200 likes | 408 Views
Information Ethics and Security. Take Aways. Understand the 2 primary lines of defense to information security Excel: Pivot Tables, Scenario Manager. PROTECTING INTELLECTUAL ASSETS. Organizational information is intellectual capital - it must be protected
E N D
Take Aways • Understand the 2 primary lines of defense to information security • Excel: Pivot Tables, Scenario Manager
PROTECTING INTELLECTUAL ASSETS Organizational information is intellectual capital - it must be protected Information security – the protection of information from accidental or intentional misuse by persons inside or outside an organization E-business automatically creates tremendous information security risks for organizations
THE FIRST LINE OF DEFENSE - PEOPLE • Organizations must enable employees, customers, and partners to access information electronically • The biggest issue surrounding information security is not a technical issue, but a people issue Approximately what percentage of security incidents originate with an organization? • 33% of security incidents originate within the organization • Insiders – legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident
THE SECOND LINE OF DEFENSE-TECHNOLOGY There are three primary information technology security areas • Authentication and authorization • Prevention and resistance • Detection and response
Authentication and Authorization Authentication – a method for confirming users’ identities Authorization – the process of giving someone permission to do or have something The most secure type of authentication involves: • Something the user knows such as a user ID and password • Something the user has such as a smart card or token • Something that is part of the user such as a fingerprint or voice signature
Something That Is Part Of The User Such As a Fingerprint or Voice Signature This is by far the best and most effective way to manage authentication • Biometrics – the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting Unfortunately, this method can be costly and intrusive
Prevention and Resistance Downtime can cost an organization anywhere from $100 to $1 million per hour Technologies available to help prevent and build resistance to attacks include: • Content filtering • Encryption • Firewalls
Content Filtering Organizations can use content filtering technologies to filter e-mail and prevent e-mails containing sensitive information from transmitting and stop spam and viruses from spreading. • Content filtering – occurs when organizations use software that filters content to prevent the transmission of unauthorized information • Spam – a form of unsolicited e-mail • Corporate losses caused by Spam
Encryption - scrambles the contents of a file so that you can’t read it without having the right decryption key.
Firewalls Sample firewall architecture connecting systems located in Chicago, New York, and Boston
Detection and Response If prevention and resistance strategies fail and there is a security breach, an organization can use detection and response technologies to mitigate the damage Antivirus software is the most common type of detection and response technology
Detection and Response Hacker - people very knowledgeable about computers who use their knowledge to invade other people’s computers • White-hat hacker (Steve Wozniak: Co-founder of Apple) • Black-hat hacker (Jonathan James: At 16 broke into Pentagon Computers – stole the International Space Station’s source code)
Detection and Response • Script kiddies or script bunnies (Michael Calce: DOS to Yahoo, eBay, CNN, etc.) • Cracker (Kevin Poulson: hacked Into FBI) • Cyberterrorist (YounisTsouli: plotted terrorist attack using Internet Sites)
What is a Bot? Software bot- malicious code that turns PCs and servers into remotely controlled “zombies” Bot “bitten” organizations- Department of Defense, Argonne National Library, Alabama Supercomputer Network, Arkansas Department of Information Systems, Iowa Communications Network, Connecticut’s Department of IT
Detection and Response Virus-software written with malicious intent to cause annoyance or damage BOTS: • Worm(A computer worm is a self-replicating computer program. It uses a network to send copies of itself to other nodes (computers on the network) and it may do so without any user intervention) • Denial-of-service attack (DoS) • Distributed denial-of-service attack (DDoS) • Trojan-horse virus (A term used to describe malware that appears to the user to perform a desirable function but, in fact, facilitates unauthorized access to the user's computer system) • Backdoor program (method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected)
What does a Bot do? Bots can remain dormant for weeks or months at a time 60% of bots are used to send spam The other 40% for more destructive reasons: including phishing, pharming, click fraud, distributing adware or malware, denial-of-service attacks, data theft, and temporarily storing illegal malicious, or stolen files
Thinking of Making Money Using Bots? Jeanson James Ancheta Downey, California 20 years old Made a worm that let him turn computers into bots for profit ($60,00) Bot infected China Lake Naval Air Weapons Station in California Now faces 25 years in prison and a $1 Million dollar fine Do the math: $1,000,000 > $60,000
People Who Didn’t Do the Math? Anthony Scott Clark (21 years old from Beaverton, Oregon): Attacked eBay (DOS) - 10 Years in Prison and $250,00 in fines Saad Echouafni (head of a satellite communications company): Disrupted Homeland Security • Fugitive since 2004 and on FBI’s Most Wanted Jefferey Lee Parson (18 years old): Infected 48,000 home PC’s • 14 – 18 month sentence