The Internet Security
Dilemma
Systems Vulnerabilities
Cyber Attacks
Kayla Spurlock
David Wyatt
As the world and business become
more dependent on the computer
related communications, the
security dilemma of the Internet
will have to be addressed to
protect businesses and personal
information from identity theft.
The Internet Security Dilemma
Systems Vulnerabilities & Cyber Attacks
Malware is malicious software of any unwanted code
or program that invades your computer.


Malware is the generic term for all computer
inflictions caused miscreants and thieves. 4
percent of websites are infected with some type of
malware.
Virus, Worms, Spyware (adware), Browser
Hijacker, Internet Dialer, Trojan Horse, Root Kit,
Key Logger, Drive-By Download (DBD), Piggy Back,
Combination.
Viruses



Viruses are computer programs that are
intended to have a negative impact on
computers, computer networks, and now
PDA’s and Cell phones.
They can be introduced via the Internet
website portable stowage device (Flash
drives, Floppies, CD’s, DVD’s Etc)
First worldwide virus was called The Brain
that originated in 1986.
… Viruses


Continued
According to Symantec Security
Software Manufacture the month of
April saw 78 new viruses.
90 percent of all viruses are still
transmitted through E-mail.
The Most Famous Viruses

1986 The Brain

1992 Michelangelo

2000 Love Bug

2003 Blaster
Worms
Worms are the most insidious of the viruses
Can travel by themselves once introduced into
the Internet.



They can reproduce or copy
themselves.
Rinbot attacks are worms that use
zombie tactics attacking the operating
systems.
Worms also exploit the vulnerabilities
of security software packages.
Worms

Rinbot worms opens a back door in
affected network and connects to
the IRC (Internet Relay Chat)
server, then the attackers can send
commands to Internet chatters and
steal personal information.
Spyware
Tracks your computing habits. Tracks
websites visited, track your keystrokes
and can be a transport for Trojan Horses
and viruses.


Spyware can have implants that can do
serious harm to your computer, or enable
them to steal personal information
Marketers use Spyware known as Adware to
help develop advertising schemes although
not illegal, but is considered unethical. So
much so that there are several bills
addressing the use of Spyware.
Spyware
(Browser Hijackers)
Re-directs your browsers to an alternate
website.



Artificially increases clicks on a
website to increase revenue purposes.
Increases cost that a particular
advertiser will have to pay, sometimes
costing million of dollars in phony
clicks. “Click Inflation”
Can be downloaded from E-mail
attachments and other free
downloads.
Internet Dialer
Maliciously captures the Internet Users
phone number.


Abusing long distance telephone
service via the captured phone
numbers.
Use phone number to gain access to
personal information.
Trojan Horse

Trojan horses are disguised as
a legitimate program that
carries a destructive virus that
can steal, destroy, and allow
remote access to your personal
files and information.
(Trojan horses can not reproduce
themselves.)
Root Kit




Root Kit can disable “Firewalls and AntiVirus” programs making the system
vulnerable.
They can also install malicious code
attacking the operating systems.
2007 should see a rise in root kit attacks
against 32 bit processors.
The Microsoft Vista patch should guard
against Kernel root kit.
Keylogger




Keylogger are used in the businesses to
steal information for their competitors.
They can be used in conjunction with
other Malware to attack Firewalls to
assist in stealing business secrets.
Keylogger have been used by Law
Enforcement.
Parents utilize them to monitor children
Internet activity.
Drive-By Download (DBD)

DBD attached themselves just from
normal web surfing patterns or behavior
without opening email attachments or
downloading free software.
Piggyback

Malware embeds itself in
harmless files.
Combination (Trojan Horse,
Worm, and Viruses)

The most destructive of all is a
combination of Trojan horse, Worm,
and Virus. They can replicate
themselves, and spread rapidly across
the Internet, spread via portable
storage devices.
Scams
Stock Scams (Pump and Dump)

The scammers buy a large amount of
a targeted stock that is low in price
that is not doing to good or bad. They
then flood emails pushing the stock to
drive the price up. (This pump stage)
Scams
Stock scams (Pump and Dump) Continued


The scammers continue to pump up
the stock until it reaches their set
selling price. They sell the stock
immediately at their selling price.
(The Dump stage)
The scammers do not send out an
email stating they are dumping the
stock. So the email investors are stuck
with the stock that could turn out to
be a significant loss.
Scams
Phishing:


The scammers send out an email
claiming to be a reputable business or
financial institution.
The email request for the victim to
send personal information to the
designated website or return email.
Scams
Phishing continued


The scammers set up a fake storefront
website.
They then poison the legitimate
website that redirects the victim to
fake website again to steal personal
information.
Scams
Phishing Scam Continued


The scammers set up a fake storefront
website.
They then poison the legitimate
website that redirects the victim to
fake website to steal their personal
information.
Recommendations and action you can
take to protect your personal information
and computer.





Utilize a security program
Have a sense about what website to visit and
which to avoid
Think twice before you provide personal
information over the Internet
Power down your computer when not in use
Work offline when possible
Recommendations continued…





Ensure passwords are change often and
follow password recommendation in our
book
Do not open suspicious emails
Run Virus/Spyware scans weekly
Only make online purchases from
reputable websites
Ensure credit card offers security against
ID theft
The Business Guide to Better
Security








Define a Security Perimeter
Create a List of Threats
Check the History of Security
Prioritize Assets and Vulnerabilities
Network Access Controls
Create Backups
Email Filtering
Prevent Physical Intrusions
Define a Security Perimeter


Should include those assets that
control the security of the company.
The more specific your are, the
easier it will be to identify specific
threats facing those assets.
Four Basic Perimeter
Approaches




Network Based System
-operate at the packet level
-unable able to detect at the application layer
Proxy
-application server between the end-user and the server
being reached
-understands HTTP Protocol
List-Based Systems
-acceptable use policy (AUP) enforcement classifies URLs
Signature-Based Systems
-create digital fingerprint of the bit patterns that are
linked to malicious code
-slow reaction time (days to weeks)
Create a List of Threats







Computer and Network Passwords
Physical Assets
Data Backups
Recording of Data Access
Accessibility of Client and Employee Lists
Emails
Internal Threats
Checking Security History


Understanding past security threats will
help you better understand a companies
vulnerabilities.
Work with your competitors and exchange
information about how to better protect
your industry as a whole.
Network Access Controls

Intrusion Prevention


Password Protection
Identity and Access Management

Limit Employee Access
Prioritize Threats and
Vulnerabilities


How much damage could a particular
threat cause?
How much would it cost to restore the
security of the company?
Security continued…

Create Backups

Email Filtering

Prevent Physical Intrusions
Y2K and Daylight Savings Time
Issues

Unless updated, the time zone settings for your
computer system’s clock will be incorrect.
Not such an inconvenience for at home users, but
how will this affect your business?
How business and those who do business
with America could be affected





Calendar and Scheduling
Date/Time Calculations
Transaction Logging
Large manufacturing companies that use ERP
and MRP systems
Any type of software systems that depend on
sequencing transactions
What are companies such as IBM and
Microsoft doing to help?



Notifying clients and vendors
Developing software that will be available to
protect software systems
DST Patches were released from
SunMicrosystems Inc., Linux, IBM, and
Microsoft. They say cost is generally absorbed
in the operating system costs.
Cyber-Terrorism





Website defacement-used for propaganda
Stealing money to finance terror
Identity theft
Information theft-military and government
agencies
Economic damage