We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byKatherine Walford
Modified over 2 years ago
Slide 11 June 2014© IRM Plc 2001 Eaten by the Worms Eaten by the Worms The perils of network hostile code Dr Neil Barrett Technical Director - IRM Plc 27 th September 2001 – Hong Kong
Slide 21 June 2014© IRM Plc 2001 Introduction Nature and development of Computer Worms Risk elements and damage potential Responses and preparation work Future of worms Conclusion
Slide 31 June 2014© IRM Plc 2001 What is a Computer Worm? A self-replicating program Copies itself from system to system Free-standing and complete Not really a virus But can carry a hostile Payload
Slide 41 June 2014© IRM Plc 2001 Where did Worms come from? Self-replicating programs in early 1984 By mid 1984 had become network mobile First viruses start to be proposed By 1985, self-replicating programs through trust networks Hostile viruses arise And then along came Robert Morris Jnr…
Slide 51 June 2014© IRM Plc 2001 The Morris Worm First true Exploit Worm Used a security weakness to force replication –I.e., outside of the trust network Also followed trust network, but interest is in the exploit aspects Used a then new trick called Buffer Overflows
Slide 61 June 2014© IRM Plc 2001 The Morris Worm (2) Buffer overflows first proposed by Morris Snr Now well known, but then very new Allowed worm to be an automated hacker Did nothing deliberately damaging –Indeed, believed to have been loosed accidentally But resulted in system flooding
Slide 71 June 2014© IRM Plc 2001 Worms since Morris Took a few years for subsequent worms More interest in viruses Worms scripted to use emerging exploits –E.g., Word macro, Unicode, etc Slowly became objective focused
Slide 81 June 2014© IRM Plc 2001 Development of Worms Most early worms achieved no objective Damage resulted from flooding or from panic Solitary objective was self-propagation More recent worms grab and copy some information –E.g., PGP information Some military use of focused worms
Slide 91 June 2014© IRM Plc 2001 How do Modern Worms Work? E.g., NIMDA spread from server to server through Web exploits Spread from client to client through executables –I.e., persuasive mail attachments Potential for uncontrollable executables –I.e., Web pages, Outlook preview panel, etc
Slide 101 June 2014© IRM Plc 2001 Risk Elements and Damage Potential Essentially threefold Flooding and related panic behavior –System shutdown and associated costs Or information leakage –Leakage is so far only limited Or a set of destructive payloads –I.e., resetting BIOS and system information
Slide 111 June 2014© IRM Plc 2001 How Great a Risk? Reputation, financial, security risks Damage, disclosure or distrust of stored information Costs of repair or of business loss Reputation risks depend on worm publicity profile –I.e., wide spreading worm carries low reputation risk
Slide 121 June 2014© IRM Plc 2001 Countermeasures Best approach is to know ones exposure Not virus related But hacker related Best option is to have had focused, audit-based penetration testing –Because worms now use well-known hacking tricks –These can be looked for and removed
Slide 131 June 2014© IRM Plc 2001 Countermeasures (2) Constant system monitoring and correction of known existing weaknesses A culture of security awareness –Limits executable tricks An alert system management staff –That are a part of the community No Head in the Sand attitude –Share information and experiences
Slide 141 June 2014© IRM Plc 2001 Future No reason at all to believe that worms will stop! Increasing sophistication –More clever option controls –Multiple exploit selection –Multi-platform and multi-environment Increasing incidence of hostile intent Growth into non-IP environment –Mobile phones? PDA?
Slide 151 June 2014© IRM Plc 2001 Conclusion Best defense comes from knowledge Knowledge comes from testing Correct the faults shown through testing Share information with others Dont expect this problem to go away!
Slide 161 June 2014© IRM Plc 2001 Thank You! Dr Neil Barrett Technical Director – IRM Plc Tel: + 44 (0) Richard Stagg Managing Consultant – IRM Asia Level 30 Bank of China Tower Tel:
Cross-Disciplinary Thinking Nick Feamster and Alex Gray CS 7001.
1 Security Awareness 101 ……and Beyond 20th Annual Computer Security Applications Conference December 6, 2004 Tucson, Arizona Kelley Bogart Melissa Guenther.
© 2009 Pearson Education, Inc. Publishing as Prentice Hall Chapter 9 Pankos Business Data Networks and Telecommunications, 7th edition © 2009 Pearson Education,
Outcomes Why are computer networks vulnerable? Methods used by hacker to gain unauthorised access Viruses –Different type of viruses –How do viruses infect.
Logical IT Security By Prashant Mali.
ASWEC 2008Slide 1 Construction by Configuration: An opportunity for SE research Prof. Ian Sommerville St Andrews University Scotland.
McGraw-Hill/Irwin Copyright © 2008, The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin Copyright © 2008 The McGraw-Hill Companies, Inc.
1 Information Security and Privacy Training for [the Agency] Information System Security Officers June 12 & 13, 2000.
ICT Environment: Internet Architecture, Growth, Governance and Security Overview EACO ICT Conference on Broadband Access for All.
Course Overview and Internet Architecture CS 7260 Nick Feamster January 8, 2007.
Malware, Viruses, Worms Nick Feamster CS 6262 Spring 2009.
The. of and a to in is you that it he for.
Insecurity and the Internet OWASP DAY #1 / 2009 – Auckland New Zealand.
SECURITY AWARENESS. The Importance of Security Awareness Training Security Awareness Training provides the knowledge to protect information systems and.
Threats of Computing in a Virus-Filled World or, how I stopped worrying and learned to love the worm…. Dr. John Johnson, CISSP.
Notes to Reviewers: Some individual slides in this storyboard represent one page that will be developed in the e-learning. There are also multiple slide.
Manage an IT Project. Aim This presentation is prepared to support and give a general overview of the ‘How to Manage and IT Project’ Guide and should.
Computer Vulnerabilities 1. 1.Overview 2. 2.Threats to Computer Systems 3. 3.How Hackers Work 4. 4.Using the Internet Securely 5. 5.How We Make It Easy.
E. Gelbstein A. Kamal Information Insecurity Part II: The Solution Next slide: PgDn or Click Previous slide: PgUp To quit the presentation: Esc 1 of 48.
What happened to IPv5? and other oft asked IPv6 questions The Internet Society, IPv6 and You Susan Estrada.
IT Security Auditing. Topics Defining IT Audit Risk Analysis Internal Controls Steps of an IT Audit Preparing to be Audited Auditing IT Applications Who.
No 1 IT Governance – how to get the right and secured IT services Bjorn Undall and Bengt E W Andersson The Swedish National Audit Office Oman
Normalization Building Database Relationships. page 21/4/2014 Presentation Normalization Youve been creating tables without giving much thought to them.
Overview of Quality of Service (QoS) APT-ITU workshop on the International Telecommunications Regulations Bangkok, 6-8 February 2012 Richard Hill, ITU.
Copyright 2001 Brett J. Trout Security Concerns with e-Commerce Bretttrout.com.
©Ian Sommerville 2000Software Engineering, 6th edition. Chapter 29Slide 1 Chapter 29 Configuration Management.
1 GREY BOX TESTING Web Apps & Networking Session 4 Boris Grinberg
1 GREY BOX TESTING Web Apps & Networking Session 10 Boris Grinberg
© 2016 SlidePlayer.com Inc. All rights reserved.