It for decision makers networking and security l.jpg
Advertisement
This presentation is the property of its rightful owner.
1 / 65

IT for Decision Makers Networking and Security PowerPoint PPT Presentation

IT for Decision Makers Networking and Security By Sam Fonua for UNESCO 2002 Presentation Overview Background on Security Why Security Threats and attacks The motives, techniques and methods Vulnerability Security Policies Internet “Information Super Highway” A network of Networks

Download Presentation

IT for Decision Makers Networking and Security

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


It for decision makers networking and security l.jpg

IT for Decision MakersNetworking and Security

By Sam Fonua for UNESCO

2002


Presentation overview l.jpg

Presentation Overview

  • Background on Security

  • Why Security

  • Threats and attacks

  • The motives, techniques and methods

  • Vulnerability

  • Security Policies


Internet l.jpg

Internet

“Information Super Highway”

  • A network of Networks

  • One of the Most Valuable Resources of the Information Age

  • Provides Access to User Networks

  • Runs without Single Entity in Charge


What is a lan local area network l.jpg

What is a LAN (Local Area Network)?

  • A data communication network

  • Often confined to a single room, building or adjacent buildings

  • In a Larger scale - WAN (Wide Area Network)


Today s network environment l.jpg

Today’s Network Environment

Interconnectivity


Computer security l.jpg

Computer Security

3 Facts

  • Computers are critical to fulfill your organization’s mission

  • There are defined threats to your computer system

  • Computer system are vulnerable


What are these threats as perceived by many l.jpg

What are these threats…as perceived by many?

  • Unauthorized users

    • those that have access to information that they are not suppose to gain access to.

      “In 1999, some students at the University of the South Pacific managed to get access to the system and retrieve a list of all students email passwords. This allowed them to send abusive messages toothers using other students email account”


What are these threats as perceived by many9 l.jpg

What are these threats…as perceived by many?

  • Careless employees

    • those that can change, modify or damage data intentionally or unintentionally,

      A government Information Technology officer in the Tuvalu Government accidentally deleted the content of one of the Government Computer’s Hard Disk early this year which contain hundreds of official documents …no backups!!!

      backing up of important data is not considered important in most developing countries including Pacific Island Countries.


Perceived threats l.jpg

Perceived threats…?

  • Malicious Attackers

    • hackers: those that use hacking tools to gain access to networks, usually to exploit vulnerabilities.

    • It is known that most Internet services Providers (ISPs) in Developing countries are still very much insecure.

      It took a while for the Tonga ISP (Kalianet) to realize

      that there was a hole in their security system. Allowing

      hackers to crack their password system and gain

      access to the internet free of charge. Entry into the server would give access to most of the nations emails


Perceived threats11 l.jpg

Perceived threats…?

  • Virus Attackers

    • Virus attack comes in many forms and it has become the most common and frustrating threat to many organization and countries - large or small.

    • These are small programs designed and developed to cause problems in computer and network systems.

    • Nasty viruses have costs firms millions of dollars in damages or in protection measures.

      Note: Further readings on viruses on handouts


Redefining security l.jpg

Redefining Security

  • What do we protect

    • Information

  • Later security include

    • Privacy

    • confidentiality, and

    • Integrity


An example l.jpg

An Example...

“Chinese Foreign Ministry spokesman Zhu Bangzao rejected allegations that China stole U.S. nuclear secrets, saying such claims are meant to undermine China-U.S. relations. Meanwhile, a CIA-led task force was assessing how much damage may have been done to U.S. national security after a Chinese scientist at the Los Alamos National Laboratory in New Mexico allegedly shared nuclear secrets.”


Problem information overload l.jpg

Problem: Information Overload

Electronic Mail

Personal Computer

Video Teleconferencing

Local Area Networks

Distributed Database

Satellite Systems

Electronic Funds Transfer

Cellular Phones

E-Commerce


1 national level information infrastructure l.jpg

1. National Level - Information Infrastructure

  • Education

  • Energy distribution and supply

  • Entertainment

  • Financial

  • Health care

  • Information Distribution

  • National Security, emergency preparedness & public safety

  • Transportation


Security requirements l.jpg

Security Requirements

  • Are driven by threat & vulnerability...


Security terms l.jpg

Security terms

  • Confidentiality - Privacy

    • Most Governments in the Pacific are still using national / commercialISP email servers for their own email.

    • Did you know the ISP can read your email?

    • How do Governments protect individuals privacy from ISPs

    • Does your Government have adequate policies to protect confidential electronic data / communications?


Security terms18 l.jpg

Security terms

  • Data Integrity - absolute verification that data has not been altered.

    “The tribunal in Fiji could not prove the integrity of an email message claimed to be originated from a government employee which stated that one of Fiji’s former Finance Minister ( Mr. Ah Koy) was one of the people behind the Fiji coup in 2000.”


