Download Its given knowledge of cybersecurity and their law and more Lecture notes Cybercrime, Cybersecurity and Data Privacy in PDF only on Docsity!
Cyber Law and Security : Module : 1
Information Systems and its Importance :
Information system stores data in a sophisticated manner, making the process of finding the data much easier. Information system helps a business in its decision- making process. With an information system, delivering all the important information is easier to make better decisions.
In other words,
Information system, an integrated set of components for collecting, storing, and processing data and for providing information, knowledge, and digital products.
Advantages of information systems
operational efficiencies.
cost reductions.
supply of information to decision- makers.
better customer service.
continuous availability of the systems.
growth in communication capabilities and methods.
Importance of information systems mainly in:
Increased Data Security.
Information Technology Can Help Your Business Save Money.
Information Technology Benefits Communication.
Improved Productivity.
A Wider Talent Net is one of the Biggest Advantages of Information Technology.
The Importance of Information Systems
Because information systems have developed over time, both small and large businesses are utilizing them to complete manual processes. For example, employees can now access a dashboard to see their progress towards completing business goals. Management can use the dashboard to track worker efficiency and ensure tasks are completed on time. As a result of using information systems in the workplace, efficiency and productivity have improved, along with the quality of deliverables. Information systems are also important because they-
- Information Systems Optimize Communication Information systems can optimize and improve the efficiency of collecting and dispensing data. This allows both managers and workers to communicate quickly to complete company tasks. For example, management can give workers access to documents stored in the Cloud or another
database. Employees can communicate by inputting new information that the system automatically tracks and updates.
- Improve Operational Management & Streamline Decision-Making Because information systems provide the most updated and accurate data, owners and managers can improve operational decision- making. Enterprise leaders can use an IS to improve customer service, streamline internal processes, and offer a competitive edge in the form of a price advantage. Sales and marketing data give insight into customer purchasing patterns and market trends, which provides the information needed to make a customized marketing campaign or enhance sales strategies.
- Information Systems Enhance Record-Keeping An information system stores all of the required data to comply with tax and labor laws, such as financial, sales, and payroll records. Successful companies exploit their information system's
recording capabilities by properly organizing and presenting historical data so it is available
when needed. Information systems also generate audit trails, which allow management to quickly
access an old customer transaction or employee input.
History of Information Systems and its basics :
The History of Information Systems
Information Systems First Era (mid-1960's- mid-1970's)
In the early 1960s, information systems were only employed by management or accounting departments. Third-generation computers such as the IBM 360 were the primary technology systems employed by these business units. Ethernet networks, or technology used for connecting devices in a wired local area/wide area network, were also deve loped in this era.
Information Systems Second Era (Mid 1970's- mid 1980's)
Other departments besides management began to benefit from the use of MIS technology systems. Most organizations used committees or other initiatives to determine who would use information systems and when. Personal computers (PCs) and mid-range computers were the primary technology systems used during this time.
Information Systems Third Era (mid-1980's to late 1990s)
During this period, information systems started to become less centralized, allowing multiple departments to have their technology systems. Chief Information Officer positions were created with the specific purpose of managing different information systems. The internet came to be during this time, along with internetworking.
Fourth Era (late 1990's to 2020)
Though information systems are still correlated to management, systems are more widely used by different employees and involved stakeholders. Workers can access data across various
Tactical Management Level
This organization level is dominated by middle-level managers, heads of departments, supervisors, etc. The users at this level usually oversee the activities of the users at the operational management level. Tactical users make semi-structured decisions. The decisions are partly based on set guidelines and judgmental calls. As an example, a tactical manager can check the credit limit and payments history of a customer and decide to make an exception to raise the credit limit for a particular customer. The decision is partly structured in the sense that the tactical manager has to use existing information to identify a payments history that benefits the organization and an allowed increase percentage.
Strategic Management Level
This is the most senior level in an organization. The users at this level make unstructured decisions. Senior level managers are concerned with the long-term planning of the organization. They use information from tactical managers and external data to guide them when making unstructured decisions.
Transaction Processing System (TPS)
Transaction processing systems are used to record day to day business transactions of the organization. They are used by users at the operational management level. By recording the day to day business transactions, TPS system provides answers to the above questions in a timely manner.
For example, banks that give out loans require that the company that a person works for should have a memorandum of understanding (MoU) with the bank. If a person whose employer has a MoU with the bank applies for a loan, all that the operational staff has to do is verify the submitted documents. If they meet the requirements, then the loan application documents are processed. If they do not meet the requirements, then the client is advised to see tactical management staff to see the possibility of signing a MoU. Examples of transaction processing systems include; Point of Sale Systems – records daily sales Payroll systems – processing employees salary, loans management, etc. Stock Control systems – keeping track of inventory levels Airline booking systems – flights booking management
Management Information System (MIS)
Management Information Systems (MIS) are used by tactical managers to monitor the organization’s current performance status. The output from a transaction processing system is used as input to a management information system.
