Chapter 11: Info Sec - FSU Computer Science Department

advertisement
Chapter 11
Computer Crime and
Information Security
 Information Security and
Vulnerability
 Machine-Level Security
 Network Security
 Wireless Network Security
 Internet Security
Please discontinue use of cell
phone and turn off ringer
Succeeding with Technology – 3rd Edition
Information Security Overview
 All computer systems are vulnerable to
attack.
 Most are already infected and/or
compromised, including PCs used by most
students in this class.
 It is only going to get worse.
For more info…
• www.mcafee.com/us/threat_center
• www.cert.org
• http://www.microsoft.com/athome/security
Succeeding with Technology – 3rd Edition
Two-thirds of Internet experts
expect a devastating attack on
the Internet between now and
2015.
Total Information Security
 Total Information Security involves
securing all components of the global digital
information infrastructure.




Personal Computers
Business Computer Systems
Government Systems
International Systems
 Participation by EVERYONE is important
and difficult to gain!
See what the White House has to say on the subject at http://www.whitehouse.gov/pcipb/
Succeeding with Technology – 3rd Edition
Total Information Security
 To achieve total
information security, we
must examine security
in layers.
 Users are at the heart of
total information
security.
 Risks increase with
each expanding layer.
Succeeding with Technology – 3rd Edition
`
`
User
`
`
Machine
Network
The Internet
11.1
Information Security and
Vulnerability
What is at stake and
what are the threats?
Key Terms
•
•
•
•
•
Information Security
Identity Theft
Intellectual Property
Intellectual Property Rights
Cyberterrorism
•
•
•
•
•
•
Security Holes
Software Patches
Piracy
Plagiarism
Hacker
Computer Forensics
Succeeding with Technology – 3rd Edition
What’s at Stake?
Succeeding with Technology – 3rd Edition
At stake:
Personal Private Information
 What would concern you most if a
person who wished to do you
harm had full control of your PC?
 What personal information do you
consider private?
All too common headlines…
“Hackers attacked computer servers of a
California university and may have gained access
to the personal information of 59,000 people
affiliated with the school…”
Succeeding with Technology – 3rd Edition
Depending on the
circumstance,
private information
may include your:
•
•
•
•
•
•
•
•
•
•
•
•
•
Name
Photo
Phone number
Address
Birthday
Social Security Number
Bank Account Number
Credit Card Number
College Transcripts
Financial Status
Medical Records
Religious affiliation
Political affiliation
Identity Theft
 Identity theft is the criminal act of using stolen
information about a person to assume that person’s
identity, typically for financial gain.
350
300
250
200
150
100
50
0
2003
2004
2005
Millions of US Dollars Lost to
Identity Theft
Source: http://www.consumer.gov/sentinel/trends.htm
Succeeding with Technology – 3rd Edition
At stake:
Intellectual Property
 Intellectual property refers to a product of the mind
or intellect over which the owner holds legal
entitlement.
 Intellectual property rights concern the legal
ownership and use of intellectual property such as
software, music, movies, data, and information.
 Intellectual property is legally protected through
copyright, trademark, trade secret, and patent
Succeeding with Technology – 3rd Edition
At stake:
Organizational Information

For many businesses, the
information it processes and stores
is highly valuable and key to its
success.



