560 likes | 690 Views
Mobile Phone Break!! Oh yeah!!. Tuesday-Thursday Report your experience: see next slide. Life without the cell-phone Thursday: tell me (us) in class what happened. Reporting your experience.
E N D
Mobile Phone Break!! Oh yeah!! • Tuesday-Thursday • Report your experience: see next slide. • Life without the cell-phone • Thursday: tell me (us) in class what happened.
Reporting your experience • Answer to the following question: Describe an event from the past 48 hours that shows what is like to live without a mobile phone. What was surprising to you about the “no mobile phone break”? • Your response needs to be no longer than 350 words. It can be turned in by emailing it to the following address: • nocellphoneday@yahoo.com • In addition, bring to Sergio a printed copy of your response with your name on it. Remember, double space, Times New Roman
Extra-Credit!!! • CATHY ASKED ME TO MENTION: • SHE IS LOOKING FOR VOLUNTEERS FOR TWO FOCUS GROUPS. • ONE ON THURSDAY NIGHT – ONE ON FRIDAY AFTERNOON • YOU ONLY HAVE TO GO TO ONE • BOTH ARE AT SCILS • WE ARE GIVING EXTRA CREDIT TO VOLUNTEERS. • THE TOPIC FOR THE GROUPS IS “TRYING TO TAKE A BREAK FROM YOUR CELL PHONE” • THURSDAY’S GROUP IS FROM 6:30 TO 8:00 • FRIDAY’S GROUP IS FROM 3:00 TO 4:30 • SEND AN EMAIL TO CATHY TO VOLUNTEER • THE DETAILS ARE ALSO IN THE ANNOUNCEMENTS ON RUTGERS ONLINE
Session 13 Covering, protecting, security, firewall, anti-spam, anti-virus, hacker, etc…..covering your information assets 1.
Covering your information assets 1 "Big Brother may know who you are, but do you know who Big Brother is?” [Wired.Com]
Session Objectives • To identify key vulnerabilities of computer information systems: cyber attack, cyber crime, cyber terrorism; • To understand some of the technical aspects of computer viruses, worms, trojan horses; • To examine organizational issues approaches to dealing with these vulnerabilities
Is Technology an Ally?New York Times 27/09/01 • View that attacks of WTC will spur a great deal of technological innovation: • How do you protect privacy and freedom as well as support legitimate state interests in surveillance and control? • Dramatic movement from real, centralized workplaces to virtual, distributed workplaces • Innovation in reliability and security in computing and computer communications • Real problem is not slowness in technological innovation, but slowness in the legal and civil rights innovation in response to technological change
What intelligence? Security? “it is inconceivable that such a tragedy could have occurred without detection. Where were our intelligence organizations? Where was the CIA? Where was the FBI? Where was Israel intelligence? Where was Interpol? Can you tell me that no one was aware of the impending doom? If so, our intelligence organizations are sorely lacking. It appears they all were asleep at the switch. … is ludicrous when we cannot detect a plot of such magnitude. The security systems at our airports are no security at all. They are only a nuisance to legitimate air travelers” Letter to Editor, Star-Ledger, September 13
Where do we draw the security line? • “Technologies can’t be guaranteed to be used only for good. But technologies placed within well-crafted institutional structures can be made more likely safe than not” • “Today’s technology permits a small number of people to wreak a disproportionate amount of havoc”
“Americans begin to favor less privacy – online and off” (Star-Ledger, P.48, 10/22/01) James Halperin, Science-Fiction writer: • “There is only one way to reduce the danger of terrorism, and that is everywhere for people to willingly sacrifice a portion of their privacy” David Kairys (Constitutional Rights Lawyer and Professor at Temple University) • “You can give blood, you can give money, and you can give your civil liberties”
To what extent are you preparedto give up your civil liberties?Should the Government’ssurveillance powers be increased? • Law enforcement monitoring of Internet discussions in chat-rooms and other forms? • Expanded government monitoring of cell phones and email to intercept communications? • Expanded camera surveillance in public? • Use of facial-recognition technology to scan for suspected terrorists? • Adoption of national identification system? • Organized policies? Patriot Act?
