US-CERT Cyber Security Tip ST04-001 -- Why is Cyber Security a Problem?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

   			Cyber Security Tip ST04-001
		      Why is Cyber Security a Problem?


   You've heard the news stories about credit card numbers being stolen
   and email viruses spreading. Maybe you've even been a victim yourself.
   One of the best defenses is understanding the risks, what some of the
   basic terms mean, and what you can do to protect yourself against
   them.

What is cyber security?

   It  seems  that everything relies on computers and the Internet now --
   communication   (email,  cellphones),  entertainment  (digital  cable,
   mp3s),  transportation  (car  engine  systems,  airplane  navigation),
   shopping  (online  stores, credit cards), medicine (equipment, medical
   records),  and the list goes on. How much of your daily life relies on
   computers?  How  much of your personal information is stored either on
   your own computer or on someone else's system?

   Cyber  security  involves  protecting  that information by preventing,
   detecting, and responding to attacks.

What are the risks?

   There  are  many  risks,  some  more  serious than others. Among these
   dangers  are viruses erasing your entire system, someone breaking into
   your  system and altering files, someone using your computer to attack
   others,  or  someone  stealing your credit card information and making
   unauthorized  purchases. Unfortunately, there's no 100% guarantee that
   even  with  the  best precautions some of these things won't happen to
   you, but there are steps you can take to minimize the chances.

What can you do?

   The  first  step  in protecting yourself is to recognize the risks and
   become familiar with some of the terminology associated with them.
   Hacker,  attacker, or intruder - These terms are applied to the people
       who  seek  to  exploit weaknesses in software and computer systems
       for their own gain. Although their intentions are sometimes fairly
       benign  and  motivated  solely  by  curiosity,  their  actions are
       typically in violation of the intended use of the systems they are
       exploiting.  The  results can range from mere mischief (creating a
       virus with no intentionally negative impact) to malicious activity
       (stealing or altering information).
       Malicious  code  -  This  category  includes code such as viruses,
       worms,  and  Trojan  horses.  Although some people use these terms
       interchangeably, they have unique characteristics.

     * Viruses  - This type of malicious code requires you to actually do
       something  before  it  infects your computer. This action could be
       opening an email attachment or going to a particular web page.
     * Worms  - Worms propagate without user intervention. They typically
       start  by  exploiting a software vulnerability (a flaw that allows
       the software's intended security policy to be violated), then once
       the  victim  computer  has  been infected the worm will attempt to
       find  and  infect  other  computers. Similar to viruses, worms can
       propagate  via  email,  web  sites, or network-based software. The
       automated   self-propagation  of  worms  distinguishes  them  from
       viruses.
     * Trojan  horses - A Trojan horse program is software that claims to
       be  one  thing  while in fact doing something different behind the
       scenes.  For  example, a program that claims it will speed up your
       computer  may  actually  be  sending confidential information to a
       remote intruder.

   This   series   of  information  security  tips  will  give  you  more
   information about how to recognize and protect yourself from attacks.
     _________________________________________________________________

     Authors: Mindi McDowell, Allen Householder
     _________________________________________________________________
     Produced 2004 by US-CERT, a government organization.
  
     Terms of use
 
     <http://www.us-cert.gov/legal.html>
  
     This document can also be found at
 
     <http://www.us-cert.gov/cas/tips/ST04-001.html>
 

     For instructions on subscribing to or unsubscribing from this
     mailing list, visit <http://www.us-cert.gov/cas/signup.html>.
     
     
    
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBSgHvyHIHljM+H4irAQIVdgf/fa+J6Si//cBzm6Ir/SRFbBA+MhDbsy3w
bdfuGReuVdc/U7l2OmHnftEjPBf9/LoVM7MiKH06jAgMqK3QBUuQ01TLnxzbZbr/
He3t3jWiefogZCro2nOxmJZN51A0DyPYyhc2Ugo/qbtPrmRx0Qy5SVyuiFa8e7f1
SoZ5w7XMi9S1HcSkzN7TkS+0SbmA4zPrxo4+kci6MDmxRNoRpzi9jq/FQZijX2Ir
v1SOu9zG6pKsFqvEUZ7pRYpBLLUGPZD/OW+MweykEYY0NEO2f3NWNUrW1XWxfJfh
ScvotnlE2IQnxCizTZcr3GLHQ6cmCxQ1WMMCRQkC3VbkpcfjDcWZRw==
=AqwK
-----END PGP SIGNATURE-----

[Index of Archives]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Bugtraq]     [USB]     [Fedora Security]

  Powered by Linux