Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security Planning Susan Lincke Security Awareness: Brave New World.

Published byAshlie Harrington Modified over 8 years ago

Similar presentations

Presentation on theme: "Security Planning Susan Lincke Security Awareness: Brave New World."— Presentation transcript:

1 Security Planning Susan Lincke Security Awareness: Brave New World

2 Security Planning: An Applied Approach | 6/13/2016 | 2 Study Sheet The student shall be able to: Describe the following attack types, who is involved and the information they hope to obtain or actions they hope to accomplish: Hacktivism, cyber-crime, cyber warfare, surveillance state Define attacks: virus, worm, logic bomb, trojan horse, social engineering, phishing, pharming, botnet, zombie, man in the middle, rootkit, dictionary attack, spyware, keystroke logger, ransomware. Define the role of these security techniques and technologies: firewall, security patches, secure behavior Define passwords using three techniques. Define how fraud is commonly found in an organization.

3 Security Planning: An Applied Approach | 6/13/2016 | 3 History of Cyber-Security Surveillance State Information Warfare Cyber Crime Hacktivism Vandalism Experimentation

4 Security Planning: An Applied Approach | 6/13/2016 | 4 Cracker: Computer-savvy programmer creates attack software Script Kiddies: Unsophisticated computer users execute programs Hacker Bulletin Board SQL Injection Buffer overflow Password Crackers Password Dictionaries Successful attacks! Crazyman broke into … CoolCat penetrated… Malware package=$1K-2K Experimentation

5 Security Planning: An Applied Approach | 6/13/2016 | 5 A virus attaches itself to a program, file, or disk When executed, the virus activates, replicates Malware Infection Rates: ○ Web: 1 in 566 ○ E-mail: 1 in 196 ○ 40% of data breaches Program A Extra Code Program B infects Malware includes Virus

6 Security Planning: An Applied Approach | 6/13/2016 | 6 Independent program sends copies of itself from computer to computer across networks Click on attachment to execute the worm May send itself to addresses in your email list May carry other forms of malware To Joe To Ann To Bob Email List: Joe@gmail.com Ann@yahoo.com Bob@uwp.edu Worm

7 Security Planning: An Applied Approach | 6/13/2016 | 7 Social engineering manipulates people into performing actions or divulging confidential information. 29% of Breaches Phone Call: This is John, the System Admin. What is your password? Transfer $ from Nigeria ABC Bank has a problem with your account Watch this funny video… see attached You have a notice from Facebook Social Engineering - Phishing

8 Security Planning: An Applied Approach | 6/13/2016 | 8 The fake web page looks like the real thing Extracts account information Pharming = Fake Web Pages

9 Security Planning: An Applied Approach | 6/13/2016 | 9 An attacker pretends to be your final destination on the network. The attacker may look like a strong WLAN access point. 1% of hacking attacks Man in the Middle Attack

10 Security Planning: An Applied Approach | 6/13/2016 | 10 After penetration, hacker installs a rootkit Eliminates evidence of break-in Modifies the operating system Rate of infection/malware Rootkit: 39% Backdoor: 66% Keystroke logger:75% Backdoor entry Keystroke Logger Hidden user Rootkit

11 Security Planning: An Applied Approach | 6/13/2016 | 11 Surveillance State Information Warfare Cyber Crime Hacktivism Vandalism Experimentation Example Hacktivist: Anonymous Political causes, e.g.: Middle East Democracy WikiLeaks Mexican Miner’s rights Bad ways, e.g.: Web defacement DDOS attacks on Visa, MasterCard, MPAA Computer hacking 2% of external breaches History of Cyber-Security

12 Security Planning: An Applied Approach | 6/13/2016 | 12 Cross international boundaries Distributed Denial of Service: Attack web pages $100 per 1000 infected computers Command & Control: 51% of malware attacks Botnet

