Chapter 11 - Radford University
Download
Report
Transcript Chapter 11 - Radford University
Chapter 11
Computer Crime and
Information Security
Information Security and
Vulnerability
Machine-Level Security
Network Security
Wireless Network Security
Internet Security
Please discontinue use of cell
phone and turn off ringer
Succeeding with Technology
Information Security Overview
All computer systems are vulnerable to
attack.
Most are already infected and/or
compromised, including PCs used by most
students in this class.
It is only going to get worse.
For more info…
• www.mcafee.com/us/threat_center
• www.cert.org
• http://www.microsoft.com/athome/security
Succeeding with Technology
Two-thirds of Internet experts
expect a devastating attack on
the Internet between now and
2015.
Total Information Security
Total Information Security involves
securing all components of the global digital
information infrastructure.
Personal Computers
Business Computer Systems
Government Systems
International Systems
Participation by EVERYONE is important
and difficult to gain!
See what the White House has to say on the subject at http://www.whitehouse.gov/pcipb/
Succeeding with Technology
Total Information Security
To achieve total
information security, we
must examine security
in layers.
Users are at the heart of
total information
security.
Risks increase with
each expanding layer.
Succeeding with Technology
USER
11.1
Information Security and
Vulnerability
What is at stake and
what are the threats?
Key Terms
•
•
•
•
•
Information Security
Identity Theft
Intellectual Property
Intellectual Property Rights
Cyberterrorism
Succeeding with Technology
•
•
•
•
•
•
Security Holes
Software Patches
Piracy
Plagiarism
Hacker
Computer Forensics
What’s at Stake?
Succeeding with Technology
At stake:
Personal Private Information
What would concern you most if a
person who wished to do you
harm had full control of your PC?
What personal information do you
consider private?
All too common headlines…
“Hackers attacked computer servers of a
California university and may have gained access
to the personal information of 59,000 people
affiliated with the school…”
Succeeding with Technology
Depending on the
circumstance,
private information
may include your:
•
•
•
•
•
•
•
•
•
•
•
•
•
Name
Photo
Phone number
Address
Birthday
Social Security Number
Bank Account Number
Credit Card Number
College Transcripts
Financial Status
Medical Records
Religious affiliation
Political affiliation
Identity Theft
Identity theft is the criminal act of using stolen
information about a person to assume that person’s
identity, typically for financial gain.
350
300
250
200
150
100
50
0
2003
2004
2005
Millions of US Dollars Lost to
Identity Theft
Source: http://www.consumer.gov/sentinel/trends.htm
Succeeding with Technology
At stake:
Intellectual Property
Intellectual property refers to a
product of the mind or intellect over
which the owner holds legal
entitlement.
Intellectual property rights
concern the legal ownership and use
of intellectual property such as
software, music, movies, data, and
information.
Intellectual property is legally
protected through copyright,
trademark, trade secret, and patent
Succeeding with Technology
At stake:
Organizational Information
For many businesses, the
information it processes and stores
is highly valuable and key to its
success.
Business intelligences is the
process of gathering and analyzing
information in the pursuit of
business advantage.
Competitive intelligence is
concerned with gathering
information about competitors.
Counterintelligence is concerned
with protecting one’s own
information from access by the
competition.
Succeeding with Technology
Biggest security
threats to
businesses in
order of frequency:
• Virus
• Insider abuse of Internet
access
• Laptop theft
• Unauthorized access by
insiders
• Denial-of-service attacks
• System penetration
• Theft of proprietary info
• Sabotage
• Financial fraud
• Telecommunications fraud
• Active wiretap
At stake:
National and Global Security
Cyberterrorism is a form of
terrorism that uses attacks
over the Internet to intimidate
and harm a population.
Washington, June 8, 2006 – Over the last two
years, Abu Musab al-Zarqawi established the
Web as a powerful tool of the global jihad,
mobilizing computer-savvy allies who inspired
extremists in Iraq and beyond with lurid video
clips of the bombings and beheadings his group
carried out.
Succeeding with Technology
Food for thought…
The Internet is a
powerful tool both for
those who wish to
build bridges between
distant cultures and
those that wish to tear
them down.
What are the threats?
Succeeding with Technology
Threat:
Software and Network Vulnerabilities
Security holes are software
Food for thought…
Perfect software would
bugs that allow violations of
be impossible to hack.
information security.