POLL ON AMERICAN SUPPORT FOR INCREASING US GOVERNMENT’S SURVEILLANCE POWERS Law enforcement monitoring of Internet discussions in chatrooms and other forms: Favor: 68%; Oppose: 32% Expanded government monitoring of cell phones and email to intercept communications: Favor: 54%; Oppose: 41% Expanded camera surveillance in public: Favor: 63%; Oppose: 35% Use of facial-recognition technology to scan for suspected terrorists Favor: 86%; Oppose: 11% Adoption of national identification system Favor: 68%; Oppose: 28%
Should we be concerned about a sudden shift in trading privacy for a sense of security? Results show increasing tolerance for trading privacy for security. • The Privacy Advocates speak out: • Once governments increase authority and freedom to surveil and to conduct covert surveillance activities, they will use it for whatever purposes they can figure out, not just against terrorists: abuse of investigative powers • Assumption that many people do not think that they will be affected in anyway by privacy intrusions
U P D A T E S • Anonymizer.com
A new vocabulary • Computer security • Information surveillance • Cyber warfare / Digital warfare • Cyber crime and criminals • Cyber terrorism • Computer virus • Data Mining • Online profiling • Computer privacy • Computer confidentiality
Sentenced for three computer crimes • Date: 9th March 2001 • New Hampshire • 18 year old computer hacker, Dennis M. Moran, (online name “Coolio”) sentenced for 12 months incarceration; $15,000 restitution
1 Hacked into website of DARE America, an anti-drug abuse organization based in California Defaced site with pro-drug abuse slogan and images, including Donald Duck with hypodermic syringe FBI identified computer intrusion originated in NH 2 Created a defaced website of Massachusetts-based company, RSA Security. Did this from a hacked-into computer in South America Manipulated regional domain name causing visitors to be directed to derogatory web site Coolio’s Computer Crimes
3. Unauthorized intrusion into computer systems of various military bases in February 2000, an exploit designed to penetrate Army Bases in Florida, New Jersey, Missouri, Kentucky Quickly detected Conviction involved: NH + California’s Hampshire Attorney’s Office; FBI Army Criminal Investigation Dv Computer Crimes Section of several state Police Departments; State High Technology Crimes Task Forces US Dept. of Justice Computer Crimes and Intellectual Property Section Coolio’s Computer Crimes
The anatomy of a computer crime The Melissa Virus 1999
Computer Virus • Self-replicating computer program that interferes with a computer's hardware or operating system. • Viruses are designed to replicate and to elude detection. Like any other computer program, a virus must be executed to function—that is, it must be loaded from the computer's memory, and the virus's instructions must then be followed by the computer. • These instructions are called the payload of the virus. The payload may disrupt or change data files, display a message, or cause the operating system to malfunction.
History of Melissa • Friday, March 26, AM • Posted to alt.sex message board, allegedly by skyrocket@aol.com. • Named 'Melissa,' after comments by 'Kwyjibo' contained inside the virus. • Anti-virus companies believe Melissa originated in Western Europe. • Friday, March 26, PM • Infects U.S. companies, swamping e-mail systems. • National Infrastructure Protection Center notified of Melissa. • Anti-virus companies call it the most prolific virus -- ever. • Saturday, March 27 , AM • Researchers discover that the virus includes traceable identification numbers (GUIDs). • Phar Lap Software's Richard M. Smith reverse-engineers an Ethernet address from Melissa's GUID.
Saturday, March 27 , PM • FBI warns U.S. organizations to watch out for Melissa on Monday. More U.S. companies hit. Some companies revert to paper, rather than e-mail, warnings • Monday, March 29 , AM • Many IT departments contain the virus. An Excel strain of Melissa, nicknamed Papa, surfaces. • The FBI launches a manhunt for Melissa's creator. • Monday, March 29 , PM • Phar Lap's Smith and Fredrik Bjorck trace Melissa to an account on AOL and Source of Kaos, a Web site run by VicodinES, a 'retired' virus writer. • Tuesday, March 30, AM • The Source of Kaos site is unplugged. • Many IT workers report that they have contained the virus
Tuesday, March 30, PM • New variants of Melissa are reported in the wild; The FBI seizes the Source of Kaos' Web server in Orlando, Fla.; The FBI talks to Source of Kaos's Roger Sibert -- asking about whereabouts of VicondinES • Wednesday, March 31, AM • SPo0KY, the Webmaster of virus site Codebreakers.org, tells ZDNN his ISP deleted the site -- acting on the orders of the FBI. • Global Connection Internet, Codebreakers.org's ISP, denies that it was acting on the orders of the FBI. • Thursday, April 1, AM • AOL is presented with a court order from a state judge in New Jersey requesting information concerning the Melissa virus.
Melissa: the end? • Thursday, April 1, PMNew Jersey police arrest David L. Smith, 30, of Aberdeen on charges of originating the Melissa virus outbreak. New Jersey's attorney general says Smith was snared with the help of AOL technicians. • Friday, April 2, AM • David Smith, described as a 'computer guy,' is released from Monmouth County Jail on $100,000 bail.
“Script Kiddies” • Typically a young male experimenting with prewritten scripts used for creating viruses and other intrusive / destructive programs • Eg. Anna Virus: made using virus writing kit called VBSWG (Visual Basic Script Worm Generator) downloaded from Internet by 20 year old Danish male known as “OnTheFly” • Scanning of computers increases when “school’s out”
Some concerns • Many network protocols designed without security in mind; • Inexpensive, quick, easy for anyone with technical knowledge to launch attack against critical IT information infrastructures; • Expensive, long-term and complex considerations to take steps needed to make intrusion harder and less susceptible to attack; • No insurance policies against cyber intrusions; • Is 8 days a quick or slow solution?
