1 What will be the Coming Super Worms and Viruses By Alan S H Lam.

Slides:

Advertisements

Similar presentations

© Ravi Sandhu Introduction to Information Security Ravi Sandhu.

Advertisements

(Distributed) Denial of Service Nick Feamster CS 4251 Spring 2008.

Let’s Talk About Cyber Security

Code-Red : a case study on the spread and victims of an Internet worm David Moore, Colleen Shannon, Jeffery Brown Jonghyun Kim.

Copyright © 2014 American Water Works Association Water Sector Approach to Process Control System Security.

By Hiranmayi Pai Neeraj Jain

(n)Code Solutions Presentation on the importance of a Secure Technology Infrastructure.

1 Telstra in Confidence Managing Security for our Mobile Technology.

Lesson 14-Desktop Protection. Overview Protect against malicious code. Use the Internet. Protect against physical tampering.

1 Pertemuan 6 Points of Exposure Matakuliah:A0334/Pengendalian Lingkungan Online Tahun: 2005 Versi: 1/1.

University of WashingtonComputing & Communications Recent Computer Security Incidents Terry Gray Director, Networks & Distributed Computing 03 October.

Welcome to EECS 354 Network Penetration and Security.

Protecting Yourself Online. VIRUSES, TROJANS, & WORMS Computer viruses are the "common cold" of modern technology. One in every 200 containing.

Threats and Attacks Principles of Information Security, 2nd Edition

100% Security “ The only system which is truly secure is one which is switched off and unplugged, locked in a titanium lined safe, buried in a concrete.

Internet Quarantine: Requirements for Containing Self-Propagating Code David Moore et. al. University of California, San Diego.

CYBER CRIME AND SECURITY TRENDS

The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.

R. FRANK NIMS MIDDLE SCHOOL A BRIEF INTRODUCTION TO VIRUSES.

Henric Johnson1 Chapter 10 Malicious Software Henric Johnson Blekinge Institute of Technology, Sweden

1 Worm Modeling and Defense Cliff C. Zou, Don Towsley, Weibo Gong Univ. Massachusetts, Amherst.

1 Chap 10 Malicious Software. 2 Viruses and ”Malicious Programs ” Computer “Viruses” and related programs have the ability to replicate themselves on.

1 Internet Security Threat Report X Internet Security Threat Report VI Figure 1.Distribution Of Attacks Targeting Web Browsers.

Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.

Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.

Talking points Attacks are more frequent, more aggressive, require more time to repair and prevent Machines get compromised in 2003 for the same reasons.

Internet Drivers License CSS411/BIS421 Computing Technology & Public Policy Mark Kochanski Spring 2010.

PATCH MANAGEMENT: Issues and Practical Solutions Presented by: ISSA Vancouver Chapter March 4, 2004.

 a crime committed on a computer network, esp. the Internet.

Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,

How CERN reacted to the Blaster and Sobig virus attack Christian Boissat, Alberto Pace, Andreas Wagner.

Lecture 14 Overview. Program Flaws Taxonomy of flaws: – how (genesis) – when (time) – where (location) the flaw was introduced into the system 2 CS 450/650.

Maintaining a Secure Messaging Environment Across , IM, Web and Other Protocols Jim Jessup Regional Manager, Information Risk Management Specialist.

CSCE 522 Lecture 12 Program Security Malicious Code.

JEnterprise Suite For Network Monitoring and Security Dr. Sureswaran Ramadass, Dr. Rahmat Budiarto, Mr. Ahmad Manasrah, Mr. M. F. Pasha.

1 Figure 4-16: Malicious Software (Malware) Malware: Malicious software Essentially an automated attack robot capable of doing much damage Usually target-of-opportunity.

Recent Internet Viruses & Worms By Doppalapudi Raghu.

Welcome to Introduction to Computer Security. Why Computer Security The past decade has seen an explosion in the concern for the security of information.

Computer Viruses and Worms By: Monika Gupta Monika Gupta.

Cloud Computing Project By:Jessica, Fadiah, and Bill.

Topic 5: Basic Security.

Viruses a piece of self-replicating code attached to some other code – cf biological virus both propagates itself & carries a payload – carries code to.

CONTENTS What is Virus ? Types of computer viruses.

Malicious Software.

W elcome to our Presentation. Presentation Topic Virus.

Types of Computer Malware. The first macro virus was written for Microsoft Word and was discovered in August Today, there are thousands of macro.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Virus and Antivirus A presentation by Sumon chakreborty Roll no-91/CSE/ Reg.no of

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,

Virus Infections By: Lindsay Bowser. Introduction b What is a “virus”? b Brief history of viruses b Different types of infections b How they spread b.

Information Systems CS-507 Lecture 32. Physical Intrusion The intruder could physically enter an organization to steal information system assets or carry.

Detected by, M.Nitin kumar ( ) Sagar kumar sahu ( )

PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.

Servers in the Wild… …and the threats that lurk about. DePaul University Information Security Team TLT Presentation 08 May 2002.