Business intelligences is the
process of gathering and analyzing
information in the pursuit of
business advantage.
Competitive intelligence is
concerned with gathering
information about competitors.
Counterintelligence is concerned
with protecting one’s own
information from access by the
competition.
Succeeding with Technology – 3rd Edition
Biggest security
threats to
businesses in
order of frequency:
• Virus
• Insider abuse of Internet
access
• Laptop theft
• Unauthorized access by
insiders
• Denial-of-service attacks
• System penetration
• Theft of proprietary info
• Sabotage
• Financial fraud
• Telecommunications fraud
• Active wiretap
At stake:
National and Global Security
 Cyberterrorism is a form of
terrorism that uses attacks
over the Internet to intimidate
and harm a population.
Washington, June 8, 2006 – Over the last two
years, Abu Musab al-Zarqawi established the
Web as a powerful tool of the global jihad,
mobilizing computer-savvy allies who inspired
extremists in Iraq and beyond with lurid video
clips of the bombings and beheadings his group
carried out.
Succeeding with Technology – 3rd Edition
Food for thought…
The Internet is a
powerful tool both for
those who wish to
build bridges between
distant cultures and
those that wish to tear
them down.
China Hacking:
http://abcnews.go.com/TheLaw/story?id=3966047
http://www.ciotoday.com/story.xhtml?story_id=022000RB46F8&n
l=5
http://arstechnica.com/news.ars/post/20070914chinese-government-at-the-center-of-five-cyberattack-claims.html
The Cyber Cold War
http://www.reuters.com/article/technologyNews/idU
SL2932083320071129?feedType=RSS&feedNam
e=technologyNews
What are the threats?
Succeeding with Technology – 3rd Edition
Threat:
Software and Network Vulnerabilities
 Security holes are software
Food for thought…
Perfect software would
bugs that allow violations of
be impossible to hack.
information security.
 Software patches are
corrections to the software
bugs that cause security
holes.
All too common headlines…
Microsoft’s Trustworthy Computing
“Microsoft warned on Tuesday of seven newly found
flaws in its software that could allow an attacker to steal
data and take over a personal computer running the
Windows operating system…”
Succeeding with Technology – 3rd Edition
Threat:
User Negligence
Succeeding with Technology – 3rd Edition
Threat:
Pirates and Plagiarists
 Piracy involves the illegal
copying, use, and distribution
of digital intellectual property
such as software, music, and
movies.
 Plagiarism involves taking
credit for someone else’s
intellectual property, typically a
written idea, by claiming it as
your own.
Succeeding with Technology – 3rd Edition
Food for thought…
The annual cost of piracy
in is estimated to be:
•$4.2 billion for the music
industry
•$6.1 billion for the motion
picture industry
•$33 billion for the
software industry
The problem with pirating MP3 music files
Traditional Music Distribution
1

$
ARTIST
6

$


$
 $ $
2
3
$
5
4
When consumers become distributors
ARTIST
$
 1 
2
3
 

5
4
Consumers
6
Succeeding with Technology – 3rd Edition
A Complex Problem
Record
Label
1

Online
Store
$
Artist
$

$
 $ $
2
3
4
Consumers
Succeeding with Technology – 3rd Edition
6

$

5
One Possible Evolution
1

Artist
$
$

$
 $ $
2
3
6

$

5
4
Consumers
http://www.radiohead.com
http://theymightbegiants.com
http://www.bigego.com
Succeeding with Technology – 3rd Edition
Threat:
Hackers, Crackers, Intruders, and Attackers
 The terms hacker, cracker,
intruder, and attacker are all
used to label an individual who
subverts computer security
without authorization.
 There are all types of hackers,
not all are considered to
behave unethically.
Hackers On Planet Earth
http://www.2600.com
http://www.2600.com/meetings/
Computer forensics is the process of examining computing
equipment to determine if it has been used for illegal unauthorized or
unusual activities.
Succeeding with Technology – 3rd Edition
Review
• Securing all components of the global
digital information infrastructure is referred
to as ________________.
• Credit card companies interested in
protecting customers from
_______________ watch for purchases
that are out of the ordinary and notify the
customer to confirm that the purchase was
not made by a thief.
• Music, software, designs, artwork, and
literature are all forms of _____________
that are typically protected by copyright or
trademark.
• Hackers make use of _________________
to gain illegal access to computer systems.
• If you purchase and download an MP3
song from Amazon.com, then email the
MP3 file to a friend you are
________________.
Succeeding with Technology – 3rd Edition
11.2
Machine-Level Security
Considerations for computers
as stand-alone entities
Key Terms
•
•
•
•
Username
Password
Biometrics
Encryption
Succeeding with Technology – 3rd Edition
Protecting a Stand-alone PC
 Computers not connected to a network can only be
attacked through physical presence.
 Keeping the PC in a locked room would be the first
method of protection.
 The next method involves positively identifying the
person accessing the machine through
authentication.
 Something you know (i.e. password)
 Something you have (i.e. card-swipe)
 Something about you (i.e. fingerprint)
Succeeding with Technology – 3rd Edition
Passwords
 A username identifies the user to the
computer system.
 A password is a combination of characters
known only to the user and used for
authentication.
 For a password to be effective it should be:
 strong by including words that are unrelated to
your interests, and include upper and lowercase
letters, numbers, and symbols
 unique – don’t use the same password for your
bank account as you do for your email account
 changed regularly – change your password
twice a year
Succeeding with Technology – 3rd Edition
ID Devices and Biometrics
 Security ID cards and tokens,
“something you have” authentication,
are used in some corporations to
protect access to restricted areas and
computer systems.
 Biometrics is the science and
technology of authentication by
scanning and measuring a person’s
unique physical features such as
fingerprints, retinal patterns, and
facial characteristics.
More about tokens:
http://en.wikipedia.org/wiki/Security-Token
http://www.opticom.lv/en/products/security/authentication/rsa123/rsa1/
Succeeding with Technology – 3rd Edition
Check out Face Recognition
Encryption
 Encryption is a security technique that uses highlevel mathematical functions and computer
algorithms to encode data so that it is unintelligible
to all but the intended recipient.
 Data stored on a PC can be encrypted and set so
that a second password is required to decrypt it.
Demo: Encrypting a PPT file (tools > options > security)
More on Encryption: http://en.wikipedia.org/wiki/Encryption
Succeeding with Technology – 3rd Edition
Backing Up Data and Systems



