MY INTRODUCTION

• Jawad Ahmed Bhutta

• MS CS & IT NED
• BE EE(CE) UIT Hamdard University
• Senior Lecturer
• Bahria University Karachi Campus
INTRODUCTION
• What is Information Technology?
• Information technology (IT) is the use of computers to store, retrieve, transmit,
and manipulate data, or information, often in the context of a business or other
enterprise. IT is a subset of information and communications technology (ICT).
OR
• Information technology (IT) is the use of any computers, storage, networking and
other physical devices, infrastructure and processes to create, process, store,
secure and exchange all forms of electronic data. Typically, IT is used in the context
of enterprise operations as opposed to personal or entertainment technologies.
The commercial use of IT encompasses both computer technology and telephony.
IT can also refer to the architectures, methodologies and regulations governing the
use and storage of data.
INFORMATION TECHNOLOGY
• IT in a broader scale encompasses the following:
• Hardware Infrastructures(Physical Media/assets/resources i.e
Computers, Servers, Routers etc)
• Software Infrastructures(OS, App Software, Databases etc)
• Regulations/rules/protocols/SOP’s/Policies governing the above
infrastructures.
INFORMATION TECHNOLOGY
• All in all we can deduce that IT systems are way more complex
because of the nature of technologies involved and the level of
integration done in order to synergize the meaningful information or
productivity associated with them.
• Therefore, IT systems require even more complex policies in order to
run smoothly and effectively whatever the conditions may arise.
• If the policies or the underlying infrastructures are weak(in any way)
then the business productivity of any organization could be on stake
or the organization could have serious Losses or Risks associated with
these losses.
LOSSES
• Losses could be of many types
• Data Losses
• Financial Losses
• Reputational Losses
DATA LOSSES
• Means losing files or data through which you create information.
• Means losing time and money to recover information that is essential
for the proper functioning of your business.
• Some forms of data losses are recoverable, but they require time and
resources.
• Data losses can be attributed to a number of factors but are largely
associated with 10 common causes as discussed .
CAUSES OF DATA LOSSES
• Human error
• Viruses and malware
• Hard drive damage
• Power outages
• Computer theft
• Liquid damage
• Disasters
• Software corruption
• Hard drive formatting
• Hackers and Insiders
HUMAN ERROR
• Humans are not infallible — we all make mistakes and sometimes
they’re big ones.
• For businesses, these mistakes can result in the unintentional deletion
of data files or sections of text. 
• Without realizing it, employees can overwrite important files or
delete information that is essential to your business.
• Human error can also play a role in many other main causes of data
loss, including hard drive damage, liquid spills, software corruption
and hard drive formatting.
VIRUSES AND MALWARE
• Most people think of viruses when you ask them what causes data
losses.
• For businesses, viruses can steal and delete swaths of data or bring
business operations to a crawl, destroying company functionality.
• A computer often gets a virus from an email-based attack or through
phishing that tempts an employee to click on a corrupted link. This
link then allows the virus or malware to enter the computer system to
damage or steal files.
HARD DRIVE DAMAGE
• Most data losses occur due to hardware malfunctions, with the
primary perpetrator being the hard drive.
• Hard drives are the most fragile parts of computers, and around 140
thousand hard drives crash every week.
• Of these crashes, 60 percent are due to mechanical issues and 40
percent are a result of human misuse or mishandling, including
dropping or jostling a computer or laptop.
• Hard drives can also be damaged if a computer overheats, typically
caused by overuse or a build-up of dust in the computer.
POWER OUTAGES
• Power outages can interrupt business operations substantially,
shutting software systems down without warning.
• Not only can this result in the loss of unsaved data, but it can also
cause existing files to be corrupted due to improper shutdown
procedures.
• Sometimes, entire programs may be rendered non-functional by a
poorly timed power outage.
• If a computer shuts down while it is writing to the hard drive system,
it may never start up again.