13 Security Planning: An Applied Approach | 6/13/2016 | 13 Surveillance State Information Warfare Cyber Crime Hacktivism Vandalism Experimentation Target: Finance, Retail, Food 55% of external breaches Cost of Credit Card Numbers: U.S.: $10 European: $50 Bulk: $1 or more History of Cyber-Security

14 Security Planning: An Applied Approach | 6/13/2016 | 14 Silently tracks the keys you enter Sends credit card info, password to the criminal You see unusual charges on credit card statement 75% of Malware Keystroke Logger

15 Security Planning: An Applied Approach | 6/13/2016 | 15 Trojan Horse: Masquerades as beneficial program The Zeus Trojan: Infected millions of computers Mostly in the U.S. and often via Facebook 2007 - today: top 5 malware problems Steals bank passwords and empties accounts Can impersonate a bank website Trojan Horse

16 Security Planning: An Applied Approach | 6/13/2016 | 16 Gonzalez cracked and exposed over 170 million credit card numbers Stole from: Barnes & Noble, Boston Market, OfficeMax, Sports Authority, TJ Maxx, Dave & Buster’s, Marshall’s, Heartland Payment Systems, 7-Eleven, and Hannaford Brothers Sentenced to 20 years prison, 2009 Followed by 3 years supervised release 2003 arrested & released: became informant to Secret Service War Driving and Hacking

17 Security Planning: An Applied Approach | 6/13/2016 | 17 Skimmers used at ATMs, gas stations, stores. Skimmers make up 91% of physical security attacks (35%) Skimmers match color of bank ATMs Manufactured in bulk, by 3D printers Check for loose parts; hide PIN Gonzalez encode PINs onto debit card magnetic strips ATM – Point of Sale Credit Card Fraud

18 Security Planning: An Applied Approach | 6/13/2016 | 18 “You are infected. Buy antivirus.” “You’ve stored underage pornography. Pay a fine or go to jail. Notice from FBI” CryptoLocker: “Your disk has been encrypted. Pay to decrypt.” Pay in 72 hours or else… Backup can be corrupted – MS Shadow Massachusetts Police dept. paid $750 Ransomware

19 Security Planning: An Applied Approach | 6/13/2016 | 19 PatternCalculationResultTime to Guess (2.6x10 18 /month) Personal Info: interests, relatives20Manual 5 minutes Social Engineering1Manual 2 minutes American Dictionary80,000< 1 second 4 chars: lower case alpha 26 4 5x10 5 8 chars: lower case alpha26 8 2x10 11 8 chars: alpha52 8 5x10 13 8 chars: alphanumeric62 8 2x10 14 3.4 min. 8 chars alphanumeric +10 72 8 7x10 14 12 min. 8 chars: all keyboard95 8 7x10 15 2 hours 12 chars: alphanumeric62 12 3x10 21 96 years 12 chars: alphanumeric + 1072 12 2x10 22 500 years 12 chars: all keyboard95 12 5x10 23 16 chars: alphanumeric62 16 5x10 28 Password Cracking: Dictionary Attack versus Brute Force

20 Security Planning: An Applied Approach | 6/13/2016 | 20 Surveillance State Information Warfare Cyber Crime Hacktivism Vandalism Experimentation 2010 Stuxnet worm: Developed by U.S., Israel Hit Iranian nuclear power plants damaged nearly 1000 centrifuges nearly 1/5 of those in service Iran attacked American banks, oil companies History of Cyber-Security

21 Security Planning: An Applied Approach | 6/13/2016 | 21 Next wars will be computer attacks to power, water, financial systems, military systems, etc Cyberweapons are MUCH cheaper than military Causes as much damage High priority: Protecting utilities, infrastructure New black market in 0-day attacks. Governments pay more > $150,000/bug Govts. include Israel, Britain, India, Russia, Brazil, North Korea, Middle Eastern countries, U.S. New hacking firms openly publicize products Information Warfare

22 Security Planning: An Applied Approach | 6/13/2016 | 22 Surveillance State Information Warfare Cyber Crime Hacktivism Vandalism Experimentation 21% external breaches: State affiliated 96% from China History of Cyber-Security

