Presentation is loading. Please wait.

Presentation is loading. Please wait.

Why Be Concerned About Network and Internet Security? Computer Crime (cybercrime) – Any illegal act involving a computer, including: Theft of financial.

Published byCarol Ferguson Modified over 7 years ago

Similar presentations

Presentation on theme: "Why Be Concerned About Network and Internet Security? Computer Crime (cybercrime) – Any illegal act involving a computer, including: Theft of financial."— Presentation transcript:

1

2 Why Be Concerned About Network and Internet Security? Computer Crime (cybercrime) – Any illegal act involving a computer, including: Theft of financial assets Manipulating data for personal advantage Act of sabotage Releasing a computer virus Shutting down a Web server Phishing and Internet scams Understanding Computers in a Changing Society, 5th Edition 2

3 Unauthorized Access and Unauthorized Use Unauthorized Access – Gaining access to a computer, network, file, or other resource without permission Unauthorized Use – Using a computer resource for unapproved activities Codes of Conduct – Used to specify rules for behavior, typically by a business or school – Becker has “Acceptable Usage Policy for Students” Understanding Computers in a Changing Society, 5th Edition 3

4 Unauthorized Access and Unauthorized Use Hacking – Using a computer to break into another computer system Serious threat for individuals, businesses, and the country (national security), i.e., cyberterrorism Hacker stole personal information (e-mail, passwords, and credit card numbers) from 77 million Sony PlayStation network accounts Often performed via wireless networks today – 70% of wireless networks are left unsecured Understanding Computers in a Changing Society, 5th Edition 4

5 Unauthorized Access and Unauthorized Use War Driving – Driving around an area to find a Wi-Fi network to access and use without authorization Mc Donald’s, Starbucks Wi-Fi Piggybacking – Accessing an unsecured Wi-Fi network from the hacker’s current location without authorization Your neighbor Both result in stolen data and possible computer viruses Understanding Computers in a Changing Society, 5 th Edition 5

6 Unauthorized Access and Unauthorized Use – Illegal in some countries—not in U. S. Some States make it illegal – Michigan man found guilty of accessing free Wi-Fi from across the street of a coffee house – Advocates of war driving and Wi-Fi piggybacking feel it is businesses own fault that access points are unprotected Understanding Computers in a Changing Society, 5 th Edition 6

7 Unauthorized Access and Unauthorized Use Interception of Communications – Unsecured (unencrypted) e-mail messages, files, logon information, etc., can be intercepted using packet sniffing software – Intercept credit and debit card information during the card verification process – At restaurant cash registers or gas station debit/credit card readers Understanding Computers in a Changing Society, 5th Edition 7

8 Protecting Against Unauthorized Access and Unauthorized Use Access Control Systems – Used to control access to facilities, computer networks, databases, and Web site accounts Identification Systems – Verify that the person trying to access the facility or system is an authorized user Authentication Systems – Determine if the person is who he or she claims to be Understanding Computers in a Changing Society, 5th Edition 8

9 Protecting Against Unauthorized Access and Unauthorized Use Possessed Knowledge Access Systems – Use information that only the authorized user should know Passwords should be strong and changed frequently Typically used in conjunction with usernames ATM’s use PIN, or personal identification number instead Understanding Computers in a Changing Society, 5th Edition 9

10 Protecting Against Unauthorized Access and Unauthorized Use – Disadvantages Passwords can be forgotten If known, password can be used by someone who is not an authorized user Can be guessed by hacker – Especially if manufacturer’s default password wasn’t changed Understanding Computers in a Changing Society, 5 th Edition 10

11 Protecting Against Unauthorized Access and Unauthorized Use Cognitive Authentication Systems Use information the individual knows or can easily remember (birthplace, pet names, etc.) Used in many password recovery systems – User needs to supply personal information when password is forgotten Understanding Computers in a Changing Society, 5th Edition 11

12 Protecting Against Unauthorized Access and Unauthorized Use Two-factor Authentication – Uses two different methods to authenticate users » Withdrawing of money from a cash machine Only the correct combination of a bank card (something that the user possesses) and a PIN (personal identification number, i.e. something that the user knows) allows the transaction to be carried out. Understanding Computers in a Changing Society, 5 th Edition 12

13 Protecting Against Unauthorized Access and Unauthorized Use Possessed Object Access Systems – Use a physical object an individual has in his/her possession to identify that individual Smart cards – USB security keys or tokens Understanding Computers in a Changing Society, 5th Edition 13

