Privacy and security is a major concern for any person in the technological era that we are living in today. Everything today is revolving around technology in some aspect. Our academic career, professional life and even personal lives are affected by technology. Because of social media, people are likely to put very personal details and images on the World Wide Web. When people are not reluctant about uploading their personal information online, they also wouldn't have any problem uploading their financial and company relations.
Social media websites like LinkedIn, Facebook and twitter is affecting the way people interact with each other on the global scale. They are also affecting the way company's brand, advertise and even distribute their products (Edosomwan et.al, 2011) It has been stated that majority of the companies and corporations are receptive to online collaboration tools and social media. Nonetheless, when it comes to information technology, there is increased risk for privacy and security breach. There are many different threats and vulnerabilities that can affect both the single user and the large organization.
Viruses and malware
Viruses and malware are bugs that are quite prevalent today. A virus can be easily spread either through an external storage device or even an email. These can go on to invade and develop in private computer systems. It is to be noted that they can appear in scripts, and software. Malware is a term that is used to refer to different forms or intrusive software. Some of the malware that are quite prevalent today include Trojan horses, worms, computer viruses, and spyware. The main purpose of all of these bugs is to steal personal, business or financial information.
A major use of this malware is to gain information that either be beneficial finically. For instance, these individuals are trained to attain identification numbers, bank or credit card numbers.
It should be known that all medium and small sized business has been a victim of internet attacks. In a survey conducted in 2009, 24% of Small sized business stated that their security and privacy have been affected by person using social media sites. A survey carried out by Webroot in 2010 stated that 25% of the employees used peer-to-peer networking and 32% of the employees downloaded media that eventually led to security compromise in the persons.
State-Nation supported Espionage
A very dangerous mix these days is the combination of information technology and terrorism. Because of widespread terrorism, the governments today are making use of technology to increase their spying and monitoring on even the citizens in the country. It was known that the government remained on high alert on the immigrants in the country .Nonetheless; their monitoring is similar on the citizen's country a well. It is recommended that the organizations should cooperate and respond with the changes that the government is implementing in the organization. This espionage would not be considered negative if the organization of aware of being monitored.
Spying on the Internet
Today, there is a lot of content made unavailable to citizens. Different states are using filters to prevent citizens living in different countries to gain information about their network. Sensitive information about the countries defense, politics and finance can be a major risk for the entire country. T
Threats affecting single user
Account or service Traffic Hijacking
It should be known that account hijacking and service trafficking is a big concern when it comes to cloud computing. Exploitation of software vulnerabilities, phishing, and overflow attacks can really damage the user privacy. If a person takes over control of a user's account, he and manicure the data, keep a watchful eye on the transaction and provide fake and business damaging responses to the customers. Furthermore, this malicious person can also redirect the customers to inappropriate websites.
Furthermore, if hijackers go on to take over a person aunt, they have the power to either enhance him at your expense or damage the user's reputation. This motive is often applied by hijackers when it comes to resolving personal vendettas that they have. Because of social media, the incidence of these events has markedly increased. People make use of disturbing and inappropriate facts and images to insult someone in their own social circle.
In the year 20009, many different Amazon systems were hijacked to run the Zeus botnet nodes. Even though it is not really sure what the nodes did, this caused hijacking of the user accounts and a breach of their privacy.
Phishing scams and identity thefts
Many people now make use of online shopping and use of credit cards to carry out their finances. Considering how important retail stores such as Target and salesforce.com were subject to phishing frauds, there is no saying that any person is safe. Because of the target breach, millions of people lost their credit card numbers to unknown criminals. Even though this information can be recovered, the idea of a stranger and criminal having your credentials is traumatizing. Identity theft has also left many people vulnerable as the damages caused by identity theft can rarely be compensated for.
Threats affecting organization
Cloud computing is a large scale computing paradigm that is driven by economies of scale. In simple terms, cloud computing consists of activities such as storage and processing of data. Because of loud computing, many organizations have become multi-tenant and elastic at the same time. In an organization, there are many persons that are concerned with the same information and data therefore, this goes on to offer elasticity within an organization which means that resources can either be added or reduced from the service such that the needs of the organizations are fulfilled (Jaatun et.al, 2009)
A major concern for organizations is the risks that are also present on cloud computing. When it comes to cloud computing, the risk of malicious insider is a very important one for the organizations. Any organizations are now opting to put their information on cloud networks. Cloud computing networks save the cost of outsourcing and products and even technicians but they increase the risk of threats and safety breaches. A malicious insider is a person who wants to relate a bad impact on the organization and become a disruption in their goals and objectives (Colombe & Stephens, 2004) They can basically go on to act in such a way that the information confidentiality, variability and integrity are affected. When crucial and sensitive information is processed outside a company, the organizational managers themselves are not aware of the risk that is present. According to cloud security alliance, there is very little employee screening done and there is lack of customer background check. The end result is that there are a lot of risks and security hazards in the system (Cloud security Alliance, 2011) Therefore, the motives and the malicious activities of the insider make an impact on the confidently of the service.
Many important banks now have cloud computing systems that the customer feed in the information into. Not only does the presence of malicious insider affect the company but it also damages the trust that these customers have put in the company. It is crucial that the company and organizations that make use of cloud computing should hire cloud auditors, cloud administrators and security personnel that make sure the incidence of malicious insider does not occur.
When it comes to cloud computing, the company is more at risks because there are many different systems and many different people involved. The amount of data is vast and therefore the damage that can occur is more as well.
Seeing how the cloud computing network is quite widespread, maintained and safe monitoring of the data is not a very easy task either. The cloud customer which is the organization in this case is at significant risk of data loss. The customer can lose their data by having them locked into proprietary format. In simple terms, if the company has stored important details on the web, it can be lost very quickly. Majority of these attacks make it impossible for data to be recovered and the company loses years' worth of accounts and financial data.
Another important thing to see is that in a multi-tenant environment that is present in organizations, the breach of just one computer affects the entire system. For instance, the compromise of the hypervisor would lead to the disruption of the entire environment and exposing of information present in all the system in the company. Within an organization, there are shared services available such as shared storage, shared database service and shared storage.
The cloud is all about sharing the infrastructure so that the overall cost is reduced for the company. Therefore, a slightly misconfigured operating system or any malicious application installed can lead to damage in the surrounding systems as well.
When it comes to businesses, there are many employees that use this technique to take over sensitive information or strategies that will help them excel in business or…