Transcript Document
Electronic Security
WELCOME
-About us
What we're going to talk to you about:
Speed of Electronic Attacks
Hacking and Cracking
Why Systems are Attacked
Malware
Cryptography
Packet Sniffers
Firewall Security
Computer System Safety
Future Security Threats
Electronic Attacks
Don't get Zapped:
Can be lighting fast
Can go unnoticed
Can be devastating
Don't be the tree in the
lightning fast electronic
world!!!
Why Do People Attack Electronic Systems?
Every attack has a certain target
•
•
•
•
•
Network Devices
Hosts
Applications
Operating Systems
People
Why Do People Attack Electronic Systems?
•
•
•
•
•
Most attacks attempt to steal data and access unauthorized information
Some attacks are designed to access computer systems without approval
and authorization
Some attacks are designed to restrict overall access to data or destroy a
computer system
o Denial of Service (DOS) Attack
To access other computers through an already compromised computer
To omit or alter data and sensitive information
Top 5 Most Popular Websites
5
1
2
3
4
Malicious Software (Malware)
•
•
•
•
•
•
•
•
•
•
•
•
Viruses
Worms
Wabbits
Trojans
Spyware
Backdoors
Exploits
Rootkits
Keyloggers
Dialers
URL Injectors
Adware
Websites Most Likely to Contain Malware
"The general belief is that sites that
promote criminal activity—such as
sites selling illegal pharmaceuticals
or counterfeit luxury goods—are most
likely to host malware. Our data reveals
the truth of this outdated notion, as
web malware encounters are typically
not the by-product of “bad” sites in
today’s threat landscape."
- 2013 Cisco Annual Security Report
Websites Most Likely to Contain Malware
•
•
•
•
•
Business and industry sites are one of the top three
categories visited when a malware encounter
occurred
Hidden in online ads that are distributed to
legitimate websites
"Malvertising" has significantly increased since
2011
Malicious advertising can impact any website
The United States retains the top ranking in 2012
for most malware encounters
Malware Prevention
1.
2.
3.
4.
5.
6.
7.
Always be alert with your computer
Set Internet browser for download notification
Install a trusted anti-virus and keep it updated
Install a pop-up blocker
Use an email program that includes spam guard
Do not download software or programs from unknown sites
Be alert and cautious when sharing or trading files and
programs with friends and family
8. Disable cookies on your Internet browser
9. Read the fine print when downloading programs
10.Never click on Web-Links, copy paste them in
a. Shadowops.net VS Shadowops.com
11.Download a personal firewall
Firewall Security
What is a firewall?
http://www.youtube.com/watch?v=6UtiQwCX2wU
Firewall Security
"A firewall is a system designed to prevent
unauthorized access to or from a private network."
•
•
•
Most modern operating systems and home network gateway
routers come with optional firewalls built in
Is considered a first line of defense
It is also important to customize your firewall to not allow
access of any programs to the fire wall, and not allow your
firewall access to any programs
Firewall Security
Types of Firewall Techniques
•
•
•
•
Packet Filtering
Circuit-Level Gateway Implementation
Acting as a Proxy Server
Web Application Firewall
Is
there a 100% safe
computer system?
NO!!!
-----------------------------
1) Computers connected to any
network can be compromised
2) Computers connected to the
Internet can be compromised
3) Devices can be taken to an OFFLINE computer to get data
4) Computers and devices can be
physically taken
Securing Computer Systems
How do you keep your
computer secure?
Physical Barriers: some examples include walls, doors,
and glass
Securing Computer Systems
Man Traps prevent unauthorized access to areas
Securing Computer Systems
Keycards help to prevent access to unauthorized
personnel, as well as help computers recognize
authorized personnel
Most Keycards have:
• Smartchip
• Picture ID
• Hashed Passcode
Hacking and Cracking
Hackin
g
Hackers get information or access to computers by making or using computer
software.
Most attacks originate from freeware or software that is free to users.
Some hackers can find new exploits in software by making their own attacks or
finding new weaknesses in software. These types of attacks are called zero day
attacks.
Expert/Elite Hackers develop software and find previously unknown exploits in
software.
Unskilled Hackers use software already written and use known exploits in
software.
Hacking and Cracking
Crackin
Focuses on finding passwords or
g
reverse engineering them. Offline
cracking is usually done against
hashed files that contain
passwords.
Cryptography
-Protects confidentiality of information
-Protects the integrity of information
-Protects the availability of information to
people with proper keys
-Confirms the sender of information
-It can enforce non-repudiation
Cryptography
Symmetric Cryptographic
-1 key to rule them all
Algorithms
Cryptography
Asymmetric Cryptographic
- 4 key system
Algorithms
Packet Sniffers
Monitors and tracks incoming and outgoing packets TCP/IP
information
New Security Threats
Cars
1) Internal car systems can be compromised by mp3's and
mp4's that contain malware
2) PDA's, Cell phones, and PAD's connect to cars create
vulnerabilities
New Security Threats
House
s
New houses have electronic access systems, as well as central
controlled computer systems
New Security Threats
New
New Technologies can pose risks that are yet
Technologies
unknown
QUESTIONS
References
http://www.networkworld.com/news/2007/100407-web-site-vulnerabilities.html
http://en.wikipedia.org/wiki/Computer_insecurity#Reasons
http://www.youtube.com/watch?v=qdD5-woi_os
https://www.cisco.com/web/offer/gist_ty2_asset/Cisco_2013_ASR.pdf
http://www.technewsdaily.com/16537-8-tips-secure-computer.html
http://www.abestweb.com/forums/panda-software-317/different-types-malware-65416.html
http://kb.iu.edu/data/aoru.html
http://www.ehow.com/how_2004222_malware-download-prevent.html
Principles of Information Security By: Michael E. Whitman, Herbert J. Mattord 4th Edition
Security + Guide to Network Security Fundamentals By: Mark Ciampa, Ph.D. 4th Edition