Page 439 - Using MIS
P. 439
Q5 How Can Technical Safeguards Protect Against Security Threats? 407
Packet-filtering firewalls are the simplest type of firewall. Other firewalls filter on a more
sophisticated basis. If you take a data communications class, you will learn about them. For
now, just understand that firewalls help to protect organizational computers from unauthorized
network access.
No computer should connect to the Internet without firewall protection. Many ISPs provide
firewalls for their customers. By nature, these firewalls are generic. Large organizations supple-
ment such generic firewalls with their own. Most home routers include firewalls, and Microsoft
Windows has a built-in firewall as well. Third parties also license firewall products.
Malware Protection
The next technical safeguard in our list in Figure 10-9 concerns malware. Malware is a broad
category of software that includes viruses, spyware, and adware.
• A virus is a computer program that replicates itself. Unchecked replication is like com-
puter cancer; ultimately, the virus consumes the computer’s resources. Furthermore,
many viruses also take unwanted and harmful actions. The program code that causes
the unwanted actions is called the payload. The payload can delete programs or data—
or, even worse, modify data in undetected ways.
• Trojan horses are viruses that masquerade as useful programs or files. The name refers
to the gigantic mock-up of a horse that was filled with soldiers and moved into Troy
during the Trojan War. A typical Trojan horse appears to be a computer game, an MP3
music file, or some other useful, innocuous program.
• A worm is a virus that self-propagates using the Internet or other computer network.
Worms spread faster than other virus types because they can replicate by themselves.
Unlike nonworm viruses, which must wait for the user to share a file with a second com-
puter, worms actively use the network to spread. Sometimes, worms can propagate so
quickly that they overload and crash a network.
• Spyware programs are installed on the user’s computer without the user’s knowledge or
permission. Spyware resides in the background and, unknown to the user, observes the
user’s actions and keystrokes, monitors computer activity, and reports the user’s activi-
ties to sponsoring organizations. Some malicious spyware, called key loggers, captures
keystrokes to obtain usernames, passwords, account numbers, and other sensitive infor-
mation. Other spyware supports marketing analyses such as observing what users do,
Web sites visited, products examined and purchased, and so forth.
• Adware is similar to spyware in that it is installed without the user’s permission and
resides in the background and observes user behavior. Most adware is benign in that
it does not perform malicious acts or steal data. It does, however, watch user activity
and produce pop-up ads. Adware can also change the user’s default window or modify
search results and switch the user’s search engine.
Figure 10-12 lists some of the symptoms of adware and spyware. Sometimes these symp-
toms develop slowly over time as more malware components are installed. Should these symp-
toms occur on your computer, remove the spyware or adware using antimalware programs.
• Slow system startup
• Sluggish system performance
• Many pop-up advertisements
• Suspicious browser homepage changes
• Suspicious changes to the taskbar and
other system interfaces
Figure 10-12 • Unusual hard-disk activity
Spyware and Adware Symptoms
