Computer hacking and security - Social Responsibility of IT Professional by Mark John Lado and Franklin Lasdoce

SOCIAL RESPONSIBILITY
OF IT PROFESSIONAL
SECURIT
Y
HACKIN
G
MARK JOHN P. LADO
FRANKLIN C. LASDOCE
PREPARED BY:

Technology is science or knowledge put into practical use to solve
problems or invent useful tools. A computer is one of the examples of
a technology it is a programmable electronic device that accepts raw
data as input and processes it with a set of instructions (a program) to
produce the result as an output.
Technology is robust, where hacking is now common, there are two
different types of hacking, the ethical hacking and unethical hacking.
INTRODUCTION
11-4-21 2
MASTER IN INFORMATION TECHNOLOGY – NONESCOST - SOCIAL RESPONSIBILITY OF IT
PROFESSIONAL

The Same Tools Are Used By Both Hackers And Ethical Hackers. The
Only Difference Is That Hackers Use Tools To Steal Or Destroy
Information Whereas Ethical Hackers Use Same Tools To Safeguard
Systems From “Hackers With Malicious Intent”. Ethical Hacking Is
Legal And Hacking Is Done With Permission From The Client.
Computer Security Is The Protection Of Computer Systems And
Networks From Information Disclosure, Theft Of Or Damage To Their
Hardware, Software, Or Electronic Data, As Well As From The
Disruption Or Misdirection Of The Services They Provide.
INTRODUCTION
3
11-4-21
PROFESSIONAL

• Tell the definition of Computer Hacking
• Recognize the Ethical hacking and Unethical
hacking
• Illustrate the penetration tester do
• Summarize the top Skills Required for
Cybersecurity Jobs
• Define Computer Security
• Recite the different types of Computer Security
OBJECTIVES
4
At the end of this topic, you will be able to;
11-4-21
PROFESSIONAL

• Describe the importance of Computer Security
• Summarize the objectives for computer security
in any organization
• Discover in securing your Computer from
Unauthorized Access
• Relate the 15 Best practices for Computer
Security and Cyber Security
• Recognize the Social Engineering and Cyber
Attacks
OBJECTIVES
5
At the end of this topic, you will be able to;
11-4-21
PROFESSIONAL

COMPUTER HACKING
The act of compromising digital devices and
networks through unauthorized access to an
account or computer system. Hacking is not always
a malicious act, but it is most commonly associated
with illegal activity and data theft by cyber criminals.
6
11-4-21 MASTER IN INFORMATION TECHNOLOGY – NONESCOST - SOCIAL RESPONSIBILITY OF IT
PROFESSIONAL

ETHICAL HACKING
Also known as White Hat, or Penetration Tester.
COMPUTE
R
HACKING
7
UNETHICAL HACKING
Also know as Black Hat.
11-4-21
PROFESSIONAL

A white hat is an ethical computer
hacker, or a computer security expert,
who specializes in penetration testing
and other testing methodologies that
ensure the security of an organization's
information systems. Ethical hacking is
a term meant to imply a broader
category than just penetration testing.
ETHICAL HACKING
1/7/20XX 8
PROFESSIONAL

As a penetration tester, you will perform
authorized tests on computer systems
in order to expose weaknesses in their
security that could be exploited by
criminals. You can choose to specialise
in manipulating a particular type of
system, such as: networks and
infrastructures.
WHAT DOES A
PENETRATION TESTER DO?
1/7/20XX 9
PROFESSIONAL

COMPUTE
R
HACKING
10
UNETHICAL HACKING
Also know as Black Hat.
11-4-21
PROFESSIONAL

11-4-21 11
WHAT DOES A BLACK
HAT HACKER DO?
A black hat hacker is a hacker who
violates computer security for their
own personal profit or out of malice.
PROFESSIONAL

11-4-21 12
UNETHICAL HACKING
Black Hat hackers are criminals who break into
computer networks with malicious intent. They may
also release malware that destroys files, holds
computers hostage, or steals passwords, credit
card numbers, and other personal information.
PROFESSIONAL

One of the most famous black hat hackers is Kevin Mitnick, who, at
one point, was the most wanted cybercriminal in the world. As a black
hat hacker, he hacked into over 40 major corporations, including IBM
and Motorola, and even the US National Defense warning system.
Source:
Black hat, white hat & gray hat hackers | Kasperskyhttps://www.kaspersky.com ›
HACKING
11-4-21 13
PROFESSIONAL

SOURCE: WIKIPEDIA/KEVIN_MITNIC

COMPUTER SECURITY
Computer security,
cybersecurity, or information
technology security is the
protection of computer systems
and networks from information
disclosure, theft of or damage to
their hardware, software, or
electronic data, as well as from
the disruption or misdirection of
the services they provide.
11-4-21 15
PROFESSIONAL

