Security Pp Cis

Security Threats

During the 90’s when the Internet/internet grew into what

has become a major part of everyone's lives. Unfortunately it

also has been vulnerable to attacks from outside/inside sources, and today Internet

Security soon became a big part of IT management.

Major Threats

Viruses/WormsAttacking Individuals

HackingDenial-of-Service (DoS)

Type of Attacker

Viruses & Worms

Viruses• Are pieces of a code that attach to other programs• Are executed when infected programs are activated• It can infect other programs on your

computer/machine• Spread to other computers via e-mail attachments,

IM’s, peer-to-peer file transfer, etc.

Worms• Is a stand alone program and it does not need to

attach itself to other programs• Like a Virus it can spread via e-mail, file transfers,

IM’s, etc. • Unlike a virus, worms will need help, they need a

user to open an e-mail or attachment but this is unreliable and slow

• Vulnerability-enabled worms don’t need human intervention, these worms look for weak spots in the programs, so they spread faster

Payloads

After they infect your computer and other machines the viruses/worms execute their payloads.

• Hard disk can be erased• Install a Trojan Horse• Misdirect you to other sites like pornography• Can turn your computer into a spam generator

Trojan HorseThis is a program that can be installed on the user’s computer, and once installed it will continue to cause damage.

• Relies on worms/viruses/hackers/unknowingly installing it

• Trojan name as it is called, explains why it hides itself as a file in your system which may seem legitimate but is not

• Major problem of this program is spyware

Spyware

• It does what it say’s, it spyies• Web surfing details• Passwords• Personal Identification• Data mining, searches for information on your

computer• This information can be sent back to its source

Attacks to Individuals

• Social engineering• Spam

Social Engineering

This is when the attacker convinces another person to give up any personal information

• Selling a fake or non-existing product• Wining a contest, that never existed• Service that does not exist or is never done• In Social sites like Facebook, MySpace, chat

rooms, etc.

Spam

• Phishing, real-looking e-mail’s or real-looking websites

• ID theft• Fraud• Web-Links or Surfing habits

Hacking

It is the unauthorized use of a computer or to exceed how much you are allowed to use and see.

• Scanning, is when the attacker begins the attack by scanning the network– Nmap, hacker-tool kit to scan (sending probe

packets) for open ports in the network• Breaking In, taking advantage of

vulnerabilities.

Nmap Scanning Program

Once Inside• Downloads Hacker Tools, are a collection of

programs that will automate tasks that will be done as soon as the attacker is in

• Deleting Log Files, another tool that erases log in files so the real owner does not know that they have been compromised, what was done, and how it was done

• Backdoor, using the toolkit the hacker will create a backdoor and even if the vulnerability has been fixed. The backdoor can be disguised.

Once inside (continued)• Downloading Trojan Horses, to keep attaking

even after the hacker has been long gone.• Manual work, even with the toolkits the

hacker may chose to do other damage, whether to delete files, change names or file locations.

Denial-of-Service (DoS)

• Does not involve hacking into a computer• No Viruses or Worms• Main purpose of DoS, is to make the computer

unavailable to its user(s)• Bots, are general purpose exploitation

programs

Traditional Attackers

• Hackers• Disgruntled Employee or Ex-Employee• Virus Writers• Criminal Attackers, which are mostly motivated

by money• Cyber-terrorist and National Governments,

cyber-terror which are attacks by extremist, & cyber-war are attacks by other national governments