IT255 Introduction to Information Systems Security Unit 9 Mitigation of Risk and Threats from Attacks and Malicious Code
Learning Objective Explain the means attackers use to compromise systems and networks and defenses used by organizations.
Key Concepts • Impact of malicious code and malware on public- and private-sector organizations • Profiling attackers and hackers • Phases of a computer attack • Security awareness training to harden User domain and teach correct use of IT assets
History of Malware • 1971: “Creeper virus” spreads to Advanced Research Projects Agency Network (ARPANET). Other experimental viruses emerge throughout the 1970s with varying exposure. • 1981: “Elk cloner” becomes the first computer virus to appear in the wild or outside of a computer lab. • 1982: The first worm is jointly developed at Xerox’s Palo Alto Research Center. Used for distributed calculations, a logic error caused uncontrollable replication that crippled computers.
Forms of Malware • Viruses, worms, Trojans, backdoors, rootkits, and others • Active content and botnets aremodern examples • Phishing and pharmingattacks represent modern threats
Discussion Points • Motivations for attacks • Types of attackers • Goals of attackers
Discussion Point Discuss the impact of malicious code and malware on businesses and organizations.
Defending Against Network Attacks • Set up protective mechanisms at every domain and layer. • Establish checkpoints at every network layer and domain category and monitor regularly. • Use intrusion detection system/intrusion prevention system (IDS/IPS) and firewall control lists to filter network-driven attacks. • Sandbox application-level attacks and scan with antivirus or anti-malware products. • Back up data regularly.
End-User Awareness Training • It helps prevent incidentsand reduce risk. • End-users areweakest link insecurity chain. • Security is a specialmindset. • Consistent applicationrequires good habits.
Summary • Malware encompasses a variety of malicious code. • Methods for attack progress and new trends emerge as technology improves. • Motivations explain why criminals commit acts; motivations vary but personalities generally recur. • Computer and network attacks occur in phases. • Security awareness training can reduce incidents of attacks.