The most common cause of data loss is
hardware failure.
The best protection against such loss is to
follow regular backup procedures.
Available backup services include:




System utilities that back up selected files to
compressed archives stored on secondary
storage media or another computer on the
network.
Mirroring which saves files to two locations to
create exact duplicates.
Apple Time Capsule
Internet services that perform scheduled,
automated uploads of your valuable files to
servers for safe keeping
(www.remotedatabackups.com).
Succeeding with Technology – 3rd Edition
Food for thought…
A recent study showed
that only 57% of
computer users back up
stored data including
digital photos, personal
documents, work
documents, music, and
financial records.
DO YOU BACKUP?
HAVE YOU LOST DATA
DUE TO HARDWARE
FAILURE?
• Which of the following is NOT a safe
password practice
Review
•
•
•
•
select a strong password
change your password regularly
use the same password for different accounts
don’t write your password down
• London’s Heathrow airport has
implemented ____________ through the
use of a retinal scanner that checks the
identity of workers as they clock into work.
• Through the use of _____________ files
can be rendered unreadable while stored
or in transit over a network.
• The one action that can save your data
from being destroyed by hackers, viruses,
system and hardware crashes, and
spyware is _______________.
Succeeding with Technology – 3rd Edition
11.3
Network Security
Succeeding with Technology – 3rd Edition
User Permissions
 User Permissions refers to the access
privileges afforded to each network user in
terms of who is able to read, write, and
execute a file, folder, or drive.
 Files and folders are
assigned user and group
ownership.
System
Administrator
1
2
4
5
6
3
User 1
Succeeding with Technology – 3rd Edition
User 2
User Permissions
 Different operating systems have
differing ways of handling user
permissions.
UNIX
Windows XP (home)
Succeeding with Technology – 3rd Edition
Mac OS X
Interior Threats
 Interior threats refer to dangers to network
resources from legitimate users. They
include:
 Threats to System Health and Stability
 Information Theft
 Safeguards include a the use of security and
usage policies.
FSU Network Usage Policies: http://www.vpfa.fsu.edu/policies/bmanual/itpolicy.html
Succeeding with Technology – 3rd Edition
11.4
Wireless Network Security
Succeeding with Technology – 3rd Edition
Wireless Fidelity (Wi-fi)
 Wi-fi is the widely used wireless
networking standard that makes use of
access points to connect devices to
networks.
Access
Point
More on Wi-fi in CH5
Succeeding with Technology – 3rd Edition
Newly purchased
access points
typically have no
security features
enabled making it
easy for any
wireless device to
connect.
Network line
Threats to Wireless Networks
 Neighbors
 Internet Hackers
Z
Wireless Access
Point / Router
Cable Modem
To Cable
Wireless Access
Co. Point / Router
The Internet
Cable Modem
Succeeding with Technology – 3rd Edition
Threats to Wireless Networks
 Neighbors
 Internet Hackers
 Passers by
 www.wardriving.com
Z
Wireless Access
Point / Router
Cable Modem
To Cable
Wireless Access
Co. Point / Router
The Internet
Cable Modem
Succeeding with Technology – 3rd Edition
Succeeding with Technology – 3rd Edition
Securing a Wireless Network
 An Access Point can be configured, and security
features enabled, through a simple Web interface
using a computer connected to the access point.
Succeeding with Technology – 3rd Edition
Securing a Wireless Network
 Use the Access Points configuration utility to:
 Disable the Access Point’s broadcasting to make the
access point invisible to the general public.
 Change the Access Point’s password from the default.
 Set the Access Point to only allow certain computers
(MAC addresses) to connect.
 Encrypt data being sent over the network with WEP or
WPA.
 Use Internet security software and practices
discussed in the next section.
Succeeding with Technology – 3rd Edition
11.5
Internet Security
Key Terms
•
•
•
•
Firewall
Virus
Worm
Antivirus Software
•
•
•
•
Spyware
Zombie Computer
Antispyware
Internet Fraud
Succeeding with Technology – 3rd Edition
• Phishing
• Virus Hoax
Hacking Tools and Methods




