Chapter 8 Securing Information systems
Learning objectives
8.1 Why are information systems vulnerable to destruction, error and abuse?
8.2 What is the business value of security and control?
8.3 What are the components of an organizational framework for security and control?
8.4 What are the most important tools and technologies for safeguarding information resources?
8.5 How will MIS help my career?
Cases
Cyberattacks in the Asia-Pacific Target the Weakest Link: People
Meltdown and Spectre Haunt the World’s Computers
Phishing for Money: Dangerous Emails
Information Security Threats and Policies in Europe
8.1 Why are information systems vulnerable to destruction, error and abuse?
Security = the policies, procedures and technical measures used to prevent unauthorized access,
alteration, theft or physical damage to information systems
Controls = methods, policies, and organizational procedures to ensure the safety of the
organization’s assets, the accuracy and reliability of its records, and operational adherence to
management standards
Why systems are vulnerable
The potential for authorized access or damage is not limited to a single location but can occur at
many access points in the network. Threats can stem from technical, organizational and
environmental factors compounded by poor management.
Client (user) Communication Lines Corporate Services Corporate Systems
(computer/smartphone) (servers of multiple comp.) (hardware operating
systems software)
Unauthorized access Tapping Hacking Theft of data
Errors Sniffing Malware Copying data
Message alteration Theft and fraud Alteration of data
Theft and fraud Vandalism Hardware failure
Radiation Denial-of-service attacks Software Failure
Internet vulnerabilities
The internet are more vulnerable than internal networks because they are virtually open for anyone.
Vulnerability has also increased from widespread use of email, instant messaging (IM) and peer-to-
peer (P2P) file-sharing programs
Wireless security challenges
Local area networks (LANs) using the 802.11 standard can be easily penetrated by outsiders armed
with laptops, wireless cards, external antennae, and hacking software. Hackers use these tools to
detect unprotected networks, monitor network traffic and in some cases gain access to the Internet
or to corporate networks. Wireless networks in many locations do not have basic protections against
war driving (in which eavesdroppers drive by building or park outside and try to intercept wireless
network traffic). Intruders also set up rogue access point on a different radio channel in physical
, locations close to users to force a user’s radio network interface controller (NIC) to associate with the
rogue access point.
Malicious software: viruses, worms, trojan horses and spyware
Malicious software programs (or malware) = include variety of threats such as computer viruses,
worms and trojan horses
o Computer virus = rogue software program that attaches itself to other software programs or
data files to be executed, usually without user knowledge or permission (viruses deliver a
payload)
o Worms = independent computer programs that copy themselves from one computer to
other computers over a network
Drive-by downloads = consisting of malware that comes with a downloaded file that a user
intentionally or unintentionally requests
o Trojan horse = software program that appears to be benign but then does something other
than expected, it is not itself a virus, but is often a way for viruses or other malicious code to
be introduced into a computer system
o SQL injection attacks = exploit vulnerabilities in poorly coded web application software to
introduce malicious program code into a company’s system and networks
o Malware known as ransomware is proliferating on both desktop and mobile devices, it tries
to extort money from users by taking control of their computers, blocking access to files, or
displaying annoying pop-up messages
o Some types of spyware also act as malicious software
Keyloggers record every keystroke made on a computer to steal serial numbers for software,
to launch internet attacks, to gain access to mail accounts, to obtain passwords to protected
computer systems or to pick up personal info such as credit card or bank account numbers
(trojan horse). Other spyware programs reset web browser home pages, redirect search
requests, or slow performance by taking up too much computer resources
Hackers and computer crime
Hacker = individual who intends to gain unauthorized access to a computer system. Hacker activities
broadened beyond mere system intrusion to include theft of goods and info as well as system
damage and cybervandalism, the intentional disruption, defacement, or even destruction of a
website or corporate info system
- Spoofing and sniffing
Spoofing = hackers attempt to hide their true identities by using fake email addresses or
masquerading as someone else OR redirecting a web link to an address different from the
intended one
Sniffer = type of eavesdropping program that monitors info travelling over a network
- Denial-of-service (DoS) attack = hackers flood a network server or web server with many
thousands of false communications or requests for services to crash the network
Distributed denial-of-service (DDoS) attack = uses numerous computers to inundate and
overwhelm the network from numerous launch points (using a botnet (thousands of zombie
PCs infected with malicious software without their owners’ knowledge))
- Computer crime = any violations of criminal law that involve a knowledge of computer
technology for their perpetration, investigation or prosecution
- Identity theft = crime in which an imposter, obtains key pieces of personal info, such as social
security numbers, driver’s license numbers, or credit card numbers, to impersonate someone