COMPUTER OR LAPTOP THEFT
• In the modern workplace, more and more people are becoming
mobile. This often means they are working from laptops or
smartphones rather than PCs. Laptop theft is a serious risk and can
happen anywhere if a laptop is left unattended.
According to a study by Kensington:
• 25 percent of IT theft occurs in cars or other transportation vehicles
• 23 percent takes place in the office
• 15 percent happens in airports or hotels
• 12 percent occurs in restaurants
LIQUID DAMAGE
• Spilling coffee or water on your laptop or computer can cause a short
circuit, making it difficult to recover your computer, let alone the data
stored inside.
• If your computer somehow gets completely submerged, the situation
is even more serious.
• Sometimes a computer may seem to work fine after a spill, but the
internal damage can have lasting effects that cause the computer to
short circuit in the future.
• Acidic drinks, like coffee, pose a particular risk as they can corrode the
inside of a computer if a spill is not cleaned up properly.
DISASTERS
• From tornadoes to fire, disasters can happen when you least expect
them and have devastating impacts on your business.
• They can destroy your computer, your data and even your business
entirely.
• To minimize the effects of a disaster and ensure you can carry on,
back up your data on a weekly basis and store files in a secure
location.
DISASTERS
• Natural disasters can cause irreparable damage to a business if data is
not backed up:
• 93 percent of companies that lost their data center for 10 or more days
from a disaster filed for bankruptcy within one year
• 50 percent of companies that lost data management due to a disaster
filed for bankruptcy immediately
• 30 percent of businesses that experience a severe fire go out of
business within a year
• 70 percent of businesses that experience a severe fire go out of
business within five years
SOFTWARE CORRUPTION
• Unexpected or improper software shutdowns may seem innocent on
the surface but can cause serious issues for your data.
• Improper shutdowns can corrupt your data or delete your progress,
wasting time and losing valuable data.
• When software is corrupted it may not be able to run again, meaning
you cannot access data stored in that software.
HARD DRIVE FORMATTING
• Accidental formatting of your hard drive can cause you to lose data
instantly.
• Employees can format a hard drive by accident if they misunderstand
system prompts or error messages.
• Reformatting can also occur during system updates and result in data
loss.
• While accidentally reformatting a hard drive can lead to panic when
files and documents can no longer be accessed, you can often recover
lost data from hard drive formatting by running a data recovery
software.
HACKERS AND INSIDERS
• In recent years, hacking and data breaches have become a much
more common problem, making good cybersecurity measures
essential.
• Unauthorized guests in your network can cause serious damage to
your data, deleting and stealing any data they wish.
• They can even damage entire network processes if they have
sufficient access to your system.
• Minimize the potential for such losses by using firewalls in your
system to keep out hackers.
THE BIG PICTURE
• Out of the above which one do you think lie within the realms of
Security or IT Security or Cyber Security or IT Risk.
INFORMATION TECHNOLOGY RISK
• Potential for technology shortfalls that results in losses.
• Includes potential for project failures, operational problems and
information security incidents.
TYPES OF IT RISKS
• Architecture Risks
• IT structures that fail to support operations or projects
• Artificial Intelligence Risks
• Risk associated with technologies that learn and self improve.
• Asset Management Risk
• Failure to control IT assets such as loss of mobile devices.
• Audit Risks
• Risk that an IT audit will miss things such as security vulnerabilities.
• Legacy Technology Risk
• Out of date technology that is difficult to maintain and at risk of failures
TYPES OF IT RISK
• Most of the preceding are IT Risks that contribute towards
information security incidents
• What is Information Security?
INFORMATION SECURITY (IS)
• According techopedia.com:
• “IS is designed to protect the confidentiality, integrity and availability
of computer system data from those with malicious intentions.
Confidentiality ,integrity and availability are sometimes referred to
as the CIA Triad of information security. This triad has evolved into
what is commonly termed as the Parkerian hexad, which includes
confidentiality, possession (or control), integrity, authenticity,
availability and utility”.