14 Protecting Against Unauthorized Access and Unauthorized Use – Disadvantage - Can be lost or used by an unauthorized individual – Sometimes a username/password or fingerprint is used in conjunction to possessed object as a safeguard Biometric Access Systems – Identifies users by a particular unique biological characteristic – Fingerprint, hand, face, iris, voice, etc. – Data read by biometric reader (fingerprint reader) must match what is stored in a database Understanding Computers in a Changing Society, 5th Edition 14

15 Protecting Against Unauthorized Access and Unauthorized Use – Often used to Control access to secure facilities like businesses or prisons Log on to computers – USB flash drives punch in/out at work, ATM machines, etc. Help law enforcement and the military to identify citizens, criminals, terrorists, etc. Identify individuals in airports (face recognition software) Understanding Computers in a Changing Society, 5th Edition 15

16 Protecting Against Unauthorized Access and Unauthorized Use – Advantages Can only be used by the authorized individual – Identical twins have different fingerprints and irises Cannot be lost or forgotten – Disadvantages Data for authentication cannot be reset if compromised Hardware and software very expensive Understanding Computers in a Changing Society, 5 th Edition 16

17 Protecting Against Unauthorized Access and Unauthorized Use – Controlling Access to Wireless Networks Wi-Fi is less secure then wired networks – Wireless network owners should: » Enable encryption by assigning a network key or passphrase » Network name (SSID) should be turned off Understanding Computers in a Changing Society, 5th Edition 17

18 Protecting Against Unauthorized Access and Unauthorized Use Firewalls – Built into hardware (routers, modems); software (AVG, Norton, etc.); and operating systems (Windows) – Intended to protect a computer or network from unauthorized access – They check all incoming (from the Internet) and outgoing (to the Internet) traffic, and allow only authorized traffic to pass through Understanding Computers in a Changing Society, 5th Edition 18

19 Protecting Against Unauthorized Access and Unauthorized Use – They work by closing down external communications ports to unauthorized computers User can specify what programs are allowed to access the computer They protect against spyware and computer viruses Understanding Computers in a Changing Society, 5 th Edition 19

20 Protecting Against Unauthorized Access and Unauthorized Use Intrusion Prevention System Software – Monitors traffic to try and detect possible attacks – If an attack is discovered, IPS software can immediately block it Understanding Computers in a Changing Society, 5th Edition 20

21 Protecting Against Unauthorized Access and Unauthorized Use Encryption Scrambles contents of e-mail or files to make them unreadable if intercepted Converts data into a form know as cipher It is then decrypted (unscrambled) Secure Web pages using encryption begin with https: and not http: Some services, like Skype, use built-in encryption Understanding Computers in a Changing Society, 5th Edition 21

22 Protecting Against Unauthorized Access and Unauthorized Use Private Key Encryption Uses a single key (a password) to encrypt and decrypt the file The recipient and sender must agree on the private key to be used Private key capabilities are now incorporated into a number of programs Microsoft Office, WinZip, Adobe Acrobat To encrypt a Word document, go to File, Info, Protect Information, Encrypt with Password, and assign a name Understanding Computers in a Changing Society, 5 th Edition 22

23 Protecting Against Unauthorized Access and Unauthorized Use Public Key Encryption Uses two keys (a private key and a public key) to encrypt and decrypt documents – Public key can be given to anyone – Key pairs can be obtained through a Certificate Authority (VeriSign) Various strengths of encryption available – Stronger is more difficult to crack Understanding Computers in a Changing Society, 5th Edition 23

24 Protecting Against Unauthorized Access and Unauthorized Use Understanding Computers in a Changing Society, 5th Edition 24

25 Protecting Against Unauthorized Access and Unauthorized Use Public Hotspot Precautions – Individuals should take additional precautions when using public hotspots in addition to using security software, secure Web pages, VPN’s, and file encryption Understanding Computers in a Changing Society, 5th Edition 25

26 Computer Sabotage – Acts of malicious destruction to a computer or computer resource Launching a computer virus Denial of Service attack – Botnet A group of bots, or zombie computers, that are controlled by a hacker Used by botherders (criminals) to send spam, launch Internet attacks and malware, etc. Botherders often sell their services to clients who send spam, steal identifying information Understanding Computers in a Changing Society, 5th Edition 26

