Presentation is loading. Please wait.

Presentation is loading. Please wait.

I NFORMATION S ECURITY University of Notre Dame. W HAT D OES I NFOSEC D O ? University of Notre Dame.

Published byGwendolyn Casey Modified over 8 years ago

Similar presentations

Presentation on theme: "I NFORMATION S ECURITY University of Notre Dame. W HAT D OES I NFOSEC D O ? University of Notre Dame."— Presentation transcript:

1 I NFORMATION S ECURITY University of Notre Dame

2 W HAT D OES I NFOSEC D O ? University of Notre Dame

3 I NFORMATION S ECURITY T EAM David Seidl James Smith Brandon Bauer Jaime Preciado-Beas Jason Williams Aaron Wilkey Kolin Hodgson

4 I NFORMATION S ECURITY T EAM Who do I contact if I have a question? Phone:1-3888 Email: infosec@nd.edu In person: Visit the Duty Officer of the day. After hours: contact Ops

5 I NFRASTRUCTURE

6 N ETWORK F LOW E XAMPLE

7 N ETWORK F LOW TO I NDIA

8 S OME OF OUR S ERVICES Web Inspect Risk Assessment Compliance Support (PCI-FERPA-HIPAA) Advisories Vulnerability Management (Qualys) Data Center Firewall Management

9 C OMPUTER F ORENSICS We know what you did. YES YOU

10 C OMPUTER F ORENSICS Investigations occur after approval from the CIO, Office of General Counsel, and/or HR Investigations can occur on any electronic device Windows, MacOS, Linux based systems, and others Mobile devices Network devices Mostly HR or Incident Response

11 C ONSULTS Security Assessments Cloud/Vendor Security Assessments Virtualization Education

12 P OLICIES AND S TANDARDS Information Security Policy http://policy.nd.edu/policy_files/InformationSecurityPolicy.pdf Highly Sensitive Information http://oit.nd.edu/policies/itstandards/infohandling.shtml Responsible Use http://policy.nd.edu/policy_files/ResponsibleUseITResourcesPolicy.pdf Security Configuration Standards https://secure.nd.edu/standards/index.shtml

13 DNS B LACKLIST Implemented May 2012 Redirects URLs through DNS to prevent users from visiting malicious web pages URL lists (feeds) are from known security vendors, e.g. SANS Refreshed daily URLs can be white listed by contacting the help desk Manually blacklist as phishing attacks occur. To try this visit 12345.com from campus

14

15 DNS B LACKLIST

16 DNS B LACKLIST T ESTING

17 C REDIT C ARD S UPPORT P ROGRAM (CCSP) Separate network behind its own firewall Credit Card processing environment for ND merchants All ND merchants required to comply with PCI DSS Governance body Information: ccsp.nd.edu or ccsp@nd.edu

18 T EAM G HOST S HELL Project WestWind

19 W HO IS TEAM G HOST S HELL ? “Hactivists” focused on hacking to bring awareness for what they consider to be the greater good Team GhostShell has made successful dumps prior to Project West Wind IT Wall Street: Dumped 50,000 accounts to support the occupy Wall Street movement Project Dragonfly: Dumped 200,000 accounts to support freedom of speech in communist countries Project WestWind Target: 100 top universities across the world Purpose: To bring attention to the decaying status of higher education around the world Outcome: A massive dump of over 120k student/faculty/staff records pulled from university servers The Data: Usernames, passwords, phone numbers, class numbers, and more

20 T HE A TTACK ! SQL Injection: A code injection technique that exploits a security vulnerability in a website's software. GhostShell was able to take advantage of vulnerabilities in the web applications of the targeted universities to gain access to their servers The vulnerabilities were most likely exploited using SQL injection The attack took up to four months to prepare according to Aaron Titus of Identity Finder (Chief Privacy Officer)

21 The Damage Reputation: Anytime there is a data leak, the reputation of the institution is affected Reputation: GhostShell also found many of the machines were already exploited existing exploits. Some of these stored credit card information. Cost: Notification and credit monitoring for those whose information was leaked Sample of Affected Universities University of Michigan (7 servers) University of Wisconsin (4 servers) Cornell University (3 servers) Tokyo University (4 servers) Stanford (2 servers) Cambridge (2 servers) Arizona State (3 servers)

22 H OW N OTRE D AME A VOIDED THE I NCIDENT Vigilantly scanning all web applications using tools such as HP Webinspect Limited the exposure of public facing servers with the zone network project and other efforts across the university Luck?

23 W ILL G HOST S HELL GET CAUGHT ? It is unlikely that anyone from team GhostShell will get caught. The team used TOR (anonymity network) to extract and dump the data. This allowed them to mask their location through a network of anonymous proxies around the world.

24 Q UESTIONS Y OU A SKED

25 H OW DO N ET ID S GET C OMPROMISED ? Phishing

26

27

28

29

30

31

32

33 M ALWARE

34 P OOR P ASSWORDS

35

36 P OOR P ASSWORD GoIrish, GoIrish1, GoIrish! password, P@ssword 123123, 12345678, abc123, qwerty iloveyou jesus Trustno1, letmein ashley, Ashley1983 ninja, mustang, dragon

37 Q UESTIONS W E DIDN ’ T A NSWER 1. List all of the security software the University licenses There’s a lot: check the software downloads page for many approved software packages. If you have a specific need, drop us a line. 2. Common ePO troubleshooting steps Rather than talk to the entire room about these, we’ll schedule an ePO users group meeting.

Download ppt "I NFORMATION S ECURITY University of Notre Dame. W HAT D OES I NFOSEC D O ? University of Notre Dame."

Similar presentations

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.

Overview of local security issues in Campus Grid environments Bruce Beckles University of Cambridge Computing Service.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
7 Effective Habits when using the Internet Philip O’Kane 1.

7 Effective Habits when using the Internet Philip O’Kane 1.
C USTOMER CREDIT CARD AND DEBIT CARD SECURITY (PCI – DSS COMPLIANCE) What is PCI – DSS Compliance and Who needs to do this?

C USTOMER CREDIT CARD AND DEBIT CARD SECURITY (PCI – DSS COMPLIANCE) What is PCI – DSS Compliance and Who needs to do this?
Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.

Part 2 of Evil Lurking in Websites Data Security at the University of Wisconsin Oshkosh.
Property of the University of Notre Dame Navigating the Regulatory Maze: Notre Dame’s PCI DSS Solution EDUCAUSE Midwest Regional Conference March 17, 2008.

Property of the University of Notre Dame Navigating the Regulatory Maze: Notre Dame’s PCI DSS Solution EDUCAUSE Midwest Regional Conference March 17, 2008.
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
Network security policy: best practices

Network security policy: best practices
Instant Messaging Security Flaws By: Shadow404 Southern Poly University.

Instant Messaging Security Flaws By: Shadow404 Southern Poly University.
© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Strategies in Linux Platforms and.

© 2013 Jones and Bartlett Learning, LLC, an Ascend Learning Company All rights reserved. Security Strategies in Linux Platforms and.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Website Hardening HUIT IT Security | Sep 30 2011.

Website Hardening HUIT IT Security | Sep
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
Presentation By Deepak Katta

Presentation By Deepak Katta
Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.

Information Security Introduction to Information Security Michael Whitman and Herbert Mattord 14-1.
An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.

An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Teresa Macklin Information Security Officer 27 May, 2009 Campus-wide Information Security Activities.

Similar presentations

Ads by Google