Jacky Altal. T O C  Hackers Terminology  Cyber attacks in 2012 (so far…)  Nations Conflict  Cyber Motives  Characteristics of CyberCrime  DEMO –

Slides:



Advertisements
Similar presentations
ETHICAL HACKING A LICENCE TO HACK
Advertisements

OSG Computer Security Plans Irwin Gaines and Don Petravick 17-May-2006.
Chapter 1.  Security Problem  Virus and Worms  Intruders  Types of Attack  Avenues of Attack 2 Prepared by Mohammed Saher Hasan.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Crime and Security in the Networked Economy Part 4.
Information System protection and Security. Need for Information System Security §With the invent of computers and telecommunication systems, organizations.
Session 8: Modeling the Vulnerability of Targets to Threats of Terrorism 1 Session 8 Modeling the Vulnerability of Targets to Threats of Terrorism John.
DoD and Cyber-Terrorism Eric Fritch CPSC 620. What is cyber-terrorism? "The premeditated, politically motivated attack against information, computer systems,
Using Your Knowledge – Security Threats
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
Ethical and Social...J.M.Kizza 1 Module 9: Computer Crimes Introduction History of Computer Crimes Computer Systems Attacks Motives Costs and Social Consequences.
Computer Crimes Chapter 9. Definition  Illegal act that involves a computer system or computer-related system  Telephone, microwave, satellite telecommunications.
11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING THE NEED FOR SECURITY  Security design concepts 
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
INDEX  Ethical Hacking Terminology.  What is Ethical hacking?  Who are Ethical hacker?  How many types of hackers?  White Hats (Ethical hackers)
1 Telstra in Confidence Managing Security for our Mobile Technology.
Security+ Guide to Network Security Fundamentals
CST 481/598 Many thanks to Jeni Li.  Potential negative impact to an asset  Probability of a loss  A function of three variables  The probability.
1 An Overview of Computer Security computer security.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Computer Security: Principles and Practice
Threats and Attacks Principles of Information Security, 2nd Edition
Security Overview. 2 Objectives Understand network security Understand security threat trends and their ramifications Understand the goals of network.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
CYBER CRIME AND SECURITY TRENDS
APA of Isfahan University of Technology In the name of God.
Computer Crime and Information Technology Security
IDENTIFYING THREATS IN A GLOBAL MARKETPLACE Ira S. Somerson, BCFE, CPP Loss Management Consultants, Inc. Institute for Global Management Studies And Temple.
Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.
Chapter 3: Types of Cyber Attacks Expand the definition of cyberspace to include: – hardware like computers, printers, scanners, servers and communication.
Cyber crime & Security Prepared by : Rughani Zarana.
Lecture 10 Intrusion Detection modified from slides of Lawrie Brown.
Prepared by: Dinesh Bajracharya Nepal Security and Control.
Environment for Information Security n Distributed computing n Decentralization of IS function n Outsourcing.
Sample Security Model. Security Model Secure: Identity management & Authentication Filtering and Stateful Inspection Encryption and VPN’s Monitor: Intrusion.
The Beneficent the MERCIFUL In the NAME of. “ASSURING RELIABLE AND SECURE IT SERVICES”
What does secure mean? You have been assigned a task of finding a cloud provider who can provide a secure environment for the launch of a new web application.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
Information Systems Security Operations Security Domain #9.
1 Smart Grid Cyber Security Annabelle Lee Senior Cyber Security Strategist Computer Security Division National Institute of Standards and Technology June.
12015/10/20 Muhammad Salman University of Indonesia.
Chapter 1 Overview The NIST Computer Security Handbook defines the term Computer Security as:
IS Network and Telecommunications Risks Chapter Six.
Note1 (Admi1) Overview of administering security.
Chapter 2: Anatomy of the Problem Recent terrorist attacks and the raise in cyber attacks have raised concern about the need to protect the nation’s cyber.
Lecture slides prepared for “Computer Security: Principles and Practice”, 3/e, by William Stallings and Lawrie Brown, Chapter 1 “Overview”. © 2016 Pearson.
Topic 5: Basic Security.
A Global Approach to Protecting the Global Critical Infrastructure Dr. Stephen D. Bryen.
Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.
Chap1: Is there a Security Problem in Computing?.
CSCE 548 Secure Software Development Security Operations.
Information Warfare Playgrounds to Battlegrounds.
Module 12: Responding to Security Incidents. Overview Introduction to Auditing and Incident Response Designing an Audit Policy Designing an Incident Response.
Visual 1. 1 Lesson 1 Overview and and Risk Management Terminology.
Introduction and Overview of Information Security and Policy By: Hashem Alaidaros 4/10/2015 Lecture 1 IS 332.
CONTROLLING INFORMATION SYSTEMS
Computer Security By Duncan Hall.
The Need for Information Security(1) Lecture 2. Slide 2 Business Needs First, Technology Needs Last Information security performs four important functions.
Whats it all about?.  C omputer crime refers to any crime that involves a computer and a network. The computer may have been used in the commission of.
Dr. Mark Gaynor, Dr. Feliciano Yu, Bryan Duepner.
BY: AUSTIN NEIGH. WHAT IS CYBER WARFARE? Hacking that is politically motivated to conduct sabotage or espionage Form of information warfare Typically.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Cyber crimes is the most popular news we come across daily In good olden days there were no development in the usage of computers as we have now As.
Securing Information Systems
Chapter 8 – Administering Security
Secure Software Confidentiality Integrity Data Security Authentication
Chapter 9 E-Commerce Security and Fraud Protection
Chapter 7 – and 8 pp 155 – 202 of Web security by Lincoln D. Stein
Presentation transcript:

