School of Information Systems

TYPES OF THREATS

21 Aug 2024

Program Threats

Program threats occur when a user program causes operating system processes and the kernel to perform malicious actions. These threats can compromise system security by exploiting software vulnerabilities. Examples include:

  1. Virus, A virus is a piece of code that replicates itself on the system, potentially modifying or deleting user files and crashing computers. It embeds itself in system programs, spreading as the user interacts with infected files, and can render the system inoperable.
  2. Trojan Horse, This type of application captures and stores user login credentials, transferring them to a malicious user who can then access the system and its resources.
  3. Logic Bomb, A logic bomb is code that triggers malicious behavior only under specific conditions, otherwise functioning normally.
  4. Trap Door, A trap door is a hidden vulnerability in a program that allows unauthorized actions without the user’s knowledge.

System Threats

System threats involve the misuse of system services and network connections, potentially triggering program threats across a network. These threats can lead to the exploitation of OS resources and user files. Examples include:

  1. Port Scanning, Port scanning involves probing a system for vulnerabilities by connecting to specific ports via TCP/IP. Attackers often use compromised systems (zombie systems) to conceal their identity.
  2. Worm, A worm is a self-replicating process that depletes system resources by creating numerous clones, hindering other processes from accessing necessary resources. Worms can severely degrade system performance and even bring networks to a halt.
  3. Denial of Service (DoS), DoS attacks prevent legitimate users from accessing the system, such as by overwhelming a browser’s content settings to block internet access.

Operating System Security Policies and Procedures

Operating system security policies vary depending on the organization. Generally, an OS security policy is a document that outlines procedures to maintain the operating system’s integrity, confidentiality, and availability.

OS security aims to protect systems and data from threats such as worms, malware, ransomware, backdoor intrusions, and viruses. Security policies encompass all preventive measures and procedures to safeguard the operating system, including the protection of data from theft, modification, or deletion.

Some techniques that can be be implemented are :

  1. Installing and Updating Anti-virus Software, Regularly update anti-virus programs to detect and eliminate malicious software.
  2. Regular System Patching and Updates, Ensure systems are consistently patched and updated to fix vulnerabilities.
  3. Implementing User Management Policies, Protect user accounts and manage privileges to prevent unauthorized access.
  4. Installing and Configuring Firewalls, Set up firewalls correctly to monitor and control all incoming and outgoing network traffic.

Developing and implementing OS security policies involves first identifying the most critical assets, systems, hardware, and data within the organization. Once these are identified, appropriate policies can be established to effectively secure and protect them.

Joni Suhartono