Security terms19 l.jpg

Security terms

  • Availability - Assurance of service on Demand

    “A large computer software company (ASI) caught by surprise in Australia, when they could not access most of their services in the network due to an outbreak of the Nirmada virus- September 2001”


Security terms20 l.jpg

Security terms

  • Authentication - verification of originator

  • Authorization - only authorized user access to sensitive data


What is at risk l.jpg

What is at Risk

  • Banking/Financial

  • Power and Utility Distribution

  • Telephone System/Public Switched Network

  • Stock Exchange/Security Trading

  • Reserves and Social Security

  • Governments and Important companies

  • Research and Development

  • Air traffic Control system

  • Schools and higher Institution


Organizational impact l.jpg

Organizational Impact

  • Compromise And Loss of Data

  • Loss of Confidence in System

  • Loss of Money

  • Loss of Time

  • Repair or Replacement of Equipment


Consequences l.jpg

Consequences

  • Spectrum includes most functions that constitute the underlying fabric of the nation

  • Degradation of any of these functions constitute a threat to national security, economic well-being or public safety

  • Technology to inflict massive disruptions exists and is growing in availability and sophistication


Threats to computer systems l.jpg

Threats to Computer Systems

  • Threats by People

    • Unintentional Employee's Action =>10 - 60% Intentional Employee Action =>15 - 20%

    • Outside Actions =>1 - 3%

  • Physical and Environment Threats

    • Fire damage => 10 - 15%

    • Water Damage =>1 - 5%

    • Natural Disaster => 1%

  • Other => 5 - 10%


Slide25 l.jpg

Security Threats

Human

Natural Disasters

Malicious

Non malicious

Flood Fire

Earth Quakes

Hurricanes

Ignorant

Outsiders

Crackers/Hackers

Insiders

Disgruntled


Motives and methods l.jpg

Motives and Methods


Some examples l.jpg

Some Examples


Some common sabotage l.jpg

Some common sabotage

  • Changing data

  • Deleting data

  • Destroying data

  • Crashing systems

  • Destroying hardware or facilities

  • Entering data incorrectly


Malicious attack l.jpg

Malicious attack

  • Deleting or altering information - revenge or prove a point

  • Theft and Fraud

  • Disrupt Normal business


Malicious attacker l.jpg

Malicious Attacker

“ Last year a disgruntled former employee of ITC (Fiji Information Technology Centre) walked in early one morning to the Suva office, in to the main server room, login to the server and changed all administrative passwords on the servers, and then catch a flight to Australia. ITC staff to their surprised could not logon to any of the system….”


Computer crime is on the rise l.jpg

Computer Crime is on the Rise


What is required for an attack l.jpg

What is required for an attack

Attacks

motive

method

vulnerability

=

+

+


How to gain access l.jpg

How to gain access...


Hack attack l.jpg

Hack Attack

  • Real Hacker Attacks on the increase

    • thousands of intrusions reported last year

    • Attacks averaging one or more a day

    • Intruders now focus on Entire Network rather than individual computer or even systems

      Most penetrations are not detected


Virus definitions l.jpg

Virus Definitions

  • trapdoors - A trap door is a hidden software or hardware mechanism included by the author of a software that permits system protection systems to be bypassed. Allow unhindered access to the attacker.

  • Logic bomb program that causes damage when a certain event(s) takes place.

  • Trojan Horse - a computer program that looks like a normal program hidden inside another program. Once the valid program runs the hidden code starts and may damaged or delete files - remember “Melissa”


Virusdefinitions l.jpg

VirusDefinitions

  • Virus - A program which infects other programs by modifying them to include a copy of itself.

  • Bacterium - A bacterium sometimes called a “chain letter” is a program which propagates itself by electronic mail to everyone in the victim's mailing list. Very common today

  • Worm - These are programs that run independently and travel from computer to computer across network connections


The worst viruses l.jpg

The worst Viruses

  • Melissa

  • Code Red and many more

    These virus have cost Companies millions of dollars

    “The Fiji government main computer systems was affected by the Melissa virus in 2000 disrupting services for almost 2 days .”


Sources of malicious code infections l.jpg

Sources of Malicious code infections

  • Shareware - free software

  • Commercial Software Packages

  • Networks - email etc

  • Sabotage by Employees, terrorists, Crackers, or Spies

  • Pirated Software

  • Public Domain Software


How vulnerable are we l.jpg

How vulnerable are we?

“Growing dependence on networks for essential daily activities HIGHTENS Risk”


Network vulnerabilities l.jpg

Network Vulnerabilities

  • Access by unauthorized users

  • Lack of physical control

  • General lack of monitoring/auditing features

  • Identification of dial in users

  • Failure to backup critical data

  • Sensitive to outside interference

  • Virus infection


National infrastructure is at risk l.jpg

National Infrastructure is at risk

  • Increased Connectivity results in greater Vulnerability

  • Dependence on unprotected information infrastructure creates serious operational readiness risks

  • Defense Infrastructure and National Information Infrastructure offer minimal defense against unauthorized access and use


The results l.jpg

The results….


How do we protect ourselves l.jpg

How do we protect ourselves?


