The Internet Security Dilemma Systems Vulnerabilities Cyber Attacks Kayla Spurlock David Wyatt As the world and business become more dependent on the computer related communications, the security dilemma of the Internet will have to be addressed to protect businesses and personal information from identity theft. The Internet Security Dilemma Systems Vulnerabilities & Cyber Attacks Malware is malicious software of any unwanted code or program that invades your computer. Malware is the generic term for all computer inflictions caused miscreants and thieves. 4 percent of websites are infected with some type of malware. Virus, Worms, Spyware (adware), Browser Hijacker, Internet Dialer, Trojan Horse, Root Kit, Key Logger, Drive-By Download (DBD), Piggy Back, Combination. Viruses Viruses are computer programs that are intended to have a negative impact on computers, computer networks, and now PDA’s and Cell phones. They can be introduced via the Internet website portable stowage device (Flash drives, Floppies, CD’s, DVD’s Etc) First worldwide virus was called The Brain that originated in 1986. … Viruses Continued According to Symantec Security Software Manufacture the month of April saw 78 new viruses. 90 percent of all viruses are still transmitted through E-mail. The Most Famous Viruses 1986 The Brain 1992 Michelangelo 2000 Love Bug 2003 Blaster Worms Worms are the most insidious of the viruses Can travel by themselves once introduced into the Internet. They can reproduce or copy themselves. Rinbot attacks are worms that use zombie tactics attacking the operating systems. Worms also exploit the vulnerabilities of security software packages. Worms Rinbot worms opens a back door in affected network and connects to the IRC (Internet Relay Chat) server, then the attackers can send commands to Internet chatters and steal personal information. Spyware Tracks your computing habits. Tracks websites visited, track your keystrokes and can be a transport for Trojan Horses and viruses. Spyware can have implants that can do serious harm to your computer, or enable them to steal personal information Marketers use Spyware known as Adware to help develop advertising schemes although not illegal, but is considered unethical. So much so that there are several bills addressing the use of Spyware. Spyware (Browser Hijackers) Re-directs your browsers to an alternate website. Artificially increases clicks on a website to increase revenue purposes. Increases cost that a particular advertiser will have to pay, sometimes costing million of dollars in phony clicks. “Click Inflation” Can be downloaded from E-mail attachments and other free downloads. Internet Dialer Maliciously captures the Internet Users phone number. Abusing long distance telephone service via the captured phone numbers. Use phone number to gain access to personal information. Trojan Horse Trojan horses are disguised as a legitimate program that carries a destructive virus that can steal, destroy, and allow remote access to your personal files and information. (Trojan horses can not reproduce themselves.) Root Kit Root Kit can disable “Firewalls and AntiVirus” programs making the system vulnerable. They can also install malicious code attacking the operating systems. 2007 should see a rise in root kit attacks against 32 bit processors. The Microsoft Vista patch should guard against Kernel root kit. Keylogger Keylogger are used in the businesses to steal information for their competitors. They can be used in conjunction with other Malware to attack Firewalls to assist in stealing business secrets. Keylogger have been used by Law Enforcement. Parents utilize them to monitor children Internet activity. Drive-By Download (DBD) DBD attached themselves just from normal web surfing patterns or behavior without opening email attachments or downloading free software. Piggyback Malware embeds itself in harmless files. Combination (Trojan Horse, Worm, and Viruses) The most destructive of all is a combination of Trojan horse, Worm, and Virus. They can replicate themselves, and spread rapidly across the Internet, spread via portable storage devices. Scams Stock Scams (Pump and Dump) The scammers buy a large amount of a targeted stock that is low in price that is not doing to good or bad. They then flood emails pushing the stock to drive the price up. (This pump stage) Scams Stock scams (Pump and Dump) Continued The scammers continue to pump up the stock until it reaches their set selling price. They sell the stock immediately at their selling price. (The Dump stage) The scammers do not send out an email stating they are dumping the stock. So the email investors are stuck with the stock that could turn out to be a significant loss. Scams Phishing: The scammers send out an email claiming to be a reputable business or financial institution. The email request for the victim to send personal information to the designated website or return email. Scams Phishing continued The scammers set up a fake storefront website. They then poison the legitimate website that redirects the victim to fake website again to steal personal information. Scams Phishing Scam Continued The scammers set up a fake storefront website. They then poison the legitimate website that redirects the victim to fake website to steal their personal information. Recommendations and action you can take to protect your personal information and computer. Utilize a security program Have a sense about what website to visit and which to avoid Think twice before you provide personal information over the Internet Power down your computer when not in use Work offline when possible Recommendations continued… Ensure passwords are change often and follow password recommendation in our book Do not open suspicious emails Run Virus/Spyware scans weekly Only make online purchases from reputable websites Ensure credit card offers security against ID theft The Business Guide to Better Security Define a Security Perimeter Create a List of Threats Check the History of Security Prioritize Assets and Vulnerabilities Network Access Controls Create Backups Email Filtering Prevent Physical Intrusions Define a Security Perimeter Should include those assets that control the security of the company. The more specific your are, the easier it will be to identify specific threats facing those assets. Four Basic Perimeter Approaches Network Based System -operate at the packet level -unable able to detect at the application layer Proxy -application server between the end-user and the server being reached -understands HTTP Protocol List-Based Systems -acceptable use policy (AUP) enforcement classifies URLs Signature-Based Systems -create digital fingerprint of the bit patterns that are linked to malicious code -slow reaction time (days to weeks) Create a List of Threats Computer and Network Passwords Physical Assets Data Backups Recording of Data Access Accessibility of Client and Employee Lists Emails Internal Threats Checking Security History Understanding past security threats will help you better understand a companies vulnerabilities. Work with your competitors and exchange information about how to better protect your industry as a whole. Network Access Controls Intrusion Prevention Password Protection Identity and Access Management Limit Employee Access Prioritize Threats and Vulnerabilities How much damage could a particular threat cause? How much would it cost to restore the security of the company? Security continued… Create Backups Email Filtering Prevent Physical Intrusions Y2K and Daylight Savings Time Issues Unless updated, the time zone settings for your computer system’s clock will be incorrect. Not such an inconvenience for at home users, but how will this affect your business? How business and those who do business with America could be affected Calendar and Scheduling Date/Time Calculations Transaction Logging Large manufacturing companies that use ERP and MRP systems Any type of software systems that depend on sequencing transactions What are companies such as IBM and Microsoft doing to help? Notifying clients and vendors Developing software that will be available to protect software systems DST Patches were released from SunMicrosystems Inc., Linux, IBM, and Microsoft. They say cost is generally absorbed in the operating system costs. Cyber-Terrorism Website defacement-used for propaganda Stealing money to finance terror Identity theft Information theft-military and government agencies Economic damage