Loading presentation...

Present Remotely

Send the link below via email or IM


Present to your audience

Start remote presentation

  • Invited audience members will follow you as you navigate and present
  • People invited to a presentation do not need a Prezi account
  • This link expires 10 minutes after you close the presentation
  • A maximum of 30 users can follow your presentation
  • Learn more about this feature in our knowledge base article

Do you really want to delete this prezi?

Neither you, nor the coeditors you shared it with will be able to recover it again.


Malicious Damage

No description

Luke Young

on 10 January 2014

Comments (0)

Please log in to add your comment.

Report abuse

Transcript of Malicious Damage

P1 - Know Your Threats
Malicious Damage
Access causing damage e.g viruses
This is where your system is attacked by an outside party using threatening viruses, they could attack your computer in a number of ways they could either upload a virus within your computer system, they could also take personal information from your computer or they could just simply jam you from doing anything for a certain time period, there are many types of viruses that your computer system may be attacked with, one of them being worms, this is a program very similar to a virus it attack the system by self-replicating, this can lead to negative effects on your system, they generally spread through things such as e-mails and networks they do not cause any major damage to them files but as they replicate so fast it can result to the entire network collapsing.

Another virus that can inflict damage onto your computer is a Trojan, the Trojan virus is a malicious program that will perform action on your computer that you have not authorized these can include things such as; deleting data, blocking data, modifying data, copying data, disrupting the performance of your computer or network, but unlike worms Trojans cannot self-replicate.
Access without damage
Access without damage is when your computer system is breached by hackers but they do not want you to know, so they will be attacking your system but causing no damage so they will most likely be taking personal information or data from your system and leaving no sign of your system being tempered with at the time or after they have done what they needed to they do this by creating a virtual backdoor which is basically a secret way out for a hacker so it leaves no traces of them leaving the system or entering it in the first place , so for example if someone targeted a website such as amazon of PayPal they would be trying to take information such as card details, bank information or other information relating customer information, this can then lead to identity theft.

One threat that your computer faces internally is being attacked with malware software such things as viruses, Trojans, worms and phishing, malware is a piece of software that is placed within your computer without your consent, they are put there for the purpose to play your computer up so do things such as make it run slower, it could also be used to copy and save private information you are typing in such as passwords or card details, with your average virus it will get recognized by what damage it is doing to your computer but this is not the case with malware, malware is recognized by the speed that it is spreading not the physical damage it is causing.