The MIS system analyzes the input with routine algorithms i.e. aggregate, compare and summarizes the results to produced reports that tactical managers use to monitor, control and predict future performance. For example, input from a point of sale system can be used to analyze trends of products that are performing well and those that are not performing well. This information can be used to make future inventory orders i.e. increasing orders for well-performing products and reduce the orders of products that are not performing well. Examples of management information systems include; Sales management systems – they get input from the point of sale system Budgeting systems – gives an overview of how much money is spent within the organization for the short and long terms.
Human resource management system – overall welfare of the employees, staff turnover, etc.
Tactical managers are responsible for the semi-structured decision. MIS systems provide the information needed to make the structured decision and based on the experience of the tactical managers, they make judgement calls i.e. predict how much of goods or inventory should be ordered for the second quarter based on the sales of the first quarter.
Decision Support System (DSS)
Decision support systems are used by senior management to make non-routine decisions. Decision support systems use input from internal systems (transaction processing systems and management information systems) and external systems. The main objective of decision support systems is to provide solutions to problems that are unique and change frequently. Decision support systems answer questions such as;
factory?
Decision support systems use sophisticated mathematical models, and statistical techniques (probability, predictive modeling, etc.) to provide solutions, and they are very interactive. Examples of decision support systems include; Financial planning systems – it enables managers to evaluate alternative ways of achieving goals. The objective is to find the optimal way of achieving the goal. For example, the net profit for a business is calculated using the formula Total Sales less (Cost of Goods + Expenses). A financial planning system will enable senior executives to ask what if q uestions and adjust the values for total sales, the cost of goods, etc. to see the effect of the decision and on the net profit and find the most optimal way. Bank loan management systems – it is used to verify the credit of the loan applicant and predict the likelihood of the loan being recovered.
- Openness : Another important goal of distributed systems is openness. An open distributed syste m is a system that offers services in standards that describable the syntax and semantics of those service instances, standard rules in computer networks control the format, content, and meaning of messages sent and received. Such rules are formalized in the protocols. In distributed systems, services are typically specified through interfaces, often called interface definition languages (IDL). Interface definitions written in IDL almost always capture only the syntax of services. They accurately specify the names of functions that are available with the types of parameters, return values, possible exceptions that can be raised and so on.
- Scalability : The uncertain trend in distributed systems is towards larger systems. This observation has implications for distributed file system design. Algorithms that work well for systems with 100 machines can work for systems with 1000 machines and none at all for systems with 10, 000 machines. for starters, the centralized algorithm does not scale well. If opening a file requires contacting a single centralized server to record the fact that the file is open then the server will eventually become a bottleneck as the system grows.
- Reliability : The main goal of building distributed systems was to make them more reliable than single processor systems. The idea is that if some machine goes down, some other machine gets used to it. In other words, theoretically the reliability of the overall system can be a Boolean OR of the component reliability. For example, with four file servers, each with a 0.95 chance of being up at any instant, the probability of all four being down simultaneously is 0.000006, so the probability of at least one being available is (1- 0.000006)= 0.999994, far better than any individual server.
- Performance : Building a transparent, flexible, reliable distributed system is useless if it is slow like molasses. In particular application on a distributed system, it should not deteriorate better than running some application on a single processor. Various performance metrics can be used. Response time is one, but so are throughput, system utilization, and amount of network capacity consumed. Furthermore, The results of any benchmark are often highly dependent on the nature of the benchmark. A benchmark involves a large number of independent highly CPU-bound computations which give radically different results than a benchmark that consists of scanning a single large file for same pattern.
Role of Internet and Web Services :
Internet is considered as the most essential thing for people these days. All the systems and spheres are incompletely or completely dependent on the Internet. Let us consider the world’s banking system, for example, people do not usually think of how all the financial functions in
the world are performed out. Generally, all the financial functions and transfers would be unworkable without the authority of the Internet.
