Chapter 8: Digital Security

Introduction

Imagine a small but successful logistics company based in Labuan. Every day, this company handles sensitive information: client shipping manifests, employee payroll data, confidential contracts, and financial records. This data is their most valuable asset. They communicate with clients in Singapore, manage accounts through Maybank2u, and coordinate deliveries using a cloud-based system. Their entire operation runs on a network of computers, servers, and mobile devices.

Now, imagine what would happen if one morning, they arrived at the office to find all their client files were encrypted and locked, with a message demanding a ransom payment in Bitcoin to get them back. Or what if they discovered a competitor in Kuala Lumpur had somehow accessed their client list and was now undercutting their prices? Or if a simple power surge during a thunderstorm destroyed their main server, wiping out all their unsaved accounting data for the month?

These are not scenes from a movie. These are digital security risks, and they are a daily reality for businesses of all sizes, from a small kedai runcit using a point-of-sale system to a multinational corporation headquartered in the Petronas Towers.

In our connected world, we share huge amounts of information online every day. While this is very convenient, it also comes with risks. Keeping our computers and our private information safe is super important for everyone, especially for businesses that hold valuable customer data. This chapter will teach you about common dangers like viruses and online scams, and the simple, practical steps we can all take to protect our digital lives.

Digital Security Risks

A digital security risk is any event or action that could cause a loss of or damage to a computer system, its software, data, or processing capabilities. For a business, these risks can lead to financial loss, damage to reputation, and even legal trouble. Let’s explore these major risks in more detail.

• Internet and network attacks: These are malicious, deliberate attempts to disrupt or gain unauthorized access to computer systems. This could be an attack that crashes a company’s e-commerce website during a major online sale like 11.11, preventing any customers from making purchases.
• Unauthorized access and use: This occurs when someone uses a computer or network without permission. For example, a former employee who still knows the company’s Wi-Fi password could sit in a nearby cafe and access the internal network.
• Hardware theft: This is the physical act of stealing computer equipment. A thief breaking into an office and stealing laptops is a clear example, but it also includes an employee leaving a company smartphone in a Grab car. The loss is not just the device, but all the sensitive company data on it.
• Software theft: This is the act of illegally copying or stealing software. This can happen when an employee installs a licensed copy of Adobe Photoshop (paid for by the company) onto their personal computer at home, which is a violation of the software license agreement.
• Information theft: This involves stealing personal or confidential information. A classic example is a cybercriminal hacking into a company’s database to steal a list of customer names, email addresses, and credit card numbers, which they can then sell on the dark web.
• System failure: This is the complete malfunction of a computer system. This can be caused by an aging hard drive in a server finally breaking down, or a critical software update that contains a bug, causing the entire system to crash.

Cybercrime and Its Perpetrators

Cybercrime refers to any illegal act involving a computer, network, or digital device. It is a massive and growing industry. The software used by cybercriminals to commit these acts is sometimes called crimeware. Understanding who these perpetrators are and what motivates them is the first step in defending against them.

• Hacker: Originally, this term had a positive meaning, describing a skilled and curious computer enthusiast who enjoyed exploring and understanding the inner workings of computer systems. However, in modern media, the term is now commonly used to describe someone who accesses a computer or network illegally. They might do it for the challenge, for bragging rights, or to expose a security flaw they discovered.
• Cracker: This term is more specific than “hacker.” A cracker is a person who accesses a computer system illegally with malicious intent. Their goal is often to destroy data, steal valuable information for profit, or cause disruption. While a hacker might break in to look around, a cracker breaks in to cause damage.
• Script Kiddie: This is a derogatory term for an amateur attacker who has very limited technical skill. They don’t write their own programs. Instead, they use pre-written hacking and cracking programs and scripts that they have downloaded from the internet. While they may not be sophisticated, they can still cause significant damage, like a person who finds the keys to a bulldozer and starts randomly crashing into buildings without knowing how to properly operate the machine.
• Corporate Spy: A corporate spy is a highly skilled individual hired specifically to conduct corporate espionage by breaking into a competitor’s computer systems to steal proprietary data such as trade secrets, client lists, or marketing plans; for example, in a local Malaysian scenario, one telecommunication company might hire such a spy to infiltrate a rival’s network and obtain early details about their upcoming 5G data plan pricing and coverage areas, thereby gaining a critical advantage by launching a more competitive product first.
• Unethical Employee: Sometimes the biggest threat comes from within. An unethical employee is someone who illegally accesses their employer’s computer system for personal gain or revenge. This could be a salesperson who is about to leave the company and copies the entire customer database to take to their new job. It could also be a disgruntled employee who was just fired and uses their still-active password to log in remotely and delete important project files.
• Cyberextortionist: A cyberextortionist is an attacker who demands payment to halt an ongoing assault on a technology system, with ransomware being the most prevalent form today, as illustrated by a global scenario in which a manufacturing company in Penang finds all its servers encrypted and its production line forced to a complete stop by a criminal gang operating from abroad, who then demand $500,000 in Bitcoin for the decryption key, leaving the organization with the terrible choice of paying the ransom without certainty of recovery or facing weeks of downtime and millions in losses while attempting to restore systems from backups.
• Cyberterrorist: This is someone who uses the internet or a network to destroy or damage computers for political or ideological reasons. Their goal is to cause fear and disrupt critical infrastructure, such as a country’s power grid, water supply, or financial systems. This is a serious act of cyberwarfare.

