1 / 23

Protecting Networks

Protecting Networks. Hackers, worms, and other things that can ruin your day…. Discussion Points. Introduction Security, privacy, and governance Security lingo – don’t be scared Security threats Security solutions A couple war stories Open for discussion. Security, Privacy, & Governance.

evers
Download Presentation

Protecting Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Protecting Networks Hackers, worms, and other things that can ruin your day…

  2. Discussion Points • Introduction • Security, privacy, and governance • Security lingo – don’t be scared • Security threats • Security solutions • A couple war stories • Open for discussion

  3. Security, Privacy, & Governance • Evolution of security • Privacy and Data Protection • USA • Europe and elsewhere • Governance issues • Operational risk concept (Basel II) • Network and IT governance • Growing complexity

  4. Security and Privacy Evolution sysadmin / IT CIO Everyone Security Privacy System Controls Protect Resources Protect Data Protect Information Time, Awareness, & Law

  5. Source: http://www.privacyinternational.org/survey/dpmap.jpg

  6. Laws & Regulations HIPAA California State Bill 1386 Gramm-Leach-Bliley Act (GLBA) EU Data Protection Directive Basel II

  7. Security Threats • Hackers and criminals • System and network vulnerabilities • Viruses and worms • Social engineering • Passwords • Open transmissions (non-encrypted) • Trends

  8. Threats Can be From InternalSources InternalMost expensive attacks come from inside (Up to 10x more costly) Accidental: Misconfiguration or mistakes (opening that weird email attachment from Bob…) Source: CSI / FBI Security Study 2003

  9. Increasing Threats from ExternalSources External78% of attacks come fromInternet connection(up from 57% in 1999) Source: CSI / FBI Security Study 2003

  10. Threat from Hackers • 2,524 new vulnerabilities discovered in 2002 • Many recently discovered vulnerabilities remain highly viable targets for future threats • “Blended threats” present the greatest risk • Companies experience 30+ attacks per week • 2000% increase (1999 - 2002) in financial losses from hacker-caused denial of service • $65.6M in reported costs (2002)

  11. Threat from Theft • Theft of proprietary information causes greatest financial loss: $2.7M per incident (2003) • 90% of respondents detected computer security breaches within last 12 months Source: CSI / FBI Security Study 2003 “The average amount of money, as a % of revenue, that companies spend on IT security is .0025 % or slightly less than they spend on coffee.” Richard ClarkeFormer Special Advisor to the President for Cyberspace Security

  12. Connected to www.test.com www.test.com Security Threats on IT Networks .--. l$$$$l ------ [ design by j0hnny7 / zho-d0h ]---- l$$$$l .-. .-. .-. l$$$$l .,g%T$$b%g,. .,g%T$$$T%y,. .,g%T$T%y,.l$$$l .-. l$$$l .glS$$$$Slyl$$$$' '$$$$lg$$$T' '$$$$ll$$$$' '$$$$l$$$l.,gdT$'l$$$l,gl$$$lp,. l$$$$$$$$$$l$$$$ $$$$l$$$$$ '---'l$$$$ $$$$l$$$$T"~'' l$$$llll$$$lllll '"lT$$$$Tl"l$$$$ $$$$l$$$$$ l$$$$ $$$$l$$$$Tbg. l$$$l'"l$$$l"' l$$$$l l$$$$. ,$$$$l$$$$$ l$$$$ $$$$l$$$l~"$Tp._l$$$l l$$$l l$$$$l ~"$TbggdT$"~ '---' '---' `---"---' '---"---' l$$$l l$$$$l .,. ::' there is no stopping, what can't be stopped... ''---' `$$$$Tbg.gdT$ `--------' -----[ version 6.66 .. 2308200 .. torn@secret-service.co.uk ]---- -| Ok a bit about the kit... Version based on lrk style trojans -| made up from latest linux sources .. special thanks to -| k1ttykat/j0hnny7 for this.. -| First rootkit of its kind that is all precompiled and yet allows -| you to define a password.. password is stored in a external encrypted -| file. The trojans using this are login/ssh/finger .. -| This kit was designed with the main idea of being portable and quick -| to be mainly used for mass hacking linux's, hence the precompiled bins. -| Usage : ./t0rn <password> <ssh-port>

  13. Security Threats on IT Networks Target and Scope of Damage “Time to Propagate” Seconds GlobalInfrastructureImpact RegionalNetworks MultipleNetworks IndividualNetworks IndividualComputer • Next Gen • Infrastructure hacking • Flash threats • Massive worm driven • Distributed Denial of Service (DDoS) • Damaging payload viruses and worms Minutes • 3rd Gen • Network Denial of Service (DoS) • Blended threat (worm + virus+ trojan) • Turbo worms • Widespread system hacking Days • 2nd Gen • Macro viruses • Email • DoS • Limited hacking Weeks • 1st Gen • Boot viruses 1980s 1990s Today Future

  14. Code Red Propagation July 19, Midnight - 159 Hosts Infected

  15. Code Red Propagation July 19, 11:40 am - 4,920 Hosts Infected

  16. Code Red Propagation July 20, Midnight - 341,015 Hosts Infected

  17. Security, Privacy, & Governance • Evolution of security • Privacy and Data Protection • USA • Europe and elsewhere • Governance issues • Operational risk concept (Basel II) • Network and IT governance • Growing complexity

  18. Security Solutions • Technologies • Firewalls • Intrusion detection/prevention • Virus protection • Encryption • Policies • The importance of policy • Types of policies • User buy-in and awareness • Services and processes • Vulnerability assessment, audit, and testing • Design and implementation • Encryption • Personal • System

  19. Deploy Security as an Integrated System Surveillance and Alarms Patrolling Security Guard Secured Doors and Vaults Network and Host-based Intrusion Detection Firewalls and Router ACLs Scanner Security Room CCTV Secure Transport Card Readers Identity, Access Control Servers and Certificate Authorities Encryption and Virtual Private Networks (VPN’s) Centralized Security and Policy Management

  20. A Couple War Stories • Money, nukes, and critical infrastructures… • Buying protected information on the cheap… • SQL Slammer reaches out of the box… • Wireless everywhere (and not secure)…

  21. Good places to visit… • www.gslis.utexas.edu/~netsec (Infosec class web page) • www.pcwebopedia.com (look up security technologies and terms) • www.amazon.com (enter “network security”) • http://dir.yahoo.com/Computers_and_Internet/Security_and_Encryption/ (Yahoo Security Resource Page) • http://www.cert.org/tech_tips/home_networks.html (home network security tips)

  22. Organizations that help… • The CERT www.cert.org • SANS www.sans.org • NIST’s Computer Security Resource Center http://csrc.nist.gov/ • The National Infrastructure Protection Center http://www.nipc.gov/ • www.securityfocus.com

  23. Let’s start a discussion…

More Related