Unit 32 – Networked Systems Security

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Thank you to IT Training at Indiana University Computer Malware.
4 Information Security.
Ethics, Privacy and Information Security
Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.
Mr C Johnston ICT Teacher
Chapter 9: Privacy, Crime, and Security
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
MOBILE MALWARE TOPIC #5 – INFORMATION ASSURANCE AND SECURITY Michael Fine 1.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
1 Title ECI: Anatomy of a Cyber Investigation Who Are the Actors.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
ISNE101 Dr. Ken Cosh Week 14. This Week  Challenges (still) facing Modern IS  Reliability  Security.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Copyright 2009 Trend Micro Inc. Classification 9/9/ Corporate End User Study Employee Online Behavior.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Business Computing 550 Lesson 6. 2 Security Threats on Web Sites Issues and vulnerabilities 1.Illegal Access and Use (Hacking the system or users exposing.
1.Too many users 2.Technical factors 3.Organizational factors 4.Environmental factors 5.Poor management decisions Which of the following is not a source.
1 Network Security 2 nd Lec. BSIT 4C - Finals. The art of war teaches us to rely not on the likelihood of the enemy's not coming, but on our own readiness.
7 Information Security.
Security in Computer System 491 CS-G(172) By Manesh T
INGOTs Computer Security Name: Elliot Haran. Introduction  Staying safe on the internet  Learning to deal with Cyber Bullying, Stalking and grooming.
Topic 5: Basic Security.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
Network Security SUBMITTED BY:- HARENDRA KUMAR IT-3 RD YR. 1.
Primary/secondary data sources Health and safety Security of Data Data Protection Act.
By: Taysha Johnson. What is an insider threat? 1.A current or former employee, contractor, or other business partner who has or had authorized access.
Securing Information Systems
Security Issues in Information Technology
Network security Vlasov Illia
Intro to Malware Attacks
Learn how to protect yourself against common attacks
IT Security  .
Instructor Materials Chapter 7 Network Security
Level 2 Diploma Unit 11 IT Security
Threats By Dr. Shadi Masadeh.
Various Types of Malware
Network security threats
Business Risks of Insecure Networks
Answer the questions to reveal the blocks and guess the picture.
Understand Core Security Principles
Securing Information Systems
Unit 32 – Networked Systems Security
Teaching Computing to GCSE
Lesson 2- Protecting Yourself Online
Unit 11 Task #1 Read the unit specification and create a glossary which defines each of the words / terms you don’t know.
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
Risk of the Internet At Home
– Communication Technology in a Changing World
Malware, Phishing and Network Policies
ISNE101 Dr. Ken Cosh Week 13.
The Internet of Unsecure Things
Prepared By : Binay Tiwari
INFORMATION SYSTEMS SECURITY and CONTROL
HOW DO I KEEP MY COMPUTER SAFE?
Faculty of Science IT Department By Raz Dara MA.
Networking for Home and Small Businesses – Chapter 8
CYBERSAFETY & Personal information
LO1 - Know about aspects of cyber security
Chapter # 3 COMPUTER AND INTERNET CRIME
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Lesson 2- Protecting Yourself Online
Mohammad Alauthman Computer Security Mohammad Alauthman
ONLINE SECURITY, ETHICS AND ETIQUETTES EMPOWERMENT TECHNOLOGY.
Presentation transcript:

Unit 32 – Networked Systems Security https://www.tes.com/lessons/k-4i3DlopqkOYA/review-week-unit-32-networked-systems-security

Lesson 2 - Security & Sources of Attacks

What is Security? Dictionary.com says: 1. Freedom from risk or danger; safety. 2. Freedom from doubt, anxiety, or fear; confidence. 3. Something that gives or assures safety, as: 1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant. …etc. What is Security?

Protect vital information while still allowing access to those who need it Trade secrets, medical records, etc. Provide authentication and access control for resources Guarantee availability of resources Why do we need Security?