Also called cybersecurity, the protection of
computer systems and information from harm,
theft, and unauthorized use. Computer
hardware is typically protected by the same
means used to protect other valuable or
sensitive equipment—namely, serial numbers,
doors and locks, and alarms.
11-4-21 16
COMPUTER SECURITY
1011001010100101010111010100101
PROFESSIONAL

PROBLEM-
SOLVING SKILLS
KNOWLEDGE OF
SECURITY ACROSS
VARIOUS
PLATFORMS
ATTENTIO
N TO
DETAIL
TECHNICA
L
APTITUDE
THE TOP SKILLS REQUIRED FOR CYBERSECURITY JOBS
11-4-21 17
PROFESSIONAL

As a cybersecurity professional, problem-
solving will play a major role in your day-
to-day work. Those in the field need to
find creative ways to take on and address
complex information security challenges
across a variety of existing and emerging
technologies and digital environments.
11-4-21 18
PROBLEM-SOLVING SKILLS
PROFESSIONAL

As the name implies, cybersecurity is a
technology-focused field: you will be likely be
tasked with responsibilities such as
troubleshooting, maintaining, and updating
information security systems; implementing
continuous network monitoring; and providing
real-time security solutions. Being technologically
savvy is essential in order to perform the daily
activities of a cybersecurity professional.
Technical aptitude helps assess a candidate's:
Ability to reason with logic
11-4-21 19
TECHNICAL APTITUDE
PROFESSIONAL

Cybersecurity isn't just limited to
computers: you'll need to be
comfortable working on a variety of
operating systems, computer
systems, mobile devices, cloud
networks, and wireless networks -
and keep up to date on advances in
the field for all of them.
11-4-21 20
KNOWLEDGE OF SECURITY ACROSS VARIOUS
PLATFORMS
PROFESSIONAL

Being able to defend an organization
against cyber breaches requires you to be
highly vigilant and detail-oriented, in order
to effectively detect vulnerabilities and
risks. You'll like be responsible for
continuous network monitoring and will
need to be able to quickly identify
concerns and come up with real-time
security solutions to address them.
11-4-21 21
ATTENTION TO DETAIL
PROFESSIONAL

• Physical Security
• Network Security
• Executable Security
11-4-21 22
DIFFERENT TYPES OF COMPUTER SECURITY
THERE ARE THREE DIFFERENT TYPES OF COMPUTER SECURITY. THEY ARE AS
FOLLOWS
PROFESSIONAL

This type of computer security is one of
the simplest and easiest to interpret.
Anyone who has access to the computer
can access it.
Always we need to make sure not to share
our passwords in-order to safeguard our
system from data thefts.
11-4-21 23
PHYSICAL SECURITY
Our computers should not be left
unattended, as others can access
all our files.
Physical security is one of the
basic securities that one must
consider.
PROFESSIONAL

Firewall is one of the most
important computer security.
11-4-21 24
NETWORK SECURITY
This firewall helps the network
security by stopping any of the
unauthorized networks that
would attempt to access your
computer.
PROFESSIONAL

Anti-virus security is known as
executable security.
This type of security is quite complex
as it requires a team to code the anti-
virus. Anti-virus is a must, to block the
virus from attacking the system.
11-4-21 25
EXECUTABLE SECURITY
These anti-virus securities are called
executable security as they are
executable files that need to be run
on the computer, to be installed. With
this, our computers would be more
reliable.
PROFESSIONAL

IMPORTANCE OF COMPUTER SECURITY
Computer security is one of the most important aspects,
as it keeps all our data safe.
Prevention helps to stop hackers (unauthorized users)
from accessing our computers.
PROFESSIONAL

IMPORTANCE OF COMPUTER SECURITY
Today most of the transactions that we perform from shopping to
banking are by accessing the websites (through a network).
The main intention of a hacker is to attack the system and get all
the data stored in the system.
Once the hacker can access different computers, they can cause
damage by formatting the hard drive.
Also, it would be easy for the hacker to attack other computers
through your computer as they can hide their actual information.
PROFESSIONAL

28
SOME OF THE OBJECTIVES FOR COMPUTER SECURITY
IN ANY ORGANIZATION ARE
• Confidentiality – This means that information should be
accessed only by authorized users.
PROFESSIONAL

29
• Integrity – Here information should be added, modified, or
deleted only by an authorized user which means we need to
protect information being modified.
PROFESSIONAL

30
• Availability – This means that the information should be
available only to authorized people on demand.
PROFESSIONAL

31
HOW TO SECURE YOUR COMPUTER FROM
UNAUTHORIZED ACCESS
• Secure passwords – Always we should keep in mind to
create passwords that have at least 15 characters which
include capital letters, special characters, and numbers.
• Anti-virus – Make sure to install and update the anti-virus
regularly to prevent malware. Examples are Norton and
McAfee.
PROFESSIONAL

