Please discontinue use of cell phone and turn off ringer Chapter 11Computer Crime and Information Security Information Security and Vulnerability Machine-Level Security Network Security Wireless Network Security Internet Security
Information Security Overview • All computer systems are vulnerable to attack. • Most are already infected and/or compromised, including PCs used by most students in this class. • It is only going to get worse. Two-thirds of Internet experts expect a devastating attack on the Internet between now and 2015. • For more info… • www.mcafee.com/us/threat_center • www.cert.org • http://www.microsoft.com/athome/security
Total Information Security • Total Information Security involves securing all components of the global digital information infrastructure. • Personal Computers • Business Computer Systems • Government Systems • International Systems • Participation by EVERYONE is important and difficult to gain! See what the White House has to say on the subject at http://www.whitehouse.gov/pcipb/
Total Information Security ` ` ` • To achieve total information security, we must examine security in layers. • Users are at the heart of total information security. • Risks increase with each expanding layer. ` User Machine Network The Internet
11.1 Information Security and Vulnerability What is at stake and what are the threats? Key Terms • Information Security • Identity Theft • Intellectual Property • Intellectual Property Rights • Cyberterrorism • Security Holes • Software Patches • Piracy • Plagiarism • Hacker • Computer Forensics
Depending on the circumstance, private information may include your: • Name • Photo • Phone number • Address • Birthday • Social Security Number • Bank Account Number • Credit Card Number • College Transcripts • Financial Status • Medical Records • Religious affiliation • Political affiliation All too common headlines… “Hackers attacked computer servers of a California university and may have gained access to the personal information of 59,000 people affiliated with the school…” At stake:Personal Private Information • What would concern you most if a person who wished to do you harm had full control of your PC? • What personal information do you consider private?
Identity Theft • Identity theft is the criminal act of using stolen information about a person to assume that person’s identity, typically for financial gain. Source: http://www.consumer.gov/sentinel/trends.htm
At stake:Intellectual Property • Intellectual property refers to a product of the mind or intellect over which the owner holds legal entitlement. • Intellectual property rights concern the legal ownership and use of intellectual property such as software, music, movies, data, and information. • Intellectual property is legally protected through copyright, trademark, trade secret, and patent
Biggest security threats to businesses in order of frequency: • Virus • Insider abuse of Internet access • Laptop theft • Unauthorized access byinsiders • Denial-of-service attacks • System penetration • Theft of proprietary info • Sabotage • Financial fraud • Telecommunications fraud • Active wiretap At stake:Organizational Information • For many businesses, the information it processes and stores is highly valuable and key to its success. • Business intelligences is the process of gathering and analyzing information in the pursuit of business advantage. • Competitive intelligence is concerned with gathering information about competitors. • Counterintelligence is concerned with protecting one’s own information from access by the competition.
Washington, June 8, 2006 – Over the last two years, Abu Musab al-Zarqawi established the Web as a powerful tool of the global jihad, mobilizing computer-savvy allies who inspired extremists in Iraq and beyond with lurid video clips of the bombings and beheadings his group carried out. At stake:National and Global Security Food for thought… The Internet is a powerful tool both for those who wish to build bridges between distant cultures and those that wish to tear them down. • Cyberterrorism is a form of terrorism that uses attacks over the Internet to intimidate and harm a population. China Hacking: http://abcnews.go.com/TheLaw/story?id=3966047 http://www.cio-today.com/story.xhtml?story_id=022000RB46F8&nl=5 http://arstechnica.com/news.ars/post/20070914-chinese-government-at-the-center-of-five-cyber-attack-claims.html The Cyber Cold War http://www.reuters.com/article/technologyNews/idUSL2932083320071129?feedType=RSS&feedName=technologyNews
All too common headlines… “Microsoft warned on Tuesday of seven newly found flaws in its software that could allow an attacker to steal data and take over a personal computer running the Windows operating system…” Threat:Software and Network Vulnerabilities Food for thought… Perfect software would be impossible to hack. • Security holes are software bugs that allow violations of information security. • Software patches are corrections to the software bugs that cause security holes. Microsoft’s Trustworthy Computing
Threat:Pirates and Plagiarists • Food for thought… • The annual cost of piracy in is estimated to be: • $4.2 billion for the music industry • $6.1 billion for the motion picture industry • $33 billionfor the software industry • Piracy involves the illegal copying, use, and distribution of digital intellectual property such as software, music, and movies. • Plagiarism involves taking credit for someone else’s intellectual property, typically a written idea, by claiming it as your own.