27 Computer Sabotage Computer Viruses and Other Types of Malware – Malware Any type of malicious software Written to damage programs, delete files, erase drives, etc. – Logic bomb – malware program that activates when certain condition is met (particular key is struck) – Time bomb – when a logic bomb is triggered by particular date or time Distributing malware is illegal Understanding Computers in a Changing Society, 5th Edition 27

28 Computer Sabotage – Computer Viruses A software program installed without the user’s knowledge Designed to alter the way a computer operates or to cause harm Often embedded in downloaded programs and e-mail messages (games, videos, music files) – Computer Worm Malicious program designed to spread rapidly by sending copies of itself to other computers over a network Does not infect other files on the infected computer Typically sent as an e-mail attachment Mydoom Worm spread so fast that at one point one out of every 10 e-mails contained the worm Understanding Computers in a Changing Society, 5th Edition 28

29 Computer Sabotage Conficker Worm infected more then 7 million computers Newer worms do not require any action by users – They scan the Internet looking for computers that are vulnerable, and send a copy of themselves to those computers Understanding Computers in a Changing Society, 5 th Edition 29

30 Computer Sabotage – Trojan Horse Malicious program that masquerades as something else Free software, games, greeting cards Records every keystroke on the computer, then sends sensitive information to criminals Cannot copy themselves; must be downloaded and installed Some act as spyware Understanding Computers in a Changing Society, 5th Edition 30

31 Computer Sabotage – Mobile Malware Can infect mobile phones, printers, etc. – Some GPS devices recently found were shipped with malware already installed on them – Infected apps have been found in app stores » Some malware designed to crash phone’s operating system » Others to change icons » Still others to steal sensitive information Mobile phones with Bluetooth are particularly vulnerable to attack Understanding Computers in a Changing Society, 5th Edition 31

32 Computer Sabotage Denial of Service Attacks – Act of sabotage that attempts to flood a network with so much activity that it is unable to function – They target popular Web sites Twitter was shut down for 2 hours – Performed by botnets Multiple home computers used to get the job done – Created by hackers Understanding Computers in a Changing Society, 5 th Edition 32

33 Computer Sabotage Data, Program, or Web Site Alteration – Hacker breaches a computer system in order to delete/change data or modify programs – Student changing grades – Employee performing vengeful acts, such as deleting or changing corporate data – Hacking into, and changing social networking account contents (Facebook pages, Twitter tweets) » Mark Zuckerberg’s account hacked in 2001 to post unauthorized status updates Understanding Computers in a Changing Society, 5th Edition 33

34 Protecting Against Computer Sabotage Antivirus Software – Used to detect and eliminate computer viruses and other types of malware There are more then 286 million threats in existence There’s an average of 73,000 new malware strains each day Understanding Computers in a Changing Society, 5th Edition 34

35 Protecting Against Computer Sabotage Understanding Computers in a Changing Society, 5th Edition 35 Peer-to-peer networks (IM, Napster)

36 Online Theft, Online Fraud, and Other Dot Cons Dot Con – A fraud or scam carried out through the Internet – Data or Information Theft – Stealing an actual computer or mobile device – A hacker gaining unauthorized access – Contact information of 1.6 million Monster.com users stolen – 130 million Heartland credit and debit card information stolen – Hacker got three, 20-year prison terms Understanding Computers in a Changing Society, 5th Edition 36

37 Online Theft, Online Fraud, and Other Dot Cons Identity Theft Using someone else’s identity to purchase goods, obtain new credit cards, bank loans, etc. Information obtained through a computer or stolen documents (pre-approved credit card application sent through mail, picked out of dumpsters) Skimming - illegal device attached to ATM that reads and stores numbers in conjunction with a hidden camera to capture person’s PIN number Understanding Computers in a Changing Society, 5 th Edition 37

38 Online Theft, Online Fraud, and Other Dot Cons Phishing Use of spoofed e-mail messages to gain credit card numbers and other personal data Typically contains a link to a fake Web site After victim clicks a link in the message and supplies sensitive data, that data is sent to the thief Understanding Computers in a Changing Society, 5th Edition 38

39 Online Theft, Online Fraud, and Other Dot Cons Spear Phishing A personalized phishing scheme targeted to specific individuals Often include personalized information to seem more legitimate May impersonate someone in your work place Phishing and spear phishing attempts can occur via IM, text messages (smishing), fake messages sent by eBay, Twitter, or pop-up security alert messages Some use typosquatting, wherein they type slightly different names for the Web site, like www.amazom.com for www.amazon.com, hoping the user won’t notice www.amazon.com Pharming Hacker reroutes traffic intended by commonly used Web site to a fake one Understanding Computers in a Changing Society, 5th Edition 39

