to a store usually is less expensive than hiring a repair person to come into your home.
    Once your computer is back up and running, think about how malware could have been downloaded to your machine, and what you could do differently to avoid it in the future.

    Phishing


                                              Formate of Phishing Messages
    You open an email or text, and see a message like this:
    "click to login in orkut"
    "Choose your net banking and login from your mailbox"
    "We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity."
    "During our regular verification of accounts, we couldn't verify your information. Please click here to update and verify your information."
    “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”
    The senders are phishing for your information so they can use it to commit fraud.
    How to Deal with Phishing Scams

    Delete email and text messages that ask you to confirm or provide personal information (credit card and bank account numbers, Social Security numbers, passwords, etc.). Legitimate companies don't ask for this information via email or text.[Phishing]
    The messages may appear to be from organizations you do business with – banks, for example. They might threaten to close your account or take other action if you don’t respond.[Phishing]
    Don’t reply, and don’t click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites – sites that look real but whose purpose is to steal your information so a scammer can run up bills or commit crimes in your name.[Phishing]
    Area codes can mislead, too. Some scammers ask you to call a phone number to update your account or access a "refund." But a local area code doesn’t guarantee that the caller is local.[Phishing]
    If you’re concerned about your account or need to reach an organization you do business with, call the number on your financial statements or on the back of your credit card.[Phishing]
    Action Steps
    You can take steps to avoid a phishing attack:
    Use trusted security software and set it to update automatically. In addition, use these computer security practices.[Phishing]
    Don't email personal or financial information. Email is not a secure method of transmitting personal information.[Phishing]
    Only provide personal or financial information through an organization's website if you typed in the web address yourself and you see signals that the site is secure, like a URL that begins https (the "s" stands for secure). Unfortunately, no indicator is foolproof; some phishers have forged security icons.[Phishing]
    Review credit card and bank account statements as soon as you receive them to check for unauthorized charges. If your statement is late by more than a couple of days, call to confirm your billing address and account balances.[Phishing]
    Be cautious about opening attachments and downloading files from emails, regardless of who sent them. These files can contain viruses or other malware that can weaken your computer's security.[Phishing]
    Content Taken from other website

    Latest computer security threat


    Latest 10 virus alerts
    1 Troj/Mdrop-DKE
    2 Troj/Sasfis-O
    3 Troj/Keygen-FU
    4 Troj/Zbot-AOY
    5 Troj/Zbot-AOW
    6 W32/Womble-E
    7 Troj/VB-FGD
    8 Troj/FakeAV-DFF
    9 Troj/SWFLdr-W
    10 W32/RorpiaMem-A
    Top 10 viruses in October 2011
    1 Troj/Invo-Zip
    2 W32/Netsky
    3 Mal/EncPk-EI
    4 Troj/Pushdo-Gen
    5 Troj/Agent-HFU
    6 Mal/Iframe-E
    7 Troj/Mdrop-BTV
    8 Troj/Mdrop-BUF
    9 Troj/Agent-HFZ
    10 Troj/Agent-HGT
    Top 10 virus hoaxes
    1 Hotmail hoax
    2 Budweiser frogs screensaver
    3 Bonsai kitten
    4 Olympic torch
    5 MSN is closing down
    6 A virtual card for you
    7 Meninas da Playboy
    8 Bill Gates fortune
    9 JDBGMGR
    10 Justice for Jamie