What is Computer Security?

The general overview of computer security is to protect and secure computers' data, networks, software and hardware from unauthorized access, misuse, theft, information loss, and other security issues. Although the internet has made it simpler for us to live our lives with many advantages, it has also put our system's security at risk of malware. Malware is malicious software which includes adware, spyware, ransomware and trojan horse. 

Technology is ever-growing around the world and we, as the modern people, cannot go a day without today's technology. This ever-growing technology introduces invaders, hackers, and thieves who are all attempting to gain access to our information for personal gains, whether that be monetary gains, recognition purposes, ransom demands, bullying others, and invading other businesses or organizations. This makes computer security a very important topic.

The three key objectives that are the heart of computer security are confidentiality, integrity, and availability:
1. Confidentiality preserves authorized restrictions on information access and disclosure. This is a means to protect personal privacy and proprietary information. Confidentiality covers data confidentiality and privacy. Data confidentiality assures that private or confidential information is not available or disclosed to unauthorized individuals. Privacy assures that individuals can control their information by who the information may be disclosed to.

2. Integrity is to guard against improper information changes, such as modification or destruction. Loss of integrity is the unauthorized modification or destruction of the information. Integrity covers data integrity and system integrity. Data integrity assures that information and programs are changed in a authorized and specified manner. System integrity assures that a system is able to perform in an unimpaired manner, free from unauthorized manipulation.

3. Availability ensures reliable and timely access to the use of information. A loss of availability is the disruption of access to use information. Availability assures that systems work properly, and it does not deny service to authorized users.

There are four types of computer security:
1. Cyber security is to secure devices, networks, programs, systems from cyber-attacks. Cyber-attacks can only occur when connected to the internet.

2. Information security is to protect the system's information from illegal use, piracy, and theft from unauthorized use. Confidentiality, integrity, and availability of information are all objectives of information security.

3. Application Security is to secure applications, data, and databases of the applications remain safe and private to the owner. This is so that they do not get hacked and so that the user's data remains confidential.

4. Network security is to secure the network and protect the user's, whoever is connected, information. This will prevent hackers from stealing the packets of data with using methods like sniffing, spoofing, man in the middle and war driving attacks. 

There is more to computer security, however these are the main topics that I would like to highlight for awareness.


Reference: https://www.geeksforgeeks.org/computer-security-overview/ 

Comments

Post a Comment

Popular posts from this blog

Ransomware Groups Cause Mayhem to Industries in 2024 and 2025

Ransomware groups are being investigated internationally, as the attacks disrupt operations. The cyber-criminals behind are growing and even though their operations were disrupted, some in those groups disband and join other groups called RansomHub. BlackCat/ALPHV and LockBit are the name of the other notorious cyber-criminal groups that deploys ransomware. These cyber-criminal groups have claimed 13% more healthcare victims in 2024 with RansomHub as the top cyber-criminal group. These ransomware-as-a-service (RaaS) groups are known now and are being highlighted in the annual Ransomware and Cyber Threat Report from the GuidePoint Security's Research and Intelligence Team (GRIT). GRIT has described law enforcement intervention successful in stopped these attacks, however the attacks continue due to affiliates moving from one RaaS group to another. Law enforcement intervention only decreased last year's ransomware attacks by 8% compared to 2022-2023's 76.8% growth. This avera...
Read more

XZ Utils Supply Chain Attack

XZ Utils is a free software tool that implements compression/decompression algorithms such as XZ and LZMA. These algorithms are used in Unix systems and Linux systems to compress and decompress data. The CVE-2024-3094 backdoor found in XZ Utils was designed to interfere with authentication in Secure Shell Daemon (SSHD), which is the OpenSSH server software that handles Secure Shell (SSH) connections. This backdoor enabled an attacker to execute codes remotely via a SSH login certificate. This only impacts versions 5.6.0 and 5.6.1.  The attacker, Jia Tan with the username of JiaT75, slowly built trust with developers, as many contractors work in XZ Utils. He got to the point where he became co-maintainer of the XZ Utils project and in July 2023, he requested to disable ifunc (GNU indirect function), which is a public tool to detect software vulnerabilities to allow the backdoor to stay undetected upon release. After being on the project for about 2 years to ensure the backdoor could...
Read more