Ethics and Security

minorbigarmΑσφάλεια

30 Νοε 2013 (πριν από 3 χρόνια και 6 μήνες)

511 εμφανίσεις

Ethics and Security

Information Has No Ethics

Acting ethically and legally are not always the
same



PROTECTING INTELLECTUAL ASSETS

Organizational information is intellectual capital
-

it must be
protected


Information security



the protection of information from
accidental or intentional misuse by persons inside or outside an
organization


E
-
business automatically creates tremendous information security
risks for organizations


THE FIRST LINE OF DEFENSE
-

PEOPLE


Organizations must enable employees, customers, and partners to
access information electronically



The biggest issue surrounding information security is not a
technical issue, but a people issue



33%
of security incidents originate within the organization


Insiders


legitimate users who purposely or accidentally misuse
their access to the environment and cause some kind of business
-
affecting incident



THE SECOND LINE OF DEFENSE
-

TECHNOLOGY

There are three primary information technology
security areas


1.
Authentication and authorization

2.
Prevention and resistance

3.
Detection and response

Authentication and Authorization

Authentication



a method for confirming users’ identities


Authorization



the process of giving someone permission to do
or have something


The most secure type of authentication involves:

1.
Something the user knows such as a user ID and password

2.
Something the user has such as a smart card or token

3.
Something that is part of the user such as a fingerprint or
voice signature


Something That Is Part Of The User Such As a
Fingerprint or Voice Signature

This is by far the best and most effective way to manage
authentication


Biometrics



the identification of a user based on a
physical characteristic, such as a fingerprint, iris,
face, voice, or handwriting


Unfortunately, this method can be costly

and intrusive

Prevention and Resistance

Downtime can cost an organization anywhere
from $100 to $1 million per hour


Technologies available to help prevent and
build resistance to attacks include:

1.
Content filtering

2.
Encryption

3.
Firewalls

Content Filtering

Organizations can use content filtering technologies to filter e
-
mail and
prevent e
-
mails containing sensitive information from transmitting
and stop spam and viruses from spreading.



Content filtering



occurs when organizations use software
that filters content to prevent the transmission of unauthorized
information



Spam



a form of unsolicited e
-
mail



Corporate losses caused by Spam (Billions of $)




Encryption

-

scrambles the contents of a file so that you can’t read it without
having the right decryption key.


Firewalls

Sample firewall architecture connecting systems
located in Chicago, New York, and Boston


Detection and Response


If prevention and resistance strategies fail
and there is a security breach, an
organization can use detection and response
technologies to
mitigate the damage



Antivirus software is the most common type
of detection and response technology

Detection and Response

Hacker

-

people very knowledgeable about computers who use their
knowledge to invade other people’s computers

White
-
hat hacker

(Steve Wozniak:

Co
-
founder of Apple)




Black
-
hat hacker

(Jonathan James:

At 16 broke into Pentagon

Computers


stole the

International Space Station’s source code)






Detection and Response

Script kiddies or script bunnies

(Michael
Calce

(
MafiaBoy
): DOS to

Yahoo, eBay, CNN, etc.)


Cracker

(Kevin
Poulson

(
Dark Dante)
: hacked

Into FBI)



Cyberterrorist

(
Younis

Tsouli

(
Irhabi

007)
: plotted terrorist

attack using Internet Sites)


Software bot
-

malicious code that turns PCs and servers into
remotely controlled “zombies”


Bot “bitten” organizations
-


Department of Defense,

Argonne National Library,

Alabama Supercomputer Network,

Arkansas Department of Information Systems,

Iowa Communications Network,

Connecticut’s Department of IT

What is a
Bot
?

Detection and Response

Virus

-

software written with malicious intent to cause
annoyance or damage

BOTS
:

Worm

(A
computer worm

is a self
-
replicating computer program. It uses a network to
send copies of itself to other nodes (computers on the network) and it may do so
without any user intervention)

Denial
-
of
-
service attack
(
DoS
)

Distributed denial
-
of
-
service attack
(
DDoS
)

Trojan
-
horse virus
(
A term used to describe malware that appears to the user to
perform a desirable function but, in fact, facilitates unauthorized access to the user's
computer system)

Backdoor program
(
method of bypassing normal authentication, securing
remote access to a computer, obtaining access to plaintext, and so on, while
attempting to remain undetected)




What does a
Bot

do?

Bots can remain dormant for weeks or months
at a time


60% of bots are used to send spam


The other 40% for more destructive reasons
:


including phishing,
pharming
, click fraud, distributing adware or
malware, denial
-
of
-
service attacks, data theft, and
temporarily storing illegal malicious, or stolen files

Most bots are installed due to Human Error.


Through Operating system or application vulnerabilities from not
updating security.


Dictionary attacks that guess passwords


Files downloaded via Email


Instant Messaging


Peer
-
to
-
Peer applications for downloading


Pre
-
existing back doors created by viruses


Exploit code aimed at specific networks like:


PC’s


Cell Phones


Ipods


Once bots are installed they can update themselves or install other
malicious software.


How do you get a
Bot
?

Jeanson

James
Ancheta

Downey, California

20 years old



Made a worm that let him turn computers into bots for profit ($60,00)



Ancheta

set himself above the crowd by actively advertising his network of
bots on Internet chat channels


Became the first person to be charged for controlling large numbers of hijacked
computers or
botnets
.


Bot

infected China Lake Naval Air Weapons Station in California


Convicted


5 years in prison and a $1 Million dollar fine

Think Again

Thinking of Making Money Using Bots?

Anthony Scott Clark

(
Volkam
)
-

(21 years old from Beaverton,
Oregon): Attacked eBay (DOS)


-

10 Years in Prison and
$250,00

in fines




Farid

Essebar

: Moroccan black hat hacker; also a Russian citizen. He
was one of the two people behind the spread of the
Zotob

computer
worm that targeted
Windows 2000

operating systems

in 2005. Among
the affected were
CNN
,
ABC News
,
New York Times
,
Caterpillar
,
United Parcel Service
,
Boeing

and also
United States Department of
Homeland Security
.


Other “Famous” Hackers

More Cyber Criminals

Saad

Echouafni

(
head of a satellite communications company) :
Disrupted Homeland Security

-
Fugitive

since 2004 and on
FBI’s Most Wanted



Jefferey

Lee Parson

(18 years old
-

2003): Infected 48,000 home
PC’s using MS operating system with Blaster worm

-
18 month sentence in prison

-
225 hours of community service

-
$407,546.55 in restitution to Microsoft

-
$1,056 to specific individuals to have hard drives cleaned


http://www.wired.com/threatlevel/2009/12/ye_cybercrimes


7
-
21

Source Code

Jefferey

Lee Parson’s Blaster Worm:

The worm contains two messages in its source code.


The
first:


I just want to say LOVE YOU SAN!!
soo

much

Which is why the worm is sometimes called the
Lovesan

worm.


The second:


billy

gates why do you make this possible

? Stop making
money

and fix your software!!


7
-
22

Ethical Dilemmas

Jules has walked away from a lab computer without logging off. Trish
sits down and, still logged in as Jules, sends inflammatory e
-
mail
messages out to a number of students and posts similar messages
on the class newsgroup. You are Trish’s friend. What
would/should you do?


A large, prospective client calls you and asks about a competitor's
reputation. One of your long time customers had a very bad
experience with this competitor. What information do you share
with the prospect? How do you respond to the prospect call?