CIT 380: Securing Computer SystemsSlide #1 CIT 380 Securing Computer Systems Threats.

Slides:



Advertisements
Similar presentations
How to protect yourself, your computer, and others on the internet
Advertisements

What are computer viruses and its types? Computer Viruses are malicious software programs that damage computer program entering into the computer without.
7 Effective Habits when using the Internet Philip O’Kane 1.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Hackers, Crackers, and Network Intruders: Heroes, villains, or delinquents? Tim McLaren Thursday, September 28, 2000 McMaster University.
NCS welcome all participants on behalf of Quick Heal Anti Virus and Fortinet Firewall solution.
Chapter 4 McGraw-Hill/Irwin Copyright © 2011 by The McGraw-Hill Companies, Inc. All rights reserved. Ethics and Information Security.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. Extended Learning Module H Computer Crime and Digital Forensics.
Internet Security Awareness Presenter: Royce Wilkerson.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Chapter 1 Introduction to Security
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Reliability and Security. Security How big a problem is security? Perfect security is unattainable Security in the context of a socio- technical system.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
By: Travis Holm.  Security awareness is the knowledge and attitude members of an organization possess regarding the protection of the physical, and especially.
Security Awareness Challenges of Security No single simple solution to protecting computers and securing information Different types of attacks Difficulties.
The Difficult Road To Cybersecurity Steve Katz, CISSP Security Risk Solutions Steve Katz, CISSP Security.
Threats and ways you can protect your computer. There are a number of security risks that computer users face, some include; Trojans Conficker worms Key.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Issues Raised by ICT.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Chapter 11 Security and Privacy: Computers and the Internet.
Securing Information Systems
Online Annoyances Spam – electronic junk mail
Cyber Crime & Security Raghunath M D BSNL Mobile Services,
Computer Crime and Information Technology Security
Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.
PART THREE E-commerce in Action Norton University E-commerce in Action.
Malware  Viruses  Virus  Worms  Trojan Horses  Spyware –Keystroke Loggers  Adware.
IT Security for Users By Matthew Moody.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
IT security By Tilly Gerlack.
COMP 2903 A27 – Why Spyware Poses Multiple Threats to Security Danny Silver JSOCS, Acadia University.
CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security.
Click to edit Master title style Click to edit Master text styles –Second level Third level –Fourth level »Fifth level June 10 th, 2009Event details (title,
Introduction of Internet security Sui Wang IS300.
ED 505 Educational Technology By James Moore.  What is the definition of Netiquette and how does it apply to social media sites? ◦ Netiquette is the.
Security Awareness Challenges of Securing Information No single simple solution to protecting computers and securing information Different types of attacks.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Computer Crimes 8 8 Chapter. The act of using a computer to commit an illegal act Authorized and unauthorized computer access. Examples- o Stealing time.
Network problems Last week, we talked about 3 disadvantages of networks. What are they?
Security System Ability of a system to protect information and system resources with respect to confidentiality and integrity.
1 Computer Crime Often defies detection Amount stolen or diverted can be substantial Crime is “clean” and nonviolent Number of IT-related security incidents.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
CS 510 : Malicious Code and Forensics. About the course Syllabus at
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Chap1: Is there a Security Problem in Computing?.
Computer Skills and Applications Computer Security.
IT Computer Security JEOPARDY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.
Changes in Computer Security Will You Be Better Off?
CIT 380: Securing Computer SystemsSlide #1 CIT 380 Securing Computer Systems Threats.
CSC 382: Computer SecuritySlide #1 CSC 382: Computer Security Threats.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.
The Need for Information Security(2) Lecture 3. Slide 2 Information Extortion  Information extortion is an attacker or formerly trusted insider stealing.
DEPARTMENT OF COMPUTER SCIENCE INTRODUCTION TO CYBER AND SECURITY.
Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
Security Risks Todays Lesson Security Risks Security Precautions
CSC 382: Computer Security
Done BY: Zainab Sulaiman AL-Mandhari Under Supervisor: Dr.Tarek
Risk of the Internet At Home
Chapter 9 E-Commerce Security and Fraud Protection
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Networking for Home and Small Businesses – Chapter 8
Presentation transcript:

