CH # 6 Securing Information Systems “66 percent of all Webroot-scanned personal computers are...
-
Upload
blake-stanley -
Category
Documents
-
view
213 -
download
0
Transcript of CH # 6 Securing Information Systems “66 percent of all Webroot-scanned personal computers are...
CH # 6Securing Information Systems
“66 percent of all Webroot-scanned personal computers are infected with at
least 25 spyware programs.”Webroot (2005)
Topics to be discussed
1. The meaning of “Information System Security” term.2. Primary Threats to Information Systems Security.3. How IS(s) are often compromised?4. Technological and human- based safeguards.5. Q:How to Better manage IS Security?6. The State of System Security Management Today.
(self study p. 256)
Intro. to ISs © 2008,I. Sarah Al-Bakry 2
“Information System Security “ term
• All systems connected to a network are at risk– Internal threats– External threats
• Information systems security definition:– Precautions to keep all aspects of IS safe from
unauthorized access and use(all HW, SW, Network, equipment and Data)
• Increased need for good computer security with increased use of the Internet
Intro. to ISs © 2008,I. Sarah Al-Bakry 3
Primary Threats to Information Systems Security
1. Accidents and natural disasters
Power outages, cats walking across keyboards
2. Employees and consultants
3. Links to outside business contacts
Travel between business partners
4. Outsiders (Hackers, Crackers, Viruses)
1
2
3
4
Intro. to ISs © 2008,I. Sarah Al-Bakry 4
HW
Check the difference between:Hackers, Crackers, Viruses
From the glossary
IS(s) are often compromised by one or more of the following:
Intro. to ISs © 2008,I. Sarah Al-Bakry 6
Unauthorized Access
• Unauthorized people– Look through electronic
data– Peek (steal a look) at
monitors– Intercept (cut off)
electronic communication
• Unauthorized access may be achieved:
- Theft of computers or storage media.
- Get an administrator status.
Intro. to ISs © 2008,I. Sarah Al-Bakry 7
Gaining Access to a Password
• Brute force– Try combinations until
a match is found• Protection:
– Wait time requirements after unsuccessful login attempt.
– CAPTCHACompletely Automated Public
Tuning Test to tell computers and Humans Apart
Intro. to ISs © 2008,I. Sarah Al-Bakry 8
Information Modification• User accesses
electronic information
• User changes information– Employee gives
himself a raise.– Crackers hack
government computers and change info.
Intro. to ISs © 2008,I. Sarah Al-Bakry 9
Denial of Service Attack• Attackers prevent
legitimate users from accessing services
• Zombie computers– Created by viruses or
worms– Attack Web sites.– Look for the definition of
“Zombie computer” in the glossary.
Intro. to ISs © 2008,I. Sarah Al-Bakry 10
Computer Viruses
• Corrupt and destroy data• Destructive code can
– Erase a hard drive– Seize(get hold of) control of
a computer• Worms
– Variation of a virus– Replicate endlessly across
the Internet– Servers crash
• My Doom attack on Microsoft’s Web site
Intro. to ISs © 2008,I. Sarah Al-Bakry 11
HW
Check the difference between:Viruses , Worms, Trojan Hours
From the glossary
Spyware
• Within freeware or shareware• Within a Web site• Gathers information about a user
– Credit card information– Behavior tracking for marketing purposes
• Eats up computer’s memory and network bandwidth• Adware – special kind of spyware
– Collects information for banner ad customization
Intro. to ISs © 2008,I. Sarah Al-Bakry 13
Spam
• Electronic junk mail• Advertisements of
products and services• Eats up storage space• Compromises network
bandwidth• Spim
– Spam over IM
Intro. to ISs © 2008,I. Sarah Al-Bakry 14
Protection Against Spam
• Barracuda Spam Firewall 600– Filters spam and other email threats– Decreases amount of spam processed by the central e-
mail server– Handles 3,000 – 10,000 active email users– Spam messages blocked or quarantines
Intro. to ISs © 2008,I. Sarah Al-Bakry 15
Phishing
• Attempts to trick users into giving away credit card numbers
• Phony messages• Duplicates of legitimate
Web sites• E.g., eBay, PayPal have
been used
Intro. to ISs © 2008,I. Sarah Al-Bakry 16
Cookies
• Messages passed to a Web browser from a Web server
• Used for Web site customization• Cookies may contain sensitive information• Cookie management and cookie killer
software• Internet Explorer Web browser settings
Intro. to ISs © 2008,I. Sarah Al-Bakry 17
Other Threats to IS Security
1. Employees writing passwords on paper
2. No installation of antivirus software
3. Use of default network passwords
4. Letting outsiders view monitors
Intro. to ISs © 2008,I. Sarah Al-Bakry 18
Other Threats to IS Security (II)
5. Organizations fail to limit access to some files
6. Organizations fail to install firewalls
7. Not doing proper background checks
8. Lack of employee monitoring
9. Fired employees who are resentful
Intro. to ISs © 2008,I. Sarah Al-Bakry 19
Technological safeguards
1. Physical access restrictions– Authentication
• Use of passwords• Photo ID cards, smart cards• Keys to unlock a computer• Combination
Authentication limited too Something you haveo Something you knowo Something you are
Intro. to ISs © 2008,I. Sarah Al-Bakry 20
Biometricsالبيولوجية ((اإلحصائيات
• Form of authentication– Fingerprints– Retinal patterns
الشبكية ) ( أنماط– رقم 35 شريحة التفاصيل من لمزيد
– Body weight– Etc.
