Back Home funny picture and video
Security issue of Information System
Page One page two page three Page four
Back Home
funny picture and video
Security issue of Information System page 5
Firewall
A firewall is a device or set of devices configured to permit, deny, encrypt, or proxy all computer traffic between different security domains based upon a set of rules or other criteria.
A firewall is a dedicated appliance, or software running on another computer, which inspects network traffic passing through it, and denies or permits passage based on a set of rules.
A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized zone (DMZ).
A firewall's function within a network is similar to firewalls with fire doors in building construction. In the former case, it is used to prevent network intrusion to the private network. In the latter case, it is intended to contain and delay structural fire from spreading to adjacent structures.
Without proper configuration, a firewall can often become worthless. Standard security practices dictate a "default-deny" firewall ruleset, in which the only network connections which are allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration requires detailed understanding of the network applications and endpoints required for the organization's day-to-day operation. Many businesses lack such understanding, and therefore implement a "default-allow" ruleset, in which all traffic is allowed unless it has been specifically blocked. This configuration makes inadvertent network connections and system compromise much more likely.
Viruses Defenses
The threat from viruses changes constantly. More than 300 new viruses are discovered each month. To make Matters worse, today’s most prevalent threats are worms and mass-mailing viruses that can spread around the world In a matter of hours. To effectively combat the ever-changing virus threat, Various Companies establish an active anti-virus policy. Most companies today understand the need for virus protection. Many have established formal policies defining what form that protection should take, and how it should be used. Today most companies update antivirus software
Security Codes
For security of information system Password system is used. First an end user logs on to the computer system by entering his or her unique identification code or user ID. The end user is then asked to enter a password in order to gain access into the system. Next to access an individual file a unique file name must be entered. Password protects data from unauthorized use.
A firewall is a device or set of devices configured to permit, deny, encrypt, or proxy all computer traffic between different security domains based upon a set of rules or other criteria.
A firewall is a dedicated appliance, or software running on another computer, which inspects network traffic passing through it, and denies or permits passage based on a set of rules.
A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized zone (DMZ).
A firewall's function within a network is similar to firewalls with fire doors in building construction. In the former case, it is used to prevent network intrusion to the private network. In the latter case, it is intended to contain and delay structural fire from spreading to adjacent structures.
Without proper configuration, a firewall can often become worthless. Standard security practices dictate a "default-deny" firewall ruleset, in which the only network connections which are allowed are the ones that have been explicitly allowed. Unfortunately, such a configuration requires detailed understanding of the network applications and endpoints required for the organization's day-to-day operation. Many businesses lack such understanding, and therefore implement a "default-allow" ruleset, in which all traffic is allowed unless it has been specifically blocked. This configuration makes inadvertent network connections and system compromise much more likely.
Viruses Defenses
The threat from viruses changes constantly. More than 300 new viruses are discovered each month. To make Matters worse, today’s most prevalent threats are worms and mass-mailing viruses that can spread around the world In a matter of hours. To effectively combat the ever-changing virus threat, Various Companies establish an active anti-virus policy. Most companies today understand the need for virus protection. Many have established formal policies defining what form that protection should take, and how it should be used. Today most companies update antivirus software
Security Codes
For security of information system Password system is used. First an end user logs on to the computer system by entering his or her unique identification code or user ID. The end user is then asked to enter a password in order to gain access into the system. Next to access an individual file a unique file name must be entered. Password protects data from unauthorized use.
Security issue of Information System page 4
Other Principles
Authenticity
In computing, e-Business and information security it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine (i.e. they have not been forged or fabricated.)
Non-repudiation
In law, non-repudiation implies ones intention to fulfill their obligations to a contract. It also implies that one party of a transaction can not deny having received a transaction nor can the other party deny having sent a transaction.
Electronic commerce uses technology such as digital signatures and encryption to establish authenticity and non-repudiation.
Security Measures of Information System
Cryptography
In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. "software for encryption" can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted).
Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now used in protecting information within many kinds of civilian systems, such as computers, networks (e.g. the Internet e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. Encryption is also used in digital rights management to prevent unauthorized use or reproduction of copyrighted material and in software also to protect against reverse engineering (see also copy protection).
Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature. Standards and cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security may be a challenging problem. A single slip-up in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption.
Authenticity
In computing, e-Business and information security it is necessary to ensure that the data, transactions, communications or documents (electronic or physical) are genuine (i.e. they have not been forged or fabricated.)