CIT 380: Securing Computer SystemsSlide #1 CIT 380 Securing Computer Systems Threats

Vocabulary CIA Triad –Confidentiality –Integrity –Availability States of Information –Storage –Processing –Transmission CIT 380: Securing Computer SystemsSlide #2

Vocabulary Security Measures –Technology –Policies and practices –Education, Training, and awareness Threats, Attacks, Assets Prevention, Detection, Recovery, Survivability CIT 380: Securing Computer SystemsSlide #3

Vocabulary Risk Security trade-offs Cost-Benefit Analysis Script Kiddies Security Researchers Hacker, Cracker, Attacker Black Hat, White Hat CIT 380: Securing Computer SystemsSlide #4

CIT 380: Securing Computer SystemsSlide #5 What are threats? What threats can you think of to your home? To your money (including bank accounts, checks, credit and debit cards)? To your home computer?

CIT 380: Securing Computer SystemsSlide #6 Digital Threats: More of the Same Theft Vandalism Extortion Con Games Fraud Stalking

CIT 380: Securing Computer SystemsSlide #7 Digital Threats: What’s Different Automation –Salami Attack from Office Space. Action at a Distance –Volodya Levin, from St. Petersburg, Russia, stole over $10million from US Citibank. Arrested in London. –Operators of CA BBS tried and convicted in TN court because TN had d/led pornography f/ CA.

Digital Threats: What’s Different Technique Propagation –Criminals share techniques rapidly and globally. CIT 380: Securing Computer SystemsSlide #8

Next Slide The percentage of respondents answering that their organization experienced unauthorized use of computer systems in the last 12 months CIT 380: Securing Computer SystemsSlide #9

CIT 380: Securing Computer SystemsSlide #10

CIT 380: Securing Computer SystemsSlide #11 Survival Time

The main issue here is of course that the time to download critical patches will exceed this survival time. CIT 380: Securing Computer SystemsSlide #12

CIT 380: Securing Computer SystemsSlide #13 Current Threat Information SANS Internet Storm Center – Bugtraq – – CERT –

Current Threat Information Packet Storm – CIT 380: Securing Computer SystemsSlide #14

CIT 380: Securing Computer SystemsSlide #15 Who are the Attackers? Hackers vs Crackers Levels of attackers –Developer Finds new security vulnerabilities Writes tools and exploits –User Understands tools; modifies tools/exploits –Script Kiddie

CIT 380: Securing Computer SystemsSlide #16 Who are the Attackers? Criminals. –1993: Thieves installed bogus ATM at Manchester Mall. Saved account#s + PINs. Organized crime. –2000: Mafia-led organization members arrested for attempt to steal $680million from Bank of Sicily. Malicious insiders. –2001: Mike Ventimiglia deletes files of his employer, GTE. $200,000 damage. Industrial espionage. –2001: Verdicts in Cadence Design Systems vs. Avant against 7 employees incl CEO. 5 sentenced to jail.

CIT 380: Securing Computer SystemsSlide #17 Who are the Attackers? Press. –1998: Cincinnati Enquirer reporter Michael Gallagher breaks into Chiquita Fruits voic to expose illegal activities. Police. –1997: LAPD illegal wiretapping scandal. Terrorists. –1999: DOS attacks and web defacements against NATO country computers during Kosovo bombings. National Intelligence. –2000: Former CIA Directory Woolsey admitted to using ECHELON information to help US companies win foreign contracts.

