Citadel Security Software Presents Are you Vulnerable? Bill Diamond Senior Security Engineer

© 2005 Copyright Citadel Security Software Inc. 2 Are you Vulnerable? Do you have or use ….

© 2005 Copyright Citadel Security Software Inc. 3 Odds aren’t in your favor Have High Speed Internet at home? –If you directly connected your computer, you were probably infected in the first 15 seconds Why? –Most computers and devices aren’t configured for proper security –Devices like cell phones, PDAs, computers are designed for ease of use and to make internet access simple The simple truth is good security takes effort

© 2005 Copyright Citadel Security Software Inc. 4 Five Classes of Vulnerabilities Software Defects Misconfigured Services Unsecured Accounts and Passwords Malware Unnecessary services

© 2005 Copyright Citadel Security Software Inc. 5 What Vulnerabilities Allow An attacker to execute commands as another user Allows an attacker to access data that is contrary to the specified access restrictions for that data Allows an attacker to pose as another entity Allows an attacker to conduct a denial of service Allows an attacker to conduct information gather activities Allows an attacker to hide activities Includes a capability that behaves as expected by can be easily compromised Is a primary point of entry that an attack may attempt to use to gain access to the system or data Is considered a problem according to some reasonable security policy

© 2005 Copyright Citadel Security Software Inc. 6 Illustrating the Risk Some spyware is suspected of sending captured data to North Korean intelligence agency servers North Korean government is suspected of selling data to criminals and organizing Denial of Service Attacks South Korea’s Defense Ministry claims North Korea has an aggressive hacker training program that includes five years of university training Source:

© 2005 Copyright Citadel Security Software Inc. 7 Vulnerability Statistics Approximately 10 vulnerabilities per day are discovered and made public 18.78% are Extremely Critical or Highly Critical 36.6% are Moderately Critical 37.49% are Less Critical 7.13% are Not Critical The difference is whether a vulnerability has an identified exploit or a suspected exploit

© 2005 Copyright Citadel Security Software Inc. 8 Vulnerability Statistics 70.7% of all attacks are initiated remotely 11.4% of all attacks are initiated from the local network 17.89% are initiated from the local machine 27% of all attacks are to gain system access 21% are Denial of Service attacks 12% are privilege escalation attacks 17% seek to expose sensitive or system level information Source:

© 2005 Copyright Citadel Security Software Inc. 9 What’s Affected? Operating Systems Desktop and Server Applications Network Devices Wireless Phones Even Antivirus Software and Firewalls Everything. Source:

© 2005 Copyright Citadel Security Software Inc. 10 What Should You Do? Identify your assets –Servers, Desktops, Wireless Devices, Network Printers, Hubs, Routers, Telephone Switches Assess your risk. –Follow security oriented web sites to keep up to date –Use vulnerability assessment tools to regularly evaluate your degree of risk –Diagnose your systems for spyware and other malware Review and Evaluate –Your vulnerabilities against the risk identified Remediate –Apply patches but also review the advice in your vulnerability assessment tool for specific advice –Review your security policies and how they are enforced Monitor and Maintain –Reassess with vulnerability assessment –Track system changes –Monitor compliance with security policies

© 2005 Copyright Citadel Security Software Inc. 11 How Can You Start? Use hardware firewalls –Software firewalls have been exploited Learn to use a vulnerability assessment scanner Use antivirus software for all inbound and outbound –Newer versions also protect Instant Message applications –New generation products provide some protection against phishing –You will not win a lottery you never heard of –You don’t have any mysterious relatives in Nigeria or South Africa who want to wire money to your bank account. Patch Judiciously –Don’t just apply every patch. Make sure it applies to you. Develop and Implement Consistent, Measurable Policies Stay Informed

© 2005 Copyright Citadel Security Software Inc. 12 Top Frauds and Scams Type of Fraud% Of Total Average Dollar Loss Per Incident Auctions51%$765 General Merchandise20%$846 Nigerian Money Offers8%$2,649 Phishing5%$182 Information/”Adult” Services3%$241 Fake Checks3%$5,201 Lotteries/Lottery Clubs3%$2,225 Computer Equipment/ Software 1%$1,401 Fake Escrow Services1%$2,585 Internet Access Services1%$1,187 Source: Internet Fraud Watch

© 2005 Copyright Citadel Security Software Inc. 13 Summary Computer related crime has increased 36 fold since 1997 There were more than 56 Million computer attacks in 1994 – the majority were probes for existing, known vulnerabilities As of March 2003, verifiable attacks cost more than $16 Billion in economic damage 20% of all organizations are expected to experience a serious security incident 750,000 Americans had their identities hijacked in 2004 Average loss to fraud per victim increased to $895, up from $527 in fraud has increased to 22%, up from 5% in 2003 Effective security policies and vulnerability management are possible, regardless of operating system or application.

© 2005 Copyright Citadel Security Software Inc. 14 Questions? For more information visit our web site at Or contact me – Bill Diamond