Who is Vulnerable? Financial institutions and banks Internet service providers Pharmaceutical companies Government and defense agencies Contractors to various government agencies Multinational corporations ANYONE ON THE NETWORK Who is Vulnerable?

Top 7 Network Attacks 2015 (so far) What is the percentage of Denial of Service attacks? http://www.calyptix.com/top-threats/top-7-network-attack- types-in-2015-so-far/ Top 7 Network Attacks 2015 (so far)

Sources of Attacks Internal Disaffected Staff Social Engineering Downloads External Internet Connections Unsecured Wireless Points Viruses introduce by email Sources of Attacks

Internal Attack Malicious damage can occur through internal means in that it comes from within an organisation, perhaps the result of a disgruntled employee Breaking or sabotaging equipment Deleting, altering or making public business- sensitive or embarrassing data Internal Attack

Jeffrey Delisle: Canadian spy passed on UK secrets http://www.bbc.co.uk/news/uk-20112616 Former MI6 man sentenced for secret files leak http://www.bbc.co.uk/news/uk-england-london-1117643 Edward Snowden – whistleblower http://www.bbc.co.uk/news/world-us-canada-22837100

The threat has spread from outside of an organisation, perhaps for self-gain or self-satisfaction, or maybe for a competitor company. Examples are: – hacking – theft – criminal damage – industrial espionage. However, the distinction between internal and external malicious damage is not black and white: the four external damage examples listed could also result from within an organisation and so could be classed as internal External Attack

External Attack - Internet External attacks involving internet connections will normally be mitigated by the company Internet security policy and rules. The objective is to establish rules and measures to use against attacks over the Internet. External Attack - Internet

External Attack - Through unsecured wireless access points Wi-Fi has provided significant benefits for businesses and their customers but it also has generated significant headaches. “Rogue” access points operating without company blessing and potentially installed for industrial espionage are a real threat to a secure corporate computing environment. External Attack - Through unsecured wireless access points

External Attack - Through unsecured wireless access points Man arrested over wi-fi 'theft‘ http://news.bbc.co.uk/1/hi/england/london/6958429.stm Two cautioned over wi-fi 'theft‘ http://news.bbc.co.uk/1/hi/england/hereford/worcs/6565079.stm External Attack - Through unsecured wireless access points

External Attack - Through unsecured wireless access points Google admits wi-fi data blunder http://news.bbc.co.uk/1/hi/uk/8684639.stm Security warning over wireless networks http://news.bbc.co.uk/1/hi/technology/8309779.stm External Attack - Through unsecured wireless access points

External Attack - Virus introduced via email Virus authors adapted to the changing computing environment by creating the e-mail virus. For example, the Melissa virus in March 1999 was spectacular in its attack. Melissa spread in Microsoft Word documents sent via e-mail. How Computer Viruses Work http://computer.howstuffworks.com/virus4.htm External Attack - Virus introduced via email

Categorise the threats into the sources they come from. Internal Disaffected Staff Social Engineering Downloads External Internet Connections Unsecured Wireless Points Via email Other Both Threats - Denial of service, Back door, Spoofing, Mathematical, Brute force, Adware. Theft of data Ransomware Data modification Identity theft Software exploitation, Viruses, Rootkits, Worms, Trojans, spyware, Eavesdropping Man in the middle Create a table in which you can categorise the different threats. They may appear in more than one source. Task Order the threats in each category from highest to lowest damage they may cause

Choose 5 types of threats that attack a network, summarise each attack. Why is it a dangerous type of attack? When is a company usually susceptible to this type of attack? Who normally perpetrates this type of attack? Include a diagram of this attack (if possible) Recommend ways the attack can be mitigated Task

http://www.its.ms.gov/Services/Pages/Security-Quizzes-Tests.aspx

Read this http://www. securityweek Read this http://www.securityweek.com/virus-threats is there anything interesting? Discuss

Learning Objectives Illustrate the need for security. Categorise network attacks into different sources Summarise different security attacks on networks Learning Objectives