Introduction to Computer Security

Introduction

Since the first edition of this book, the prevalence of online transactions has increased dramatically. In 2004 we had e-commerce via websites; in 2019 we have smart phone apps, the Internet of Things, medical devices that communicate wirelessly, as well as an expanded use of e-commerce websites. We also have Wi-Fi–enabled cars and smart homes. Internet traffic is far more than just humorous YouTube videos or Facebook updates about our vacations. Now it is the heart and soul of commerce, both domestic and international. Internet communication even plays a central role in military operations and diplomatic relations. In addition to smart phones, we now have smart watches and even vehicles that have Wi-Fi hotspots and smart technology. Our lives are inextricably intertwined with the online world. We file our taxes online, shop for homes online, book vacations online, and even look for dates online.

Because so much of our business is transacted online, a great deal of personal information is stored in computers. Medical records, tax records, school records, and more are all stored in computer databases. Personal information is often called personally identifiable information (PII), and health-related data is usually termed personal health information (PHI). This leads to some very important questions:

• How is information safeguarded?

• What are the vulnerabilities to these systems?

• What steps are taken to ensure that these systems and data are safe?

• Who can access my information?

Unfortunately, not only have technology and Internet access expanded since the original publication of this book, but so have the dangers. How serious is the problem? According to a 2018 article from the Center for Strategic and International Studies, cybercrime has reached over $600 billion a year in damages and is likely to exceed $1 trillion per year soon. Cybercrime is now an economic and strategic problem that even affects national security.”¹

Forbes magazine reported that there were 2,216 data breaches and more than 53,000 incidents in the 12 months ending March 2018.² The specific number may vary from one study to the next, but the primary point remains the same: Cybercrime is increasing. This is due, in part, to the increasing number of connected devices. Every connected device is yet another potential target. There is also easy access to cybercrime tools and weapons on the Internet. All of these factors increase the opportunity for cybercrime.

In spite of daily horror stories, however, many people (including some law enforcement professionals and trained computer professionals) lack an adequate understanding about the reality of these threats. Clearly the media will focus attention on the most dramatic computer security breaches, not necessarily giving an accurate picture of the most plausible threat scenarios. It is not uncommon to encounter the occasional system administrator whose knowledge of computer security is inadequate.

This chapter outlines current dangers, describes the most common types of attacks on your personal computer and network, teaches you how to speak the lingo of both hackers and security professionals, and outlines the broad strokes of what it takes to secure your computer and your network.

In this book, you will learn how to secure both individual computers and entire networks. You will also find out how to secure data transmission, and you will complete an exercise to find out about your region’s laws regarding computer security. Perhaps the most crucial discussion in this chapter is what attacks are commonly attempted and how they are perpetrated. In this first chapter we set the stage for the rest of the book by outlining what exactly the dangers are and introducing you to the terminology used by both network security professionals and hackers. All of these topics are explored more fully in subsequent chapters.