INFORMATION SECURITY (IS)
• Searchsecurity.techtarget.com states :
• “Information security (infosec) is a set of strategies for managing the processes,
tools and policies necessary to prevent, detect, document and counter threats to
digital and non-digital information. Infosec responsibilities include establishing a
set of business processes that will protect information assets regardless of how
the information is formatted or whether it is in transit, is being processed or is
at rest in storage”.
• Information primarily occurs in 3 stages or forms
• Rest
• Transit
• Processing
CIA TRIAD OF INFOSEC
• The CIA (Confidentiality, Integrity, and Availability) triad of information
security is an information security benchmark model used to evaluate
the information security of an organization. The CIA triad of
information security implements security using three key areas related
to information systems including confidentiality, integrity and
availability
• The CIA triad of information security was created to provide a baseline
standard for evaluating and implementing information security
regardless of the underlying system and/or organization. The three
core goals have distinct requirements and processes within each other.
CONFIDENTIALITY
• Ensures that data or an information system is accessed by only an
authorized person. User Id’s and passwords, access control lists (ACL)
and policy based security are some of the methods through which
confidentiality is achieved
• ACL refers to the permissions attached to an object that specify which
users are granted access to that object and the operations it is
allowed to perform. Each entry in an access control list specifies the
subject and an associated operation that is permitted.
ACL
ACL
• The main idea of using an ACL is to provide security to your network.
Without it, any traffic is either allowed to enter or exit, making it
more vulnerable to unwanted and dangerous traffic.
• As shown in the preceding picture, the routing device has an ACL that
is denying access to host C into the Financial network, and at the
same time, it is allowing access to host D.
CONFIDENTIALITY (CONTINUED)
• Confidentiality, in the context of computer systems, allows authorized
users to access sensitive and protected data. Specific mechanisms
ensure confidentiality and safeguard data from harmful intruders.
• For example, a U.S. government or military worker must obtain a
certain clearance level, depending on a position's data requirements,
such as, classified, secret or top secret. Those with secret clearances
cannot access top secret information.
CONFIDENTIALITY (CONTINUED)
• Best practices used to ensure confidentiality are as follows:
• An authentication process, which ensures that authorized users are assigned
confidential user identification and passwords. Another type of
authentication is biometrics.
• Role-based security methods may be employed to ensure user or viewer
authorization. For example, data access levels may be assigned to specified
department staff.
• Access controls ensure that user actions remain within their roles. For
example, if a user is authorized to read but not write data, defined system
controls may be integrated.
INTEGRITY
• Integrity assures that the data or information system can be trusted.
Ensures that it is edited by only authorized persons and remains in its
original state when at rest. Data encryption and hashing algorithms
are key processes in providing integrity.
• Integrity, in the context of computer systems, refers to methods of
ensuring that data is real, accurate and safeguarded from
unauthorized user modification.
INTEGRITY (CONTINUED)
• Data integrity maintenance is an information security requirement.
Integrity is a major Information Assurance IA component because
users must be able to trust information.
• Untrusted data is devoid of integrity. Stored data must remain
unchanged within an information system (IS), as well as during data
transport.
INTEGRITY (CONTINUED)
• Events like storage erosion(gradual destruction), error and intentional
data or system damage can create data changes.
• For example, hackers may cause damage by infiltrating systems with
malware, including Trojan horses, which overtake computer systems,
as well as worms and viruses.
• An employee may create company damage through intentionally false
data entry.
• Data integrity verification measures include checksums and the use of
data comparisons.
MALWARES: VIRUSES, WORMS &
TROJAN HORSES
MALWARES: VIRUSES, WORMS &
TROJAN HORSES
• A virus is a type of malicious software (malware) comprised of small
pieces of code attached to legitimate programs. When that program
runs, the virus runs.