If the Internet stops functioning, everything fails and the entire system stops. If the Internet stopped working all over the world one day, it can be a real disaster, and some companies, organizations, and enterprises can be recovered for years long. Hence, the Internet and computers are an important component of people’s lives and a part of the life movement of people. The service of the World Wide Web is produced and assured by the internet-hosting organizations. These organizations are the set of people, who have rooms, full of prevalent computers, such as host servers. The service of each host server provides the work of one, tens, hundreds, or even thousands of websites. The free and sovereign nature of the web offers security for an information system. The internet has developed communication and therefore its contribution to data sharing. With use to a computer and a company to the Internet, someone can connect with others worldwide. The web is predetermined to transfer unstructured information. Humans are involved when conducting business over the internet. Web services play an essential and dominant role in making global IS. Web services are selfincorporated, modular software that can be represented, published, placed and invoked over a network, generally WWW”.
Web services implement functions changing from simple requests and difficult business processes. A deployed web service can be placed and invoked by multiple applications and other internet services via Universal Description, Discovery, and Integration (UDDI). Services points to elements and the services supported that can be used to make higher application services. Web services create data obtainable from computer systems to multiple applications using well- defined standards. A sequence of standards has involved web services discovery, security, transactions, and coordination. Web Services Interoperability Organization (WS-I) overlooks the organization and promulgation of standards including −
Simple Object Access Protocol (SOAP) − It can be used to formats messages between web services. Web Services Definition Language (WSDL) − It is used to define the use of web services. UDDI and WSIL (web services inspection language) − It is used to locate web services. WS-security − It can handles security across web services. WS-coordination − It can coordinate numerous web services into composite systems.
Information System Threats and attacks and classification of threats:
Threat can be anything that can take advantage of a vulnerability to breach security and negatively alter, erase, harm object or objects of interest.
Malware on the basis of Actions:
- Adware – Adware is not exactly malicious but they do breach privacy of the users. They display ads on a computer’s desktop or inside individual programs. They come attached with free-to- use software, thus main source of revenue for such developers. They monitor your interests and display relevant ads. An attacker can embed malicious code inside the software and adware can monitor your system activities and can even compromise your machine.
- Spyware – It is a program or we can say software that mo nitors your activities on computer and reveal collected information to an interested party. Spyware are generally dropped by Trojans, viruses or worms. Once dropped they install themselves and sits silently to avoid detection. One of the most common example of spyware is KEYLOGGER. The basic job of keylogger is to record user keystrokes with timestamp. Thus capturing interesting information like username, passwords, credit card details etc.
- Ransomware – It is type of malware that will either encrypt your files or will lock your computer making it inaccessible either partially or wholly. Then a screen will be displayed asking for money i.e. ransom in exchange.
- Scareware – It masquerades as a tool to help fix your system but when the software is executed it will infect your system or completely destroy it. The software will display a message to frighten you and force to take some action like pay them to fix your system.
- Rootkits – are designed to gain root access or we can say administrative privileges in the user system. Once gained the root access, the exploiter can do anything from stealing private files to private data.
- Zombies – They work similar to Spyware. Infection mechanism is same but they don’t spy and steal information rather they wait for the comma nd from hackers.
Theft of intellectual property means violation of intellectual property rights like copyrights, patents etc. Identity theft means to act someone else to obtain person’s personal information or to access vital information they have like accessing the computer or social media account of a person by login into the account by using their login credentials. Theft of equipment and information is increasing these days due to the mobile nature of devices and increasing information capacity. Sabotage means destroying company’s website to cause loss of confidence on part of its customer. Information extortion means theft of company’s property or information to receive payment in exchange. For example ransomware may lock victims file making them inaccessible thus forcing victim to make payment in exchange. Only after payment victim’s files will be unlocked. These are the old generation attacks that continue these days also with advancement every year. Apart from these there are many other threats. Below is the brief description of these new generation threats.
Technology with weak security – With the advancement in technology, with every passing day a new gadget is being released in the market. But very few are fully secured and follows Information Security principles. Since the market is very competitive Security factor is compromised to make device more up to date. This leads to theft of data/ information from the devices Social media attacks – In this cyber criminals identify and infect a cluster of websites that persons of a particular organization visit, to steal information. Mobile Malware – There is a saying when there is a connectivity to Internet there will be danger to Security. Same goes for Mobile phones where gaming applications are designed to lure customer to download the game and unintentionally they will install malware or virus on the device. Outdated Security Software – With new threats emerging everyday, updation in security software is a prerequisite to have a fully secured environment. Corporate data on personal devices – These days every organization follows a rule BYOD. BYOD means Bring your own device like Laptops, Tablets to the workplace. Clearly BYOD pose a serious threat to security of data but due to productivity issues organizations are arguing to adopt this. Social Engineering – is the art of manipulating people so that they give up their confidential information like bank account details, password etc. These criminals can trick you into giving your private and confidential information or they will gain your trust to get access to your computer to install a malicious software- that will give them control of your computer. For example email or message from your friend, that was probably not sent by your friend. Criminal can access your friends device and then by accessing the contact list, he can send infected email and message to all contacts. Since the message/ email is from a known person recipient will definitely check the link or attachment in the message, thus unintentionally infecting the computer.
