Introduction to Information and Computer Science Security Lecture a This material (Comp4_Unit8a) was developed by Oregon Health and Science University, funded by the Department of Health and Human Services, Office of the National Coordinator for Health Information Technology under Award Number IU24OC

Security Learning Objectives List and describe common security concerns (Lecture a) Describe safeguards against common security concerns (Lecture b) Describe security concerns for wireless networks and how to address them (Lecture b and c) List security concerns/regulations for health care applications (Lecture c) Describe security safeguards used for health care applications (Lecture c) Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Concerns About Security Loss, stolen, or compromised data Identity theft and impersonation Downtime for businesses –Loss of revenue Blackmail –Threat to disclose medical information Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Common Threats to Security Wikipedia: –“Malware... (malicious software) is... designed to infiltrate a computer system without the owner's informed consent.” (Wikipedia, 2007) Types of malware include: –Trojans –Viruses –Hoaxes –Worms –Phishing –Macro viruses –Hackers Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Trojan Horse Trojan horse―malware program that usually impersonates a known good file installed on system by replacing (deleting) \good file Name comes from Greek Trojan Horse myth The Trojan then does its dirty work on certain date, through user action or on command Trojans can destroy or copy data, install adware, or install browser toolbar Trojans can record keystrokes and send this to attacker and scan computer ports Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Viruses A virus is a computer program that can harm a computer and make it inoperable. Some viruses are only an annoyance. Viruses usually do not replicate (make copies of) themselves on other computers Removing a virus usually cleans computer Sending a virus via may replicate virus In 2008, Fun.exe virus spread itself via throughout the world and was very difficult to remove as it made many copies of itself on an infected computer Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Macro Viruses Macro viruses usually infect Microsoft Office files and install themselves when users click files. A macro is a small program, usually written in VBA (Visual Basic for Applications) Macro viruses spread when users click files in which the macro virus resides Macro viruses may also delete files, etc. on infected system Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Personal Information Attacks Phishing Attempt to trick user into revealing personal information to attacker so they can impersonate user Pronounced like “fishing”; attacker is fishing for information about user User may receive that appears to be from financial institution, eBay, or Amazon, asking for login to verify transaction. Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Personal Information Attacks (continued) Clicking link in brings user to Web site that looks like real Web site No reputable organization will ever ask for this Report attack to organization so they are aware and can act Most software includes ability to monitor for phishing and move suspected to non-functional (junk ) folder Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Worms A worm is a program that works to create lots of network traffic Some worms are not malware as they crawl network searching for reporting information Most worms replicate themselves, making network unusable ILOVEYOU worm successfully attacked millions of computers (users who clicked attachment) in May 2000 Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

False Information Hoaxes Hoaxes usually a harmless attempt to convince user of something that is not true Usually come in form of an Some hoaxes invite user to send money to someone in another part of world or ask for contributions to find missing children Use search engine to determine whether ’s message is true by entering subject line in search engine Result will usually indicate whether is hoax Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

False Information (continued) Uncloak hoax Use trusted Internet sites to detect hoaxes Snopes.com - Urban Legends Online Never forward chains without verifying their source Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

How do Hackers Operate? Packet sniffers can read Internet traffic Wireshark―free protocol analyzer software tool that can display unencrypted network traffic on monitor screen. – Install malware Adware―Continuous ads on screen Spyware―Reports on sites visited Guess at user names and passwords Don’t use easy-to-guess passwords Do change default usernames and passwords (wireless routers) Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

What is Network Security? According to Wikipedia: –“In the field of networking, the specialist area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources.” In plain English: –Network security is about rules set up for use of equipment, software, and data and how to follow these rules –Use of assets revolves around authentication, authorization, and providing permissions to network assets. If user can’t prove identity, he or she can’t gain access to network, equipment, or data. Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Authentication User provides valid username and password –Referred to as “credential” Computer authenticates credentials against user account and password database –If user logs in successfully, user is authenticated! If credentials entered match what is in database, user is authenticated –Servers authenticate users using special type of database known as directory –Directory stores information about all users, user groups, computers, printers, and so on Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Authorization Next, authenticated users are authorized Authorization means that computer indicates precisely what user can do: –Print files using specified printers –Access specified network drives –View and/or change documents in folders –Use company Actions are usually recorded for audit Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Permissions (Windows) Authorized objects are associated with permissions –Part of authorizing object is determining permissions Permissions determine what object can or cannot do on computer or network Two types of permissions typically used: –Sharing: Allows one object to connect to or use another object over network –NTFS: Determines what one object can or cannot do to another object Permissions are a complex topic Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Permissions (Windows) Sharing and NTFS permissions work together –User creates folder on his computer so his sister can copy pictures he took –Next, he shares folder and sets his permissions to “read” –Lastly, he sets NTFS permissions to “read” so that she can view and copy pictures –Without this configuration, his sister will not be able to view or copy files from his computer Non-Windows OS protect devices and files similarly Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Permissions Example Right-click folder and select Properties from menu Pictures folder is shared Click Advanced Sharing to configure sharing permissions for this folder (2011, PD-US) Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Permissions Example (continued) Click Security tab to configure NTFS permissions Group or user names are listed in ACL Administrators have Full Control over this folder and its contents –This means that a user who is a member of the Windows Administrator’s group can do anything to this folder and its contents –Anything means view, add new files, delete existing files, change existing files, create new sub- folders, etc (2011, PD-US) Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Security Summary – Lecture a List and describe common security concerns Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a

Security References – Lecture a References Wikipedia. Malware. [Internet] Jun [cited 2011 Nov 07]. Available from: Images Slide 19: Screenshot of a shared folder's properties window. Image source: the creator of this presentation. (2011, PD-US) Slide 20: Screen shot of the folder named Picture properties dialog box. Image source: the creator of this presentation. (2011, PD-US) Health IT Workforce Curriculum Version 3.0/Spring Introduction to Information and Computer Science Security Lecture a