Presentation is loading. Please wait.

Presentation is loading. Please wait.

What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.

Published byKelly Terry Modified over 9 years ago

Similar presentations

Presentation on theme: "What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized."— Presentation transcript:

1

2 What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized access, data theft,and defacing of web pages  There has been a surge in denial of service attacks hijacking of computers.

3 Risks to Information System  Risks to application and data 1.Theft of information 2.Data alteration, data destruction, and defacement 3.Computer viruses and logic bombs 4.No malicious misshapes

4 Risks to Information System

5 Risks to Online Operations  Many hackers try daily to interrupt online businesses  Types of attacks include:  Unauthorized access  Data theft  Defacing of Web pages  Denial of service  Hijacking

6 Risks to online operation  Denial of Service (DoS)  Too many requests are received to log on to a Web site’s pages  If perpetrated from multiple computers it is called distributed denial of service (DDoS)  Spoofing  Deception of users to make them think they are logged on at one site while they actually are on another

7 Risks to data and applications  theft of data: may be for identity theft, corporate espionage, etc. identity theft: using another person's credentials  social engineering: using human weaknesses to gain access to confidential information  keystroke logging: intercepts keystrokes and either stores them or sends them someplace on the Internet (very useful for stealing usernames, passwords, account information, etc.)  phishing: fraudulent messages (typically emails) which lure recipients into going to a fake website to try to get them to enter confidential information  pharming: replacing a real website with an impostor to try to get people to enter confidential information  data alteration: sometimes hard to notice. but can be very damaging

8

9  data destruction: usually very noticeable, and can be alleviated somewhat by having good backup procedures in place  web defacement: basically vandalism, similar to graffiti, but can cost businesses a lot in lost revenue  tarpit: a host on the network designed to expect attacks and respond very slowly, allowing the attacker to not get much done and spend enough time on the machine to be tracked  honey pot: a host on the network designed to lure attackers in so waiting monitors can attempt to track the attacker  honey token: a piece of data which is extremely unlikely to be accessed legitimately, but which an attacker is likely to access; it has special monitoring to immediately alert system administrators when it is accessed with information about where the access request originated

10

11  virus: software designed to spread from one computer to another based on something a user does, such as open a file  worm: software that can spread itself through a network without human intervention  Trojan horse: a malicious program disguised as a potentially helpful or useful program; the program may even appear to be carrying out useful tasks while the malicious part of the code silently carries out its tasks or waits for the right time to spring into action; Trojans are a form of virus  logic bomb: a program where malicious code lies dormant waiting for a specific time or set of conditions to become active and cause damage  DoS (denial of service): prevents the use of online resources; often done by flooding servers with so many requests that the servers can't handle legitimate traffic; can also be done by locking out access to a server or application

12  DDoS(distributed denial of service): a DoS attack where many computers are used to send the flood of requests; the attacking computers are usually machines which have been previously attacked and have malicious software waiting for commands from some other machine on the Internet  zombie: a zombie is a machine which has been attacked and has been infected with malicious software which awaits commands to carry out DDoS attacks; the user is usually unaware of the problem  hijacking: taking control of a computer or website without the owners consent; zombies are hijacked computers

13  Hijacking: using some or all of a computer’s resources without the consent of its owner  Often done for making a DDoS attack  Done by installing a software boot on the computer  Main purpose of hijacking is usually to send spam  Bots are planted by exploiting security holes in operating systems and communications software  A boot usually installs e-mail forwarding software

14 Denial of Service  Denial of service (DoS): an attacker launches a large number of information requests  Slows down legitimate traffic to site  Distributed denial of service (DDoS): an attacker launches a DoS attack from multiple computers  Usually launched from hijacked personal computers called “zombies”  No definitive cure for this  A site can filter illegitimate traffic

15  Risks to ISs include risks to hardware, data, and networks, and natural disaster and vandalism  Risks to data and applications include theft of information, identity theft, data alteration, data destruction, defacement of Web sites, viruses, worms, logic bombs, and no malicious mishaps  Risks to online systems include denial of service and hijacking Summary

16

Download ppt "What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized."

Similar presentations

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.

Chapter 1: Fundamentals of Security JV Note: Images may not be relevant to information on slide.
POSSIBLE THREATS TO DATA

POSSIBLE THREATS TO DATA
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
Lecturer: Fadwa Tlaelan

Lecturer: Fadwa Tlaelan
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.

Mod H-1 Examples of Computer Crimes. Mod H-2 Stuxnet.
7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.

7.1 Copyright © 2011 Pearson Education, Inc. 7 Chapter Securing Information Systems.
Hackers They can u Read the data files u Run the application programs u Modify some files which may cause damages Individuals who gain unauthorized access.

Hackers They can u Read the data files u Run the application programs u Modify some files which may cause damages Individuals who gain unauthorized access.
Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.

Malicious Attacks Angela Ku Adeline Li Jiyoung You Selena Yuen.
Threats To A Computer Network

Threats To A Computer Network
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Web server security Dr Jim Briggs WEBP security1.

Web server security Dr Jim Briggs WEBP security1.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.

CS101 Lecture 14 Security. Network = Security Risks The majority of the bad things that can be done deliberately to you or your computer happen when you.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Basic Security Networking for Home and Small Businesses – Chapter 8.

Similar presentations

Ads by Google