Key-logging software
Packet-sniffing software
Port scanning software
Social engineering
Succeeding with Technology – 3rd Edition
Why Do Hackers Hack?
 As a hobby and challenge
 To inflict malicious vandalism
 To gain a platform for anonymous attacks
 Distributed Denial-of-service DDoS Attacks
 To steal valuable information and services
 To Spy on someone
“Hackers have turned toward more criminal and lucrative areas of directing
attacks to specific individuals or organizations, often financially, competitively,
politically or socially motivated.” http://www.physorg.com/news5580.html
Succeeding with Technology – 3rd Edition
Defending Against Hackers
 A firewall is network hardware and software
that examines all incoming data packets and
filters out ones that are potentially
dangerous.
 All Windows users should protect their network
connection with a firewall. ~demo
Firewall software from McAfee and
Symantec are considered to be more
robust than Windows Firewall. This
McAfee screen shot shows several
attacks on this PC over the course of
one day.
Succeeding with Technology – 3rd Edition
Viruses and Worms
 A virus is a program that attaches itself
to a file, spreads to other files, and
delivers a destructive action called a
payload.
 There are many types of viruses
 A worm does not attach itself to other
files but rather acts as a free agent,
replicating itself numerous times in an
effort to overwhelm systems.
 Worms and viruses are often spread through
the Web, email, chat, and file-sharing
networks
Viruses and worms are considered malicious
software, or malware, Check out the latest malware
at http://www.mcafee.com/us/threat_center
Succeeding with Technology – 3rd Edition
Viruses and Worms
Yeah right! This didn’t come from Microsoft.
The attachment is not a patch, nor an
innocent text file (as it appears) but an
executable file containing a virus.
Succeeding with Technology – 3rd Edition
WEB PAGE
EMAIL
Web Server
Shared
Network
P2P
FILE-SHARING
NETWORK
P2P NETWORK
Succeeding with Technology – 3rd Edition
INSTANT
MESSAGE
Portable
Device
Defending Against Viruses and
Worms
Knowledge and caution play

Antivirus software, also known as virus
scan software, uses several techniques
to find viruses on a computer system,
remove them if possible, and keep
additional viruses from infecting the
system.
Succeeding with Technology – 3rd Edition
a big part in protecting PCs
against viruses and worms:
• Don’t open e-mail or IM
attachments that come from
friends or strangers unless
they are expected and
inspected by antivirus
software.
• Keep up with software
patches for your operating
system, your Web browser,
your e-mail and IM software.
• Use caution when exploring
Web sites created and
maintained by unknown
parties.
• Avoid software from unknown
sources.
• Stay away from file-sharing
networks; they do not protect
users from dangerous files
that are being swapped
Spyware, Adware, and Zombies
 Spyware is software installed on a
computer without the user’s
knowledge to either monitor the user
or allow an outside party to control the
computer.
The Internet service provider Earthlink said it uncovered
an average of 28 spyware programs on each of its
member’s PCs that were scanned
Adware is spyware that displays advertisements.
Succeeding with Technology – 3rd Edition
Zombies
 A computer that carries out actions
(often malicious) under the remote
control of a hacker either directly or
through spyware or a virus is called a
zombie computer.
Experts say hundreds of thousands
of computers are added to the ranks
of zombies each week.
Zombies
 Zombie computers can join together to form zombie
networks (botnet). Zombie networks apply the
power of multiple PCs to overwhelm Web sites with
distributed denial-of-service attacks, to crack
complicated security codes, or to generate huge
batches of spam.
It has been estimated that 80 to 90
percent of spam originates from
zombie computers.
Storm worm botnet for rent
Defending Against Spyware
 Antispyware is software that searches a
computer for spyware and other software
that may violate a user’s privacy, allows the
user to remove it, and provides continuing
protection against future attacks.
Succeeding with Technology – 3rd Edition
Scams, Spam, Fraud, and
Hoaxes
Succeeding with Technology – 3rd Edition
Scams, Spam, Fraud, and
Hoaxes
 Internet fraud is the crime of
deliberately deceiving a person
over the Internet in order to
damage them and to obtain
property or services from him or her
unjustly.
 A phishing scam combines both
spoofed e-mail and a spoofed Web
site in order to trick a person into
providing private information.
350
300
250
200
150
100
50
0
2003
2004
Millions of US$ Lost to Internet Fraud
Spoofing is the act of assuming the identity of another person or organization
typically through email or on the Web.
Succeeding with Technology – 3rd Edition
2005
Classic Phishing

