Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer...
-
Upload
rosamund-powell -
Category
Documents
-
view
218 -
download
0
Transcript of Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer...
Citadel Security Software Presents
Are you Vulnerable?
Bill DiamondSenior Security Engineer
© 2005 Copyright Citadel Security Software Inc.
3
Odds aren’t in your favor
• Have High Speed Internet at home?– If you directly connected your computer, you
were probably infected in the first 15 seconds
• Why?– Most computers and devices aren’t configured
for proper security– Devices like cell phones, PDAs, computers are
designed for ease of use and to make internet access simple
• The simple truth is good security takes effort
© 2005 Copyright Citadel Security Software Inc.
4
Five Classes of Vulnerabilities
• Software Defects• Misconfigured Services• Unsecured Accounts and Passwords• Malware• Unnecessary services
© 2005 Copyright Citadel Security Software Inc.
5
What Vulnerabilities Allow
• An attacker to execute commands as another user• Allows an attacker to access data that is contrary to the specified
access restrictions for that data• Allows an attacker to pose as another entity• Allows an attacker to conduct a denial of service• Allows an attacker to conduct information gather activities• Allows an attacker to hide activities• Includes a capability that behaves as expected by can be easily
compromised• Is a primary point of entry that an attack may attempt to use to gain
access to the system or data• Is considered a problem according to some reasonable security
policy
© 2005 Copyright Citadel Security Software Inc.
6
Illustrating the Risk
• Some spyware is suspected of sending captured data to North Korean intelligence agency servers
• North Korean government is suspected of selling data to criminals and organizing Denial of Service Attacks
• South Korea’s Defense Ministry claims North Korea has an aggressive hacker training program that includes five years of university training
Source: http://www.nwfusion.com/reviews/2004/121304rev.html
© 2005 Copyright Citadel Security Software Inc.
7
Vulnerability Statistics
• Approximately 10 vulnerabilities per day are discovered and made public
• 18.78% are Extremely Critical or Highly Critical
• 36.6% are Moderately Critical• 37.49% are Less Critical• 7.13% are Not Critical
The difference is whether a vulnerability has an identified exploit or a suspected
exploit
© 2005 Copyright Citadel Security Software Inc.
8
Vulnerability Statistics
• 70.7% of all attacks are initiated remotely
• 11.4% of all attacks are initiated from the local network
• 17.89% are initiated from the local machine
• 27% of all attacks are to gain system access
• 21% are Denial of Service attacks• 12% are privilege escalation
attacks• 17% seek to expose sensitive or
system level information• Source: http://www.secunia.org/advisory_statistics
© 2005 Copyright Citadel Security Software Inc.
9
What’s Affected?
• Operating Systems• Desktop and Server
Applications• Network Devices• Wireless Phones• Even Antivirus Software
and Firewalls
Everything.
Source: http://isc.sans.org/index.php?off=dbstats
© 2005 Copyright Citadel Security Software Inc.
10
What Should You Do?
• Identify your assets– Servers, Desktops, Wireless Devices, Network Printers,
Hubs, Routers, Telephone Switches• Assess your risk.
– Follow security oriented web sites to keep up to date– Use vulnerability assessment tools to regularly evaluate
your degree of risk– Diagnose your systems for spyware and other malware
• Review and Evaluate– Your vulnerabilities against the risk identified
• Remediate– Apply patches but also review the advice in your
vulnerability assessment tool for specific advice– Review your security policies and how they are enforced
• Monitor and Maintain– Reassess with vulnerability assessment– Track system changes– Monitor compliance with security policies
© 2005 Copyright Citadel Security Software Inc.
11
How Can You Start?
• Use hardware firewalls– Software firewalls have been exploited
• Learn to use a vulnerability assessment scanner• Use antivirus software for all inbound and outbound email
– Newer versions also protect Instant Message applications– New generation products provide some protection against
phishing– You will not win a lottery you never heard of– You don’t have any mysterious relatives in Nigeria or South
Africa who want to wire money to your bank account.
• Patch Judiciously– Don’t just apply every patch. Make sure it applies to you.
• Develop and Implement Consistent, Measurable Policies• Stay Informed
© 2005 Copyright Citadel Security Software Inc.
12
Top Frauds and Scams
Type of Fraud % Of Total
Average Dollar Loss Per Incident
Auctions 51% $765
General Merchandise 20% $846
Nigerian Money Offers 8% $2,649
Phishing 5% $182
Information/”Adult” Services 3% $241
Fake Checks 3% $5,201
Lotteries/Lottery Clubs 3% $2,225
Computer Equipment/Software
1% $1,401
Fake Escrow Services 1% $2,585
Internet Access Services 1% $1,187
Source: Internet Fraud Watch
http://www.fraud.org
© 2005 Copyright Citadel Security Software Inc.
13
Summary
• Computer related crime has increased 36 fold since 1997• There were more than 56 Million computer attacks in 1994
– the majority were probes for existing, known vulnerabilities• As of March 2003, verifiable attacks cost more than $16
Billion in economic damage• 20% of all organizations are expected to experience a
serious security incident• 750,000 Americans had their identities hijacked in 2004• Average loss to fraud per victim increased to $895,
up from $527 in 2003• Email fraud has increased to 22%, up from 5% in 2003• Effective security policies and vulnerability management
are possible, regardless of operating system or application.
© 2005 Copyright Citadel Security Software Inc.
14
Questions?
For more information visit our web site at
http://www.citadel.com
Or contact me –
Bill Diamond