Download Computer Security Presentation

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
Document related concepts

Post-quantum cryptography wikipedia , lookup

Unix security wikipedia , lookup

Wireless security wikipedia , lookup

Distributed firewall wikipedia , lookup

Cyberwarfare wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Airport security wikipedia , lookup

Next-Generation Secure Computing Base wikipedia , lookup

Computer virus wikipedia , lookup

Cyber-security regulation wikipedia , lookup

Cyberattack wikipedia , lookup

Security-focused operating system wikipedia , lookup

Malware wikipedia , lookup

Microsoft Security Essentials wikipedia , lookup

Social engineering (security) wikipedia , lookup

Mobile security wikipedia , lookup

Computer and network surveillance wikipedia , lookup

Cybercrime wikipedia , lookup

Computer security wikipedia , lookup

Cybercrime countermeasures wikipedia , lookup

Transcript 
1
Information Assurance:
vulnerabilities, threats, and controls
Dr. Wayne Summers
TSYS Department of Computer Science
Columbus State University
[email protected]
http://csc.colstate.edu/summers
3
SQL Slammer
 “It only took 10 minutes for the SQL Slammer
worm to race across the globe and wreak havoc
on the Internet two weeks ago, making it the
fastest-spreading computer infection ever seen.”
 “The worm, which nearly cut off Web access in
South Korea and shut down some U.S. bank
teller machines, doubled the number of
computers it infected every 8.5 seconds in the
first minute of its appearance.”
 It is estimated that 90% of all systems that fell
victim to the SQL Slammer worm were infected
within the first 10 minutes.
4
BLASTER
 On Aug. 11, the Blaster virus and related bugs
struck, hammering dozens of corporations.
 At least 500,000 computers worldwide infected
 Maryland Motor Vehicle Administration shut its
offices for a day.
 Check-in system at Air Canada brought down.
 Infiltrated unclassified computers on the Navy-
Marine intranet.
 In eight days, the estimated cost of damages
neared $2 billion.
5
SOBIG.F
 Ten days later, the SoBig virus took over, causing delays
in freight traffic at rail giant CSX Corp. forcing
cancellation of some Washington-area trains and causing
delays averaging six to 10 hours.
 Shutting down more than 3,000 computers belonging to
the city of Forth Worth.
 One of every 17 e-mails scanned was infected (AOL
detected 23.2 million attachments infected with
SoBig.F)
 Worldwide, 15% of large companies and 30% of small
companies were affected by SoBig - estimated damage
of $2 billion.
6
Information Assurance:
 Definitions
 Vulnerabilities
 Threats
 Controls
 Conclusions
7
Computer Security
8
 the protection of the computer resources
against accidental or intentional disclosure
of confidential data, unlawful modification
of data or programs, the destruction of data,
software or hardware, and the denial of
one's own computer facilities irrespective
of the method together with such criminal
activities including computer related fraud
and blackmail. [Palmer]
Definitions
 vulnerability - weakness in the security
system that might be exploited to cause a
loss or harm.
 threats - circumstances that have the
potential to cause loss or harm. Threats
typically exploit vulnerabilities.
 control - protective measure that reduces a
vulnerability or minimize the threat.
9
10
Vulnerabilities reported
 1995-1999
Year
Vulnerabilities
1995 1996 1997
171 345 311
1998 1999*
262 417
 2000-2003
Year
Vulnerabilities
2000 2001 2002 2003
1,090 2,437 4,129 3,784
 In 2002 over 80 vulnerabilities in IE patched; There are currently
24 items, updated on 2004/01/27.
[http://www.safecenter.net/UMBRELLAWEBV4/ie_unpatched/index.html]
 Incidents reported increased from 82,094 in 2002 to 137,529 in 2003
Security Incidents
Total incidents reported (1988-2003): 319,992. An
incident may involve one or thousands of sites and
incidents may last for long periods.
Source: CERT/CC
11
Vulnerabilities
 “Today’s complex Internet networks
12
cannot be made watertight…. A system
administrator has to get everything right
all the time; a hacker only has to find one
small hole. A sysadmin has to be lucky all
of the time; a hacker only has to get lucky
once. It is easier to destroy than to create.”
– Robert Graham, lead architect of Internet
Security Systems
Recent News
 November 29, Washington Post - Hackers find cell phones next





