**Edit- added the rest of this class' notes.
Extra
Credit
Cyber security books
(Critical system error)
Pretest for network
fundamentals
RGE Resume Generating Event.
More IS Terms
- Options to deal with risk
- Accept
- Realize there is a chance of loss
- Diminish
- Take precautions
- Most information security risks should be diminished
- Transfer risk to someone else
- Ex: purchasing insurance
More after the break
Understanding the importance of IS
- Preventing data theft
- Security often associated with theft prevention
- Business data theft
- Proprietary information
- Individual data theft
- Credit card numbers
- Thwarting identity theft
- Using another's personal information in unauthorized manner
- Usually for financial gain
- Examples
- Steal person's SSN
- Create new CC account
- Charge purchases
- Leave unpaid
- Avoiding legal consequences
- Laws protecting electronic data privacy
- HIPPA
- Sarbox
- GLBA
- Maintaining productivity
- Post attack clean up diverts resources
- Time and money
- Foiling cyber terrorism
- Premeditated, politically motivated attacks
- Target: information, computer systems, data
- Designed to :
- Cause panic
- Provoke violence
- Result in financial catastrophe
- Potential targets
- Banking
- Military
- Energy
- Transportation
- Water systems
Categories of attackers
- Hackers
- Script kiddies
- Spies
- Insiders
- Cybercriminals
- Cyberterrorists
- Hackers
- Hacker
- Person who uses computer skills to attack computers
- Term not common in security community
- White hat hackers
- Goal to expose security flaws
- Not to steal or corrupt data
- Black hat hackers
- Goal is malicious and destructive
- Script Kiddies
- Goal: break into computers to create damage
- Unskilled users
- Download automated hacking software (scripts)
- Use them to preform malicious acts
- Attack software today has menu systems
- Attacks are even easier for unskilled users
- 40% of attacks are preformed by script kiddies
- Spies
- Computer spy
- Person hired to break into a computer
- To steal information
- Hired to attack a specific computer or system
- Containing sensitive information
- Goal: steal information without drawing attention to their actions
- Possess excellent computer skills
- To attack and cover their tracks
- Insiders
- Employees, contractors, business partners
- 48% of breaches attributed to insiders
- Examples
- Health care worker publicized celebrities' health records
- Disgruntled over upcoming job termination
- Government employee planted malicious coding script
- Stock trader concealed losses through fake transactions
- US Army private accessed sensitive documents
- Cybercriminals
- Network of attackers, identity thieves, spammers, financial fraudsters
- Difference from ordinary attackers
- More highly motivated
- Willing to take more risk
- Better funded
- More tenacious
- Goal: financial gain
- Organized gangs of young attackers
- Eastern European, Asian and third world regions
- Cybercrime
- Targeted attacks against financial networks
- Unauthorized access to information
- Theft of personal information
- Financial cybercrime
- Trafficking in stolen credit cards and financial information
- Using spam to commit fraud
- Cyberterrorists
- Cyberterrorists
- Ideological motivation
- Attacking because of principles and beliefs
- Goals
- Deface electronic information
- Spread misinformation and propaganda
- Deny service to legitimate computer users
- Commit unauthorized intrusions
- Results: critical infrastructure outages; corruption of vital data
- Attacks and defenses
- Wide variety of attacks
- Same basic steps used in attack
- To protect computers against attacks:
- Follow five fundamental security principles
- Steps of an attack
- Probe or information
- Such as type of hardware or software used
- Penetrate any defenses
- Launch the attack
- Modify security settings
- Allows attacker to reenter compromised system easily
- Circulate to other systems
- Same tools directed toward other systems
- Paralyze networks and devices
- Defenses against attacks
- Fundamental security principles for defenses
- Layering
- Limiting
- Diversity
- Obscurity
- Simplicity
- Layering
- Information security must be created in layers
- Single defense mechanism may be easy to circumvent
- Unlikely that attacker can break through all defenses and layers
- Layered security approach
- Can be useful in resisting a variety of attacks
- Provides the most comprehensive protection
- Limiting
- Limiting access to information
- Reduces the threat against it
- Only those who must use data granted access
- Amount of access klimitd to what that person needs to know
- Methods of limiting access
- Technology
- File permissions
- Procedural
- Prohibiting document removal from premises
- Diversity
- Closely related to layering
- Layers must be different (diverse)
- If attackers penetrate one layer:
- Some techniques unsuccessful in breaking through other layers
- Breaching one security layer does not compromise the whole system
- Example of diversity
- Using security produces from different manufacturers
- Obscurity
- Obscuring inside details to outsiders
- Example: not revealing details
- Type of computer
- Operating system version
- Brand of software used
- Difficult for attacker to devise attack if system details are unknown
- Simplicity
- Nature of informatin security is complex
- Complex security systems
- Difficult to understand and troubleshoot
- Often compromised for ease of use my trusted users
- Secure system should be simple:
- For insiders to understand and use
- Simple from the inside
- Complex from the outside
No comments:
Post a Comment