This page includes topics of:
1. Risks to Privacy from Collecting and Storing Data on a Computer
2. Misuse of Computing Resources and How They Can Be Protected
3. Unauthorized Access to Computing Resources
1. Risks to Privacy from Collecting and Storing Data on a Computer
Computer becomes very useful when handling and storing large amount of data that people are hard to track of. But they become target of the hackers once
they are online and on high risk. Risks includes people stealing PII, and any other sensitive information through hacking or malware to steal your identity.
Here is some real world examples:
1. 2013-2016 Yahoo data breach: There was two differnet breaches related to the this event.
This breach happened at 2013 at first, exposing about 1 billion accounts to hackers, and in 2016, the breach happened again.
Because of these two breaches, about 3 billion accounts lost its PII. This caused financial and reputational issues with Yahoo.
2. The next major breach was in 2017. This time it was Equifax.
This company had weak security on its Apache Struts web framework, and hackers did not missed their chace, causing about 147 million PIIs from from company's database.
3. The last breach we will talk about is the Facebook data leakage. This happened in 2019 and cause leakage of about 533 million accounts.
The malicious user had used a contact importer function, which was made for users to find their friend more easily on the Facebook, to import large number of phone nuber at once and check if that number matched any user in the facebook.
The damage caused by these 3 online breach crisis was severe to both users and company. For instance, users impacted by these events was suffered from risks of identity theft, fraud, phishing, and financial losses that caused by the PII, such as names, email addresses, phone numbers, and encrypted passwords, that was stolen in these events. On the other hand, the Yahoo had to pay their users $117.5 for class-action settlement due to this breach. Also, their customer trust and company's reputation was broke for a while. Other companies had similar problems as well.
- Here are some preventation method for the risks to Privacy from Collecting and Storing Data on a Computer for user, company and government: 1. Users: Users should use strong passwords, limit amount of PII you share online, and avoiding visiting unsecure sites. 2. Companies: Companies should encrypt the data, acess controls like strong authentication, and build stong network security. 3. Government: Government should enforce strong data privacy laws, require companies to build stong network security, and mandate data minimiztion.
2. Misuse of Computing Resources and How They Can Be Protected
There are many useful computer resources out there like processing power, storage, networks, cloud services to make our life easier.
but when misused, these features can be deadly to your computer, and your acount.
It can happen when cryptocurrency mining on hijacked systems, spam distribution, malware hosting, illegal downloads. These can cause PII theft, and break your
computer. Here are some real world examples:
1. Cryptojacking: Cryptojacking is using someone elses computer to mine cryptocurrency, and usually happens
without the owner of the computer knowing. Cryptojacking usually happens through a malware that is installed in your computer. Through the crytojacking,
the owner will experience high energy usage, performance issues, and unsual network activity.
2. Data breaches: Data breaches are unauthorized users
gain access to someone else's PII, usually through hacking. After having PII, the hacker can pretend to be the owner of the PII to gain their own profit.
This may cause financial and phishing risks to owner.
3. Malware Hosting: Malware Hosting is storing and distributing the malicious software in a online service.
This makes planting malware into victim's device through a webstie much easier and allows people who is not skilled enough with computer to commit cybercrimes
more easily causing more attempt on installing malware.
Through the misuse of computer by malicious users, other innocent people may suffer from cryptojacking, PII theft, phishing risks and many more on online. But this is very hard to identify whether being attacked or not because usually it is hidden. Still when they were caught, they may end up paying the fine or being sent to the jail. To prevent this happenning, use strong security software, Employ strong passwords and authentication, be careful around unsecure websites, and many other methods to protect you're computer.
3. Unauthorized Access to Computing Resources
Unauthorized access to computing resources is that getting into a system that is not allowed for them to use or manipulate. But many malicious user out there are looking for the way to crack in for the profit. This is considered as a serious crime and should be prevented before happening. Here are some examples of unauthorized access to computing resources: 1. Phishing: Phishing is online scam that is seemed to be from trusted company or public institutions and it can come in many differnet ways. It can being sent to you as a email, text, or a call. The goal of these commucation is often financial resources or your PII, which can be used in future cybercrime using your PII. 2. Exploiting software vulnerabilities: Exploiting software vulnerabilities are finding weak point in a system security and taking advantage of it to reach attacker's goal. Attackers usually find weak spots by an automated programs to inject malicious code in to the unupdated and vulnerable systems. Capital One on 2019 was attack by this method. 3. Stolen Credentials: Stolen credentials are unlawfully stolen usernames, passwords, or other authentication. Stealing these informations are usually occur through phishing, social engineering, and hacking. Once these informations are in the wrong hands, attackers can use those information for gain further access or sold to other attackers
Everything listed above and many others are all serious cybercrimes and leaves no good to the victim. On individual user level, they can be harming in identity theft, financial fraud, and loss of privacy, and in business level they can be harmed in ways like finalcial loss, loss of sensitive data and informative properties, and company's reputaional image. And to the government, they can be harming in disruptions of public service, sensitive information, and operational inefficiency. But all this can be prevented through multi-factor authentication(which makes authentication more comlicated for attackers), encryption(make attackers hard to understand the information stolen), regular security updates(detects and prevent attackers better).