Malware: Malicious Software

Malware, short for malicious software, is any software that is intentionally designed to disrupt computer operations, gather sensitive information, or gain unauthorized access to private computer systems. The harmful effect or action that malware carries out is called the payload. Let’s explore the most common types of malware.

• Virus: A computer virus is a piece of code that attaches itself to a legitimate program or file. You can think of it like the flu; just as the flu needs a host person to spread by interacting with others (for example, by sneezing), a computer virus cannot spread on its own. It requires a human to do something, like open an infected email attachment or run an infected program. Once the host file is opened, the virus activates and can start to damage files, corrupt the system, or spread itself to other files on the computer.
• Worm: A worm is similar to a virus as it is designed to copy itself from one computer to another, but it does so automatically without any human action. A good analogy is to think of a single, self-replicating robot that can travel through the air vents of a building (the network). It moves on its own by taking advantage of security vulnerabilities in software, creating copies of itself in every room it enters. As it spreads, it consumes a lot of system resources, like memory or network bandwidth, which can cause servers and computers to slow down or even crash, much like the robots eventually clogging up all the hallways.
• Trojan Horse: A Trojan horse is a destructive program disguised as a legitimate, useful application, getting its name from the ancient Greek story where soldiers hid inside a giant wooden horse to get past city walls. For example, an employee might download a “Free Video Editor” to create a social media post for their company. The program works for editing videos, but it also secretly carries out a malicious action in the background. This hidden function could be a keylogger, which records every keystroke the employee makes and sends all their typed passwords, including for their company email and bank login, directly to a cybercriminal.
• Rootkit: A rootkit is a particularly dangerous type of malware that is designed to hide itself deep within a computer’s operating system. Once a rootkit is installed, it can allow an attacker to gain “root” or administrative-level control over the computer from a remote location. Because it is so deeply hidden, a rootkit can be very difficult to detect and remove, even for some antivirus programs.
• Spyware: Spyware is a type of malware that is installed on a computer without the user’s knowledge and secretly collects information about their activities. It can track websites visited, record keystrokes (a keylogger is a type of spyware), and capture sensitive information like usernames, passwords, and credit card numbers. This information is then sent back to the attacker.
• Adware: Adware is software that is designed to automatically display or download online advertisements to a user’s computer. While it is often just annoying, some adware can be more malicious. It can track your browsing habits to show you targeted ads, and it can significantly slow down your computer and internet connection. It is often bundled with free software that you download from the internet.
• Zombie (Botnet): A compromised computer that is being controlled by a remote user (the “bot-herder”) without the owner’s knowledge is called a zombie or a bot. The cybercriminal can use this zombie computer to perform malicious tasks, such as sending spam emails or participating in network attacks. A network of thousands of these zombie computers, all under the control of a single attacker, is called a botnet. This botnet can be rented out to other criminals or used to launch massive, coordinated attacks.

Check Your Understanding: Q1

Check Your Understanding: Q2

Check Your Understanding: Q3

Check Your Understanding: Q4

Check Your Understanding: Q5

Check Your Understanding: Q6

Check Your Understanding: Q7

Internet and Network Attacks

Beyond infecting individual computers with malware, cybercriminals also launch attacks on entire networks and servers.