Software patches are
corrections to the software
bugs that cause security
holes.
All too common headlines…
Microsoft’s Trustworthy Computing
Succeeding with Technology
“Microsoft warned on Tuesday of seven newly found
flaws in its software that could allow an attacker to steal
data and take over a personal computer running the
Windows operating system…”
Threat:
User Negligence
Succeeding with Technology
Threat:
Pirates and Plagiarists
Piracy involves the illegal
copying, use, and distribution
of digital intellectual property
such as software, music, and
movies.
Plagiarism involves taking
credit for someone else’s
intellectual property, typically a
written idea, by claiming it as
your own.
Succeeding with Technology
Food for thought…
The annual cost of piracy
in is estimated to be:
•$4.2 billion for the music
industry
•$6.1 billion for the motion
picture industry
•$33 billion for the
software industry
The problem with pirating MP3 music files
Traditional Music Distribution
1
$
ARTIST
6
$
$
$ $
2
3
$
4
5
When consumers become distributors
ARTIST
$
1
2
3
5
4
Consumers
6
Succeeding with Technology
Threat:
Hackers, Crackers, Intruders, and Attackers
The terms hacker, cracker,
intruder, and attacker are all
used to label an individual who
subverts computer security
without authorization.
There are all types of hackers,
not all are considered to
behave unethically.
Hackers On Planet Earth
Computer forensics is the process of examining computing
equipment to determine if it has been used for illegal unauthorized or
unusual activities.
Succeeding with Technology
11.2
Machine-Level Security
Considerations for computers
as stand-alone entities
Key Terms
•
•
•
•
Username
Password
Biometrics
Encryption
Succeeding with Technology
Protecting a Stand-alone PC
Computers not connected to a network can only be
attacked through physical presence.
Keeping the PC in a locked room would be the first
method of protection.
The next method involves positively identifying the
person accessing the machine through
authentication.
Something you know (i.e. password)
Something you have (i.e. card-swipe)
Something about you (i.e. fingerprint)
Succeeding with Technology
Passwords
A username identifies the user to the
computer system.
A password is a combination of characters
known only to the user and used for
authentication.
For a password to be effective it should be:
strong by including words that are unrelated to
your interests, and include upper and lowercase
letters, numbers, and symbols
unique – don’t use the same password for your
bank account as you do for your email account
changed regularly – change your password
twice a year
Succeeding with Technology
ID Devices and Biometrics
Security ID cards and tokens,
“something you have” authentication,
are used in some corporations to
protect access to restricted areas and
computer systems.
Biometrics is the science and
technology of authentication by
scanning and measuring a person’s
unique physical features such as
fingerprints, retinal patterns, and
facial characteristics.
More about tokens:
http://en.wikipedia.org/wiki/Security-Token
http://www.opticom.lv/en/products/security/authentication/rsa123/rsa1/
Succeeding with Technology
Check out Face Recognition
Encryption
Encryption is a security technique that uses highlevel mathematical functions and computer
algorithms to encode data so that it is unintelligible
to all but the intended recipient.
Data stored on a PC can be encrypted and set so
that a second password is required to decrypt it.
Demo: Encrypting a PPT file (tools > options > security)
More on Encryption: http://en.wikipedia.org/wiki/Encryption
Succeeding with Technology
Backing Up Data and Systems
The most common cause of data loss is
hardware failure.
The best protection against such loss is to
follow regular backup procedures.
Available backup services include:
System utilities that back up selected files to
compressed archives stored on secondary
storage media or another computer on the
network.
Mirroring which saves files to two locations to
create exact duplicates.
Internet services that perform scheduled,
automated uploads of your valuable files to
servers for safe keeping
(www.remotedatabackups.com).
Succeeding with Technology
Food for thought…
A recent study showed
that only 57% of
computer users back up
stored data including
digital photos, personal
documents, work
documents, music, and
financial records.
DO YOU BACKUP?
HAVE YOU LOST DATA
DUE TO HARDWARE
FAILURE?
11.3
Network Security
Succeeding with Technology
User Permissions
User Permissions refers
to the access privileges
afforded to each network
user in terms of who is
able to read, write, and
execute a file, folder, or
drive.
Files and folders are
assigned user and group
ownership.
Succeeding with Technology
User Permissions
Different operating systems have
differing ways of handling user
permissions.
