Chapter 1.  Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan.

Slides:



Advertisements
Similar presentations
ETHICAL HACKING A LICENCE TO HACK
Advertisements

Introduction and Overview of Digital Crime and Digital Terrorism
Jacky Altal. T O C  Hackers Terminology  Cyber attacks in 2012 (so far…)  Nations Conflict  Cyber Motives  Characteristics of CyberCrime  DEMO –
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Crime and Security in the Networked Economy Part 4.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Is There a Security Problem in Computing? Network Security / G. Steffen1.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
Lecture 1: Overview modified from slides of Lawrie Brown.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
Security, Privacy, and Ethics Online Computer Crimes.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
1 Telstra in Confidence Managing Security for our Mobile Technology.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 1 Introduction to Security.
Introducing Computer and Network Security
1 Pertemuan 6 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.
Chapter 1 Introduction to Security
Comp 8130 Presentation Security Testing Group Members: U Hui Chen U Ming Chen U Xiaobin Wang.
CYBER CRIME AND SECURITY TRENDS
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Introduction and Security Trends Chapter 1.
Securing Information Systems
Section 11.1 Identify customer requirements Recommend appropriate network topologies Gather data about existing equipment and software Section 11.2 Demonstrate.
Computer Crime and Information Technology Security
Cyber Crimes.
PART THREE E-commerce in Action Norton University E-commerce in Action.
 Computer Hacking is the practice of modifying computer hardware and software to accomplish a goal outside of the creator’s original purpose.  the act.
Information Security Rabie A. Ramadan GUC, Cairo Room C Lecture 2.
What does “secure” mean? Protecting Valuables
Security Awareness: Applying Practical Security in Your World Chapter 1: Introduction to Security.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.
Introduction to Computer Ethics
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
Chapter 8 Technology and Auditing Systems: Hardware and Software Defenses.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
© 2007 Cisco Systems, Inc. All rights reserved.ICND1 v1.0—1-1 Building a Simple Network Securing the Network.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
Lesson 7-Managing Risk. Overview Defining risk. Identifying the risk to an organization. Measuring risk.
APPLICATION PENETRATION TESTING Author: Herbert H. Thompson Presentation by: Nancy Cohen.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
Topic 5: Basic Security.
Introduction: Information security services. We adhere to the strictest and most respected standards in the industry, including: -The National Institute.
CS 4001Mary Jean Harrold1 Class 25 ŸComputer crime ŸAssign ŸTerm paper—due 11/20.
PENETRATION TESTING. A scare at bedtime! There is no hiding place, you can be found through a variety of means: DNS, Name Server Lookup, NSlookup, Newsgroups,
CONTROLLING INFORMATION SYSTEMS
Computer Security By Duncan Hall.
Lesson 1-Introduction and Security Trends. Background  Terrorists have targeted people and physical structures. – The average citizens are more likely.
Chapter 1 Introduction to Electronic Commerce. Learning Objectives In this chapter, you will learn about: The basic elements of electronic commerce Differences.
Safe’n’Sec IT security solutions for enterprises of any size.
Computer threats, Attacks and Assets upasana pandit T.E comp.
C OMPUTER THREATS, ATTACKS AND ASSETS DONE BY NISHANT NARVEKAR TE COMP
Whats it all about?.  C omputer crime refers to any crime that involves a computer and a network. The computer may have been used in the commission of.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
External Threats Internal Threats Nation States Cyber Terrorists Hacktivists Organised criminal networks Independent insider Insider planted by external.
1 Figure 1-3: Attack Trends Growing Incident Frequency  Incidents reported to the Computer Emergency Response Team/Coordination Center  1997: 2,134.
Department of Computer Science Introduction to Information Security Chapter 7 Activity Security Assessment Semester 1.
By: Taysha Johnson. What is an insider threat? 1.A current or former employee, contractor, or other business partner who has or had authorized access.
Principles of Computer Security, Fourth Edition Copyright © 2016 by McGraw-Hill Education. All rights reserved. Introduction and Security Trends Chapter.
Issues and Protections
Common Methods Used to Commit Computer Crimes
Threats By Dr. Shadi Masadeh.
Chapter 11 crime and security in the networked economy
CSI Survey 2007 Tiffany Gorman
Chapter # 3 COMPUTER AND INTERNET CRIME
Presentation transcript:

Chapter 1

 Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan

 Terrorists and Terrorism is a real treat.  They have targeted people and physical structure.  Average citizens are more likely to be the targets of an attack on their computers rather then to be the direct victims of a terrorist attack. 3 Prepared by Mohammed Saher Hasan

4

 Fifteen year ago: ◦ Few people had access to a computer system or a network. ◦ Securing these systems was easier. ◦ Companies did not conduct business over the Internet.  Today, companies rely on the Internet to operate and conduct business. 5 Prepared by Mohammed Saher Hasan