When consumers become distributors Traditional Music Distribution ARTIST ARTIST $ 1 6 $ $ $ $ 5 2 $ $ 1 2 3 3 4 5 4 Consumers 6 The problem with pirating MP3 music files
OnlineStore $ 1 6 $ $ $ 5 2 $ $ 3 4 Consumers A Complex Problem Record Label Artist
Artist $ 1 6 $ $ $ 5 2 $ $ 3 4 Consumers One Possible Evolution http://www.radiohead.com http://theymightbegiants.com http://www.bigego.com
HackersOn Planet Earth Threat:Hackers, Crackers, Intruders, and Attackers • The termshacker, cracker, intruder, and attacker are all used to label an individual who subverts computer security without authorization. • There are all types of hackers, not all are considered to behave unethically. http://www.2600.com http://www.2600.com/meetings/ Computer forensics is the process of examining computing equipment to determine if it has been used for illegal unauthorized or unusual activities.
Review Securing all components of the global digital information infrastructure is referred to as ________________. Credit card companies interested in protecting customers from _______________ watch for purchases that are out of the ordinary and notify the customer to confirm that the purchase was not made by a thief. Music, software, designs, artwork, and literature are all forms of _____________ that are typically protected by copyright or trademark. Hackers make use of _________________ to gain illegal access to computer systems. If you purchase and download an MP3 song from Amazon.com, then email the MP3 file to a friend you are ________________.
Key Terms • Username • Password • Biometrics • Encryption 11.2 Machine-Level Security Considerations for computers as stand-alone entities
Protecting a Stand-alone PC • Computers not connected to a network can only be attacked through physical presence. • Keeping the PC in a locked room would be the first method of protection. • The next method involves positively identifying the person accessing the machine through authentication. • Something you know (i.e. password) • Something you have (i.e. card-swipe) • Something about you (i.e. fingerprint)
Passwords • A username identifies the user to the computer system. • A password is a combination of characters known only to the user and used for authentication. • For a password to be effective it should be: • strong by including words that are unrelated to your interests, and include upper and lowercase letters, numbers, and symbols • unique – don’t use the same password for your bank account as you do for your email account • changed regularly – change your password twice a year
ID Devices and Biometrics • Security ID cards and tokens, “something you have” authentication, are used in some corporations to protect access to restricted areas and computer systems. • Biometrics is the science and technology of authentication by scanning and measuring a person’s unique physical features such as fingerprints, retinal patterns, and facial characteristics. More about tokens: http://en.wikipedia.org/wiki/Security-Token http://www.opticom.lv/en/products/security/authentication/rsa123/rsa1/ Check out Face Recognition
Encryption • Encryption is a security technique that uses high-level mathematical functions and computer algorithms to encode data so that it is unintelligible to all but the intended recipient. • Data stored on a PC can be encrypted and set so that a second password is required to decrypt it. Demo: Encrypting a PPT file (tools > options > security) More on Encryption: http://en.wikipedia.org/wiki/Encryption
Backing Up Data and Systems Food for thought… A recent study showed that only 57% of computer users back up stored data including digital photos, personal documents, work documents, music, and financial records. DO YOU BACKUP? HAVE YOU LOST DATA DUE TO HARDWARE FAILURE? • The most common cause of data loss is hardware failure. • The best protection against such loss is to follow regular backup procedures. • Available backup services include: • System utilities that back up selected files to compressed archives stored on secondary storage media or another computer on the network. • Mirroring which saves files to two locations to create exact duplicates. • Apple Time Capsule • Internet services that perform scheduled, automated uploads of your valuable files to servers for safe keeping (www.remotedatabackups.com).
Review Which of the following is NOT a safe password practice select a strong password change your password regularly use the same password for different accounts don’t write your password down London’s Heathrow airport has implemented ____________ through the use of a retinal scanner that checks the identity of workers as they clock into work. Through the use of _____________ files can be rendered unreadable while stored or in transit over a network. The one action that can save your data from being destroyed by hackers, viruses, system and hardware crashes, and spyware is _______________.
User Permissions SystemAdministrator • User Permissions refers to the access privileges afforded to each network user in terms of who is able to read, write, and execute a file, folder, or drive. 5 2 4 1 6 3 • Files and folders are assigned user and group ownership. User 1 User 2
Mac OS X Windows XP (home) UNIX User Permissions • Different operating systems have differing ways of handling user permissions.