else
Learning objectives
8.1 Why are information systems vulnerable to destruction, error and abuse?
8.2 What is the business value of security and control?
8.3 What are the components of an organizational framework for security and control?
8.4 What are the most important tools and technologies for safeguarding information resources?
8.5 How will MIS help my career?
Cases
Cyberattacks in the Asia-Pacific Target the Weakest Link: People
Meltdown and Spectre Haunt the World’s Computers
Phishing for Money: Dangerous Emails
Information Security Threats and Policies in Europe
8.1 Why are information systems vulnerable to destruction, error and abuse?
Security = the policies, procedures and technical measures used to prevent unauthorized access,
alteration, theft or physical damage to information systems
Controls = methods, policies, and organizational procedures to ensure the safety of the
organization’s assets, the accuracy and reliability of its records, and operational adherence to
management standards
Why systems are vulnerable
The potential for authorized access or damage is not limited to a single location but can occur at
many access points in the network. Threats can stem from technical, organizational and
environmental factors compounded by poor management.
Client (user) Communication Lines Corporate Services Corporate Systems
(computer/smartphone) (servers of multiple comp.) (hardware operating
systems software)
Unauthorized access Tapping Hacking Theft of data
Errors Sniffing Malware Copying data
Message alteration Theft and fraud Alteration of data
Theft and fraud Vandalism Hardware failure
Radiation Denial-of-service attacks Software Failure
Internet vulnerabilities
The internet are more vulnerable than internal networks because they are virtually open for anyone.
Vulnerability has also increased from widespread use of email, instant messaging (IM) and peer-to-
peer (P2P) file-sharing programs
Wireless security challenges
Local area networks (LANs) using the 802.11 standard can be easily penetrated by outsiders armed
with laptops, wireless cards, external antennae, and hacking software. Hackers use these tools to
detect unprotected networks, monitor network traffic and in some cases gain access to the Internet
or to corporate networks. Wireless networks in many locations do not have basic protections against
war driving (in which eavesdroppers drive by building or park outside and try to intercept wireless
network traffic). Intruders also set up rogue access point on a different radio channel in physical
, locations close to users to force a user’s radio network interface controller (NIC) to associate with the
rogue access point.
Malicious software: viruses, worms, trojan horses and spyware
Malicious software programs (or malware) = include variety of threats such as computer viruses,
worms and trojan horses
o Computer virus = rogue software program that attaches itself to other software programs or
data files to be executed, usually without user knowledge or permission (viruses deliver a
payload)
o Worms = independent computer programs that copy themselves from one computer to
other computers over a network
Drive-by downloads = consisting of malware that comes with a downloaded file that a user
intentionally or unintentionally requests
o Trojan horse = software program that appears to be benign but then does something other
than expected, it is not itself a virus, but is often a way for viruses or other malicious code to
be introduced into a computer system
o SQL injection attacks = exploit vulnerabilities in poorly coded web application software to
introduce malicious program code into a company’s system and networks
o Malware known as ransomware is proliferating on both desktop and mobile devices, it tries
to extort money from users by taking control of their computers, blocking access to files, or
displaying annoying pop-up messages
o Some types of spyware also act as malicious software
Keyloggers record every keystroke made on a computer to steal serial numbers for software,
to launch internet attacks, to gain access to mail accounts, to obtain passwords to protected
computer systems or to pick up personal info such as credit card or bank account numbers
(trojan horse). Other spyware programs reset web browser home pages, redirect search
requests, or slow performance by taking up too much computer resources
Hackers and computer crime
Hacker = individual who intends to gain unauthorized access to a computer system. Hacker activities
broadened beyond mere system intrusion to include theft of goods and info as well as system
damage and cybervandalism, the intentional disruption, defacement, or even destruction of a
website or corporate info system
- Spoofing and sniffing
Spoofing = hackers attempt to hide their true identities by using fake email addresses or
masquerading as someone else OR redirecting a web link to an address different from the
intended one
Sniffer = type of eavesdropping program that monitors info travelling over a network
- Denial-of-service (DoS) attack = hackers flood a network server or web server with many
thousands of false communications or requests for services to crash the network
Distributed denial-of-service (DDoS) attack = uses numerous computers to inundate and
overwhelm the network from numerous launch points (using a botnet (thousands of zombie
PCs infected with malicious software without their owners’ knowledge))
- Computer crime = any violations of criminal law that involve a knowledge of computer
technology for their perpetration, investigation or prosecution
- Identity theft = crime in which an imposter, obtains key pieces of personal info, such as social
security numbers, driver’s license numbers, or credit card numbers, to impersonate someone
else