Scary Internet Stuff: Underground __Dxk&feature=relatedhttp:// __Dxk&feature=related CIT 380: Securing Computer SystemsSlide #18

CIT 380: Securing Computer SystemsSlide #19 What Are Our Defenses? Firewalls Virus Scanners Spyware Scanners Intrusion Detection Systems (IDS/IPS) Patches Backups Prevent Detect Respond Recover

CIT 380: Securing Computer SystemsSlide #20 What Are The Attacks? Phishing Malware Ransomware Spyware Botnets

CIT 380: Securing Computer SystemsSlide #21 Phishing

CIT 380: Securing Computer SystemsSlide #22 Phishing Site

Scary Internet Stuff: Phishing 3x3I&feature=relatedhttp:// 3x3I&feature=related CIT 380: Securing Computer SystemsSlide #23

Amazon.com - Your Cancellation ( ) Dear Customer, Your order has been successfully canceled. For your reference, here`s a summary of your order: You just canceled order # Status: CANCELED _____________________________________________________________________ ORDER DETAILS Sold by: Amazon.com, LLC _____________________________________________________________________ Because you only pay for items when we ship them to you, you won`t be charged for any items that you cancel. Thank you for visiting Amazon.com! Amazon.com Earth`s Biggest Selection ORDER DETAILS CIT 380: Securing Computer SystemsSlide #24

CIT 380: Securing Computer SystemsSlide #25 Malware Trojan Horses Viruses Worms

CIT 380: Securing Computer SystemsSlide #26 Ransomware

CIT 380: Securing Computer SystemsSlide #27 Spyware and Adware Most Trojan Horses, some infect directly. –Browser hijacking –Pop-up advertisements –Keystroke and network logging –Steal confidential data from and files

Spyware and Adware 89% of PCs are infected with spyware (2006Q2 Webroot.) – re/excerpt.htmlhttp:// re/excerpt.html CIT 380: Securing Computer SystemsSlide #28

CIT 380: Securing Computer SystemsSlide #29 Rootkits Execution Redirection File Hiding Process Hiding Network Hiding User Program Rootkit OS

Rootkits Video NkZ4http:// NkZ4 CIT 380: Securing Computer SystemsSlide #30

CIT 380: Securing Computer SystemsSlide #31 Botnets Worm or direct attack usurps control of PC, then installs control software to listen for instructions. Instructions can include: Attempt to infect other PCs Send spam message Launch DOS attack Upgrade attack and control software Virus writers sell botnets to spammers for $0.10/compromised PC

Scary Internet Stuff: Botnets pNSshttp:// pNSs CIT 380: Securing Computer SystemsSlide #32

Wikipedia: Botnet –Historical list of botnets Kraken botnet – CIT 380: Securing Computer SystemsSlide #33

CIT 380: Securing Computer SystemsSlide #34 Key Points Computer crimes same as pre-computer crimes. Differences in digital threats –Automation –Action at a distance –Technique propagation Digital threats –Phishing –Malware –Ransomware –Spyware –Botnets

CIT 380: Securing Computer SystemsSlide #35 References 1.Alexander Gostev et. al., “Malware Evolution: January – March 2006,” Virus List, April 12, The Honeynet Project, Know Your Enemy, 2nd edition, Addison-Wesley, John Leyden, "The illicit trade in compromised PCs," The Register, Apr Stuart McClure, Joel Scambray, and George Kurtz, Hacking Exposed, 5th edition, McGraw-Hill, Rachna Dhamija and J. D. Tygar, "The Battle Against Phishing: Dynamic Security Skins," Proceedings of the Symposium on Usable Privacy and Security (SOUPS), July SANS Internet Storm Center, 7.Schneier, Bruce, Beyond Fear, Copernicus Books, Ed Skoudis, Counter Hack Reloaded, Prentice Hall, Stuart Staniford, Vern Paxson, and Nicholas Weaver, "How to 0wn the Internet in Your Spare Time," Proceedings of the 11th USENIX Security Symposium, Richard Stiennon, "Spyware: 2004 Was Only the Beginning," CIO Update, Jan Thompson, Ken, “Reflections on Trusting Trust”, Communication of the ACM, Vol. 27, No. 8, August 1984, pp (

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.