Computer security involves a conscious effort to preventing and detecting use of one’s computer without their permission. The issue of security on home personal computers would not be much of a challenge if each individual were to be isolated and not connected to any form of a network where there other computer like the internet. In light of this, every home computer owner with a connection to a network needs to take precautions to protect their computers from some not so obvious security threats.
There are several methods that attackers use to access information on personal home computers. Some are so sophisticated that a naked eye may not be able to see and others so direct and straight forward.
Potential Security threats to a home personal computer and why they should be a concern to a home user.
Some of the threats personal computers on the internet are exposed to include, but not limited to the following:
Spread of computer viruses:- A virus is a piece of code that replicates itself by infecting a host, where the host can be a boot sector, another program, partition sector or a document that support macros (Hossein, 2006). These codes can do a lot of damage to a computer including corrupting the operating system or even crashing it altogether.
Worm infections:- A program that spreads by making copies of itself from one disk to another or by copying itself using e-mail or any other transport mechanism (Hossein, 2006). Many people give varying ways of differentiating the viruses from the worms in the computer lingua, but basically they only differ in the resources they depend on to spread. They are both dangerous to a computer, be it personal or otherwise.
A personal computer may not be connected to any network, but still face potential security threats from physical and environmental factors. A computer can be stolen if the owner leaves it in a theft prone area unmanned. It can also be affected by the natural calamities that are beyond human control like flooding and other natural disasters. Whether man-made or natural, home personal computer owners need to be vigilant and safeguard their equipment because the consequences could be dire.
Methods Attackers Might use to Access Information on a Home Personal Computer
Phishing method:- The trick used by attackers who employ this method is to send an e-mail to a user, ask them to click on some link within the text of the e-mail and enter their credit card or bank details. They could be masquerading as banks or credit card agencies to obtain this information for the sole purpose of using it fraudulently.
Backdoor and remote administration programs:- for example BackOrifice, NetBus and Subseven (cert.org). These programs are installed by people with good and/or bad intentions in order to access and control another computer remotely. They achieve more with machines running on Windows Operating system.
Mobile code (Java/JavaScript/ActiveX):- These coding languages let web developers write code that is executed by their web browser (cert.org, ActveX_pdf). There is no dispute that some of these codes are useful in the day to day access of the web. However, intruders can use them to gain access to some of the information such as the sites a user visits.
Email spoofing:- when a message by email seems to have originated from one source when in actual sense it has been sent by another, this is called email spoofing. The attackers have tricks up their sleeves to make a user either reveal sensitive information such as passwords or make damaging statements (cert.org).
Adware:-These are malicious programs that gather personal details in secret and transmit it to another computer in the network. This is usually a trick used by advertisers and is mostly used to track information related to internet browser usage. Use of probes and packet sniffing are also methods used by attackers to gain unauthorized access to personal information on home personal computers.
Robert, R. Rowlingson(2011) The Essential Guide to Home Computer Security,British
Informatics Society Limited Home Network Security: Software Engineering Institute Retrieved on 27th May 2012 www.cert.org
Hossein Bidgoli (2006) HandBook of Information Security, Treats, Vulnerabilities, Prevention, Detection, and Management