• Denial of Service (DoS) attack: The goal of a Denial of Service (DoS) attack is to make an online service unavailable to its legitimate users. A good analogy is to imagine a single person calling a pizza delivery shop and tying up the phone line for hours by asking pointless questions, which prevents any real customers from placing an order. In the same way, a DoS attacker floods a target server, like a company’s website, with so much meaningless traffic and so many requests that the server becomes overwhelmed. As a result, the service either slows down to a crawl or crashes completely, blocking access for anyone who genuinely needs it.
• Distributed DoS (DDoS) attack: A Distributed Denial of Service (DDoS) attack is a much larger and more powerful version of a DoS attack. Instead of the attack coming from a single computer, the attacker uses a “botnet”—a network of thousands or even millions of infected “zombie” computers, to launch the attack from multiple locations all at once, making it much harder to defend against. For example, on the day a popular airline launches a big ticket sale, a competitor could hire a cybercriminal to launch a DDoS attack. The airline’s servers would suddenly be flooded with traffic from a botnet of 50,000 computers around the world, causing the website to crash. As a result, thousands of legitimate customers would be unable to buy tickets, leading to huge financial losses and damage to the airline’s reputation.
• Back Door: A back door is a hidden way for a program developer or an attacker to bypass the normal security controls and gain access to a program or computer. Sometimes, developers build these into a system for testing purposes and forget to remove them. Other times, they are created by malware like a Trojan horse, allowing an attacker to access the system at any time.
• Spoofing: Spoofing is a technique where an intruder makes their network or internet transmission appear to be from a legitimate and trusted source.
  • IP Spoofing: Attackers disguise their computer’s IP address to hide their identity or to trick a system into thinking they are a trusted device that is already on the internal network.
  • Email Spoofing: This is very common in business scams. The attacker changes the sender’s address to make an email look like it came from someone else. For example, an accounts employee might receive an email that looks like it’s from the CEO, with the correct name and email address, instructing them to urgently transfer a large sum of money to a new supplier’s bank account. The email is a fake, and the bank account belongs to the criminal.

Safeguards: How to Protect Yourself

The world of digital threats can seem scary, but the good news is that you can take many practical and effective steps to protect your digital world. A good security plan involves multiple layers of protection.

Safeguards Against Digital Attacks

• Use Virus Protection Software: An antivirus program is an essential piece of software that protects a computer against viruses, worms, and other malware. It works by scanning files and programs and comparing them against a database of known malware definitions (also called virus signatures). When it finds a threat, it can block it, delete it, or place the infected file in quarantine, which is a separate, isolated area of the hard disk where the infected file cannot spread or cause any harm. It is crucial to keep your antivirus software constantly updated so it has the latest definitions to protect against new threats. Popular antivirus programs include Norton, McAfee, Kaspersky, and even the built-in Microsoft Defender in Windows.
• Use a Firewall: A firewall is hardware or software that acts like a security guard for your network. It stands between your internal network (your home or office) and the public internet, monitoring all the incoming and outgoing traffic. It can be configured with rules to block suspicious traffic or prevent unauthorized access. A hardware firewall is a separate physical device (often part of your internet router). A software firewall is a program that runs on your computer. A personal firewall is a software firewall that is designed to protect a single computer.
• Be Cautious with Emails and Downloads: This is one of the most important human safeguards.
  • Be very suspicious of unexpected emails or text messages, especially those that create a sense of urgency and ask you to click a link or open an attachment.
  • Never download software from untrustworthy or illegal sources. Always get it from the official developer’s website or a legitimate app store.
  • Look for the signs of a phishing email: generic greetings (like “Dear Valued Customer”), spelling and grammar mistakes, and email addresses that look slightly wrong.
• Manage Pop-up Windows: Be very careful when closing pop-up ad windows. Some malicious pop-ups are designed with fake “Close” or “X” buttons that, when clicked, will actually install adware or other malware onto your computer. It is often safer to close the entire browser tab or use the Alt+F4 key combination on Windows.
• Scan Removable Media: Before you plug a USB flash drive or an external hard drive from a friend or colleague into your computer, make sure your antivirus software is set to automatically scan it for malware. This is a very common way for viruses to spread in an office or university environment.
• Keep Software Updated: Always install the latest updates for your operating system (Windows, macOS) and your applications (your browser, Microsoft Office, etc.). Cybercriminals are constantly looking for security holes in software. These updates often include important security patches that fix these holes, making it much harder for attackers to get in.
• Make Regular Backups: As we learned in Chapter 6, keeping a regular backup of your important data is one of the best ways to recover from a security incident. If your business is hit by a ransomware attack and all your files are locked, you can refuse to pay the ransom, wipe the infected computers, and restore your data from a recent backup, saving you a huge amount of money and stress.
• Keep Software Updated: Always install the latest updates for your operating system (Windows, macOS) and your applications (your browser, Microsoft Office, etc.). Cybercriminals are constantly looking for security holes in software. These updates often include important security patches that fix these holes, making it much harder for attackers to get in.
• Make Regular Backups: As we learned in Chapter 6, keeping a regular backup of your important data is one of the best ways to recover from a security incident. If your business is hit by a ransomware attack and all your files are locked, you can refuse to pay the ransom, wipe the infected computers, and restore your data from a recent backup, saving you a huge amount of money and stress.