Discussion Your experiences? Your reactions? Your concerns?
Trojan Horses, Logic Bombs, and Worms. • Trojan Horse appears to be something interesting and harmless, such as a game, but when it runs it may “snoop and steal without detection”. • Often masquerade as benign applications, can let hackers enter, search and manipulate your system via Internet. • Steal credit card numbers and email identities long before victims learn they have been infiltrated. • Often deposited by hackers into “freeware” • Logic Bomb delivers its payload when it is triggered by a specific condition, such as when a particular date or time is reached or when a combination of letters is typed.
Computer Worms • program that propagates itself across computers, usually by spawning copies of itself in each computer's memory. • A worm might duplicate itself in one computer so often that it causes the computer to crash. • A worm only makes copies of itself, but it can take up computer memory and slow the computer's processes. • Sometimes written in separate "segments," a worm is introduced surreptitiously into a host system either for "fun" or with intent to damage or destroy information.
Magistr Worm and other worms: 19th March 2001 • http://www.cnn.com/2001/TECH/ptech/03/19/magistr.worm.idg/index.html • Similar to early worms, but more sophisticated and destructive • Spread by email or through shared disks by opening infected documents • When open, scans Outlook Express address book, sends infected message with random generated subject headings • Each message has up to 6 word files from hard drive attached – expose private files • May sit dormant on file for one month, then payload (instructions) activated – erase files, re-label files making retrieval of lost files impossible. • Triggers “runaway icons” – move from the cursor when try to click on them
ALIZ WORM (Nov 2001) • Subject: <randomly composed from several different parts, see below> Body: <empty multi-part MIME message with HTML formatting and i-frame trick> Attachment: Whatever.exe • Fw: Re • Cool, Nice, Hot, some, Funny ,weird, funky, great Interesting, many • Website, site, pics, urls, pictures, stuff, mp3s, shit, music, info • to check, for you, i found, to see here, - check it • !! ! :-) ?! hehe ;-) • For example a subject can be: • "Fw: Cool pictures i found !!" or "Nice website to check hehe ;-)".
W32/Badtrans@MM Card.pif docs.scr fun.pif hamster.ZIP.scr Humor.TXT.pif images.pif New_Napster_Site.DOC.scr news_doc.scr Me_nude.AVI.pif Pics.ZIP.scr README.TXT.pifs 3msong.MP3.pif searchURL.scr SETUP.pifs Sorry_about_yesterday.DOC.pif YOU_are_FAT!.TXT.pif (pif = Process Interchange Format)
The National Infrastructure Protection Center (NIPC) serves as a national critical infrastructure threat assessment, warning, vulnerability, and law enforcement investigation and response entity. The NIPC provides timely warnings of international threats, comprehensive analysis and law enforcement investigation and response. The mission of the NIPC is to: detect, deter, assess, warn, respond, and investigate unlawful acts involving computer and information technologies and unlawful acts, both physical and cyber, that threaten or target our critical infrastructures;
manage computer intrusion investigations; • support law enforcement, counter-terrorism, and foreign counter-intelligence missions related to cyber crimes and intrusion; • support national security authorities when unlawful acts go beyond crime and are foreign-sponsored attacks on United States interests; and • coordinate training for cyber investigators and infrastructure protectors in government and the private sector.
http://www.nipc. gov/index.html
Implications for Information Professionals and the Workplace
When evaluating Internet content from a security perspective, some points to consider include: 1. Has the information been cleared and authorized for public release? 2. Does the information provide details concerning enterprise safety and security? Are there alternative means of delivering sensitive security information to the intended audience?3. Is any personal data posted (such as biographical data, addresses, etc.)?4. How could someone intent on causing harm misuse this information?5. Could this information be dangerous if it were used in conjunction with other publicly available data?6. Could someone use the information to target your personnel or resources?
Significant Issues for Computer Professionals and private users • Assess vulnerability: hackers’ distaste for Microsoft; vast majority of malicious code written for Windows; • Broadband users – connected all the time; consider extra protection; tend to be allocated permanent IP addresses where as dial-in users typically assigned different IP addresses every time • Caution and protective software • Back-up provisions
Workplace Actions • Establish policy procedures for responding and recovery • Ingress filtering: Ingress filtering is the filtering of "any IP packets with untrusted source addresses before they have a chance to enter and effect your system or network”; prohibit an attacker using forged source addresses; • Egress filtering: prevent any packets with invalid or incorrect addresses from leaving your site http://www.sans.org/infosecFAQ/sysadmin/egress.htm