40 Protecting Against Online Theft, Online Fraud, and Other Dot Cons Protecting Against Data and Information Theft – Do not give out personal information (Social Security number, mother’s maiden name, etc.) unless absolutely necessary Protecting Against Identity Theft, Phishing, Spear Phishing, and Pharming – Never give out sensitive information by phone or e-mail – Shred documents containing sensitive data, credit card offers, etc., that come through the mail – Don’t place sensitive outgoing mail in your mailbox—go to the post office Understanding Computers in a Changing Society, 5th Edition 40

41 Protecting Against Online Theft, Online Fraud, and Other Dot Cons – Watch bills and credit report to detect identity theft early – Never click a link in an e-mail message to go to a secure Web site—always type the URL in the browser instead – Request a free credit report from 3 major consumer credit bureaus each year Understanding Computers in a Changing Society, 5th Edition 41

42 Protecting Against Online Theft, Online Fraud, and Other Dot Cons Protecting Against Online Auction Fraud and Other Internet Scams – Check online auction seller’s feedback before bidding – Pay for online purchases with a credit card so transactions can be disputed if needed – Use an online payment system like PayPal – Take advantage of buyer protection – Use an escrow service for high-priced items Insures item is specified before payment is released Understanding Computers in a Changing Society, 5th Edition 42

43 Personal Safety Issues Cyberstalking Repeated threats or harassing behavior between adults carried out by e-mail Sending unwanted files Posting inappropriate messages Signing the victim up for offensive material Publicizing contact information Hacking into social networking pages Sometimes escalates to personal violence Understanding Computers in a Changing Society, 5th Edition 43

44 Personal Safety Issues Online Pornography – Difficult to stop due to constitutional rights – Online pornography involving minors is illegal Link between online pornography and child molestation – Internet can make it easier to arrange dangerous meetings between predators and children Thirteen-year old Connecticut girl strangled by 25-year old that she met online Understanding Computers in a Changing Society, 5th Edition 44

45 Personal Safety Issues Cyberbullying – Children or teenagers bullying other children or teenagers via the Internet » E-mails » Social networking sites » Blogs – Common today - estimated to affect 50% of all U. S. teenagers Understanding Computers in a Changing Society, 5th Edition 45

Download ppt "Why Be Concerned About Network and Internet Security? Computer Crime (cybercrime) – Any illegal act involving a computer, including: Theft of financial."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Network and Internet Security

Network and Internet Security
Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9: Network and Internet Security.

Understanding Computers: Today and Tomorrow, 13th Edition Chapter 9: Network and Internet Security.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Today and Tomorrow 12 th Edition Understanding Computers Chapter 9 Network and Internet Security.

Today and Tomorrow 12 th Edition Understanding Computers Chapter 9 Network and Internet Security.
1 MIS 2000 Class 22 System Security Update: Winter 2015.

1 MIS 2000 Class 22 System Security Update: Winter 2015.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.

Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
Network and Internet Security and Privacy.  Explain network and Internet security concerns  Identify online threats.

Network and Internet Security and Privacy.  Explain network and Internet security concerns  Identify online threats.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Network and Internet Security

Network and Internet Security
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Chapter 9: Network and Internet Security. Overview This chapter covers: – Security concerns stemming from the use of computer networks and the Internet.

Chapter 9: Network and Internet Security. Overview This chapter covers: – Security concerns stemming from the use of computer networks and the Internet.
Chapter 9: Securing Your Network and Internet Connections.

Chapter 9: Securing Your Network and Internet Connections.
9 Network and Internet Security CHAPTER TODAY AND TOMORROW

9 Network and Internet Security CHAPTER TODAY AND TOMORROW
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Today and Tomrrow 12 th Edition Understanding Computers Chapter 9 Network and Internet Security.

Today and Tomrrow 12 th Edition Understanding Computers Chapter 9 Network and Internet Security.
1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.

1 Pertemuan 10 Understanding Computers Security Matakuliah: J0282 / Pengantar Teknologi Informasi Tahun: 2005 Versi: 02/02.
Network and Internet Security Chapter 9. 2 Why Be Concerned about Network and Internet Security?  Crime: Illegal activity  Computer crime (cybercrime):

Network and Internet Security Chapter 9. 2 Why Be Concerned about Network and Internet Security?  Crime: Illegal activity  Computer crime (cybercrime):
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.

ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.

Similar presentations

Ads by Google