280 likes | 531 Views
Table of Contents. IntroductionHacker AttacksMal-wareVirusesSpy-wareWormsManagerial Implications. Hacking Defined. ?Gaining unauthorized access to a computer system", other definitions exist but this is one that best describes the threat as far as an organization such as an E-Business is co
E N D
1. E-Business Threats Seminar in E-Commerce 5233
For: Dr. Serenko
By: Mike Barney
Brendon Johnson
2. Table of Contents Introduction
Hacker Attacks
Mal-ware
Viruses
Spy-ware
Worms
Managerial Implications
3. Hacking Defined “Gaining unauthorized access to a computer system”, other definitions exist but this is one that best describes the threat as far as an organization such as an E-Business is concerned
Access is gained by exploiting vulnerabilities in software, hardware and members of the organization
4. Stages of a Typical Hack Attempt 1) Target Identification
2) Service Identification
3) Vulnerability Research
4) Execution and Action
5) Cleanup
5. Target Identification Random (Ex.1 Random FTP Server) or War-dialing (outdated)
Location Specific (Ex.2 Registration List)
Specific Machine: DNS Lookup
6. Service Identification Applications that listen on open ports
Ie; HTTP, FTP, Telnet, SSH, IRCd
Ex. 3 My PC’s current TCP/IP Network Connections
Ex. 4 Screenshot of google.ca Portscan (with nmap)
7. Vulnerability Research Attackers may test for weaknesses in the service by using the source code and binaries of the same version as on the victim machine on their own hardware
Public Exploit Databases, Ex. http://msgs.securepoint.com/bugtraq/
Purchase 0-Day Exploits, Ex. http://it.slashdot.org/it/06/02/02/215210.shtml
8. Execution and Action Vulnerable service is exploited which results in the attacker escalating his privileges on the system (ie; to get r/w access to system resources)
May result in stolen customer information, defaced website http://www.zone-h.org/en/defacements, arbitrary system changes, XDCC service spawn (Ex. 5), etc.
9. Cleanup Log wiping/deletion
The attacker usually takes precautions through the entire process, not just in the cleanup stage (ie; daisy-chaining and war-driving)
10. E-Businesses Best Defense Strong passwords
Updated software (Check vendor patches and vulnerability/exploit databases)
Firewalls & IDS Systems
Frequent System Backups
11. Mal-ware (Malicious) Defined as: Software designed to infiltrate or damage a computer system, without the owner's consent. The term describes the intent of the creator, rather than any particular features. (wikipedia.com3)
Can include viruses, worms, spy-ware, ad-ware, trojans, etc.
12. How Do They Work? Viruses are programs that are programmed to infect your local computer.
Capable of self-replicating within one hard drive often targeting various systems and files
This could cause slow downs of performance
They can be spread a variety of ways (i.e. e-mail, downloads, etc.)
Can have severe consequences for business
Not as popular as once was?
13. Viruses Viruses were coined in 1983 by Fred Cohen (cbs.com)
In 1987 the Brain was released and is credited as being the first virus
Norton Anti virus is released in 1991
Polymorphic viruses are also released
Windows is released in 1995 but was still susceptible to viruses
14. Famous Viruses & Worms The infamous Melissa virus is unleashed - 1999
I Love you virus released and causes over 8 billion dollars in damage - 2000
Man is charged but escapes from lack of laws in Philippines
Anna Kournikova virus uses Outlook addresses to spread – 2001
Nimda worm attacks shortly after 9/11 – 2001
Perrun is launched, able to spread through picture files - 2002
15. Viruses - Now Viruses seem to have decreased in the last six months according to Symantic Canada (in favour of personal info theft)
Industry experts believe that a shift has taken place in the creation of virus attacks - with less desire for headlines and a greater desire for fraudulently acquired information.
16. Impacts of Viruses Virus can slow down efficiency and lead to decrease in productivity
Information loss is viable threat if infected
Cost of repairing compromised systems can be prohibitive
17. Virus Proof Install anti-virus software and keep it updated
Training for employees
Reduce accessible files
Backup important files and increase security around key “weak spots”
Use your brain!