32
UNAUTHORIZED ACCESS
• Two-way authentication – Here there would be two layers of
authentication making it difficult for the hackers to get access
to your accounts.
• Firewalls – Firewalls do not allow unauthorized users from
accessing the network connected to the internet.
PROFESSIONAL

33
UNAUTHORIZED ACCESS
• Anti-phishing tactics – Attackers normally try to send an
email with a malicious link or ask us to provide our data or
send us any attached files. By doing this (by clicking on the
malicious link, sending our personal data, or clicking on any
attachments) we fall into their trap and they would succeed to
hack our computers.
PROFESSIONAL

34
UNAUTHORIZED ACCESS
• Encryption – This is a method of converting plain text to
secret text. Many applications follow this – Banking
transactions, Computer passwords, etc.
PROFESSIONAL

People need to be smart and
need to pay attention to the
security of their personal
computers. Few points that we
need to keep in mind.
35
15 BEST PRACTICES FOR COMPUTER SECURITY
AND CYBER SECURITY
1010010101001010100000101010
PROFESSIONAL

1. Do not click on anything you
are not sure to be safe.
2. Do not open any
attachments that show up in
emails from an unknown
person. 36
AND CYBER SECURITY
1010010101001010100000101010
3. Do not hand over your
personal identification or
debit card details, credit
card details to strangers.
PROFESSIONAL

4. Do not use unsecured public
Wi-Fi networks as we don’t
know if someone is looking at
our data
5. Always keep data back up
safe elsewhere. 37
AND CYBER SECURITY
1010010101001010100000101010
6. Make sure to keep
changing the passwords
often and follow the
standards while choosing a
password.
PROFESSIONAL

7. Install a good Anti-virus on
your computer and keep it up
to date.
8. Always enable the firewall
38
AND CYBER SECURITY
1010010101001010100000101010
9. Install the security
software that helps to
recognize the website that
you be aware of.
PROFESSIONAL

10. Do not use USBs or hard
disks in other machines that
you don’t trust.
11. Make sure all the software
is up to date.
39
AND CYBER SECURITY
1010010101001010100000101010
12. Lock your computers
when you are not around.
13. Do not run the programs
that are unknown to you.
PROFESSIONAL

14. Keep an eye on installed
software and remove
unnecessary software.
40
AND CYBER SECURITY
1010010101001010100000101010
15. Use a pop-up blocker.
PROFESSIONAL

When the network is secure,
hackers fail to hack it and
they in-turn target the users
of that network. This is called
Social Engineering.
11-4-21 41
SOCIAL ENGINEERING AND CYBER ATTACKS
PROFESSIONAL

In recent days these types of
hackers have increased
subsequently.
11-4-21 42
PROFESSIONAL

Following are different
techniques used in social
engineering attacks –
11-4-21 43
PROFESSIONAL

11-4-21 44
SOCIAL ENGINEERING AND CYBER
ATTACKS
VISHING
PHISHING SMISHING WHALING
PROFESSIONAL

11-4-21 45
• Phishing – This is one of the oldest methods used. In this
method, the Attacker sends an email expecting to get the
information from the user back.
• Vishing – Here attackers attack in the form of voice phishing.
They would contact you over the phone and pretend to be
from a bank or any other company.
PROFESSIONAL

11-4-21 46
• Smishing – Here attackers use SMS phishing and the
person will receive a text message which looks like it is from
the bank, asking for all the personal details.
• Whaling – In this form of phishing, the attackers attack the
CEO or high-level person from the organization to get all the
financial information.
PROFESSIONAL

• Computer Hacking and Computer Security
• Ethical hacking and Unethical hacking
• What penetration tester do
• Top Skills Required for Cybersecurity Jobs
11-4-21 47
WRAP-UP
PROFESSIONAL

• Different types of Computer Security
• The importance of Computer Security
• Objectives for computer security in any
organization
• Securing your Computer from Unauthorized
Access
• Best practices for Computer Security and Cyber
Security
• Social Engineering and Cyber Attacks
11-4-21 48
WRAP-UP
PROFESSIONAL

11-4-21 49
Online References
https://www.classmate4u.com/computer-security-and-cyber-security/
THANK YOU!
• Mark John P. Lado
• Franklin C. Lasdoce
PREPARED BY:
PROFESSIONAL

Computer hacking and security - Social Responsibility of IT Professional by Mark John Lado and Franklin Lasdoce

More Related Content

What's hot (20)

Similar to Computer hacking and security - Social Responsibility of IT Professional by Mark John Lado and Franklin Lasdoce (20)

More from Mark John Lado, MIT (20)

Recently uploaded (20)

Computer hacking and security - Social Responsibility of IT Professional by Mark John Lado and Franklin Lasdoce