Interior Threats • Interior threats refer to dangers to network resources from legitimate users. They include: • Threats to System Health and Stability • Information Theft • Safeguards include a the use of security and usage policies. FSU Network Usage Policies: http://www.vpfa.fsu.edu/policies/bmanual/itpolicy.html
Wireless Fidelity (Wi-fi) • Wi-fi is the widely used wireless networking standard that makes use of access points to connect devices to networks. Newly purchased access points typically have no security features enabled making it easy for any wireless device to connect. AccessPoint Network line More on Wi-fi in CH5
Z Wireless Access Point / Router Wireless Access Point / Router To Cable Co. Cable Modem Cable Modem Threats to Wireless Networks • Neighbors • Internet Hackers The Internet
Z Wireless Access Point / Router Wireless Access Point / Router To Cable Co. Cable Modem Cable Modem Threats to Wireless Networks • Neighbors • Internet Hackers • Passers by • www.wardriving.com The Internet
Securing a Wireless Network • An Access Point can be configured, and security features enabled, through a simple Web interface using a computer connected to the access point.
Securing a Wireless Network • Use the Access Points configuration utility to: • Disable the Access Point’s broadcasting to make the access point invisible to the general public. • Change the Access Point’s password from the default. • Set the Access Point to only allow certain computers (MAC addresses) to connect. • Encrypt data being sent over the network with WEP or WPA. • Use Internet security software and practices discussed in the next section.
Key Terms • Spyware • Zombie Computer • Antispyware • Internet Fraud • Phishing • Virus Hoax • Firewall • Virus • Worm • Antivirus Software 11.5 Internet Security
Hacking Tools and Methods • Key-logging software • Packet-sniffing software • Port scanning software • Social engineering
Why Do Hackers Hack? • As a hobby and challenge • To inflict malicious vandalism • To gain a platform for anonymous attacks • Distributed Denial-of-service DDoS Attacks • To steal valuable information and services • To Spy on someone “Hackers have turned toward more criminal and lucrative areas of directingattacks to specific individuals or organizations, often financially, competitively, politically or socially motivated.” http://www.physorg.com/news5580.html
Firewall software from McAfee and Symantec are considered to be more robust than Windows Firewall. This McAfee screen shot shows several attacks on this PC over the course of one day. Defending Against Hackers • A firewall is network hardware and software that examines all incoming data packets and filters out ones that are potentially dangerous. • All Windows users should protect their network connection with a firewall. ~demo
Viruses and Worms • A virus is a program that attaches itself to a file, spreads to other files, and delivers a destructive action called a payload. • There are many types of viruses • A worm does not attach itself to other files but rather acts as a free agent, replicating itself numerous times in an effort to overwhelm systems. • Worms and viruses are often spread through the Web, email, chat, and file-sharing networks Viruses and worms are considered malicious software, or malware, Check out the latest malware at http://www.mcafee.com/us/threat_center
Viruses and Worms Yeah right! This didn’t come from Microsoft. The attachment is not a patch, nor an innocent text file (as it appears) but an executable file containing a virus.
WEB PAGE EMAIL Web Server Shared Network PortableDevice P2PFILE-SHARINGNETWORK P2P NETWORK INSTANT MESSAGE
Knowledge and caution play a big part in protecting PCs against viruses and worms: • Don’t open e-mail or IM attachments that come from friends or strangers unless they are expected and inspected by antivirus software. • Keep up with software patches for your operating system, your Web browser, your e-mail and IM software. • Use caution when exploring Web sites created and maintained by unknown parties. • Avoid software from unknown sources. • Stay away from file-sharing networks; they do not protect users from dangerous files that are being swapped Defending Against Viruses and Worms • Antivirus software, also known as virus scan software, uses several techniques to find viruses on a computer system, remove them if possible, and keep additional viruses from infecting the system.
Spyware, Adware, and Zombies • Spyware is software installed on a computer without the user’s knowledge to either monitor the user or allow an outside party to control the computer. The Internet service provider Earthlink said it uncovered an average of 28 spyware programs on each of its member’s PCs that were scanned Adware is spyware that displays advertisements.
Zombies • A computer that carries out actions (often malicious) under the remote control of a hacker either directly or through spyware or a virus is called a zombie computer. Experts say hundreds of thousands of computers are added to the ranks of zombies each week.
Zombies • Zombie computers can join together to form zombie networks (botnet). Zombie networks apply the power of multiple PCs to overwhelm Web sites with distributed denial-of-service attacks, to crack complicated security codes, or to generate huge batches of spam. It has been estimated that 80 to 90 percent of spam originates from zombie computers. Storm worm botnet for rent
Defending Against Spyware • Antispyware is software that searches a computer for spyware and other software that may violate a user’s privacy, allows the user to remove it, and provides continuing protection against future attacks.