• Fast authentication• High security
Intro. to ISs © 2008,I. Sarah Al-Bakry 21
Access-Control Software
• Access only to files required for work• Read-only access• Certain time periods for allowed access• Business systems applications
– Built-in access control capabilities
Intro. to ISs © 2008,I. Sarah Al-Bakry 22
Wireless LAN Control
• Wireless LAN cheap and easy to install
• Use on the rise• Signal transmitted
through the air– at risk to being
intercepted– Drive-by hacking
Intro. to ISs © 2008,I. Sarah Al-Bakry 23
Technological safeguards
2. Firewalls: System designed to detect intrusion and prevent unauthorized access.
• Implementation– Hardware, software, mixed
Intro. to ISs © 2008,I. Sarah Al-Bakry 24
Technological safeguards3. Encryption• Message encoded before sending• Message decoded when received
– Public key technology• Each individual has a pair of keys
– Public key – freely distributed– Private key – kept secret
Intro. to ISs © 2008,I. Sarah Al-Bakry 25
Encryption for Websites
• Certificate Authority – Third party – trusted middleman
• Verifies trustworthiness of a Web site• Checks for identity of a computer• Provides public keys
• Secure Sockets Layer (SSL)– Developed by Netscape
Intro. to ISs © 2008,I. Sarah Al-Bakry 26
Technological safeguards
4. Recommended Virus Precautions
• Purchase and install antivirus software– Update frequently
• Do not download data from unknown sources– Flash drives, disks, Web sites
• Delete (without opening) e-mail from unknown source
• Warn people if you get a virus– Your department– People on e-mail list
Intro. to ISs © 2008,I. Sarah Al-Bakry 27
Technological safeguards
5. Audit Control Software• Keeps track of computer activity• Spots suspicious action• Audit trail
– Record of users– Record of activities
• IT department needs to monitor this activity
Intro. to ISs © 2008,I. Sarah Al-Bakry 28
Other Technological Safeguards
• Backups – Secondary storage devices– Regular intervals
• Closed-circuit television (CCTV)– Monitoring for physical intruders– Video cameras display and record all activity– Digital video recording
• Uninterruptible power supply (UPS)– Protection against power off.
Intro. to ISs © 2008,I. Sarah Al-Bakry 29
Human Safeguards
• Use of federal and state laws as well as ethics
Intro. to ISs © 2008,I. Sarah Al-Bakry 30
Q:How to Better manage IS Security?
Answer: By developing an Information Systems Security Plan
Ongoing five-step process1. Risk analysis.2.Policies and procedures.3. Implementation.4. Training – organization’s personnel.5. Auditing.
