290 likes | 479 Views
Electronic Security. WELCOME. -About us. What we're going to talk to you about:. Speed of Electronic Attacks. Hacking and Cracking. Why Systems are Attacked. Cryptography. Malware. Packet Sniffers. Firewall Security. Future Security Threats. Computer System Safety. Electronic Attacks.
E N D
WELCOME -About us What we're going to talk to you about: Speed of Electronic Attacks Hacking and Cracking Why Systems are Attacked Cryptography Malware Packet Sniffers Firewall Security Future Security Threats Computer System Safety
Electronic Attacks Don't get Zapped: Can be lighting fast Can go unnoticed Can be devastating Don't be the tree in the lightning fast electronic world!!!
Why Do People Attack Electronic Systems? Every attack has a certain target • Network Devices • Hosts • Applications • Operating Systems • People
Why Do People Attack Electronic Systems? • Most attacks attempt to steal data and access unauthorized information • Some attacks are designed to access computer systems without approval and authorization • Some attacks are designed to restrict overall access to data or destroy a computer system • Denial of Service (DOS) Attack • To access other computers through an already compromised computer • To omit or alter data and sensitive information
Top 5 Most Popular Websites 2 5 3 1 4
Malicious Software (Malware) • Viruses • Worms • Wabbits • Trojans • Spyware • Backdoors • Exploits • Rootkits • Keyloggers • Dialers • URL Injectors • Adware
Websites Most Likely to Contain Malware "The general belief is that sites that promote criminal activity—such as sites selling illegal pharmaceuticals or counterfeit luxury goods—are most likely to host malware. Our data reveals the truth of this outdated notion, as web malware encounters are typically not the by-product of “bad” sites in today’s threat landscape." - 2013 Cisco Annual Security Report
Websites Most Likely to Contain Malware • Business and industry sites are one of the top three categories visited when a malware encounter occurred • Hidden in online ads that are distributed to legitimate websites • "Malvertising" has significantly increased since 2011 • Malicious advertising can impact any website • The United States retains the top ranking in 2012 for most malware encounters
Malware Prevention • Always be alert with your computer • Set Internet browser for download notification • Install a trusted anti-virus and keep it updated • Install a pop-up blocker • Use an email program that includes spam guard • Do not download software or programs from unknown sites • Be alert and cautious when sharing or trading files and programs with friends and family • Disable cookies on your Internet browser • Read the fine print when downloading programs • Never click on Web-Links, copy paste them in • Shadowops.net VS Shadowops.com • Download a personal firewall
Firewall Security What is a firewall? http://www.youtube.com/watch?v=6UtiQwCX2wU
Firewall Security "A firewall is a system designed to prevent unauthorized access to or from a private network." • Most modern operating systems and home network gateway routers come with optional firewalls built in • Is considered a first line of defense • It is also important to customize your firewall to not allow access of any programs to the fire wall, and not allow your firewall access to any programs
Firewall Security Types of Firewall Techniques • Packet Filtering • Circuit-Level Gateway Implementation • Acting as a Proxy Server • Web Application Firewall
NO!!! ----------------------------- 1) Computers connected to any network can be compromised 2) Computers connected to the Internet can be compromised 3) Devices can be taken to an OFF-LINE computer to get data 4) Computers and devices can be physically taken
Securing Computer Systems How do you keep your computer secure? Physical Barriers: some examples include walls, doors, and glass
Securing Computer Systems Man Traps prevent unauthorized access to areas
Securing Computer Systems Keycards help to prevent access to unauthorized personnel, as well as help computers recognize authorized personnel Most Keycards have: • Smartchip • Picture ID • Hashed Passcode
Hacking and Cracking Hacking Hackers get information or access to computers by making or using computer software. Most attacks originate from freeware or software that is free to users. Some hackers can find new exploits in software by making their own attacks or finding new weaknesses in software. These types of attacks are called zero day attacks. Expert/Elite Hackers develop software and find previously unknown exploits in software. Unskilled Hackers use software already written and use known exploits in software.
Hacking and Cracking Cracking Focuses on finding passwords or reverse engineering them. Offline cracking is usually done against hashed files that contain passwords.
Cryptography -Protects confidentiality of information -Protects the integrity of information -Protects the availability of information to people with proper keys -Confirms the sender of information -It can enforce non-repudiation (Prevents the "I never got that")
Cryptography Symmetric Cryptographic Algorithms -1 key to rule them all
Cryptography Asymmetric Cryptographic Algorithms - 4 key system
Packet Sniffers Monitors and tracks incoming and outgoing packets TCP/IP information
New Security Threats Cars 1) Internal car systems can be compromised by mp3's and mp4's that contain malware 2) PDA's, Cell phones, and PAD's connect to cars create vulnerabilities
New Security Threats Houses New houses have electronic access systems, as well as central controlled computer systems
New Security Threats New Technologies New Technologies can pose risks that are yet unknown
References http://www.networkworld.com/news/2007/100407-web-site-vulnerabilities.html http://en.wikipedia.org/wiki/Computer_insecurity#Reasons http://www.youtube.com/watch?v=qdD5-woi_os https://www.cisco.com/web/offer/gist_ty2_asset/Cisco_2013_ASR.pdf http://www.technewsdaily.com/16537-8-tips-secure-computer.html http://www.abestweb.com/forums/panda-software-317/different-types-malware-65416.html http://kb.iu.edu/data/aoru.html http://www.ehow.com/how_2004222_malware-download-prevent.html Principles of Information Security By: Michael E. Whitman, Herbert J. Mattord 4th Edition Security + Guide to Network Security Fundamentals By: Mark Ciampa, Ph.D. 4th Edition