Non-repudiation
In law, non-repudiation implies ones intention to fulfill their obligations to a contract. It also implies that one party of a transaction can not deny having received a transaction nor can the other party deny having sent a transaction.
Electronic commerce uses technology such as digital signatures and encryption to establish authenticity and non-repudiation.
Security Measures of Information System
Cryptography
In cryptography, encryption is the process of transforming information (referred to as plaintext) using an algorithm (called cipher) to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information (in cryptography, referred to as ciphertext). In many contexts, the word encryption also implicitly refers to the reverse process, decryption (e.g. "software for encryption" can typically also perform decryption), to make the encrypted information readable again (i.e. to make it unencrypted).
Encryption has long been used by militaries and governments to facilitate secret communication. Encryption is now used in protecting information within many kinds of civilian systems, such as computers, networks (e.g. the Internet e-commerce), mobile telephones, wireless microphones, wireless intercom systems, Bluetooth devices and bank automatic teller machines. Encryption is also used in digital rights management to prevent unauthorized use or reproduction of copyrighted material and in software also to protect against reverse engineering (see also copy protection).
Encryption, by itself, can protect the confidentiality of messages, but other techniques are still needed to protect the integrity and authenticity of a message; for example, verification of a message authentication code (MAC) or a digital signature. Standards and cryptographic software and hardware to perform encryption are widely available, but successfully using encryption to ensure security may be a challenging problem. A single slip-up in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption.
Security issue of Information System page3
Security of Information System
Security of Information System means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The terms Security of information System, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Security of information is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take: electronic, print, or other forms.
Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement. For the individual, information security has a significant effect on Privacy, which is viewed very differently in different cultures.
Principles of security of information system
Information security has held that confidentiality, integrity and availability (known as the CIA Triad) are the core principles of information security.
Confidentiality
It is virtually impossible to get a drivers license, rent an apartment, obtain medical care, or take out a loan without disclosing a great deal of very personal information about ourselves, such as our name, address, telephone number, date of birth, Social Security number, marital status, number of children, mother's maiden name, income, place of employment, medical history, etc. This is all very personal and private information, yet we are often required to provide such information in order to transact business. We generally take it on faith that the person, business, or institution to whom we disclose such personal information have taken measures to ensure that our information will be protected from unauthorized disclosure, either accidental or intentional, and that our information will only be shared with other people, businesses or institutions who are authorized to have access to the information and who have a genuine need to know the information.
Information that is considered to be confidential in nature must only be accessed, used, copied, or disclosed by persons who have been authorized to do so, and only when there is a genuine need to do so. A breach of confidentiality occurs when information that is considered to be confidential in nature has been, or may have been, accessed, used, copied, or disclosed to, or by, someone who was not authorized to have access to the information.
For example: permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it would be a breach of confidentiality if they were not authorized to have the information. If a laptop computer, which contains employment and benefit information about 100,000 employees, is stolen from a car (or is sold on eBay) could result in a breach of confidentiality because the information is now in the hands of someone who is not authorized to have it. Giving out confidential information over the telephone is a breach of confidentiality if the caller is not authorized to have the information.
Integrity
In information security, integrity means that data can not be created, changed, or deleted without authorization. It also means that data stored in one part of a database system is in agreement with other related data stored in another part of the database system (or another system). For example: a loss of integrity can occur when a database system is not properly shut down before maintenance is performed or the database server suddenly loses electrical power. A loss of integrity occurs when an employee accidentally, or with malicious intent, deletes important data files. A loss of integrity can occur if a computer virus is released onto the computer. A loss of integrity can occur when an on-line shopper is able to change the price of the product they are purchasing.
Availability
The concept of availability means that the information, the computing systems used to process the information, and the security controls used to protect the information are all available and functioning correctly when the information is needed. The opposite of availability is denial of servic
Next to Page Four
Back to Home
Security of Information System means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. The terms Security of information System, computer security and information assurance are frequently used interchangeably. These fields are interrelated and share the common goals of protecting the confidentiality, integrity and availability of information; however, there are some subtle differences between them. These differences lie primarily in the approach to the subject, the methodologies used, and the areas of concentration. Security of information is concerned with the confidentiality, integrity and availability of data regardless of the form the data may take: electronic, print, or other forms.
Protecting confidential information is a business requirement, and in many cases also an ethical and legal requirement. For the individual, information security has a significant effect on Privacy, which is viewed very differently in different cultures.