Security on the Internet Norman White ©2001. Security What is it? Confidentiality – Can my information be stolen? Integrity – Can it be changed? Availability.

Internet Quarantine: Requirements for Containing Self-Propagating Code

TMG Client Protection 6NPS – Session 7.

Systems Security Keywords Protecting Systems

Compliance with hardening standards

Viruses and Other Malicious Content

Information Security Session October 24, 2005

Internet Worm propagation

Chap 10 Malicious Software.

Viruses and Virus Protection

Chap 10 Malicious Software.

Chapter # 3 COMPUTER AND INTERNET CRIME

Introduction to Internet Worm

Worms, Viruses and Other Creepy Computer Things:

An overview over Botnets

Presentation transcript:

1 What will be the Coming Super Worms and Viruses By Alan S H Lam

2 Outlines Review Prediction Threat Worst case scenario What can we do

Alan S H Lam3 The Coming Super Worms and Viruses What will be the coming super computer worms and viruses? What can we do?

Alan S H Lam4 Review Worms and Viruses Malicious code Exploit weaknesses Replicate themselves and/or attach themselves to other programs Spread from system to system

Alan S H Lam5 Review (2) Worms Spread with no human intervention once started Viruses Require action from user before spreading

Alan S H Lam6 Review (3) Some have both worm and viruse properties, e.g. Nimda Some may even work with spammers hand in hand, e.g. SoBig

Alan S H Lam7 Review (4) Spread faster and faster Outbreak dateNameHosts infected in the first 24 hours Aug 2001Code Red 265,000 Jan 2003Slammer 55,000 Aug 2003Blaster 336,000 Source: CERT

Alan S H Lam8 Review(5) Source: CERT

Alan S H Lam9 Review (6) Source: CERT

Alan S H Lam10 Review(7) Long lasting capacity Far-reaching Steady-state after initial surge

Alan S H Lam11 Review (8) Source: CERT

Alan S H Lam12 Review (9) Tendency to Zero-Day Exploit Code NameWorm/virus released Vulnerability discovered and patch released Code RedJuly 2001June 2001 SlammerJan 2003July 2002 BlasterAug 2003July 2003 aim.exeNov 2003No information from anti-virus vendor when discovered.  WinTcpIp.exeNov 2003No information from anti-virus vendor when discovered 

Alan S H Lam13 Review (10): Impact DateCode NameWorldwide Economic Impact (USD) 8-9/2003Blaster$500 million 2003Slammer$1.00 billion 2001Nimda$635 million 2001Code Red$2.62 billion 2001SirCam$1.15 billion 2000Love Bug$8.75 billion 1999Melissa$1.10 billion 1999ExploreZip$1.02 billion 20019/11 attack to WTC$15.8 billion (to restore IT and communication capabilities Source: Computer Economics

Alan S H Lam14 Review (11): Sobig.F Source: CERT

Alan S H Lam15 Prediction Characteristic of the super worms and viruses High efficiency spreading High penetration Far reaching Across different platforms Infect via numerous vectors and vulnerabilities Highly stealth and anti-forensics Stay silently for long time Cover up activities Difficult to decrypt or reverse engineering

Alan S H Lam16 Prediction (2) Highly distributed and coordinated Exchange information with master and peers periodically Coordinate attack, propagation or mutation Ability to launch attacks and cause serious impact to Internet Infrastructure Deny of Service (DoS) attack to top level DNS servers and major IX core routers Sending spam or forged mails Release confidential information to the public Spoof web page to release Trojan horse program

Alan S H Lam17 Prediction (3) Highly intelligent, automatic, and self-decisive Self-adjust or mutate according to current condition Decide how to carry out its mission when loses contact with its master or peers Elect new district leader

Alan S H Lam18 Threat Over 171 million computers connected Grow at rapid pace Users with different knowledge and background Computer system become more and more sophisticated and complicated Bandwidth and machine capability keep rising Vendor turn off security features in default setting Put product to market without fully tested End-users disable/bypass security functions deliberately

Alan S H Lam19 Worst case scenario Zero-day exploit Attack preparation Complete blackout Recurrence Chaos

Alan S H Lam20 What can we do What How We need co-operation from all sectors

Alan S H Lam21 What can we do (2) High management level Security is no longer “ add-on feature ” or “ option ” Resource for security should be in high priority System Administrators Follow the best practice: risk assessment; security policy and security audit Keep up with current security knowledge and skill Educate users to raise their security awareness

Alan S H Lam22 What can we do (3) Vendors Products should be fully tested Do not assume user has certain security knowledge or awareness Do not lower the security level in default setting Government Encourage high quality security product Allocate resource to support security researches in Universities Cooperate with non-profit organization to offer security training to the public

Alan S H Lam23 What can we do (4) Institutes house Internet Infrastructure Have contingency and backup plan in case under serve attack Keep monitoring of any unusual activities End users Protect their systems well no matter how trivial and unimportant they are Use consumer power to choose product with high quality security feature Raise security awareness from time to time

Alan S H Lam24 Will they come? When will the super worms and viruses come? I don ’ t know but we better prepare for that. Thank You