computer security and_privacy_2010-2011

1

Computer Security and Privacy

2

Terms

Computer security risk Computer crime Cybercrime Hacker Cracker Script kiddie Corporate spy Unethical employee Cyberextortionist Cyberterrorist Back doors spoofing

Virus Worm Trojan horse Malware Payload Virus signature/virus

definition Quarantine Virus hoax Botnets Denial of service

attacks

3

Computer Security Risks

Computer security risk – any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing.

Computer crime – any illegal act involving a computer.

Cybercrime – online or Internet-based illegal acts

4

Cyber Crime Categories

Hacker – someone who accesses a computer or network illegally. Claims intent is to improve security

Cracker – someone who accesses a computer or network illegally but has the intent of destroying data, stealing information, or other malicious action.

5

Script kiddie –Often are teenagers that use prewritten hacking and cracking programs to break into computers

has the same intent as a cracker does not have the technical skills and

background.

Corporate spies – are hired to break into a specific computer and steal its proprietary data and information

Have excellent computer and network skills

Cyber Crime Categories

6

Unethical employees – break into their employers ‘ computers for a variety of reasons 1) To exploit a security weakness; 2) seek financial

gains from selling confidential information; 3) disgruntled employees seek revenge

Cyberextortionist – someone who uses e-mail as a vehicle for extortion. Send a company a threatening e-mail message

indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the company’s network—if they are not paid a sum of money

Cyber Crime Categories

7

Cyberterrorist – uses the Internet or network to destroy or damage computers for political reasons. Usually require a team of highly skilled individuals,

millions of dollars, and several years of planning

Cyber Crime Categories

8

Internet and Network Attacks

Attacks that jeopardize security include computer viruses, worms, and Trojan horses; botnets; denial of service attacks; back doors; and spoofing.

Virus – a potentially damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission

Worm –a program that copies itself repeatedly

Trojan horse – a program that hides within or looks like a legitimate program.

9

Virus, worms, Trojan horse are classified as malware.

Malware (malicious software) – program that act without a user’s knowledge and deliberately alter the computer’s operation

Payload – the destructive event or prank the program is intended to deliver.

Internet and Network Attacks

10

Symptoms of a computer affected by virus, worm or Trojan horse Screen displays unusual message or image Available memory is less than expected Files become corrupted Unknown programs or files mysteriously appear Music or unusual sound plays randomly Existing programs and files disappear Programs or files do not work properly System properties change

11

Safeguards against viruses, worms, and Trojan horses Don’t start with removable media

CDs, DVDs, and USB flash drives Never open an e-mail from an unknown

source Never open an e-mail attachment unless

you are expecting the attachment Set macro security level to medium Stay informed about new virus alerts and

virus hoaxes.

12

Install antivirus program and update it frequently How antivirus programs work

Look for virus signatures/virus definitions—a known specific pattern of virus code.

Quarantine infected file

Safeguards against viruses, worms, and Trojan horses

13

Network and Internet Security RisksDenial of service attack (DoS)

hackers run multiple copies of a program to flood it and shut it down.

14

Back Doors A program or set of instructions in a program

that allows users to bypass security controls when accessing a program, computer, or network.

Spoofing fooling another computer by pretending to

send packets from a legitimate source

Network and Internet Security Risks

15

Safeguards against DoS Attacks, Back Doors, and IP Spoofing Firewalls

allows normal Web browser operations but prevents other types of communication

checks incoming data against a list of known sources

data rejected if it does not fit a preset profile

16

Intrusion Detection Software Automatically analyzes all network traffic,

assesses system vulnerabilities Identifies any unauthorized access

(intrusions) Notifies network administrators of

suspicious behavior patterns or system breaches

Safeguards against DoS Attacks, Back Doors, and IP Spoofing

17

Safeguards Against Unauthorized Access And Use Access control

A security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer.

Audit trail Records in a file both successful and

unsuccessful access attempts. User Name and passwords

Longer passwords provide better security

18

Number of

Characters

Possible

Combinations Human Computer

1 36 3 minutes .0000018 seconds

2 1,300 2 hours .00065 seconds

3 47,000 3 days .02 seconds

4 1,700,000 3 months 1 second

5 60,000,000 10 years 30 seconds

10 3,700,000,000,000,000 580 million years 59 years

Password Protections

Average Time to Discover

19

Possessed Objects Any item that you must carry to gain access to a

computer or computer facility. (Examples: badges, cards, smart cards & key)

Often are used in combination with personal identification numbers.

Biometric Devices Authenticates a person’s identify by translating a

personal characteristics, such as a fingerprint, into a digital code that is then compared with a digital code stored in the computer to verify a physical or behavioral characteristic

Safeguards Against Unauthorized Access And Use

20

Lets Review

1. A back door attack is an assault whose purpose is to disrupt computer access to an Internet service such as the Web or e-mail.

Answer

Denial of service

21

Lets Review

2. All networked and online computer users should implement a firewall solution.

Answer

Yes, because a firewall protects a network’s resources from intrusion (software or hardware) by users on another network.

22

Lets Review

3. Computer viruses, worms, and Trojan horses are malware that act with a user’s knowledge.

Answer

Are classified as malware, but acts without a user’s knowledge and deliberately alters the computer’s operations.

23

Lets Review

4. Shorter passwords provide greater security than longer ones.

Answer

The longer the password, the more effort required to discover it.

24

Lets Review

5. Updating an antivirus program’s quarantine protects a computer against viruses written since the antivirus program was released.

Answer

Updating an antivirus program’s signature files protects a computer against viruses written since the antivirus program was release.

25

Theft and Vandalism

Hardware Locking doors/windows Install alarm systems Using cables to lock computers to stationary

object Install a mini-security system

Software piracy —unauthorized and illegal duplication of copyrighted software. License agreement

26

License Agreement

Are permitted to Install on only one computer Make one copy of the software as a backup Give or sell the software to another individual, but only

is the software is removed from the user’s computer first.

Not allowed to: Install the software on a network, such as a school

computer lab Give copies to friends and colleagues, while continuing

to use the software Export the software Rent or lease the software

27

Theft

Information – occurs when someone steals personal or confidential information. Encryption—the process of converting

readable data into unreadable characters to prevent unauthorized access.

Plaintext--Unencrypted, readable data Ciphertext—is the scrambled (encrypted) data Encryption key—a programmed formula that the

recipient of the data uses to decrypt ciphertext.

28

Security Risk

System failure – the prolonged malfunction of a computer Safeguards

Surge protectors Uninterruptible power supply (UPS)

Backup files

29

Let’s Review

1. True or False. An end-user license agreement (EULA) permits users to give copies to friends and colleagues, while continuing to use the software.

Answer

False, Does not permit users to give copies to friends and colleagues, while

continuing to use the software.

30

True or False. Encryption is a process of converting ciphertext into plaintext to prevent authorized access.

Let’s Review

Answer

False. Converting plaintext into ciphertext

31

3. True or False. Mobile users are not susceptible to hardware theft.

Let’s Review

Answer

False. They are susceptible

32

4. True or False. To prevent against data loss caused by a system failure, computer users should restore files regularly.

Let’s Review

Answer

Backup files regularly

33

Did You Know?The penalty for copying software can be up to $250,000, five years in prison, or both?

34

Security Strategies for Protecting Computer Systems and Data

Network Sniffer

•displays network traffic data

•shows which resources employees use and Web sites they visit•can be used to troubleshoot network connections and improve system performance