23 Security Planning: An Applied Approach | 6/13/2016 | 23 People’s Liberation Army targets manufacturing, research, military aircraft NY Times fought off China for 4 months Who gave info on P.M. Wen Jiabo? 45 mostly-new malware Attacked from 8 AM-midnight China time Stole all passwords; hacked 53 PCs Discussed repeatedly at Pres. Level China says U.S. guilty (Snowden) China – IPR Theft

24 Security Planning: An Applied Approach | 6/13/2016 | 24 NSA has requested/manipulated: Water down encryption Install backdoors in software Collect communication data Verizon, Google, Yahoo, Microsoft and Facebook were coerced into …? Gag orders prevent companies from speaking Yahoo/Google: nearly 200 million records, Dec 2012 Includes email metadata (headers) and content Snowden Releases…

25 Security Planning: An Applied Approach | 6/13/2016 | 25 Lavabit provided secure email services… including to Edgar Snowden FBI wanted Software, Private Key and Passwords for ALL clients Ladar Levison, President Lavabit fought off court orders, then closed company “I would strongly recommend against anyone trusting their private data to a company with physical ties to the United States.” Effect: Buyers wary of products from surveillance-state/info warfare countries Lavabit

26 Security Planning: An Applied Approach | 6/13/2016 | 26  Yes  No Is Your Computer Safe?

27 Security Planning: An Applied Approach | 6/13/2016 | 27  Yes  No Is Your Computer Safe? “The confidence that people have in security is inversely proportional to how much they know about it.” -Roger Johnston

28 Security Planning: An Applied Approach | 6/13/2016 | 28 Symptoms: Antivirus software detects a problem Pop-ups suddenly appear (may sell security software) Disk space disappears Files or transactions appear that should not be there System slows down to a crawl Stolen laptop (1 in 10 stolen in laptop lifetime) Often not recognized Recognizing a Break-in or Compromise

29 Security Planning: An Applied Approach | 6/13/2016 | 29 (Additional) Spyware symptoms: Change to your browser homepage/start page Searches end up on a strange site Firewall turns off automatically Lots of network activity while not particularly active New icons, programs, favorites which you did not add Frequent firewall alerts about unknown programs trying to access the Internet Often not recognized Malware Detection

30 Security Planning: An Applied Approach | 6/13/2016 | 30

31 Security Planning: An Applied Approach | 6/13/2016 | 31 Anti-virus software detects malware and can remove it before damage is done For PC, Tablet, Smartphone Install, keep anti-virus software updated Anti-virus is important but limited in capability Antivirus - Antispyware

32 Security Planning: An Applied Approach | 6/13/2016 | 32 Do not open email attachments unless you expect the email with attachment you trust the sender Do not click on links in emails unless you are absolutely sure of their validity Only visit and/or download software from web pages you trust Avoid Social Engineering and Malicious Software

33 Security Planning: An Applied Approach | 6/13/2016 | 33 Web Request Ping Request FTP request Email Connect Request Web Response Telnet Request Email Response SSH Connect Request DNS Request Email Response Web Response Illegal Source IP Address Illegal Dest IP Address Microsoft NetBIOS Name Service Use a Firewall

34 Security Planning: An Applied Approach | 6/13/2016 | 34 Microsoft regularly issues updates to fix security problems Windows Update should automatically install updates. Avoid logging in as administrator Protect your Operating System

35 Security Planning: An Applied Approach | 6/13/2016 | 35 Create a Good Password

36 Security Planning: An Applied Approach | 6/13/2016 | 36 Combine 2 unrelated words Mail + phone = m@!lf0n3 Abbreviate a phraseMy favorite color is blue= Mfciblue Music lyricDeck the halls with boughs of holly, Fa la la la la la la la la la Dthwboh,F9xl Create a Good Password, Cont’d

