Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information Assurance and Computer Security. OVERVIEW Threat defined Categories of threats Specific types of threats Historical turncoats Your responsibilities.

Published byIan Drake Modified over 10 years ago

Similar presentations

Presentation on theme: "Information Assurance and Computer Security. OVERVIEW Threat defined Categories of threats Specific types of threats Historical turncoats Your responsibilities."— Presentation transcript:

1 Information Assurance and Computer Security

2

3 OVERVIEW Threat defined Categories of threats Specific types of threats Historical turncoats Your responsibilities

4 What is a threat? Any circumstance or event with the potential to cause harm to an information system in the form of destruction, disclosure, adverse modification of data, and/or denial of service Current and perceived capability, intention, or attack directed to cause denial of service, corruption, compromise, or fraud, waste, and abuse to an information system

5 Categories of Threats Technical - hardware, software, or design deficiency … often vulnerable right out of the box Administrative - inadequate or incorrect implementation of existing security features - not a design flaw but rather poor policy, process or procedure

6 What are the types of threats? Unintentional Threats - spilled food or liquid - downloaded game or software - disabled anti-virus software - unattended computer with no locked keyboards or screensavers - accidental deletion or modification of files

7 Types of Threats …contd Intentional Threats - - Social engineering - Elicitation - Computer network attack - The insider threat

8 Types of Threats... contd Intentional Threats - Social engineering - Elicitation - Computer network attack - The insider threat

9 Types of Threats... contd Intentional Threats - Social engineering - Elicitation - Computer network attack How are they attacked? - The insider threat

10 Intentional Threats … contd - Computer network attacks The Internet…perhaps our largest daily threat --Cookies --Mobile code, malicious code & spy-ware --Use of home internet service provider --OPSEC…or lack of it --Distributed denial of service --Hoaxes --Spam

11 Types of Threats... contd Intentional Threats - Social engineering - Elicitation - Computer network attack - The insider threat

12 Would insiders really steal information?

13 Famous Turncoats Benedict Arnold - Appointed by George Washington to a position in the Continental Congress…a trusted position. - He was caught trying to smuggle classified documents to the British in 1780.

14 Famous Turncoats The Rosenburgs (Ethel and Julius) Controversial case; convicted of spying for the Soviet Union Passed secret of the A bomb to the Soviets (from the Manhattan Project) Judge Irving Kaufman found them guilty of espionage and said they contributed to the communist aggression and 50,000 deaths of the Korean War.

15 Famous Turncoats Both were executed in 1953 for Conspiracy to Commit Espionage. In 1995 NSA released de-crypted evidence of their involvement. In his memoirs posthumously published in 1990 Nitkita Khrushchev praised both of them for their very significant help in the production of the atomic bomb.

16 Famous Turncoats Aldrich Ames …The Chief of Counterintelligence in Eastern Europe and the Soviet Union CIA employee for 31 years Sold the names of all his co-worker spies to the Soviet Union for $50,000 The most damaging spy case in the history of this country……. NSI, 1995… NSI. org

17 Famous Turncoats Ultimately betrayed more than 100 operations and received $3 million. His betrayal led to the execution of 10 KGB (Soviet) double agents and 11 US agents. CIA IG report 1994

18 Famous Turncoats A little close to home……. Brian P. Regan…w orked for the super-secret National Reconnaissance Office; they design and operate spy satellites…Top Secret information Arrested Aug 23, 2002, with classified information in his possession Stole, copied, and buried over 20,000 pages of documents classified as Top Secret or higher…

19 Brian Regan Buried documents in 19 locations including state parks…detailed information on satellites, early warning systems, missile site coordinates, and WMD Wrote letter to Saddam Hussein…offered to sell Top Secret information for $13 million …also had identical letters on his computer to China, Iran, and Libya Regan was bitter over the small pension received for years of service….. who was the service with?

20 A little close to home ……………… Brian P. Regan Master Sergeant, USAF, Retired 38 year-old, father of four, deeply in debt and in 2003 sentenced to life in prison…lost his small pension

21

22

23 What can I do to help? What are my Responsibilities? Fight the insider threat - protect your access to information (physical access)…keys/doors, personnel rosters...physical security -protect your electronic access…dont share passwords, access cards, codes, etc. -report shoulder surfers or suspicious activity

24 What are my Responsibilities? Use your virus software –Run on start-up and weekly minimum –Use it on your home computer too – Scan all removable media (disks, DVDs,CDs) before each use – Save and scan attachments (especially all high risk)

25 What Are My Responsibilities? Dont load software or programs on government computers without permission. -including freeware Dont talk about official business in open chat rooms or forums.

26 What are my Responsibilities? Dont post your email address in chat rooms, forums, or message boards. Report violations or suspicious activity. -pornography -loading personal software -revealing sensitive information -failure to take security measures

27 SUMMARY Threat defined Categories of threats Specific types of threats Historical turncoats Your responsibilities

28 The truth is that theres an enemy that still lurks out there. And we must continue to work together to protect our country…the most solemn duty of government is to protect American people. George W. Bush, January 23, 2004

Download ppt "Information Assurance and Computer Security. OVERVIEW Threat defined Categories of threats Specific types of threats Historical turncoats Your responsibilities."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Cyber Safety Assessment Review

Cyber Safety Assessment Review
Let’s Talk About Cyber Security

Let’s Talk About Cyber Security
Thank you to IT Training at Indiana University Computer Malware.

Thank you to IT Training at Indiana University Computer Malware.
Introduction and Overview of Digital Crime and Digital Terrorism

Introduction and Overview of Digital Crime and Digital Terrorism
Implications and Security Issues of the Internet By Neelesh Patel.

Implications and Security Issues of the Internet By Neelesh Patel.
Chapter 18 Section 3 The Cold War at Home.

Chapter 18 Section 3 The Cold War at Home.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.

Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.

E-Commerce Security Issues. General E-Business Security Issues Any E-Business needs to be concerned about network security. The Internet is a “ public.
Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.

Managing Information Systems Information Systems Security and Control Part 1 Dr. Stephania Loizidou Himona ACSC 345.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Security, Privacy, and Ethics Online Computer Crimes.

Security, Privacy, and Ethics Online Computer Crimes.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Qualitative.
Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.

Privacy & Security By Martin Perez. Introduction  Information system - People : meaning use, the people who use computers. - Procedures : Guidelines.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Threats and Attacks Principles of Information Security, 2nd Edition

Threats and Attacks Principles of Information Security, 2nd Edition
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.

Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Computer Viruses. Where the name came from This is a phrase coined from biology to describe a piece of software that behaves very much like a real virus.

Computer Viruses. Where the name came from This is a phrase coined from biology to describe a piece of software that behaves very much like a real virus.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.

Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
TRACs Security Awareness FY2009 Office of Information Technology Security 1.

TRACs Security Awareness FY2009 Office of Information Technology Security 1.

Similar presentations

Ads by Google