Principles of security of information system
Information security has held that confidentiality, integrity and availability (known as the CIA Triad) are the core principles of information security.
Confidentiality
It is virtually impossible to get a drivers license, rent an apartment, obtain medical care, or take out a loan without disclosing a great deal of very personal information about ourselves, such as our name, address, telephone number, date of birth, Social Security number, marital status, number of children, mother's maiden name, income, place of employment, medical history, etc. This is all very personal and private information, yet we are often required to provide such information in order to transact business. We generally take it on faith that the person, business, or institution to whom we disclose such personal information have taken measures to ensure that our information will be protected from unauthorized disclosure, either accidental or intentional, and that our information will only be shared with other people, businesses or institutions who are authorized to have access to the information and who have a genuine need to know the information.
Information that is considered to be confidential in nature must only be accessed, used, copied, or disclosed by persons who have been authorized to do so, and only when there is a genuine need to do so. A breach of confidentiality occurs when information that is considered to be confidential in nature has been, or may have been, accessed, used, copied, or disclosed to, or by, someone who was not authorized to have access to the information.
For example: permitting someone to look over your shoulder at your computer screen while you have confidential data displayed on it would be a breach of confidentiality if they were not authorized to have the information. If a laptop computer, which contains employment and benefit information about 100,000 employees, is stolen from a car (or is sold on eBay) could result in a breach of confidentiality because the information is now in the hands of someone who is not authorized to have it. Giving out confidential information over the telephone is a breach of confidentiality if the caller is not authorized to have the information.
Integrity
In information security, integrity means that data can not be created, changed, or deleted without authorization. It also means that data stored in one part of a database system is in agreement with other related data stored in another part of the database system (or another system). For example: a loss of integrity can occur when a database system is not properly shut down before maintenance is performed or the database server suddenly loses electrical power. A loss of integrity occurs when an employee accidentally, or with malicious intent, deletes important data files. A loss of integrity can occur if a computer virus is released onto the computer. A loss of integrity can occur when an on-line shopper is able to change the price of the product they are purchasing.
Availability
The concept of availability means that the information, the computing systems used to process the information, and the security controls used to protect the information are all available and functioning correctly when the information is needed. The opposite of availability is denial of servic
Next to Page Four
Back to Home
Security issue of Information System page 2
1 External Agents
External actors refer to individuals or groups like hackers, terrorist organizations, business competitors and foreign intelligence organizations These agents perceive Internet ubiquity and anonymity as advantageous features for accomplishing their strategic and political objectives.
2 Insiders
The term "insiders" indicates authorized users who take advantage of their authorized access to internal networks and the Internet in general to achieve personal objectives. According to Information Security, more than half of the interviewed organizations have experienced abuses from their employees or authorized users. According to the consulting firm Political Psychology Associates, this high number of misuses may be related to personal frustrations, computer dependency, and reduced loyalty to employers as well as perceived lack of financial entailment for supposed superior technical and managerial capabilities
Security Challenges of Information System
Computer Crime
Computer crime, cybercrime, e-crime, hi-tech crime or electronic crime generally refers to criminal activity where a computer or network is the source, tool, target, or place of a crime. These categories are not exclusive and many activities can be characterized as falling in one or more category. these terms are also sometimes used to include traditional crimes, such as fraud, theft, blackmail, forgery, and embezzlement, in which computers or networks are used to facilitate the illicit activity.
Computer crime can broadly be defined as criminal activity involving an information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (ID theft), and electronic fraud.Computer crime Involves the Following
Hacking
Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose. People who engage in computer hacking activities are often called hackers. Since the word "hack" has long been used to describe someone who is incompetent at his/her profession, Computer hacking is most common among teenagers and young adults, although there are many older hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work and consider computer hacking an "art" form. They often enjoy programming and have expert-level skills in one particular program. For these individuals, computer hacking is a real life application of their problem-solving skills. It’s a chance to demonstrate their abilities, not an opportunity to harm others.
Since a large number of hackers are self-taught prodigies, some corporations actually employ computer hackers as part of their technical support staff. These individuals use their skills to find flaws in the company’s security system so that they can be repaired quickly. In many cases, this type of computer hacking helps prevent identity theft and other serious computer-related crimes.
Cyber Crime OR Theft
Cyber crime or Theft also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.
Example of cyber theft is the theft of $11 million from Citibank in 1994.
