Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cyber Security Challenges

Published byGrant Ray Modified over 6 years ago

Similar presentations

Presentation on theme: "Cyber Security Challenges"— Presentation transcript:

1 Cyber Security Challenges
Dr. Aviel D. Rubin Johns Hopkins University

2 Anecdote A tour of the radiology department at UPenn

3 We are dependent on software & computer networks
Banking Stock market mishap 2 weeks ago (what would an intentional attack accomplish?) Critical Infrastructure Power, water, electric grid E-commerce Healthcare Within an enterprise HR functions Customer lists Secret business plans E-voting

4 Example: Healthcare Government is forcing move to electronic records
Doctors who don’t comply will be penalized Standards are being developed to link providers in healthcare information exchanges Hospitals are increasing their automation Devices are being networked together Increasing reliance on software and networks for healthcare & healthcare information

5 Example: E-voting In 2004, 37 states used paperless e-voting
Security vulnerabilities were shown Dramatic decrease in reliance on e-voting However, in 2010, many states will allow Internet voting from overseas Risks…

6 Vulnerabilities Software We don’t know how to avoid bugs
Botnets & Malware, viruses, worms Usability of security/Human factors Authentication State of the art is mostly still passwords Tokens are catching on – but not user friendly

7 Case in point: Botnets Mariposa botnet What did it do?
In 1 ½ months: over 11 million unique IP addresses of compromised hosts What did it do? Information theft: stole usernames/pws, banking details Downloaded malware for DOS attacks Found in computers at More than ½ of Fortune 1,000 companies More than 40 major banks Spreads via: IM programs, USB keys, P2P networks, IE6 exploits, many other ways… Not detected by many Anti-Virus products Signature evolves

8 Mariposa Population 24 hours of sinkhole data, by origin country
Source: Arbor Networks

9 Global DDoS Traffic DDoS victims, measured traffic
Source: Arbor Networks

10 More threats Cross site request forgery Cross site scripting
DNS spoofing BGP Possibly single greatest vulnerability on the Internet

11 Side note Very unusual 3 suspects arrested for use of Mariposa
Not the authors, just unsophisticated users

12 Solutions No silver bullet… Software security tools
Software engineering processes, better programming languages, code audit, red teams Adding cryptography to DNS and BGP Long, slow process Challenges include performance, adoption, legacy infrastructure User education

13 Questions? Speaker information: Avi Rubin
Professor, Johns Hopkins University

Download ppt "Cyber Security Challenges"

Similar presentations

EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU 12-2011.

EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU
George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.

George Tubin Senior Analyst Consumer Banking © 2005 The Tower Group, Inc. May not be reproduced by any means without express permission. All rights reserved.
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Introduction to Security Computer Networks Computer Networks Term B10.

Introduction to Security Computer Networks Computer Networks Term B10.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:

What Are Malicious Attacks? Malicious Attacks are any intentional attempts that can compromise the state of your computer. Including but not limited to:
Quiz Review.

Quiz Review.
First Community Bank www.fcbnm.com Prevx Safe Online Rollout & Best Practice Presentation.

First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Securing Information Systems

Securing Information Systems
Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.

Computer Security Fundamentals Chuck Easttom Chapter 1 Introduction to to Computer Security.
UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.

UNDERSTANDING THE RISKS & CHALLENGES OF Cyber Security DAVID NIMMO InDepth IT Solutions DAVID HIGGINS WatchGuard NEIL PARKER BridgePoint Group A BridgePoint.
AIS, 20141 Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)

AIS, Passwords Should not be shared Should be changed by user Should be changed frequently and upon compromise (suspected unauthorized disclosure)
BUSINESS B1 Information Security.

BUSINESS B1 Information Security.
1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.

1 Panda Malware Radar Discovering hidden threats Channel Presentation Name Date.
C OMPUTER C ONCEPTS Unit 1 Concept 3 – Solving Technological Problems.

C OMPUTER C ONCEPTS Unit 1 Concept 3 – Solving Technological Problems.
Configuring Electronic Health Records Privacy and Security in the US Lecture f This material (Comp11_Unit7f) was developed by Oregon Health & Science University,

Configuring Electronic Health Records Privacy and Security in the US Lecture f This material (Comp11_Unit7f) was developed by Oregon Health & Science University,
Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.

Bots Used to Facilitate Spam Matt Ziemniak. Discuss Snort lab improvements Spam as a vehicle behind cyber threats Bots and botnets What can be done.
Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

Similar presentations

Ads by Google