 Networks are used to transfer vast amounts of money in the form of bank transactions or credit card purchases.  When money is transferred via networks, people try to take advantage of the environment to conduct fraud or theft. 6 Prepared by Mohammed Saher Hasan

 There are various ways to attack computers and networks to take advantage of what has made shopping, banking, investment, and leisure pursuits a matter of “dragging and clicking” for many people. ◦ Identity theft is common today. 7 Prepared by Mohammed Saher Hasan

 Electronic crime can take different forms.  The two categories of electronic crimes are: ◦ Crimes in which the computer is the target of the attack. ◦ Incidents in which the computer is a means of perpetrating a criminal act. 8 Prepared by Mohammed Saher Hasan

 In a highly networked world, new threats have developed.  There are a number of ways to break down the various threats. 9 Prepared by Mohammed Saher Hasan

 To break down threats, users need to: ◦ Categorize external threats versus internal threats. ◦ Examine the various levels of sophistication of the attacks from “script kiddies” to “elite hackers.” ◦ Examine the level of organization for the various threats from unstructured to highly structured threats. 10Prepared by Mohammed Saher Hasan

 Employees in an organization may not follow certain practices or procedures because of which an organization may be exposed to viruses and worms.  However, organizations generally do not have to worry about their employees writing or releasing viruses and worms. 11 Prepared by Mohammed Saher Hasan

Viruses and worms:  Are expected to be the most common problem that an organization will face as thousands of them have been created.  Are also generally non-discriminating threats that are released on the Internet and are not targeted at a specific organization. 12 Prepared by Mohammed Saher Hasan

 The act of deliberately accessing computer systems and networks without authorization is called “hacking”.  The term may also be used to refer to the act of exceeding one’s authority in a system.  Intruders are very patient as it takes persistence and determination to gain access to a system. 13 Prepared by Mohammed Saher Hasan

 Intruders, or those who are attempting to conduct an intrusion, are of various types and have varying degrees of sophistication. 14 Prepared by Mohammed Saher Hasan

 At the low end technically are script kiddies.  They do not have the technical expertise to develop scripts or discover new vulnerabilities in software.  They have just enough understanding of computer systems to be able to download and run scripts that others have developed. 15 Prepared by Mohammed Saher Hasan

 Script kiddies are generally not as interested in attacking specific targets.  Script kiddies look for any organization that may not have patched a newly discovered vulnerability for which they have located a script to exploit.  At least 85 to 90% of the individuals conducting “unfriendly” activities on the Internet are probably accomplished by these individuals. 16 Prepared by Mohammed Saher Hasan

 These individuals are capable of writing scripts to exploit known vulnerabilities.  They are more technically competent than script kiddies.  They account for an estimated 8 to 12% of the individuals conducting intrusive activity on the Internet. 17 Prepared by Mohammed Saher Hasan

 Elite hackers are highly technical individuals and are able to: ◦ Write scripts that exploit vulnerabilities. ◦ Discover new vulnerabilities.  This group is the smallest accounting for only 1 to 2% of the individuals conducting intrusive activity. 18 Prepared by Mohammed Saher Hasan

Elite Hackers Sophisticated Intruders Script Kiddies 19 Prepared by Mohammed Saher Hasan

Insiders:  Are more dangerous than outside intruders.  Have the access and knowledge necessary to cause immediate damage to an organization. 20 Prepared by Mohammed Saher Hasan

 Most security is designed to protect against outside intruders and thus lies at the boundary between the organization and the rest of the world.  Besides employees, insiders also include a number of other individuals who have physical access to facilities. 21 Prepared by Mohammed Saher Hasan

 Attacks by individuals or even small groups of attackers fall into the unstructured threat category.  Attacks at this level are generally conducted over short periods of time (lasting at most a few months).  They do not involve a large number of individuals, and have little financial backing.  They do not include collusion with insiders. 22 Prepared by Mohammed Saher Hasan

 Criminal activity on the Internet at its most basic is not different than criminal activity in the physical world.  A difference between criminal groups and the “average” hacker is the level of organization that criminal elements may employ in their attack. 23 Prepared by Mohammed Saher Hasan

Attacks by criminal organizations can fall into the structured threat category, which is characterized by: ◦ Planning. ◦ Long period of time to conduct the activity. ◦ More financial backing. ◦ Corruption of or collusion with insiders. 24 Prepared by Mohammed Saher Hasan

 As nations become dependent on computer systems and networks, essential elements of the society might become a target.  They might be attacked by organizations or nations determined to adversely affect another nation. 25 Prepared by Mohammed Saher Hasan

 Many nations today have developed to some extent the capability to conduct information warfare.  Information warfare is warfare conducted against information and the information-processing equipment used by an adversary. 26 Prepared by Mohammed Saher Hasan

 Highly structured threats are characterized by: ◦ A long period of preparation (years is not uncommon). ◦ Tremendous financial backing. ◦ A large and organized group of attackers.  These threats may not only include attempts to subvert insiders, but also include attempts to plant individuals inside potential targets before an attack. 27 Prepared by Mohammed Saher Hasan