Types of Attack :
Active attacks: An Active attack attempts to alter system resources or affect their operations. Active attacks involve some modification of the data stream or the creation of false statements. Types of active attacks are as follows: Masquerade Modification of messages Repudiation Replay Denial of Service Masquerade – A masquerade attack takes place when one entity pretends to be a different entity. A Masquerade attack involves one of the other forms of active attacks. If an authorization procedure isn’t always absolutely protected, it is able to grow to be extraordinarily liable to a masquerade assault. Masquerade assaults may be performed using the stolen passwords and logins, with the aid of using finding gaps in programs, or with the aid of using locating a manner across the authentication process.
Replay – It involves the passive capture of a message and its subsequent transmission to produce an authorized effect. In this attack, the basic aim of the attacker is to save a copy of the data originally present on that particular network and later on use this data for personal uses. Once the data is corrupted or leaked it is insecure and unsafe for the users.
Replay
Denial of Service – It prevents the normal use of communication facilities. This attack may have a specific target. For example, an entity may suppress all messages directed to a particular destination. Another form of service denial is the disruption of an entire network either by disabling the network or by overloading it with messages so as to degrade performance.
Denial of Service
Passive attacks: A Passive attack attempts to learn or make use of information from the system but does not affect system resources. Passive Attacks are in the nature of eavesdropping on or monitoring transmission. The goal of the opponent is to obtain information that is being transmitted. Types of Passive attacks are as follows:
The release of message content Traffic analysis The release of message content – Telephonic conversation, an electronic mail message, or a transferred file may contain sensitive or confidential information. We would like to prevent an opponent from learning the contents of these transmissions.
Passive attack
Traffic analysis – Suppose that we had a way of masking (encryption) information, so that the attacker even if captured the message could not extract any information from the message. The opponent could determine the location and identity of communicating host and could observe the frequency and length of messages being exchanged. This information might be useful in guessing the nature of the communication that was taking place. The most useful protection against traffic analysis is encryption of SIP traffic. To do this, an attacker would have to access the SIP proxy (or its call log) to determine who made the call.
Traffic analysis
Data communications via a personal or company network can also be a non secure means of communications. The communication problems include video, audio and data that can be collected over the air by an insecure network. There are many types of network exploits including Wi-Fi sniffing, manipulation of data in transit, data exposure through radio frequency (RF) emission, connection to an untrusted service, signal jamming and flooding, and monitoring a GPS/ geolocation. All of these threats need to be avoided.
User-based threats include: social engineering, inadvertently (or intentionally) releasing classified information, theft and/or misuse of device and app services, and malicious insiders who steal devices for their own purposes or for someone else.
Social engineering can be accomplished by:
Phishing—Masquerading as a trustworthy entity Vishing—Tricking a victim into calling a phone number and revealing sensitive information Smishing—Tricking someone via messaging into downloading malware onto their mobile device Exploiting Social Media Accounts—Using shortened malicious web site names (to describe one example)
Your own organization’s network infrastructure can be a threat. Used maliciously, a wireless network can pose threats such as:
Providing a means for unauthorized access Permitting or promoting the installation of malware Permitting the loss of data integrity of the system and associated databases Spreading compromised apps Acting as the source of insecure coding Permitting eavesdropping, data interception, voice/data collection, drive-by downloads, location tracking (via GPS) and behavior tracking
An Internet service provider (ISP) can also be a threat to individuals and organizations. The ISP gathers and stores device location; device ownership information; application usage behavior; email routing/forwarding information; information about purchased music, movies, TV shows, apps and books; and sensitive internal reports. All of this information can be stored in the cloud for years.
Other information that can be kept in the cloud for a long time includes: photos and videos; personal contact information, calendar events, reminders and notes; device settings; application data; Adobe PDFs; books added to an order list; call history; home screen and application
organization; text and email messages; ringtones; home system security settings; personal health information; and voicemail.
Vulnerabilities
Mobile computing device vulnerabilities exist in the device itself, the wireless connection, a user’s personal practices, the organization’s infrastructure a nd wireless peripherals (e.g., printers, keyboard, mouse), which contain software, an OS and a data storage device.