Computer Virus
A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. However, the term "virus" is commonly used, albeit erroneously, to refer to many different types of malware programs. The original virus may modify the copies, or the copies may modify themselves, as occurs in a metamorphic virus. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable medium such as a floppy disk, CD, or USB drive. Meanwhile viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer. Viruses are sometimes confused with computer worms and Trojan horses. A worm can spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a file that appears harmless. Both worms and Trojans will cause harm to computers when executed.
Most personal computers are now connected to the Internet and to local area networks, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, Instant Messaging and file sharing systems to spread, blurring the line between viruses and worms. Furthermore, some sources use an alternative terminology in which a virus is any form of self-replicating malware.
Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any damage, but simply replicate themselves and perhaps make their presence known by presenting text, video, or audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in system crashes. In addition, many viruses are bug-ridden, and these bugs may lead to system crashes and data loss.
BAck To page one
funny picture video and games
Next To Page three
External actors refer to individuals or groups like hackers, terrorist organizations, business competitors and foreign intelligence organizations These agents perceive Internet ubiquity and anonymity as advantageous features for accomplishing their strategic and political objectives.
2 Insiders
The term "insiders" indicates authorized users who take advantage of their authorized access to internal networks and the Internet in general to achieve personal objectives. According to Information Security, more than half of the interviewed organizations have experienced abuses from their employees or authorized users. According to the consulting firm Political Psychology Associates, this high number of misuses may be related to personal frustrations, computer dependency, and reduced loyalty to employers as well as perceived lack of financial entailment for supposed superior technical and managerial capabilities
Security Challenges of Information System
Computer Crime
Computer crime, cybercrime, e-crime, hi-tech crime or electronic crime generally refers to criminal activity where a computer or network is the source, tool, target, or place of a crime. These categories are not exclusive and many activities can be characterized as falling in one or more category. these terms are also sometimes used to include traditional crimes, such as fraud, theft, blackmail, forgery, and embezzlement, in which computers or networks are used to facilitate the illicit activity.
Computer crime can broadly be defined as criminal activity involving an information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interference (interfering with the functioning of a computer system by inputting, transmitting, damaging, deleting, deteriorating, altering or suppressing computer data), misuse of devices, forgery (ID theft), and electronic fraud.Computer crime Involves the Following
Hacking
Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose. People who engage in computer hacking activities are often called hackers. Since the word "hack" has long been used to describe someone who is incompetent at his/her profession, Computer hacking is most common among teenagers and young adults, although there are many older hackers as well. Many hackers are true technology buffs who enjoy learning more about how computers work and consider computer hacking an "art" form. They often enjoy programming and have expert-level skills in one particular program. For these individuals, computer hacking is a real life application of their problem-solving skills. It’s a chance to demonstrate their abilities, not an opportunity to harm others.
Since a large number of hackers are self-taught prodigies, some corporations actually employ computer hackers as part of their technical support staff. These individuals use their skills to find flaws in the company’s security system so that they can be repaired quickly. In many cases, this type of computer hacking helps prevent identity theft and other serious computer-related crimes.
Cyber Crime OR Theft
Cyber crime or Theft also includes traditional crimes conducted through the Internet. For example; hate crimes, telemarketing and Internet fraud, identity theft, and credit card account thefts are considered to be cyber crimes when the illegal activities are committed through the use of a computer and the Internet.
Example of cyber theft is the theft of $11 million from Citibank in 1994.
Computer Virus
A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user. However, the term "virus" is commonly used, albeit erroneously, to refer to many different types of malware programs. The original virus may modify the copies, or the copies may modify themselves, as occurs in a metamorphic virus. A virus can only spread from one computer to another when its host is taken to the uninfected computer, for instance by a user sending it over a network or the Internet, or by carrying it on a removable medium such as a floppy disk, CD, or USB drive. Meanwhile viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer. Viruses are sometimes confused with computer worms and Trojan horses. A worm can spread itself to other computers without needing to be transferred as part of a host, and a Trojan horse is a file that appears harmless. Both worms and Trojans will cause harm to computers when executed.
Most personal computers are now connected to the Internet and to local area networks, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, Instant Messaging and file sharing systems to spread, blurring the line between viruses and worms. Furthermore, some sources use an alternative terminology in which a virus is any form of self-replicating malware.
Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any damage, but simply replicate themselves and perhaps make their presence known by presenting text, video, or audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in system crashes. In addition, many viruses are bug-ridden, and these bugs may lead to system crashes and data loss.
