330 likes | 799 Views
Computer Security at JMU A Typical Day at JMU At least 60% of the email received by JMU is SPAM. The JMU email system rejects 240 messages PER MINUTE at peak times. Thousands of viruses per day…sometimes per hour Hundreds of fraud attempts per day (“phishing”)
E N D
A Typical Day at JMU • At least 60% of the email received by JMU is SPAM. • The JMU email system rejects 240 messages PER MINUTE at peak times. • Thousands of viruses per day…sometimes per hour • Hundreds of fraud attempts per day (“phishing”) • Computers on the JMU network are exposed to almost constant reconnaissance, infection, and exploitation attempts • From the Internet • And from campus. At any given time, there are at least ten infected computers on JMU network trying to infect other computers. • Computer operators at JMU visit dozens of malicious web sites per day risking infection of their computer
Large Scale Web Site Compromises Number of sites as reflected by Google search for injected links Recently compromised sites found with Google Search
Compromised Sites Sony Playstation USA Today BusinessWeek Major League Baseball National Hockey League Commonwealth of Virginia Scotland Yard Los Alamos National Laboratory Oak Ridge National Laboratory Texas National Guard Sunkist Phoenix Mars Lander Mission Department of Homeland Security
University of Washington Crawl of 45,000 web sites: • Percent of web sites viewed offering infected executables: • 16.3% of Celebrity web sites • 11.5% of Wallpaper web sites • 11.4% of Adult web sites • 5.6% of Game web sites • 3.5% of Music web sites • 2.7% of Children web sites • 2.2% of Pirate web sites
Symantec Internet Security Threat Report January-June 2005 • 10,866 new Windows viruses • Of the 50 most common reported, 74% expose confidential information • 10,352 BOTS detected per day • 1,862 new software defects • Average time to exploit – 6 days • Average time to patch – 54 days • 5.7 million fraudulent “phishing” email messages per day • Today
Malicious Software One anti-virus vendor reported producing more signatures in 2007 than in the past 15 years.
Today’s Computer Viruses • Silent • Subversive • Smart • Collect passwords and account numbers • Send spam, phishing, and virus seeding messages • Act as phishing web sites or BOT controllers • Distribute copyrighted materials and pornography • Break into other people’s computers and accounts • Launch denial of service attacks • Perform fraud • View web cam and listen to microphone
Today’s Computer Viruses • An “infected” desktop today is a tool for criminals • A smart bomb • A remote control agent • A spy
What Happens When Security Fails? • Phishing • IRCBOTs • Keylogger • Loss of confidentiality, integrity, and/or availability of data or services • Loss of confidence
What Happens When YOUR Security Fails? • Even if you “don’t have anything of value”, your computer is valuable to criminals. • Your accounts • Its access to the JMU network • As an intermediate attack vehicle • As storage
eID • e-campus • Jess • Secureweb • Web.jmu.edu • www.jmu.edu • General webservers • Network Registration • Campuslink dial-in • E-mail • SSH • Forums • Blackboard • Assessment • Novell file/print • Windows domain • Windows Active Directory • Wireless • Remote VPN • Social Security Number • Grades • Email • Pay stubs
Grades SSN Credit Cards Performance Evaluations Medical Resumes Research Vendor Purchasing Financial Reports Organizational Planning Environmental control systems Credit card processing systems Building entry and security systems ID/debit card systems Office desktops? Home desktops? Laptops? CD? USB Drive? Floppy? Cell phone? PDA? Shared folder? One mistake What Data is on Your Desktops?
What are We Protecting? • Our own computer and information • Our constituent’s information and services • Our organization’s information, network, and services • Partners’ information, network, and services
Security Goal • Reduce the risk of loss to an acceptable level • We can not eliminate risk. There will always be residual risk. • Reducing risk has costs as a security failure: • Time (always) • Money • Access • Convenience • Privacy • Freedom • Complaints • Quality of life • Service delivery • Compare to costs of security incidents on previous slide - balance
Security Keystones Security
What are our Weaknesses? • Networks and Societies Must Have Cooperation to Work • Throwing bricks through windows • Driving down the wrong side of the street • Stealing mail from mailboxes • Can you secure your house or car? • The Internet extends the reach of uncooperative members
Where are our weaknesses? • Our Systems provide soft targets • Complex – error prone in design, implementation, configuration, and usage • Defective security controls • Lack of access controls in most default configurations • Not designed for hostile environment • Not maintained for hostile environment
Cybercrime Attributes • Worldwide, instant mobility • Worldwide, anonymous mobility • Worldwide, unrestricted mobility • At every network connection • At every keyboard • At every exposed web site • At every compromised computer or fraudulent message
Where are Our Weaknesses? • An intruder only has to find one entry point. • A defender has to close or watch all entry points while getting work done. • One mistake, one oversight, one wrong mouse click creates opportunity for the attacker
Trust => Risk • Ignorance (failure of awareness) • Faulty Risk Assessment assumptions • Failed Access Controls • Failed Monitoring Processes • Inadequate Response • Inappropriate Use • ==================== Misplaced TRUST Unaccepted Access ====> Unaccepted Risk The more we trust, the more we better monitor.
Privacy and Social Engineering Alumni of SMAD. I regret the intrusion on your busy schedules but, a situation has come up that involves one of your alumni members and, requires our immediate attention. I regret to announce that Sean Harrington,class of 1996 is ill in London and i am trying to raise funds for him so he can undergo chemotherapy. I am using this medium to reach out to fellow members of the alumni to see if they can make contributions. I am acting as the coordinator for this help action.If you are interested in assisting please reply and let me know. Replies should be sent to alumniaid@hotmail.comBill. Search for JMU CIS Majors Search for JMU ISAT Majors
Risk Evolution • Decreasing • Fundamental operating system and server defects • Increasing • Human error due to complexity • Desktops • Distributed data • Client applications • Web applications • Partners and Mashups
There is no magic bullet! • Anti-virus software • Firewalls • Security Updates • Those are just the beginning! • Eliminate or reduce unnecessary risk in day to day use.
Unnecessary Risk • Unnecessary software • Screen savers • Games • Entertainment • Web downloads • Unnecessary installs in general • Unnecessary privileges • Unnecessary access
Computer Security at JMU • www.jmu.edu/computing/security • StartSafe • RUNSAFE • Hot Topics • Critical Security Updates • General Information and Starting Point