Threats related to E-commerce
Website defacement
Website defacement is an attack on the website that only changes the appearance of the website, as the internet is such a poplar place to get your views across websites such as religious and government sites are targeted a lot as people use website defacement as a way of protesting against religions or political views, but there are other reasons people may deface a website, another reason could be an attack on a business or the owner so they would put things like false information on the website or put that the shop is closed for a time peroid any method to push customers away, another reason that this problem may accur is that someone is doing just for fun to see if they can hack into a website and simply change that website or they could be doing it for public awareness proving a point that a certain website is not very secure.
Control of access to data via third party suppliers
This is where a business pays off a third party to either make their website or keep their website up to date, but to do this they will need to know things such as codes and passwords this means that the third party has access to to the website including things such as customer details and other important information, so they have the tools to deface or hack your website, or if they don't they still have the power to give this information to other people which could do the same.
Denial of service attacks
A (DDOS) is an attack on a website which causes the connection to crash which leaves people unable to connect to that website, they do this by a large amount of people attending a certain website at a time or sending messages to the website anyway that will cause the connection to crash, this can also happen unintentional, for example if a poplar user has created a new website and they have alot of customers/viewers at the same time there is a big risk that the website will crash.
Organizational Impact
Loss of service is where your website crashes down, this could happen for many reasons one of them could be because of (DDOS) or it could just simply be a connection error, this is a huge problem to any business as it will be temporarily unavailable to the public, this then leads to other problems for a company such as customers not trusting in a website which then leads to them not returning which will lower there income and they may lose some loyal customers, depending on how long the website is down for and how big the business is will determine on the amount of sales & customers they lose, for example a small website such as a local town shop would not lose as much sales or customers compared to a site such as amazon, a site like amazon may also lose more as they have other big competitors such as eBay that customers may turn to.
If a business does have an issue with loss of service and are temporarily down then they will lose customers & profit which leads to a business needing to increase the costs of there products because they may not have reached their anticipated target's, but by doing this they will be causing more problems because they are rising prices customers may turn to other companies that will be selling these products at cheaper prices and they may even stop shopping at your website.
As a business you need to make sure you have a good image to the public and your customers, a lot of business's that already have a store before they have a website will already have a good image and loyal customers that will know of your reputation and this will spread to the public from word of mouth. If you have a bad image you will not be a trustworthy business and not get many customers.
Loss of service/business
Increased costs
Poor Image
Counterifet goods
Products at risk
Distribution mechanisms
There are two main ways that suppliers of counterfeit good will distribute there stock, one of them is boot fairs and the other being peer to peer marketing, one of the reason this is a good method of gettign rid of counterfeit goods is the fact that there is not much questions asked or information known about the buyer's or seller's involved so if the buyers do realise the products they have bought are not working or broke they can not return the item as no details are given.
Products at risk include things such as DVD's, Games, Music etc, you will need to make sure as a business that the products you are receiving to sell from your suppliers are not counterfeit otherwise this will reflect on your business and make you look bad which could result to loss of customers visiting and buying for you which means you will lose profit, if this is the case then you as a business would need to change the suppliers you use and make a complaint about the products they are letting you sell.
M1 - Information Security
Data Integrity
Another type of information security is Data integrity this is the process that carries out the completeness and accuracy of data, this ensures that all the data stored can be traced and connected to other data, they do this by various error checking methods & validation procedures, they have to carry these tests out as there are many threats that can face data, such as human errors, software bugs or viruses, hardware malfunctions, errors that occur when data is transmitted from one computer to another. There are many ways that business use to back up the risk of this taking place, things such as simply backing up data regularly
Data Completness
Data completition is something that every business has to deal with, for example if a business is holding customer data they would have to make sure that all of that data is filled out correctly so including things such as credit card details, adress etc and up to date and making sure that the certain data is correct meeting business demands, as if a business does not have data that is up to date they may get customer information wrong which could lead to all sort of difficulties invloving purchases or orders.
Access to data
All businesses will have some sort of data stored within there business and only some people will be allowed access to this data, for example within most businesses it will be the manager and people who secure the data from any threats as they will be the ones who are running backups of the data and protecting them from any threats, this is important as it is important certain data does not get out as this can cause huge threats to a business.
Confidentiality will fall under the data protection act, so when a business deals with there customers private details they have to make sure that these details are secure and there is no way that these details can get released out to the public and try there best to prevent this information for hackers, most businesses will have a RSA certificate to prove there website is safe. A business can not release csutomer information to any person whether they be customers or a member of the public as they will be breaking many laws and if they do this can lead to there webite being shut down.
Confidentiality and data integrity have alot in common as they are both dealing with data and the security of that data, it is important that data has high confidentiality and the people that are keeping data in order are legit because if people are seeing certain data or tempering with it then alot can go wrong and depending on what the data is it can put people at risk of there private information getting stolen, but this data needs to be kept up to date and secure so it is inmportant that the owner of this inofmration keeps it confidential.
Data integrity
It is important that when a business is dealing with data that they do keep it up to date and have it all filled out correctly and it is important that the owner of the data keeps the data confidential and the person that is dealing with the data is legit otherwise the business can be putting alot of people at risk of things such as card details getting stolen and theft, or just simply tempering with the data.
Data completeness
Access to data
These two have a huge link and play a big part within a business and making the data that they hold, within a lot of business certain employees will have access to the data stored within the systems for diffrent reasons so they need to make sure this data is confidential so the business needs to make sure that the employees looking at this sensative information are trustworthy.
Data integrity
Data completeness
These two are very similar as they both play a part in making sure that the data is up to date and complete, it is very important that both of these take place within a business otherwise they would not know information on their customers that they need to know and it would not be a secure website so they both play a part in making this possible.
A business will have many types of data withint here systems so they have to make sure that the people that have the access to all this data knows exctly what they are doing and making sure its all there and in the right places as some data may only be allowed to be seen by certain people as many business do hold sensative data.
Data integrity
Access to data
These two work very well together, as the business will employe someone to make sure all the sensative data within the business is up to date and fully completed and the people that will be doing this is the people the managers of the business allow as it is sensative data only certain people can have access to this data.
Data completeness
Access to data
Full transcript