UNIX
Succeeding with Technology
Windows XP (home)
Mac OS X
Interior Threats
Interior threats refer to dangers to network
resources from legitimate users. They
include:
Threats to System Health and Stability
Information Theft
Safeguards include a the use of security and
usage policies.
FSU Network Usage Policies: http://www.vpfa.fsu.edu/policies/bmanual/itpolicy.html
Succeeding with Technology
11.4
Wireless Network Security
Succeeding with Technology
Wireless Fidelity (Wi-fi)
Wi-fi is the widely used wireless
networking standard that makes use of
access points to connect devices to
networks.
Access
Point
More on Wi-fi in CH5
Succeeding with Technology
Newly purchased
access points
typically have no
security features
enabled making it
easy for any
wireless device to
connect.
Network line
Threats to Wireless Networks
Neighbors
Internet Hackers
Z
Wireless Access
Point / Router
Cable Modem
To Cable
Wireless Access
Co. Point / Router
The Internet
Cable Modem
Succeeding with Technology
Threats to Wireless Networks
Neighbors
Internet Hackers
Passers by
www.wardriving.com
Z
Wireless Access
Point / Router
Cable Modem
To Cable
Wireless Access
Co. Point / Router
The Internet
Cable Modem
Succeeding with Technology
Succeeding with Technology
Securing a Wireless Network
An Access Point can be configured, and security
features enabled, through a simple Web interface
using a computer connected to the access point.
Succeeding with Technology
11.5
Internet Security
Key Terms
•
•
•
•
Firewall
Virus
Worm
Antivirus Software
Succeeding with Technology
•
•
•
•
Spyware
Zombie Computer
Antispyware
Internet Fraud
• Phishing
• Virus Hoax
Hacking Tools and Methods
Key-logging software
Packet-sniffing software
Port scanning software
Social engineering
Succeeding with Technology
Why Do Hackers Hack?
As a hobby and challenge
To inflict malicious vandalism
To gain a platform for anonymous attacks
Distributed Denial-of-service DDoS Attacks
To steal valuable information and services
To Spy on someone
“Hackers have turned toward more criminal and lucrative areas of directing
attacks to specific individuals or organizations, often financially, competitively,
politically or socially motivated.” http://www.physorg.com/news5580.html
Succeeding with Technology
Defending Against Hackers
A firewall is network hardware and software
that examines all incoming data packets and
filters out ones that are potentially
dangerous.
All Windows users should protect their network
connection with a firewall. ~demo
Firewall software from McAfee and
Symantec are considered to be more
robust than Windows Firewall. This
McAfee screen shot shows several
attacks on this PC over the course of
one day.
Succeeding with Technology
Viruses and Worms
A virus is a program that attaches itself
to a file, spreads to other files, and
delivers a destructive action called a
payload.
There are many types of viruses
A worm does not attach itself to other
files but rather acts as a free agent,
replicating itself numerous times in an
effort to overwhelm systems.
Worms and viruses are often spread through
the Web, email, chat, and file-sharing
networks
Viruses and worms are considered malicious
software, or malware, Check out the latest malware
at http://www.mcafee.com/us/threat_center
Succeeding with Technology
Viruses and Worms
Yeah right! This didn’t come from Microsoft.
The attachment is not a patch, nor an
innocent text file (as it appears) but an
executable file containing a virus.
Succeeding with Technology
Defending Against Viruses and
Worms
Knowledge and caution play
Antivirus software, also known as virus
scan software, uses several techniques
to find viruses on a computer system,
remove them if possible, and keep
additional viruses from infecting the
system.
Succeeding with Technology
a big part in protecting PCs
against viruses and worms:
• Don’t open e-mail or IM
attachments that come from
friends or strangers unless
they are expected and
inspected by antivirus
software.
• Keep up with software
patches for your operating
system, your Web browser,
your e-mail and IM software.
• Use caution when exploring
Web sites created and
maintained by unknown
parties.
• Avoid software from unknown
sources.
• Stay away from file-sharing
networks; they do not protect
users from dangerous files
that are being swapped
Spyware, Adware, and Zombies
Spyware is software installed on a
computer without the user’s
knowledge to either monitor the user
or allow an outside party to control the
computer.
The Internet service provider Earthlink said it uncovered
an average of 28 spyware programs on each of its
member’s PCs that were scanned
Adware is spyware that displays advertisements.
Succeeding with Technology
Zombies
A computer that carries out actions
(often malicious) under the remote
control of a hacker either directly or
through spyware or a virus is called a
zombie computer.