Safeguards Against Hardware Theft and Vandalism

• Physical Access Controls: For a business, this is the first line of defence. It means using strong locks, security alarm systems, and CCTV cameras to protect the rooms where computers and servers are kept. Access to the server room should be restricted to only authorized IT personnel.
• Physical Security Devices: You can use simple but effective devices like a steel security cable to physically lock a laptop or a desktop computer to a heavy desk or an immovable object. This is very useful in an open office environment or at a public event or trade show at a place like the Kuala Lumpur Convention Centre.
• Security and Tracking Apps: For mobile devices like smartphones and tablets, you can install apps that can help you locate the device on a map if it is lost or stolen. These apps also often give you the ability to remotely lock the device or even completely erase all its data to ensure that if it is stolen, the thief cannot access any of the sensitive company information on it.
• Biometric Authentication (Fingerprint Readers): Many modern laptops and smartphones now use fingerprint readers or facial recognition for authentication. This is much more secure than just a password, as it is very difficult for a thief to fake your fingerprint.

Safeguards Against Hardware Failure

Hardware can fail for many reasons, but one of the most common and damaging is a problem with the electrical power supply.

• Protect from Electrical Power Variations: The electrical power from the wall socket is not always stable.
  • An overvoltage, or spike, is a significant and sudden increase in power. This can be caused by a nearby lightning strike and can instantly destroy sensitive electronic components.
  • A brownout is a prolonged period of undervoltage (low power).
  • A blackout is a complete power failure.
• Use a Surge Protector: A surge protector is a device that looks like a normal extension cord but contains special electrical components that protect against power spikes. It does this by absorbing the extra electricity during an overvoltage, sacrificing itself to save the connected computer equipment. Every important piece of computer hardware, from a server to a desktop PC, should be plugged into a surge protector, not directly into the wall.
• Use an Uninterruptible Power Supply (UPS): A UPS is a more advanced device that is essential for critical systems like servers or important workstations. It contains surge protection circuits and a built-in battery. If there is a power failure like a blackout, the battery instantly kicks in and provides power for a short period of time (usually 5-15 minutes). This doesn’t give you enough time to keep working for hours, but it gives you the crucial window of time you need to save all your work and shut down the computer properly, preventing any data loss. For a business server, this is an absolutely essential piece of equipment.

Check Your Understanding: Q8

Check Your Understanding: Q9

Check Your Understanding: Q10

Chapter Summary

In this chapter, we learned about the critical importance of digital security in our modern, connected world. We identified the common risks that businesses and individuals face, from network attacks to physical hardware theft. We explored the different motivations and skill levels of cybercrime perpetrators, from the amateur script kiddie to the professional corporate spy. We took a deep dive into the world of malware, learning to distinguish between a virus that needs a host to spread, a worm that can spread on its own, and a Trojan horse that tricks you into installing it. We also looked at common network attacks like DDoS, which can bring a business’s website to its knees.

Most importantly, we discussed the practical and layered safeguards we can all use to protect ourselves. We learned that a good security strategy includes technical solutions like using antivirus software and firewalls, human diligence like being cautious with emails and keeping software updated, and physical protection for our hardware from both theft and power failures with devices like security cables and a UPS. By understanding the threats and implementing these safeguards, we can navigate the digital world with confidence and keep our valuable information safe.

Review Questions

1. What is the difference between a hacker and a cracker?
2. Explain what a Trojan horse is using a simple, everyday analogy (other than the Greek story).
3. A small business in your town has all its files locked by ransomware. What is ransomware, and what is the single most important safeguard they should have had in place to recover without paying the criminals?
4. What is the difference between a virus and a worm in terms of how they spread?
5. What is a DDoS attack, and how could it be used to harm a Malaysian e-commerce business?
6. Why is it important to keep your operating system and applications updated?
7. Your friend is worried about losing their important university work during one of Labuan’s frequent power outages. What two devices would you recommend they use to protect their computer, and what does each device do?
8. Explain the difference between IP spoofing and email spoofing. Which one is more likely to be used in a scam to trick an employee into transferring money?

References

Brookshear, J. G., & Brylow, D. (2019). Computer science: An overview (13th ed.). Pearson.

Laudon, K. C., & Laudon, J. P. (2020). Management information systems: Managing the digital firm (16th ed.). Pearson.

Malaysia Computer Emergency Response Team. (2025). Security advisories. MyCERT. https://www.mycert.org.my/portal/advisories?id=484678d8-4d8d-4a1b-9249-6d8288594f53

Silberschatz, A., Galvin, P. B., & Gagne, G. (2018). Operating system concepts (10th ed.). Wiley.