13
weak link to exploit -Virus converts each icon into a death's
head
November 05, Asbury Park Press (NJ) - Computer virus hits state
offices. Drivers and applicants endured sometimes long waits at the
newly overhauled New Jersey Motor Vehicle Commission's (MVC)
offices on three days last week after a hard charging computer virus
struck its statewide system.
A survey conducted by Internet service provider America Online
Inc. found that 20% of home computers were infected by a virus or
worm, and that various forms of snooping programs such as
spyware and adware are on a whopping 80% of systems. Even so,
more than two-thirds of home users think they are safe from online
threats. [ComputerWorld, OCTOBER 25, 2004]
“A zero-day exploit targeting one of the latest Microsoft flaws was
publicly announced Tuesday, …just one week after Microsoft
announced a record number of 10 security bulletins, seven of them
critical. [20 Oct 2004 | SearchSecurity.com]
The Gartner Group estimates that in the last year, 57 million U.S.
adults received phishing e-mails, of which 11 million clicked on the
provided links, and 1.78 million provided passwords and other
sensitive personal information. In total, the scams resulted in fraud
losses of $2.4 billion. [Gartner report, June 2004]
IM Worms could spread in seconds – “Symantec has done some
simulations…and has found that half a million systems could be
infected in as little as 30 to 40 seconds.” [InternetWeek – Jun 21]
14
{Virus?} Use this patch immediately !
 Dear friend , use this Internet Explorer patch
now!
 There are dangerous virus in the Internet now!
 More than 500.000 already infected!
E-mail from "Microsoft“
<[email protected]>
Malware and other Threats
15
 Viruses / Worms (over 100,000 viruses – 11/2004)
–
–
–
–
1987-1995: boot & program infectors
1995-1999: Macro viruses (Concept)
1999-2003: self/mass-mailing worms (Melissa-Klez)
2001-???: Megaworms [blended attacks] (Code Red, Nimda,
SQL Slammer, Slapper)
 Trojan Horses
– Remote Access Trojans (Back Orifice)
– Computer parasites (pests – spyware, BHOs,
keylogger, dialers, SPIM)
 Computer security company Trend Micro detected 1,485 viruses in
September [2004], a 600% increase over the 250 spotted a year ago.
Of those, 45% were Trojan horses attempting to steal personal data,
the company said. The company also reported a “surge in zombie
networks,” saying it had found 400 programs in the past month
compared with 17 a year ago.
Social Engineering
16
 “we have met the enemy and they are us” –
POGO
 The greatest security risk facing large
companies and individual internet users over the
next 10 years will be the increasingly
sophisticated use of social engineering to bypass
IT security defences, according to analyst firm
Gartner. [ZDNet Australia, November 01, 2004 ]
 Social Engineering – “getting people to do
things that they wouldn’t ordinarily do for a
stranger” – The Art of Deception, Kevin
Mitnick
Controls
17
 Reduce and contain the risk of security breaches
 “Security is not a product, it’s a process” –
Bruce Schneier [Using any security product
without understanding what it does, and does
not, protect against is a recipe for disaster.]
 Security is NOT installing a firewall.
Defense in Depth
 Antivirus
– Keep it up to date
 Deploy a Firewall
– Review settings and logs frequently
 Authentication Techniques (passwords,
biometric controls)
 Disable or secure file shares
 Keep your patches up-to-date
 BACKUP
18
19
“The most potent tool in any
security arsenal isn’t a
powerful firewall or a
sophisticated intrusion
detection system. When it
comes to security, knowledge
is the most effective tool…”
Douglas Schweizer – The State of Network Security, Processor.com, August
22, 2003.
Resources
 http://www.sans.org
 http://www.cert.org
 http://www.cerias.purdue.edu/
 http://www.linuxsecurity.com/
 http://www.linux-sec.net/
 http://www.microsoft.com/security/
 Cuckoo’s Egg – Clifford Stoll
 Takedown – Tsutomu Shimomura
 The Art of Deception – Kevin Mitnick
20
COMPUTER SECURITY DAY 21
November 30, 2004
ACCENTUATE THE POSITIVE
Related documents
Module F - Columbus State University
Module F - Columbus State University
Understanding viruses classwork
Understanding viruses classwork
Chapter Nine – Nutrition Quiz Clues
Chapter Nine – Nutrition Quiz Clues
Human Immunodeficiency Viruses (HIV)
Human Immunodeficiency Viruses (HIV)
OWN YOUR SPACE
OWN YOUR SPACE
Blood Borne Pathogens
Blood Borne Pathogens
Equine Infectious Anaemia.
Equine Infectious Anaemia.
Pattern Formation in a model describing the dynamics of HIV infection
Pattern Formation in a model describing the dynamics of HIV infection
PATHOGEN SAFETY DATA SHEET West Nile Virus (WNV)
PATHOGEN SAFETY DATA SHEET West Nile Virus (WNV)
IHNV (Infectious Hematopoietic Necrosis Virus) is one of the most
IHNV (Infectious Hematopoietic Necrosis Virus) is one of the most
Information Assurance Presentation
Information Assurance Presentation
Liability Regimes
Liability Regimes
World TB Day (powerpoint presentation)
World TB Day (powerpoint presentation)