Experts say hundreds of thousands
of computers are added to the ranks
of zombies each week.
Zombies
Zombie computers can join together to form zombie
networks. Zombie networks apply the power of
multiple PCs to overwhelm Web sites with
distributed denial-of-service attacks, to crack
complicated security codes, or to generate huge
batches of spam.
It has been estimated that 80 to 90
percent of spam originates from
zombie computers.
Defending Against Spyware
Antispyware is software that searches a
computer for spyware and other software
that may violate a user’s privacy, allows the
user to remove it, and provides continuing
protection against future attacks.
Succeeding with Technology
Scams, Spam, Fraud, and
Hoaxes
Succeeding with Technology
Scams, Spam, Fraud, and
Hoaxes
Internet fraud is the crime of
deliberately deceiving a person
over the Internet in order to
damage them and to obtain
property or services from him or her
unjustly.
A phishing scam combines both
spoofed e-mail and a spoofed Web
site in order to trick a person into
providing private information.
350
300
250
200
150
100
50
0
2003
2004
Millions of US$ Lost to Internet Fraud
Spoofing is the act of assuming the identity of another person or organization
typically through email or on the Web.
Succeeding with Technology
2005
Classic Phishing
Is this email from [email protected]
legitimate?
Holding the mouse
pointer over the link
in the original email
shows that it really
links to
http://24.27.89.64:87
most likely a hacker’s
Website.
Succeeding with Technology
If you clicked the
link it would take
you to a spoofed
Citibank Webpage
that looks like the
real thing, and ask
you to supply
personal
information like
your username and
password.
Scams, Spam, Fraud, and
Hoaxes
Spam is the unsolicited
junk mail that makes up
more than 60 percent of
today’s email.
A virus hoax is an email
that warns of a virus that
doesn’t exist.
Succeeding with Technology
Scams, Spam, Fraud, and
Hoaxes
The email that has gotten thousands of Windows users to trash their own
systems…
The objective of this e-mail is to warn all Hotmail users about a new virus that is
spreading by MSN Messenger. The name of this virus is jdbgmgr.exe and it is sent
automatically by the Messenger and by the address book too. The virus is not
detected by McAfee or Norton and it stays quiet for 14 days before damaging the
system.
The virus can be cleaned before it deletes the files from your system. In order to
eliminate it, it is just necessary to do the following steps:
1. Go to Start, click "Search"
2.- In the "Files or Folders option" write the name jdbgmgr.exe
3.- Be sure that you are searching in the drive "C"
4.- Click "find now"
5.- If the virus is there (it has a little bear-like icon with the name of jdbgmgr.exe DO
NOT OPEN IT FOR ANY REASON
6.- Right click and delete it (it will go to the Recycle bin)
7.- Go to the recycle bin and delete it or empty the recycle bin.
IF YOU FIND THE VIRUS IN ALL OF YOUR SYSTEMS SEND THIS MESSAGE TO
ALL OF YOUR CONTACTS LOCATED IN YOUR ADDRESS BOOK BEFORE IT
CAN CAUSE ANY DAMAGE.
Succeeding with Technology
Scams, Spam, Fraud, and
Hoaxes
The email that has gotten thousands of Windows users to trash their own
systems…
Do the search. Oh
no! I’ve got the
Teddy Bear virus!
Better delete it!
For more on this topic check out
www.vmyths.com
Succeeding with Technology
Think
again!
That file with the silly little Teddy bear icon is
actually a necessary system file in Windows!
Defending Against Scams, Spam,
Fraud, and Hoaxes
To avoid phishing scams, do not click links received
in email.
Exam Web addresses closely to make sure that
they are legitimate.
Submit form data only from Web pages that have a
secure connection (https://)
Do not believe any virus warning unless it comes
from a verifiable source.
Use common sense and be wary of offers too good
to be true.
Succeeding with Technology
Succeeding with Technology
Windows Security Suites
www.windowsonecare.com
www.mcafee.com
www.semantic.com
Another option…
Security experts at Sophos recommend that home Windows users switch to
Macs. From the 2006 Sophos Security Threat Management Report: “The
vast majority of malware continues to be written for Windows…It seems
likely that Macs will continue to be the safer place for computer users for
some time to come - something that home users may wish to consider if
they're deliberating about the next computer they should purchase."
Succeeding with Technology