• A computer worm is a type of malicious software program whose
primary function is to infect other computers while remaining active
on infected systems.
MALWARES: VIRUSES, WORMS &
TROJAN HORSES
• A computer worm is self-replicating malware that duplicates itself to
spread to uninfected computers.
• Worms often use parts of an operating system that are automatic and
invisible to the user.
• It is common for worms to be noticed only when their uncontrolled
replication consumes system resources, slowing or halting other tasks.
MALWARES: VIRUSES, WORMS &
TROJAN HORSES
• Trojan Horse actually refers to piece of history that many of you might
know
• How many of you know about Helen of Troy?
• Or Troy?
• Or simply watched Brad Pitt’s Troy(2004)?
MALWARES: VIRUSES, WORMS &
TROJAN HORSES
• A Trojan horse is not a virus. It is a destructive program that looks as a
genuine application. Unlike viruses, Trojan horses do not replicate
themselves but they can be just as destructive.
• Trojans are also known to create a backdoor on your computer that
gives malicious users access to your system, possibly allowing
confidential or personal information to be compromised. Unlike
viruses and worms, Trojans do not reproduce by infecting other files
nor do they self-replicate.
INTEGRITY (CONTINUED)
• Checksum or hash sum is an error-detection method, i.e. a
transmitter computes a numerical value according to the number of
set or unset bits in a message and sends it along with each message.
At the receiver end, the same checksum function (formula) is applied
to the message to retrieve the numerical value. If the received
checksum value matches the sent value, the transmission is
considered to be successful and error-free.
• This verifies the integrity of the data sent.
AVAILABILTY
• Ensures data and information systems are available when required.
Hardware maintenance, software patching/upgrading and network
optimization ensures availability.
• Availability, in the context of a computer system, refers to the ability
of a user to access information or resources in a specified location
and in the correct format.
AVAILABILTY
• When a system is regularly non-functioning, information availability is
affected and significantly impacts users. In addition, when data is not
secure and easily available, information security is affected, i.e., top
secret security clearances. Another factor affecting availability is time.
If a computer system cannot deliver information efficiently, then
availability is compromised.
AVAILABILITY
• Data availability must be ensured by storage, which may be local or at
an offsite facility. In the case of an offsite facility, an established
business continuity plan should state the availability of this data when
onsite data is not available. At all times, information must be available
to those with clearance.
CIA TRIAD
PARKERIAN HEXAD
• The Parkerian Hexad is a definition of a set of components added to
the CIA Triad to model a more comprehensive and complete security
model: The atomic components of the Parkerian Hexad are: Based on
the CIA Triad :Confidentiality, Availability and Integrity. Additions:
Possession/Control, Authenticity and Utility.
• Possession correlates to Confidentiality
• Authenticity correlates Integrity
• Utility correlates to Availabilty
PARKERIAN HEXAD
CASE STUDY (ASHLEY MADISON)
• What is Ashley Madison?
• A dating site with the tagline “Life is short. Have an affair” which offers married
people the opportunity to cheat on their spouses.
• With a claimed 37m users, it is one of the biggest of its sort, and no stranger to
controversy
•
the site had previously allowed a sports scientist to eavesdrop on conversations bet
ween its users
to write a paper on how women seek affairs, and regularly contacted journalists to
offer “adultery insights” based on data from their users.
• The site is run by Canadian company Avid Life Media, which operates a portfolio of
similarly niche and controversial dating sites, including Cougar Life (for older women
seeking younger men) and Established Men (“Connecting young, beautiful women
with interesting men”).
CASE STUDY (ASHLEY MADISON)
• How does the site work?
• Unlike many dating sites, Ashley Madison does not charge for membership
directly.
• Instead, users pay for credits, which are used to send messages and open chat
sessions.
• Controversially, the site charges men to send messages to women, and also
charges men to read messages sent by women.
• While many dating sites tilt the scales in favor of female members, few are as
explicit about doing so.