Intro. to ISs © 2008,I. Sarah Al-Bakry 31
The State of System Security Management Today
Self Study p. 256
(The Points only)
Intro. to ISs © 2008,I. Sarah Al-Bakry 32
THE END of the chapter
Intro. to ISs © 2008,I. Sarah Al-Bakry 33
التالية الشرائحلإلطالع
Intro. to ISs © 2008,I. Sarah Al-Bakry 34
Retinal Patternالخاليا • أنسجة من يتكون رقيق غشاء هي البشرية العين شبكية
. البنية بسبب العين من الحق جزء في تقع التي العصبيةكل ، بالدم الشبكية تزود التي الدموية للشعريات المعقدة
. نوعها من فريدة شبكية لديه شخص
بحيث • لدرجة معقدة العين شبكية في الدموية األوعية شبكة . متماثل نمط لها ليس ، المتماثلة التوائم حتى
بعض • بسبب G أحيانا العين شبكية أنماط تغير من الرغم علىتتغير ال بالعادة الشبكية أن اال السكري حاالت في مثل األمراض
. الموت حتى الوالدة منذ
وسائل • كإحدى تستخدم فإنها ، والثابتة الفريدة ولطبيعتها. البيولوجية الموثوقية
• Source: http://en.wikipedia.org/wiki/Retinal_scanIntro. to ISs © 2008,I. Sarah Al-Bakry 35
Cookies• G صغيرا G ملفا زياراتها يتم عندما الويب، مواقع معظم تضع
) ) ، المتصفح الزائر بجهاز الخاص الصلب القرص على " عبارة " هي الكوكيز وملفات ، كوكي يسمى الملف هذا
شفرات أو برامج ليست أنها اذ نصية، ملفات عنالمعلومات بعض جمع إلى الكوكي هذا ويهدف برمجية
يتطلب الموقع كان إذا خاصة ،G أحيانا مفيد وهو عنك، . الحالة هذه ففي بزيارته تخولك مرور كلمة إدخال منكسيتمكن إذ الكلمة، تلك إلدخال زيارة كل في تضطر لن " الذي " ، الكوكي طريق عن بنفسه اكتشافها من الموقعاول من وذلك الجهاز في الصلب القرص على وضعه تم ) الكوكيز ( النصية الملفات هذه تحتوي أخر بمعنى زيارةيسترجعها أن أودعها الذي للموقع تتيح معلومات على
. للموقع المقبلة زيارتكم عند أي الحاجة، عند
Intro. to ISs © 2008,I. Sarah Al-Bakry 36
Cookies
في • الكوكيز استغالل يتم ان الممكن من ولكنمعلومات وجمع المستخدمين خصوصية انتهاك
. ترغبون ال كنتم إذا للمواقع تصفحهم خالل عنهم " الصلب " القرص على كوكيز اآلخرون يسجل أن
المعلومات بعض جمع بهدف جهازكم، فينستخدمه الذي المتصفح تجهيز فبإالمكان عنكم،
أي يحفظ أن قبل الموافقة يطلب بحيث . " الصلب" القرص على ، كوكي
Intro. to ISs © 2008,I. Sarah Al-Bakry 37
Mydoom (computer worm)From Wikipedia, the free encyclopedia
• Mydoom, also known as W32.MyDoom@mm, watson postmortem debugger, Novarg, Mimail.R and Shimgapi, is a computer virus affecting Microsoft Windows. It was first sighted on January 26, 2004. It became the fastest-spreading e-mail worm ever (as of January 2004[update]), exceeding previous records set by the Sobig worm.[1]
• Mydoom appears to have been commissioned by e-mail spammers so as to send junk e-mail through infected computers.[2] The worm contains the text message “andy; I'm just doing my job, nothing personal, sorry,” leading many to believe that the worm's creator was paid to do so. Early on, several security firms published their belief that the worm originated from a professional underground programmer in Russia.[3] The actual author of the worm is unknown.
Intro. to ISs © 2008,I. Sarah Al-Bakry 38
Sobig (computer worm)From Wikipedia, the free encyclopedia
• The Sobig Worm was a computer worm that infected millions of Internet-connected, Microsoft Windows computers in August 2003.
• Although there were indications that tests of the worm were carried out as early as August 2002, Sobig.A was first found in the wild in January 2003. Sobig.B was released on May 2003. It was first called Palyh, but was later renamed to Sobig.B after anti-virus experts discovered it was a new generation of Sobig. Sobig.C was released May 31 and fixed the timing bug in Sobig.B. Sobig.D came a couple of weeks later followed by Sobig.E in June 25. On August 19, Sobig.F became known and set a record in sheer volume of e-mails.
• The worm was most widespread in its "Sobig.F" variant.• Sobig is a computer worm in the sense that it replicates by itself, but also a
Trojan horse in that it masquerades as something other than malware. The Sobig worm will appear as an electronic mail with one of the following subjects:
Intro. to ISs © 2008,I. Sarah Al-Bakry 39
Sobig (computer worm)• Re: Approved • Re: Details • Re: Re: My details • Re: Thank you! • Re: That movie • Re: Wicked screensaver • Re: Your application • Thank you! • Your details
Intro. to ISs © 2008,I. Sarah Al-Bakry 40
Sobig (computer worm)• It will contain the text: "See the attached file for details" or
"Please see the attached file for details." It also contains an attachment by one of the following names:
• application.pif • details.pif • document_9446.pif • document_all.pif • movie0045.pif • thank_you.pif • your_details.pif • your_document.pif • wicked_scr.scr
Intro. to ISs © 2008,I. Sarah Al-Bakry 41