18. Spy-ware Spy-ware: “refers to a broad category of malicious software designed to intercept or take partial control of a computer's operation without the informed consent of that machine's owner or legitimate user.” (wikipedia.com)
Requires installation by user (agreement waivers)
Began with peer-to-peer sharing of files such as music downloads i.e. freeware
Capable of transmitting back user information to programmer
Can send valuable market data to creator
19. Consequences of Spy-ware Significantly impact the confidentiality of business information stored on client user workstations
Privacy of individuals using these workstations
E-Commerce business models (ability to disrupt applications)
Security suspicions and fears may reduce traffic
Reduce bandwidth therefore affecting performance
20. Protection against Spy-ware Install spy-ware remover and keep it updated (i.e. McAfee VirusScan, Norton Anti-Virus, etc)
Use caution when downloading
Carefully read all user agreements
Links can also install spy-ware when clicked
Keep up to date with latest trends and information about spy-ware
Consistently scan your computer for suspicious activity
Use your brain!
21. Ad-ware Ad-ware: software that displays advertisements on your computer. These are ads that inexplicably pop up on your display screen, even if you're not browsing the Internet. (microsoft.com)
frequently refers to any software which displays advertisements, whether or not it does so with the user's consent. (wikipedia.com)
22. What does it do? Unsolicited pop-up advertisements
Can change your browser settings without users permission
Could negatively affect performance
May cause economic damage by over-riding paid advertisements currently on the web
Will send you to sites developed by creators
Irritating and frustrating
23. Worms “A worm is a virus that does not infect other programs. It makes copies of itself, and infects additional computers (typically by making use of network connections) but does not attach itself to additional programs; however a worm might alter, install, or destroy files and programs.” www.unitedyellowpages.com/internet/terminology.html
They spread by exploiting vulnerabilities in software like hackers do except in an autonomous fashion
Hit-list scanning, permutation scanning, internet-scale hit list, etc. propagation mechanisms
24. A Lesson from the Code Red Worm Hourly probe rate data for inbound port 80 at the Chemical Abstracts Service during the initial outbreak of Code Red I on July 19th, 2001 (Staniford et al, 2002)
Scanning for suitable hosts vulnerable to buffer overflow in Microsoft's IIS Web server (CVE-2001-0500 ) using localized scanning
25. Managerial Implications Mal-ware’s impact on information security was ranked #3 in study conducted in 2004; user awareness & training was #2 (www.ic2.org)
This report identified 4 major constructs to increasing security effectiveness:
User Training
Security Culture
Policy Relevance
Policy Enforcement
26. References Forte, Dario, Spyware: more than a costly annoyance, Network Security Volume: 2005, Issue: 12, December, 2005, pp. 8-10
Shaw, Geoff, Spyware & Adware: the Risks facing Businesses, Network Security Volume: 2003, Issue: 9, September, 2003, pp. 12-14
Put spyware on the security, The Computer Bulletin Volume: 47, Issue: 1, January 1, 2005, pp. 18-19
Simon Avery, Viruses declines as hackers targets PC users for money, theglobeandmail.com., Originally posted March 7, 2006 http://www.theglobeandmail.com/servlet/story/LAC.20060307.RSECURITY07/TPStory/Business - accessed March 7, 2006
Kim Zetter, Viruses: The Next Generation, PC World, December 2000, re-run March 2006. http://www.pcworld.com/reviews/article/0,aid,32802,pg,7,00.asp (accessed March 6, 2006)
CBSnews.com, ttp://www.cbsnews.com/htdocs/cyber_crime/timeline.html (accessed March 6, 2006)
http://en.wikipedia.org/wiki/Malware (accessed March 06, 2006)
http://en.wikipedia.org/wiki/Spyware (accessed March 06, 2006)
27. References Cont. Brian Krebs (compiled)., A Short History of Computer Viruses and Attacks, washingtonpost.com, February 14, 2003. http://www.washingtonpost.com/wp-dyn/articles/A50636-2002Jun26_3.html (accessed March 7, 2006)
Jerry Honeycutt., How to Protect Your Computer from Spyware and Adware
Microsoft.com., Published: April 20, 2004 http://www.microsoft.com/windowsxp/using/security/expert/honeycutt_spyware.mspx (accessed march 08, 2006)
Kenneth J. Knapp, PhD, et el. Managerial Dimensions in Information Security:A Theoretical Model of Organizational Effectiveness, (ISC)2 Inc.Palm Harbor, Florida, USA & Management Information Systems Department College of Business., Auburn University, Alabama, USA - October 15, 2005
https://www.isc2.org/download/auburn_report2005.pdf - (accessed March 08, 2006)
Turban, Efraim, et al, Electronic Commerce - A Managerial Perspective 2006, Pearson Education Inc, 2006. Upper Saddle River, New Jersey 07458