• Users can also use their credits to send gifts or pay more to put their message
at the top of a (female) members inbox.
CASE STUDY (ASHLEY MADISON)
• What’s been stolen?
• The site’s database of members, as well as a huge amount of internal
corporate data. The database is split into three parts: the largest
contains profile information, including the names, street addresses,
and dates of birth of users.
• That database also contains the users’ entries in three checkbox lists,
variously detailing their turn-ons, what sort of person they’re looking
for, and what acts they’re hoping to perform, as well as biographical
information such as whether or not they smoke and drink.
CASE STUDY (ASHLEY MADISON)
• What’s been stolen?
• A second database contained the users’ email addresses, as well as
information about what mailing lists they were opted-in to. This is the
database which has been the source of many of the stories up till
now, because it is the easiest to search in general terms.
Unsurprisingly, users have signed up with email addresses from the
UK and US governments and militaries, as well as a number of large
corporations and educational establishments – although, despite
reports to the contrary, no-one has signed up with a valid email from
the Vatican.
CASE STUDY (ASHLEY MADISON)
• What’s been stolen?
• The third is a database of credit card transaction information. But the
information isn’t enough to steal users’ cash, and Ashley Madison has
been very clear that full credit card information wasn’t leaked
CASE STUDY (ASHLEY MADISON)
• Where’s the information now?
• The main dump is hosted on a Tor “hidden service” – a website which
can only be accessed through the anonymous browser. Unlike a
normal website, which visitors connect to directly, a hidden service is
accessed via an encrypted connection routed through third-parties
which obscure the website’s address from its visitors, and vice-versa.
That means that it’s very difficult to use the legal system to take down
the main dump, since no-one yet knows who to send the takedown
notices too.
CASE STUDY (ASHLEY MADISON)
• Where’s the information now?
• On top of that, the dump itself is now being disseminated using
bittorrent, a peer-to-peer transfer protocol. The file is broken up into
multiple blocks, which are then shared directly from one
downloader’s computer to the next.
• With no central repository, it is all but impossible to prevent the
transfer
CASE STUDY (ASHLEY MADISON)
• Who did it?
• On the day of the hack, Ashley Madison’s chief executive Noel
Biderman told security reporter Brian Krebs that
it might have been an inside job. “We’re on the doorstep of
[confirming] who we believe is the culprit, and unfortunately that may
have triggered this mass publication,” Biderman, said. “I’ve got their
profile right in front of me, all their work credentials. It was definitely
a person here that was not an employee but certainly had touched
our technical services.”
CASE STUDY (ASHLEY MADISON)
• Who did it?
• The Impact Team announced the attack on 15 July 2015 and
threatened to expose the identities of Ashley Madison's users if its
parent company, Avid Life Media, did not shut down Ashley Madison
and its sister site, "Established Men“.
• And they exposed them big time.
CASE STUDY (ASHLEY MADISON)
• What repercussions did the site face?
• There were possibilities of a settlement if no financial losses occurred
to individuals whose information was leaked.
• But the distress of a data breach of concerned parties can land the
company in severe debt and bankruptcy only in insurance claims
alone.
• This was even bigger than that.
CASE STUDY (ASHLEY MADISON)
• This event reinforces the need for businesses to not just think about
what is mandatory by law in information security, but what is best
practice.
THANKYOU
REFERENCES
• https://consoltech.com/blog/10-common-causes-of-data-loss/
• https://simplicable.com/new/technology-risk
• https://www.techopedia.com/definition/25830/cia-triad-of-informati
on-security
• https://searchsecurity.techtarget.com/definition/information-security
-infosec
• https://www.ittsystems.com/access-control-list-acl/
• https://www.techopedia.com/definition/10254/confidentiality
• https://www.techopedia.com/definition/10284/integrity
• https://www.theguardian.com/technology/2015/aug/20/ashley-madi
son-hack-your-questions-answered