Is this email from [email protected]
legitimate?
Holding the mouse
pointer over the link
in the original email
shows that it really
links to
http://24.27.89.64:87
most likely a hacker’s
Website.
Succeeding with Technology – 3rd Edition
If you clicked the
link it would take
you to a spoofed
Citibank Webpage
that looks like the
real thing, and ask
you to supply
personal
information like
your username and
password.
Scams, Spam, Fraud, and
Hoaxes
 Spam is the unsolicited
junk mail that makes up
more than 60 percent of
today’s email.
 A virus hoax is an email
that warns of a virus that
doesn’t exist.
Succeeding with Technology – 3rd Edition
Scams, Spam, Fraud, and
Hoaxes

The email that has gotten thousands of Windows users to trash their own
systems…
The objective of this e-mail is to warn all Hotmail users about a new virus that is
spreading by MSN Messenger. The name of this virus is jdbgmgr.exe and it is sent
automatically by the Messenger and by the address book too. The virus is not
detected by McAfee or Norton and it stays quiet for 14 days before damaging the
system.
The virus can be cleaned before it deletes the files from your system. In order to
eliminate it, it is just necessary to do the following steps:
1. Go to Start, click "Search"
2.- In the "Files or Folders option" write the name jdbgmgr.exe
3.- Be sure that you are searching in the drive "C"
4.- Click "find now"
5.- If the virus is there (it has a little bear-like icon with the name of jdbgmgr.exe DO
NOT OPEN IT FOR ANY REASON
6.- Right click and delete it (it will go to the Recycle bin)
7.- Go to the recycle bin and delete it or empty the recycle bin.
IF YOU FIND THE VIRUS IN ALL OF YOUR SYSTEMS SEND THIS MESSAGE TO
ALL OF YOUR CONTACTS LOCATED IN YOUR ADDRESS BOOK BEFORE IT
CAN CAUSE ANY DAMAGE.
Succeeding with Technology – 3rd Edition
Scams, Spam, Fraud, and
Hoaxes

The email that has gotten thousands of Windows users to trash their own
systems…
Do the search. Oh
no! I’ve got the
Teddy Bear virus!
Better delete it!
For more on this topic check out
www.vmyths.com
Think
again!
That file with the silly little Teddy bear icon is
actually a necessary system file in Windows!
Succeeding with Technology – 3rd Edition
Defending Against Scams, Spam,
Fraud, and Hoaxes
 To avoid phishing scams, do not click links received
in email.
 Exam Web addresses closely to make sure that
they are legitimate.
 Submit form data only from Web pages that have a
secure connection (https://)
 Do not believe any virus warning unless it comes
from a verifiable source.
 Use common sense and be wary of offers too good
to be true.
Succeeding with Technology – 3rd Edition
Succeeding with Technology – 3rd Edition
Windows Security Suites
 www.windowsonecare.com
 www.mcafee.com
 www.symantec.com
Another option…
Security experts at Sophos recommend that home Windows users switch to
Macs. From the 2006 Sophos Security Threat Management Report: “The
vast majority of malware continues to be written for Windows…It seems
likely that Macs will continue to be the safer place for computer users for
some time to come - something that home users may wish to consider if
they're deliberating about the next computer they should purchase."
Succeeding with Technology – 3rd Edition
Review
• By default, Wi-fi access points are set up
with what level of security enabled?
• Which of the following is NOT necessary to
keep a Windows PC safe from attack:
• Use a Firewall
• Use Antivirus and Antispyware
software
• Use a pop-up blocker and spam filter
• Install Windows updates
• Most PCs have ____________ installed
working secretly in the background, without
the user’s knowledge, sending spam and
carrying out other hacker activities.
• Many of today’s most notorious
cybercrimes are carried out by __________
computers working together in a botnet.
• If you receive an email from a financial
institution requesting that you “click the link”
to access your account and check your
account information, it is probably part of
_______________.
Succeeding with Technology – 3rd Edition
Chapter 11 Questions?
Don’t forget to turn
your phone on!!
Succeeding with Technology – 3rd Edition
Download