37 Security Planning: An Applied Approach | 6/13/2016 | 37 Password Recommendations PCI DSS vers. 3 [PCIv3] CIS Microsoft Windows 8 [CIS8] Password length7 characters14 characters Account lockout threshold6 invalid attempts5 invalid attempts Account lockout duration (clears lockout counter) 30 minutes15 minutes Screen saver time-out15 minutes Max. password age90 days60 days Min. password ageNot specified1 day Password history retention424 Password complexity requirements Numeric and alphabetic3 of 4: uppercase alpha, lowercase alpha, numeric, punctuation

38 Security Planning: An Applied Approach | 6/13/2016 | 38 Always use secure browser to do online purchasing Never use a Debit card on-line.  Frequently delete temp files, cookies, history, saved passwords etc. https:// Symbol showing enhanced security Kind-of Secure On-line Financial Transactions

39 Security Planning: An Applied Approach | 6/13/2016 | 39 Disappearing info: Malware, ransomware, disk failure, … What information is important to you? Is your back-up: Recent? Off-site & Secure? Process Documented? Tested? Encrypted? Back up Important Information

40 Security Planning: An Applied Approach | 6/13/2016 | 40 Threat TypeYear: Example Threats Experiment1984: Fred Cohen publishes “Computer Viruses: Theory and Experiments” Vandalism1988: Jerusalem Virus deletes all executable files on the system, on Friday the 13 th. 1991: Michelangelo Virus reformats hard drives on March 6, Michelangelo’s birthday. Hactivism2010: Anonymous’ Operation Payback hits credit card and communication companies with DDOS after payment cards refuse to accept payment for Wiki-Leaks. Cyber-crime2007: Zeus Trojan becomes ‘popular’; turns computers into zbots and spyware steals payment card numbers. 2008, 2009: Gonzales re-arrested for sniffing WLANs and implanting spyware, affecting 171 million credit cards. 2013: In July 160 million credit card numbers are stolen via SQL Injection Attack. In Dec., 40 million credit card numbers and 70 million customer information are stolen through Target stores. California indicates 167 data breaches are reported this year. Information Warfare 2007, 2008: Russia launches DDOS attack against Estonia, then Georgia news, gov’t, banks 2010: Stuxnet worm disables 1000 of Iran’s nuclear centrifuges. Surveillance State 2012: State affiliated actors mainly tied to China quietly attack U.S./foreign businesses to steal intellectual property secrets, summing to 19% of all forensically analyzed breaches 2013: Lavabit closes secure email service rather than divulge corporate private key to NSA without customers’ knowledge. Summary – Examples of Types

Download ppt "Security Planning Susan Lincke Security Awareness: Brave New World."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
User Awareness and Practices B Phaneuf 2014.  The internet allows an attacker to attack from anywhere on the planet.  Risks caused by poor security.

User Awareness and Practices B Phaneuf  The internet allows an attacker to attack from anywhere on the planet.  Risks caused by poor security.
User Awareness and Practices.  The internet allows an attacker to attack from anywhere on the planet.  Risks caused by poor security knowledge and practice:

User Awareness and Practices.  The internet allows an attacker to attack from anywhere on the planet.  Risks caused by poor security knowledge and practice:
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
User Awareness and Practices

User Awareness and Practices
 Surveillance State  Information Warfare  Cyber Crime  Hacktivism  Vandalism  Experimentation.

 Surveillance State  Information Warfare  Cyber Crime  Hacktivism  Vandalism  Experimentation.
Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.

Viruses,Hacking and Backups By Grace Mackay 8K Viruses Hacking and Hackers Backups.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Viruses & Destructive Programs

Viruses & Destructive Programs
Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.

Trojan Horse Implementation and Prevention By Pallavi Dharmadhikari Sirisha Bollineni VijayaLakshmi Jothiram Vasanthi Madala.
Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.

Computer security virus, hacking and backups. Computer viruses are small software programs that are designed to spread from one computer to another.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Similar presentations

Ads by Google