Jacky Altal

T O C  Hackers Terminology  Cyber attacks in 2012 (so far…)  Nations Conflict  Cyber Motives  Characteristics of CyberCrime  DEMO – Client Side Attacks

 The Hacker Terminology Layer I  The best of the best  Ability to find Vulnerabilities  Ability to write exploit code and tools to override security measures Layer II  IT Savvy  Ability to write scripts  Understand vulnerability and how they work Layer III  Script Kiddie  Ability to download tools from the internet  Don’t have knowledge or willing to understand technology

Cyber Attacks  Cyber attacks accompany physical attac ks (Stuxnet)  Cyber attacks are increasing in volume, sophistication, and coordination  Cyber attacks are attracted to high-value targets (Sony, stratfort, Special Forces, CIA, FBI etc.)

Cyber Attacks

Physical Conflicts and Cyber Att acks  The Pakistan/India Conflict  The Israel/(Palestinian, Turkish) Conflict  The Former Republic of Yugoslavia (FRY)/NATO Conflict in Kosovo  The U.S. – China Surveillance Plane Incident  The Turkish/France Conflict

Cyber Threats Against users, system administrators, hardware and software manufacturers. Against documentation which includes confidential user information for hardware and software, administrative procedures, and policy documents, supplies that include paper and even printer cartridges  A cyber threats is an intended or unintended illegal activity, an unavoidable or inadvertent event that has the potential or could lead to unpredictable, unintended, and adverse consequences on a cyberspace resource. 

 Most cyber attacks can be put in one of the following categories: Natural or Inadvertent attack – including things like accidents originating from natural disaster like fire, floods, windstorms, and they usually occur very quickly without warning, and are beyond human capacity, often causing serious damage Human blunders, errors, and omissions – including things like unintentional human actions Intentional Threats like illegal or criminal acts from either insiders or outsiders, recreational hackers, and criminal

 Types of e-attacks: Penetration Attack Type -involves breaking into a system using known security vulnerabilities to gain access to any cyberspace resource – ○ There is steady growth of these attacks – see the CERT Denial of Service Attacks – they affect the system through diminishing the system’s ability to function, capable of bringing a system down without destroying its resources.

 Motives of E-attacks Revenge Joke/Hoax/Prank The Hacker's Ethics Terrorism Political and Military Espionage Business ( Competition) Espionage Hate (national origin, gender, and race) Personal gain/Fame/Fun/Notoriety Ignorance

 Potential Cyber Attacks Unauthorized Intrusions Defacements Domain Name Server Attacks Distributed Denial of Service Attacks Computer Worms – Zeus, Stuxnet Routing Operations Critical Infrastructures Compound Attacks

 Critical Infrastructures Critical infrastructures include gas, power, water, b anking and finance, transportation, communications All dependent to some degree on information systems Insider threat - specialized skills Network attack – default passwords, unprotected device, un updated system.

 Topography of Attacks One-to-One One-to-Many Many-to-One Many-to-Many  Analysis of the motives and reasons why such attacks occur.  Study the most current security threats.

 Vulnerability Types  Computer based Poor passwords Lack of appropriate protection/or improperly configured protection  Network based Unprotected or unnecessary open entry points  Personnel based Temporary/staff firings Disgruntled personnel Lack of training  Facility based Servers in unprotected areas Inadequate security policies

 DEMO – Client Side Attack

 The dark net / dark side of the internet

How to handle cyber threat  System-Aware Cyber Security Architecture Addresses supply chain and insider threats Embedded into the system to be protected Includes physical systems as well as information systems  Requires system engineering support tools for evaluating architectures factors  To facilitate reusability requires establishment of candidate Design Pattern Templates and initiation of a design library Security Design System Impact Analyses

THANKS FOR LISTENNING

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.