BAck To page one
funny picture video and games
Next To Page three
Security Issues of Information System
Earn Online Money Back To Home
Security Issues of Information System
What is Information System
Information System can be any organized combination of people, hardware, software, communications networks, and data resources that stores and retrieves, transforms, and disseminates information in an organization. An information system is an example of both a technical and social system. It is a technical system in that it may contain a large number of machinery but it is also a social system that it may reflect in the way it is used the social structure of an organization. For example an information system not only exists to record transactions but also it is used to provide summary information to senior management to assess whether the organization is following its long-term strategic objectives.
Internal users of Information
It includes
1. Board of the company or the equivalent of a board in other organization.
2. Directors with functional responsibilities.
3. Divisional general managers.
4. Divisional heads.
5. Departmental heads.
6. Section leader or fore men.
By function classification: -
1. Marketing.
2. Finance.
3. Administration.
4. Production.
5. Technical.
6. Personnel.
7. Research.
Governments, military, financial institutions, hospitals, and private businesses have a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Should confidential information about a businesses customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business.
Since March 2008 some people had fraudulently withdrawn Rs20 million from automated-teller machines (ATMs)of National Bank Of Pakistan in Multan, the Federal Investigation Agency believes that the bank’s online money providing system has been "hacked".
According to Information Security magazine, since 1998 about 20 percent of the surveyed financial institutions have suffered disruptions of their information and network systems. Similar findings have been confirmed by the 1999 Computer Crime and Security Survey conducted by San Francisco-based Computer Security Institute and the Computer Intrusion Squad of the U.S. Federal Bureau of Investigation. This initiative revealed that more than 50 percent of the surveyed companies had their networks violated through their Internet connections. Nonetheless, the most troublesome aspect of this rise in computer crime is its global reach, especially for an online financial institution that aims to offer its products and services to clients worldwide. In the final report of Project Trawler, the National Criminal Intelligence Service, the central intelligence body of the various English regional police forces, has indicated an exponential growth of computer crime in the United Kingdom. The perpetrators of these security breaches may be classified in two categories
1 External Agents
2 Insiders
Security Issues of Information System
What is Information System
Information System can be any organized combination of people, hardware, software, communications networks, and data resources that stores and retrieves, transforms, and disseminates information in an organization. An information system is an example of both a technical and social system. It is a technical system in that it may contain a large number of machinery but it is also a social system that it may reflect in the way it is used the social structure of an organization. For example an information system not only exists to record transactions but also it is used to provide summary information to senior management to assess whether the organization is following its long-term strategic objectives.
Internal users of Information
It includes
1. Board of the company or the equivalent of a board in other organization.
2. Directors with functional responsibilities.
3. Divisional general managers.
4. Divisional heads.
5. Departmental heads.
6. Section leader or fore men.
By function classification: -
1. Marketing.
2. Finance.
3. Administration.
4. Production.
5. Technical.
6. Personnel.
7. Research.
what is Security Issues of Information System
Governments, military, financial institutions, hospitals, and private businesses have a great deal of confidential information about their employees, customers, products, research, and financial status. Most of this information is now collected, processed and stored on electronic computers and transmitted across networks to other computers. Should confidential information about a businesses customers or finances or new product line fall into the hands of a competitor, such a breach of security could lead to lost business, law suits or even bankruptcy of the business.
Since March 2008 some people had fraudulently withdrawn Rs20 million from automated-teller machines (ATMs)of National Bank Of Pakistan in Multan, the Federal Investigation Agency believes that the bank’s online money providing system has been "hacked".
According to Information Security magazine, since 1998 about 20 percent of the surveyed financial institutions have suffered disruptions of their information and network systems. Similar findings have been confirmed by the 1999 Computer Crime and Security Survey conducted by San Francisco-based Computer Security Institute and the Computer Intrusion Squad of the U.S. Federal Bureau of Investigation. This initiative revealed that more than 50 percent of the surveyed companies had their networks violated through their Internet connections. Nonetheless, the most troublesome aspect of this rise in computer crime is its global reach, especially for an online financial institution that aims to offer its products and services to clients worldwide. In the final report of Project Trawler, the National Criminal Intelligence Service, the central intelligence body of the various English regional police forces, has indicated an exponential growth of computer crime in the United Kingdom. The perpetrators of these security breaches may be classified in two categories
1 External Agents
2 Insiders
Subscribe to:
Posts (Atom)
Posts