 In information warfare, military forces are certainly still a key target  Other likely targets can be the various infrastructures that a nation relies on for its daily existence. 28 Prepared by Mohammed Saher Hasan

 Critical infrastructures are those infrastructures whose loss would have a severe detrimental impact on a nation.  Examples: ◦ Water. ◦ Electricity. ◦ Oil and gas refineries and distribution. ◦ Banking and finance. ◦ Telecommunications. 29 Prepared by Mohammed Saher Hasan

 Many countries have already developed a capability to conduct information warfare.  Terrorist organizations can also accomplish information warfare. 30 Prepared by Mohammed Saher Hasan

 Terrorist organizations are highly structured threats that: ◦ Are willing to conduct long-term operations. ◦ Have tremendous financial support. ◦ Have a large and organized group of attackers. 31 Prepared by Mohammed Saher Hasan

 The type of individual who attacks a computer system or a network has also evolved over the last 30 years. ◦ The rise of non-affiliated intruders, including “script- kiddies,” has greatly increased the number of individuals who probe organizations looking for vulnerabilities to exploit. 32 Prepared by Mohammed Saher Hasan

 Another trend that has occurred is: as the level of sophistication of attacks has increased, the level of knowledge necessary to exploit vulnerabilities has decreased. 33 Prepared by Mohammed Saher Hasan

 The two most frequent types of attacks have remained constant with viruses and insider abuse of net access being the most common. 34 Prepared by Mohammed Saher Hasan

 When a computer system is attacked, it is either specifically targeted by the attacker, or it is an opportunistic target. 35 Prepared by Mohammed Saher Hasan

 In the first case, the attacker chooses the target not because of the hardware or software the organization is running but for some other reason, such as a political reason. 36 Prepared by Mohammed Saher Hasan

 The second type of attack, an attack against a target of opportunity, is conducted against a site that has hardware or software that is vulnerable to a specific exploit.  The attackers, in this case, are not targeting the organization. Instead, they have learned of a vulnerability and are looking for an organization with this vulnerability that they can exploit. 37 Prepared by Mohammed Saher Hasan

 Targeted attacks are more difficult and take more time than attacks on a target of opportunity. ◦ The second type of attack relies on the fact that with any piece of widely distributed software, there will almost always be somebody who has not patched the system. 38 Prepared by Mohammed Saher Hasan

 The steps an attacker takes in attempting to penetrate a targeted network are similar to the ones that a security consultant performing a penetration test would take.  The attacker will need to gather as much information about the organization as possible. 39 Prepared by Mohammed Saher Hasan

 There are numerous web sites that provide information on vulnerabilities in specific application programs and operating systems. 40 Prepared by Mohammed Saher Hasan

 In addition to information about specific vulnerabilities, some sites may also provide tools that can be used to exploit vulnerabilities.  An attacker can search for known vulnerabilities and tools that exploit them, download the information and tools, and then use them against a site. 41 Prepared by Mohammed Saher Hasan

 The first step in the technical part of an attack is often to determine what target systems are available and active.  This is often done with a ping sweep, which sends a “ping” (an ICMP echo request) to the target machine. If the machine responds, it is reachable. 42 Prepared by Mohammed Saher Hasan

 The next step is to perform a port scan. This will help identify the ports that are open, which gives an indication of the services running on the target machine. 43 Prepared by Mohammed Saher Hasan

 After determining the services available, the attacker needs to determine the operating system running on the target machine and specific application programs. 44 Prepared by Mohammed Saher Hasan

 The attack may be successful if the administrator for the targeted system has not installed the correct patch.  The attacker will move on to the next possible vulnerability if the patch has been installed. 45 Prepared by Mohammed Saher Hasan

 There are different ways in which a system can be attacked. ◦ Gathering as much information as possible about the target (using both electronic and non-electronic means). ◦ Gathering information about possible exploits based on the information about the system, and then systematically attempting to use each exploit.  If the exploits do not work, other, less system-specific, attacks may be attempted. 46 Prepared by Mohammed Saher Hasan

 Understanding the steps an attacker will take enables to limit the exposure of the system and minimize the avenues an attacker might possibly exploit. 47 Prepared by Mohammed Saher Hasan

 The first step an administrator can take to minimize the possible attacks is to ensure that all patches for the operating system and the applications are installed.  The second step an administrator can take is to limit the services running on a system.  Another step that can be taken to minimize the possible avenues of attack is to provide as little information as possible on an organization and its computing resources. 48 Prepared by Mohammed Saher Hasan

 There are a number of ways that a computer system or a network can be attacked.  Attacks can result in one of a few general consequences: ◦ A loss of confidentiality where information is disclosed to unauthorized individuals. ◦ A loss of integrity where information is modified by unauthorized individuals. ◦ A loss of availability where information or the systems processing it are not available for authorized users. 49 Prepared by Mohammed Saher Hasan

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.