Risks To Websites and Security Protection
Download
Report
Transcript Risks To Websites and Security Protection
Sam Shepherd
Presented By Wizard Web Design
Risks To Websites
Sam Shepherd
Presented By Wizard Web Design
Hacking
Hacking is essentially when people crack the usernames and
passwords on websites. There are two types of hacking FTP and User
area hacking.
FTP Involves hacking website setup. If you have the server username
and password you can delete pages from the website.
User area hacking involves hacking the username and password of
secure areas on websites e.g. a online bank account. You can then find
sensitive information.
If you delete content the page will not work (FTP). If you hack a user
area this doesn’t have an effect on performance but you will need to
change your password and this takes time so your time on the
internet is lengthened.
Sam Shepherd
Presented By Wizard Web Design
Pagejacking
Pagejacking is simple terms is stealing content from a webpage.
The whole purpose of pagejacking is to divert traffic from someone
else’s to your own. This is done by copying source codes from
websites and pasting them into your own. For example someone
could search for a Amazon product but instead be diverted to
someone else’s website because they have stolen the source code.
This makes website lose traffic and therefore lose trade. This has a
knock on effect meaning you could probably lose money and
advertising.
It is achieved by creating a rogue copy of a popular website which
shows contents similar to the original to a web surfer, but redirects
web surfers to unrelated or malicious websites.
Sam Shepherd
Presented By Wizard Web Design
Phishing
Phishing is the process of trying to steal sensitive information from
a website. It is common in rogue E-mails when you are asked to
sign up for something and you inadvertently pass over sensitive
information. The whole purpose of Phishing is to steal personal
details from people.
In addition to stealing personal and financial data, phishers can
infect computers with viruses and convince people to participate
unwittingly in money laundering. Most people associate phishing
with e-mail messages that mimic banks, credit card companies or
other business like Amazon and eBay. These messages look
authentic and attempts to get victims to reveal their personal
information.
Sam Shepherd
Presented By Wizard Web Design
Viruses
Viruses are very common on computers and there are three mains types
Adware, Spyware and Malware.
Adware is a virus that makes an advert pop up every time you access a web
page. It detects a web connection and makes an advert pop up.
Spyware tries to spy on you to find personal information. Key loggers are
used to sense what you are typing and to intercept personal information
you are typing. Spyware can be used for legitimate reasons, for example
ISP’s sometimes use spyware to track users internet habits.
Malware is essentially malicious software that gets onto your computer
and steals, hides and corrupts files. This is the biggest threat to computer
and therefore internet performance because Malware can grind your
computer to a halt. They try and fool people by making fake system virus
scanners pop up that are designed to attack files. Adware and Spyware
send and receive information from your internet connection so this limits
your bandwidth.
Sam Shepherd
Presented By Wizard Web Design
Identity
Theft
Identity theft is when people steal your identity and use it for financial
gain, by using your credit cards and banking system. For identity theft to
work the thieves need your name, date of birth, card details, passport
details and driving licence details. Without all these they cannot create a
new identity and start stealing your money.
When you log onto secure payment systems you can be vulnerable
especially on mobile devices and tablets because they tend to have very
low security measures installed on them because users don’t see a need
for security on mobile devices.
If successful identity thieves can steal all your money without you
knowing or realising how they did it.
Sam Shepherd
Presented By Wizard Web Design
Security Protection Mechanisms
Sam Shepherd
Presented By Wizard Web Design
Firewalls
Firewalls are designed to stop unwanted and unneeded software
infiltrating your computer. It has rules to detect things you don’t
need e.g. viruses. Firewalls are a kind of security checkpoint on
your computer.
One of the problems with Firewalls is that they can block
seemingly harmless data and because of this you may need to
change the settings and this is time consuming.
Firewalls do slow down your computer slightly because they have to
check all content trying to access your computer. Firewalls can be
in the form of software installed on the computer or they can be
installed in hardware items such as routers which try and block
harmful content before it reaches your computer.
Sam Shepherd
Presented By Wizard Web Design
Secure Socket Layers (SSL)
When you transmit data on a website this is done using a system of
layers. These layers can be intercepted and used for malicious
purposes.
SSL’s create a secure connection between two locations and this is
encrypted and can only be decrypted by the person you are sending
the data to at the other end.
With this is place no one can track your transmissions e.g. online
banking. SSL’s take a few seconds to load but once loaded they do
not affect computer performance.
Sam Shepherd
Presented By Wizard Web Design
Digital Certificate
Digital certificates establish that what you are sending is secure so
because of this they are mostly used on E-mails. Your E-mail
system connects a digital certificate to what you are sending.
When you send the E-mail the receiver cannot read it unless they
have the correct encryption key from the digital certificate.
Because you have to get a Digital Certificate E-mails can be slowed
down slightly. E-mails are slowed down because they have to fetch
and decrypt the digital certificate.
They can now be used on websites and you get a message if a
website doesn’t have a Digital Certificate, so you know it may not
be a secure website.
Sam Shepherd
Presented By Wizard Web Design
Use of Passwords
Password are used to secure personal information on a website,
meaning that only the person who knows the password can access
the information. Passwords are common in lots of websites to
secure users personal information.
Websites that use passwords can be slower than other websites
because they have to store all the passwords on a database that is
linked to the websites. This is so websites can verify that you have
typed in the correct password.
Passwords need to be strong to be secure. 12345 is an example of an
extremely weak password because it is easy to guess.
Sam Shepherd
Presented By Wizard Web Design
Legal
Considerations
Legal considerations are imposed upon you when you use a computer.
They don’t really affect performance.
If you store information you have to adhere to data protection act. If you
set up an online survey for example you have to ask for relevant
information to the survey.
There are other types of legal consideration such as
Privacy and electronic communication regulations
Computer Misuse Act
Setting up these security measures on a computer slows things down.
Sam Shepherd
Presented By Wizard Web Design