Protective measures l.jpg

Prevention

Prevent information from being damaged, altered or stolen

Detection

take measures to detect damaged, altered or stolen data, how and who?

Reaction

take measures that will allow recovery, if data is damaged or lost

Protective Measures


Security standards definitions l.jpg

Security Standards & definitions

INFOSEC - Information Systems Security

The protection of information system against unauthorized access to or modification of information, whether in storage, processing, transit, and against the denial of service to authorized users or the provision of services to unauthorized users, including those measures necessary to detect, document, and counter such threats


Security standards definitions46 l.jpg

Security Standards & definitions

COMSEC - Communications Security

Measures and controls taken to deny unauthorized persons information derived from telecommunications and ensure the authenticity of such as telecommunication, this includes cryptosecurity, transmission, emissions, and physical security of the COMSEC material


Security standards definitions47 l.jpg

Security Standards & definitions

COMPUSEC - Computer Security

Measures and controls that ensure confidentiality, integrity, availability of information processed and stored in the computer


Infosec concerns l.jpg

INFOSEC Concerns

  • Compromise

    • The disclosure of information to person(s) not authorized to receive such data

  • Integrity

    • The assurance that computer resources operate correctly and that the data is correct

  • Denial of Service (DoS)

    • Any action that prevents any part of a system from functioning in accordance with its intended purpose, causing unauthorized destruction, modification, ordelay of service.


Risk management l.jpg

Risk Management

  • INFOSEC is based on Risk

    “You cannot protect Everything from everybody all the time”

RISK = Threat * Vulnerability - Security


Key question l.jpg

Key Question...

“How Much is Enough?”

The Balancing Act


Level of security l.jpg

Level of Security

Levels of security are related to sensitivity of Information

Information available to general Public (Internet)

Information available to system users

Information available to Departments

Information available to Other

Organization Administrators

Information and System

privileges available to

system Managers


Assurance l.jpg

Assurance

  • Assurance = establishing a secure environment

    • Architecture

    • Specification/verification

    • Facilities management

    • Testing

    • Disaster recovery/contingency planning

    • Compliance


Risk management53 l.jpg

Risk Management

  • A systematic method to analyze security risks and bring in cost effective safeguards to reduce risk

  • In simpler terms

    • Decide what you need to protect

    • Decide what to protect it from

    • Decide how to protect it


Preventing virus infection l.jpg

Preventing Virus Infection

  • Never boot up a system from an unprotected diskette

  • Never use untested software

  • Minimize file and software sharing

  • Prohibit use of unapproved software from any source

  • Educate users on downloading suspicious internet files or emails

  • Use known anti-virus program and updates regularly


Slide55 l.jpg

Faulty Software was used by the New York Bank in 1985 for paying Bills was not accepting incoming electronic $ resulting in $3.1 Million Loss in one day

It costs millions of dollars for companies if Data is lost, tempered, stolen or damaged.


Firewalls l.jpg

Firewalls

  • Prevents Unauthorized ACCESS to PROTECTED systems by placing a barrier between the Internet and the organization.

INTERNET


Configuration management control l.jpg

Configuration management & control

  • Data Life Cycle

    • Retention Policy

    • Destruction Policy

  • System Life Cycle

    • Application Change procedures

    • Backup Policy

    • Upgrades

  • Hardware

    • Standard Operating Procedures

    • Upgrades


Elements of a protective plan l.jpg

Elements of a protective Plan

  • System Description

  • Three Dimensional Model

    • Critical Information Characteristic

      • confidentiality, Availability & integrity

    • Information states

      • transmission, storage & processing

    • Security Measures

      • policy, awareness, training & education


Information system security countermeasures l.jpg

Awareness, Training & Education

Information System Security COUNTERMEASURES

  • The triad

Technology

Policy & Practices


Policy and security l.jpg

Policy and Security

  • How an organization policy affects security

    • Lack of policy leads to

      • improper care and use of resources/information

      • Inefficient duplication of data & application costs money

    • Policy Intent

      • Defines access to information

      • Outline destination controls - who should/shouldn’t be allowed to read or write


National network security l.jpg

National Network Security

  • Are national ISPs liable for breach of privacy?

  • Is the illegal entry into a private computer network a crime in your country?


Policy and security con t l.jpg

Policy and Security (Con’t.)

  • Policy Derivation

    • Laws, Regulations, Organization Policy

    • Often a reaction to defined threats and vulnerabilities

      Defines procedures for introducing new applications - e.g. Virus scan policy


Guide policies l.jpg

Guide Policies

  • Can use pre-written “off the shelf” as guides

    e.g.

    http://www.securitypolicy.co.uk/secpolicy/

    http://csrc.nist.gov/isptg/html/

    http://www.network-and-it-security-policies.com/

    www.gipipolicy.org


Discussion topics l.jpg

Discussion Topics

Topic 1:Future Security - The 21st security

Topic 2:Smart Card - Can you feel a lot secure

Topic 3:Cyber attack - Is this a threat to Pacific Islands


Thank you l.jpg

Thank You


  • Login