Question

What are system access threats? and some examples.

Answer 1

The most common threat in a networked system is unauthorized access to information and computer resources. System threats refer to misuse of system services and network connections to put user in trouble.  System threats create such an environment that operating system resources or user files are misused. Threats may cause the loss of confidentiality, integrity, and availability of the information technology assets.

The computer system must be protected against threats by:

1. Authorized user - If a computer program is run by an unauthorized user, then they may cause severe damage to computers or data stored in it.

2. Authentication - It refers to identifying each user of the system and associating the executing programs with those users. It is the responsibility of the Operating System to create a protection system which ensures that a user who is running a particular program is authentic. Operating Systems generally identifies/authenticates users using following ways −

a.Username / Password − User need to enter a registered username and password with Operating system to login into the system.

b. User card/key − User need to punch card in card slot, or enter key generated by key generator in option provided by the operating system to login into the system.

c. User attributes like fingerprint/ eye retina pattern/ signature − User need to pass his/her attribute via a designated input device used by operating system to login into the system.

3. One Time password -   One-Time passwords provide additional security along with normal authentication. In the One-Time Password system, a unique password is required every time user tries to login into the system. Once a one-Time password is used, then it cannot be used again.

Operating system's processes and kernel do the designated task as instructed. If a user program made these process do malicious tasks, then it is known as Program Threats. One of the common examples of program threat is a program installed in a computer which can store and send user credentials via network to some hacker.

System threats refer to misuse of system services and network connections to put user in trouble. System threats can be used to launch program threats on a complete network called as program attack. System threats create such an environment that operating system resources/ user files are misused.

Following are the list of some well-known system threats :[ Examples]

· Worm − Worm is a process which can choke down system performance by using system resources to extreme levels. A Worm process generates its multiple copies where each copy uses system resources, prevents all other processes to get required resources. Worm processes can even shut down an entire network.

· Port Scanning − Port scanning is a mechanism or means by which a hacker can detects system vulnerabilities to make an attack on the system.

· Denial of Service − Denial of service attacks normally prevents user to make legitimate use of the system. For example, a user may not be able to use internet if denial of service attacks browser's content settings.

· Computer virus: Carefully evaluating free software downloads from peer-to-peer file sharing sites, and emails from unknown senders are crucial to avoiding viruses. Most web browsers today have security settings which can be ramped up for optimum defense against online threats. The most-effective way of fending off viruses is up-to-date antivirus software from a reputable provider.

· Remote Desktop accounts: Someone working from home probably has access to a critical computer or server. It's a good disaster recovery plan move. Attackers too often phish those credentials or even brute force them.