AFM341 Lecture 6: Information Security
SchoolUniversity of Waterloo
DepartmentAccounting & Financial Management
This preview shows pages 1-2. to view the full 6 pages of the document.
Class 6: Information Security
● Information security is primarily concerned with the confidentiality, integrity, and availability of
● A variety of security threats (e.g. malware, DDOS, social engineering) endanger the reputation,
financial stability, and competitiveness of organizations.
● Insiders pose a unique and often overlooked security threat to organizations
What is information security?
● Information security is defined as protecting information and information systems from
unauthorized access, use, disclosure, disruption, modification, or destruction.
● Things to consider:
○ What are the assets we protecting?
○ What is the value of the assets?
○ How much will it cost to protect the assets?
IT Security Decision Framework
Models of information security issues: CIA Triad (important!)
Only pages 1-2 are available for preview. Some parts have been intentionally blurred.
Information security threats
● Though not exhaustive, we will focus on three categories of security threats:
○ Malicious software
○ Denial of service
○ Social engineering
Malicious Software (AKA Malware)
● Malware refers to any software that is used to do harm. This includes:
● Viruses: A fragment of code that attaches itself to other programs in order to be executed,
usually without user knowledge or permission. Viruses require some type of user action to be
activated (e.g. opening an email attachment) and replicated.
● Worms: Programs that copy themselves (i.e. without user action) from one computer to another
over networks. Can destroy data, programs, and halt operation of computer networks.
● Spyware: Secretly monitors and collects information
● Keylogger: Software that records user keystrokes
● Trojan Horse: Malicious computer instructions in an authorized and properly functioning
● Trap door: Set of instructions that allow the user to bypass normal system controls
● Packet sniffer: Captures data as it travels over a network
● Ransomware is a type of malicious software that restricts access to a computer system by
locking or encrypting the data until a ransom is paid to the creator, typically in difficult-to-trace
cyber currency, such as Bitcoin.
● Historically, ransomware such as CryptoLocker and CryptoWall employ attacks that threaten
only availability, by preventing a user from accessing their files. Generally, if you pay the
ransom, you get your data back (though not always)
● Recent reports suggest that ransomware is the biggest security threat to businesses around the
world. According to Dimension Data, ransomware attacks rose by 350% over the previous year.
● Attacks on businesses are up to 42% of the total volume (compared to 30% last year).
● The average ransom averaged $544 per machine, although examples of higher ransoms remain
common (a recent Dropbox-themed attack sent to 20M inboxes demands 0.5BTC (about $4500).
Some Ransomware Prevention Guidelines
● Back up your files every day
● Don’t open email attachments
● Keep antivirus software up to date (though this won’t catch all instances of ransomware)
● Keep vulnerable applications (e.g. Windows, Java, Flash) fully patched
● Install ransomware protection tools (e.g. BitDefender, Trend Micro Anti-Ransomware, EasySync
You're Reading a Preview
Unlock to view full version