1 / 41

Identities, Digital Threats and Games

Identities, Digital Threats and Games. Yanki Margalit Aladdin Knowledge Systems Jan 2005. Prepare for Fusion. Identities and digital identities Assets and digital assets Threats and digital treats Security vs. privacy Hacking as a way of life Define identity, reality and games.

taniel
Download Presentation

Identities, Digital Threats and Games

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Identities, Digital Threats and Games Yanki Margalit Aladdin Knowledge Systems Jan 2005

  2. Prepare for Fusion • Identities and digital identities • Assets and digital assets • Threats and digital treats • Security vs. privacy • Hacking as a way of life • Define identity, reality and games

  3. CIA – the foundation ofdigital security • Confidentiality • We want to keep secrets • Integrity • We want to keep data and information’s integrity • Availability • We want data and information to be available all time

  4. It all starts with an Identity

  5. Identity & Identification • We need to authenticate ourselves for contradicting reasons: • Security & confidentiality • Privacy • Business and other value transactions • Access rights • We need strong authentication • User name • Password • A token / smart card • A One time password • A biometric print • A photo ID

  6. Passwords Are Unsecured and Costly to Manage A typical user can have more than 10 passwords! • Up to 70% of help desk calls are password related • Average of 4 password-related help desk calls per year • The cost per password reset is between $30 – $140 A 1,000 employee organization can spend $150,000 a year or more on password-related help desk calls!!! Analysts and security specialists report:

  7. Business Drivers forSolving Password Problems

  8. Analyst View: Gartner “Passwords remain a fundamental security weakness, regardless of the strength of the password policy.” • Strong Authentication: “Use passwords or PINs in conjunction with another authentication method, such as a hardware token.” • Password Management: “Implement password management systems to alleviate technical and procedural vulnerabilities.” Two recommendations for reducing password issues: Source: Gartner report, “Assess Authentication Methods for Strong System Security”, August 2004

  9. Aladdin eToken Simple & Strong User Authentication eToken provides strong two-factor user authentication Something you have- The eToken device Something you know- The eToken password

  10. Biometrics

  11. Now that you have an identity – Are you ready to enter the game?

  12. The game is about • Fight • Make money • Progress • Win!

  13. In Game In Life • Identity • Assets • Banks • Transactions • Information • Access rights • Privacy • Hacking • Spam • Phishing • Identity theft • Financial fraud • Business Intelligence When people ask Gibson about cyberspace today, he often tells them, "It's where the bank keeps your money."

  14. Game Money=Real Money

  15. “Real” World

  16. UK Government Warns of Massive Trojan Attack By Paul F. Roberts June 16, 2005 A U.K. critical infrastructure monitoring group is warning public and private sector organizations about a wave of electronic attacks that have compromised critical networks in Britain with Trojan horse programs in recent months. Major Recent Trojans

  17. Curiosity? Political Trojan? Censorship? Yusufali Trojan. September, 2005

  18. Gone Phishing

  19. Phishing: more and smarter It started from bank fraud attempts http://68.255.44.238:87/%63%69%74/%69%6E%64%65%78%2E%68%74%6D

  20. Phishing: more and smarter Now getting smarter with email accounts

  21. Phishing: more and smarter

  22. Yes! Yes! Yes!

  23. Why do people click on YES? Because they are conditioned to…

  24. XP SP2 Security? Users just follow the instructions…

  25. Something Odd?

  26. Why hack a private PC? Question: I am an ordinary person, why would anyonewant to break into my private PC? • Because they can… • Maybe you have somethinginteresting • Maybe you, a family member ora colleague could be blackmailed • Maybe they can find someinformation for later use(fraud, harassment) • Personal, bank, credit card • Turn your PC into a Zombie to: send spam, DoS, spyware server, phishing… • Exploit your PC to break into other systems

  27. “Game”?

  28. Want Free Items? I_am_here_4_you

  29. Watch the policies!

  30. What is real?

  31. Thank you

More Related