Chapter 6: Security Threats and Safety Measures

Class: IX | Subject: Information and Computer Technology

Key Concepts

1. Introduction, With widespread internet use, networks and computers have become increasingly susceptible to threats., Threats aim to destroy data and steal vital information (e.g., data theft from credit card companies, banks)., Individual users are often fooled into giving personal information like passwords or bank details.

2. Viruses, A computer virus is a program usually hidden within another simple program., It produces copies of itself and inserts them into other programs or files, destroying data and performing malicious actions., Viruses are always man-made, never naturally occurring., Once created and released, their spread is not directly under human control., Viruses can be transferred hidden in files, programs, or disks.

Macro Viruses, A macro is a series of programming steps stored in a single location that automates many actions with a single keystroke., Programs like Word and Excel allow recording of keystrokes/menu selections as macros.

Macro viruses exploit this by deceiving users into sharing confidential information.

Why macro viruses are popular:

Easy to write, Spread fast as people exchange documents frequently, Can infect any computer capable of running Office and Internet

Damage caused by macro viruses:

Corrupt data, create new files, move text, flash colours, insert pictures, Send files across the Internet, format hard drives, Modify registries, forward copies through emails, Look for passwords, copy documents, infect other programs

Examples: Wazzo, W97M

3. Worms, Computer programs that replicate copies of themselves, usually to other systems via network connections., Unlike viruses, worms exist as separate entities, they do NOT attach themselves to other files or programs., Worms spread mostly through email attachments.

Notable Worms:

Year	Worm	Impact
1987	Jerusalem	Deleted files executed on Friday the 13th; first detected in Jerusalem
1991	Michelangelo	Overwrote hard disk or changed master boot record of infected hosts
2007	Storm Worm	Infected machines became part of a botnet; ~1.2 billion infected emails sent

Prevention: Use caution opening emails, especially from unidentified sources. Delete suspicious emails, worms often attach themselves and send automatically using all contact information.

4. Trojan Horses, A program that claims to rid your computer of viruses but instead introduces viruses into the system., Named after the Trojan horse of Greek mythology because they look like sincere programs., Does NOT attach to files like a virus nor replicate like a worm., Provides unauthorized access to the user's computer., Spread through internet downloads and online gaming programs., An infected computer operates slowly, exhibits pop-ups, and may eventually crash.

Example: "I Love You" trojan, infected millions of computers in the USA and Asia.

Prevention: Adopt safe download practices; do not download from unverified websites.

5. Spyware, A program used to spy on the computer system to get confidential information (bank account numbers, passwords, etc.)., Can change computer configuration without consent., Often installed covertly during installation of other software (music, video, file-sharing programs).

What spyware does:

Monitors user activity on the Internet and transmits information to someone else, Gathers email addresses, passwords, and credit card numbers, Eats internet bandwidth (sends information to home base), Can lead to system crashes or instability, Monitors keystrokes, scans files on hard drive, snoops on chat and word processing programs, Installs other spyware, reads cookies, changes default home page

Examples: CoolWebSearch, Internet Optimizer, Zango

6. Malware, Short for "malicious software.", Any kind of unwanted software installed without adequate consent., Intent: damage data or functionality of computer/network., All threats mentioned above (viruses, trojans, worms, spyware) are examples of malware.

7. Spam, Refers to unsolicited commercial email (UCE) or unsolicited bulk email (UBE)., Flooding the Internet with many copies of the same message; also called junk email., Most commonly seen spam includes:

Phishing scams (popular and dangerous form of email fraud)
Foreign bank scams / advance fee fraud schemes
"Get Rich Quick" or "Make Money Fast" schemes
Quack health products and remedies

Problems with spam:

Clogs email accounts and uses unnecessary server space, Creates burden on business servers, Most costs are paid by the recipient or carrier, not the sender

Prevention: Use spam filters; report spam to email hosts; be cautious with unknown email addresses.

8. Hackers and Crackers

Type	Description
Hackers	Originally, gifted programmers who gained access to systems/networks to showcase security loopholes to administrators
Crackers	Activists with intentions of doing malicious activities, destroying data and networks for personal monetary gains

Both use dubious ways to get control over computers to steal sensitive information (money, personal data, bank details, government/military information).

9. Anti-Virus Tools, Software programs that detect viruses in emails or files and protect computers., Can detect: viruses, worms, trojans, spyware, adware., Block unsafe websites and prevent downloading unsafe programs., Protect from identity theft and phishing.

Commercial examples: Norton, McAfee, K7, QuickHeal

10. Data Backup and Security

Basic principle: Make another copy of data and keep it elsewhere (not on the same computer)., If data gets corrupted due to a threat, it can be reloaded after the computer is rectified., External hard drives and smart devices can be used for backup.

