Technology is a wonderful thing. We can create documents, edit images, create music files, and do just about anything we like with a computer. The advancements in technology grow at an alarming rate, and each week we see new things that we ever were possible before. Most security threats are made by attackers using a relatively small number of vulnerabilities. A hacker who threatens your organisation's information assets is taking advantage of vulnerabilities in the media and systems which handle them. Vulnerabilities and threats clearly go hand-in-hand: each threat is directed at a vulnerability.
The major of online security threat are fall under several general categories:
(1) Accidental actions which again can come from the same two groups: those inside and those outside an organisation. Examples might be an employee accidentally deleting an important file and a family member spilling coffee on the keyboard of a computer.
(2) Malicious attacks is becoming more sophisticated and targeted. Attackers are using increasingly deceptive social engineering techniques to entice users to seemingly legitimate web pages that are actually infected and/or compromised with malware such as computer viruses, denial of service attacks and distributed denial of service attacks. Viruses are small and malicious computer programs that are try to infect our computers, spreading it from one computer to another computer. In some cases, it is attach to emails. An infected computer can send out tens of thousands of emails, each carrying the virus. And, it will use our email address book to find new people to attack.
(3) Online fraud such as identity theft and data theft. Identity theft is a term used to refer to fraud that involves stealing money or getting other benefits by pretending to be someone else. The term is relatively new and is actually a misnomer, since it is not inherently possible to steal an identity, only to use it. The person whose identity is used can suffer various consequences when they are held responsible for the perpetrator's actions. Data theft is a growing problem primarily perpetrated by office workers with access to technology such as desktop computers and hand-held devices capable of storing digital information such as flash drives, iPods and even digital cameras. Since employees often spend a considerable amount of time developing contacts and confidential and copyrighted information for the company they work for they often feel they have some right to the information and are inclined to copy and/or delete part of it when they leave the company, or misuse it while they are still in employment.