If not secured by encryption, wireless networks often pass sensitive information in the clear that can do harm to individuals and/or organizations. Unintentionally released sensitive data can not only affect the organization’s reputation and the lives of those affected, but can also be the cause of legal action. Wireless communications can carry and install malware on any computing device configured to receive it. This malware can cause data corruption, data leakage, and the unavailability of services and functionality. Personal privacy can also be affected if the audio (e.g., Bluetooth) and video/picture communication (e.g., device camera) are intercepted and used with malicious intent. The wireless protection provided by an organization will work only if a user is in the organization’s network perimeter where the security controls are in place.
Unencrypted organization, customer and employee information stored on the computing device can inadvertently be made available to others if someone intercepts it while in transit or if the device is stolen (and no access controls are in place). It is not difficult to intercept wireless communications traffic because there are free tools available on the Internet to help hackers do this.
In this age of wireless technology, many roles (e.g., doctors, medical support staff, retail and wholesale inventory personnel, registration support staff) depend on mobile computing devices to efficiently capture and transmit data. The users of these devices rely on them for their productivity and livelihood. In many cases, the information is sensitive to the organization and, if it is employee- or customer-related, it can be personal and privacy-related (i.e., personally identifiable information.
If one’s organization does not have a wireless encryption program (i.e., virtual private network [VPN]) in place, then mobile devices may interact with personal devices’ email and obtain sensitive correspondence. The lack of encrypted communication can allow malware to access the network and propagate Trojans and viruses throughout the organization. More serious is the fact that it can allow intrusion into the enterprise, which can then compromise the entire organization. Remember that a VPN connection requires authentication—a critical protective control—to permit network access.
Application Vulnerabilities
Other vulnerable components of the mobile computing device environment are the apps loaded on it. Each application can contain a vulnerability that is susceptible to exploitation. The apps on the mobile device can have a variety of vulnerabilities including:
risk. If the platforms they’re using get hacked, or the wrong person gets their password, your data can be compromised.
Phishing/Spoofing: These spam texts and emails are designed to look like they come from a co-worker or trusted source. On a smaller screen, it can be easy to mistake these attacks are real messages.
Stolen Devices: A missing device is the ultimate risk for your company. When a device is stolen everything from an employee’s contacts, to their emails, to their documents could be sold to the highest bidder. So, as you can see, there are plenty of security challenges in mobile devices to worry about. But, with security threats to mobile devices, countermeasures can be taken to address them directly. Let’s talk about some of the most common ones.
Authentication Service Security :
An authentication service is a mechanism, analogous to the use of passwords on time-sharing
systems, for the secure authentication of the identity of network clients by servers and vice versa, without presuming the operating system integrity of either.
Different Types of Authentication Methods
- Password-based authentication
Passwords are the most common methods of authentication. Passwords can be in the form of a string of letters, numbers, or special characters. To protect yourself you need to create strong passwords that include a combination of all possible options.
However, passwords are prone to phishing attacks and bad hygiene that weakens effectiveness. An average person has about 25 different online accounts, but only 54% of users use different passwords across their accounts.
The truth is that there are a lot of passwords to remember. As a result, many people choose convenience over security. Most people use simple passwords instead of creating reliable passwords because they are easier to remember.
The bottom line is that passwords have a lot of weaknesses and are not sufficient in protecting online information. Hackers can easily guess user credentials by running through all possible combinations until they find a match.
- Multi- factor authentication
Multi-Factor Authentication (MFA) is an authentication method that requires two or more independent ways to identify a user. Examples include codes generated from the user’s smartphone, Captcha tests, fingerprints, voice biometrics or facial recognition.
MFA authentication methods and technologies increase the confidence of users by adding multiple layers of security. MFA may be a good defence against most account hacks, but it has its own pitfalls. People may lose their phones or SIM cards and not be able to generate an authentication code.
- Certificate-based authentication
Certificate-based authentication technologies identify users, machines or devices by using digital certificates. A digital certificate is an electronic document based on the idea of a driver’s license or a passport.
The certificate contains the digital identity of a user including a public key, and the digital signature of a certification authority. Digital certificates prove the ownership of a public key and issued only by a certification authority.
Users provide their digital certificates when they sign in to a server. The server verifies the credibility of the digital signature and the certificate authority. The server then uses cryptography to confirm that the user has a correct private key associated with the certificate.
- Biometric authentication
Biometrics authentication is a security process that relies on the unique biological characteristics of an individual. Here are key advantages of using biometric authentication technologies:
Biological characteristics can be easily compared to authorized features saved in a database. Biometric authentication can control physical access when installed on gates and doors. You can add biometrics into your multi- factor authentication process.
Biometric authentication technologies are used by consumers, governments and private corporations including airports, military bases, and national borders. The technology is