Guiding Principles for Secure Computer Use

Use security software (Norton Antivirus, Symantec, etc.)
Never share passwords
Beware of email attachments from unknown sources
Do not randomly download from unchecked websites
Never propagate hoax or chain emails
Always logout your laptop or computer
Restrict remote access
Frequently back up important data and files
Use encryption or sites that use encrypted data

Types of Security Tools Available, Antispam, Antivirus, Firewalls, Encryption tools, Password managers, Cleanup tools

Important Definitions

Term	Definition
Computer Virus	A program hidden within another program that copies itself and destroys data
Macro	A series of programming steps stored in a single location for automation
Macro Virus	A virus that uses macro files to deceive users and damage computer data
Worm	A program that replicates copies of itself to other systems via network connections; exists as a separate entity
Trojan Horse	A program claiming to remove viruses but instead introduces them; provides unauthorized access
Spyware	A program that spies on a computer system to steal confidential information
Malware	Short for "malicious software", any unwanted software installed without consent
Spam	Unsolicited commercial/bulk email; also called junk email
Phishing	A form of email fraud designed to trick users into revealing personal information
Hacker	A programmer who gains unauthorized access to systems to expose security loopholes
Cracker	A programmer with malicious intent who destroys data/networks for monetary gain
Anti-Virus	Software that detects and protects against viruses, worms, trojans, and spyware
Data Backup	Creating a copy of data and storing it separately to protect against data loss
Firewall	A type of security tool that protects networks from unauthorized access

Comparison Table: Virus vs Worm vs Trojan

Feature	Virus	Worm	Trojan Horse
Attaches to files	Yes	No (separate entity)	No
Self-replicates	Yes	Yes	No
Spreads via	Files, programs, disks	Network connections, email	Internet downloads, gaming
Primary damage	Destroys data, corrupts programs	Consumes bandwidth, spreads infection	Unauthorized access, system slowdown
User action needed	Executing infected file	Opening infected email	Downloading/running the program

Case Studies from the Book

First Recorded Computer Crime (1820)

Joseph-Marie Jacquard's textile loom in France led employees to commit sabotage against the new technology, considered the first recorded cyber crime.

Virus Case: Brain (1986), First computer virus for the PC, written by two brothers (Basit and Amjad Farooq) in Lahore, Pakistan., Created to protect their medical software from piracy., Contained the brothers' address and phone numbers; they were stunned by outraged calls from USA, Britain, etc., Punishable under Section 43 of the IT Act as a civil wrong.

Worm Case: Internet Worm (1988), Created by Robert Morris, a graduate student at Cornell University., Infected Unix servers; took experts three days to remove., Morris is now a respected computer science researcher.

Trojan Case: TKBot, Raymond Paul Steigerwalt sentenced to 21 months for using Trojan horse to break into computers, including US Department of Defense., Ordered to pay $12,000 in damages.

Spyware Case: Loverspy, Carlos Enrique Perez-Melara created "Loverspy" spyware ($89) disguised as an e-greeting card., Planted a Trojan capable of seizing emails, keystrokes, instant messages, and webcam footage., Listed on FBI's most wanted internet criminals list.

Spam Case: Sanford Wallace, Hacked 500,000 Facebook accounts; made 27 million unsolicited postings., Indicted on 11 charges of fraud and intentional damage., Facebook awarded $711 million in damages.

Relevant Legal Sections (IT Act, India)

Cyber Crime	IT Act Section	IPC Section
Email spoofing	66D	416, 417, 463, 465, 419
Hacking	66, 43	378, 379, 405, 406
Web-jacking	65	383
Virus attacks	43, 66	,
Denial of Service attacks	43	,
Pornography	67, 67B	292, 293, 294
Identity Theft	66C	417A, 419A
Cyber Terrorism	66F	153A, UAPA 15-22

Hacking punishment: Up to 3 years imprisonment or fine up to Rs 5 lakh or both (Section 66 read with Section 43 of the IT Act, 2000).

Key Points

Viruses are always man-made; they hide inside other programs and replicate themselves.
Macro viruses are popular because they are easy to write and spread fast through document exchange.
Worms are separate entities that do not attach to files, they spread mainly through email attachments.
Trojan horses disguise themselves as legitimate programs but provide unauthorized access.
Spyware monitors user activity and transmits confidential data to third parties.
Malware is an umbrella term for all malicious software.
Spam is unsolicited junk email that clogs accounts and wastes server space.
Hackers expose security loopholes; crackers exploit them for malicious purposes.
Anti-virus tools detect and protect against multiple types of threats.
Regular data backup is essential, store copies separately from the original computer.
Never share passwords, open unknown email attachments, or download from unverified sources.
The IT Act, 2000 (India) provides legal framework for prosecuting cyber crimes.

Practice Questions

Your computer is working slowly, files are corrupted, the default home page has changed, lots of memory is consumed, and unnecessary pop-ups appear. What can be the probable reason?
You have very important data on your computer. How will you ensure it remains safe?
Differentiate between virus, worms, and Trojan horses.
How is a hacker different from a cracker?
What is malware? List examples.
What is spam? How can you protect yourself from it?
What are the guiding principles for using computers securely?
List different anti-virus programs with their features.

Lab Activities, Search the internet for new viruses and worms from the last year., Research various email spams related to banks; visit bank websites for spam warnings., Make a list of security tools and the threats they protect against., Make a list of anti-virus programs with pricing and protection features., Scan your system for security threats., Survey people about comfort with online payments and suggest safety measures.