TM5013 IT For Managers

1
TM5013 IT For Managers

• Topic 10
• Computers Security and Privacy

2
Content

• Computer Security Risk
• Computer Viruses, Worms, and Trojan Horses
• Virus Fact Box
• Unauthorized Access and Use
• Information Theft
• Internet Security Risks
• Backing Up The Ultimate Safeguard
• Information Privacy

3
Computer Security Risks

• What is a computer security risk?

• Action that causes loss of or damage to computer
  system

4
System vulnerability and abuse
Why Systems Are Vulnerable
Contemporary Security Challenges and
Vulnerabilities
5
System vulnerability and abuse
Why Systems Are Vulnerable (Continued)
Internet Vulnerabilities

• Use of fixed Internet addresses through use of
  cable modems or DSL
• Lack of encryption with most Voice over IP (VoIP)
  
• Widespread use of e-mail and instant messaging
  (IM)

6
System vulnerability and abuse
Wi-Fi Security Challenges
7
Computer Viruses, Worms, and Trojan Horses

• What are viruses, worms, and Trojan horses?

Virus is a potentially damaging computer program
Worm copies itself repeatedly, using up
resources and possibly shutting down computer
or network

• Trojan horse hides within or looks like
  legitimate program until triggered

Payload (destructive event) that is delivered
when you open file, run infected program, or
boot computer with infected disk in disk drive
Can spread and damage files
Does not replicate itself on other computers
8
Computer Viruses, Worms, and Trojan Horses

• What is an antivirus program?

• Identifies and removes computer viruses
• Most also protect against worms and Trojan horses

p. 560 - 561 Fig. 11-4
9
Computer Viruses, Worms, and Trojan Horses

• What is a virus signature?

• Specific pattern of virus code
• Also called virus definition

• Antivirus programs look for virus signatures

10
Computer Viruses, Worms, and Trojan Horses

• What is a denial of service attack and back door?

A denial of service attack is an assault
whichdisrupts computer access to an Internet
service such as the Web or e-mail
A back door is a program or set of
instructionsin a program that allow users to
bypasssecurity controls when accessing a
computerresource
p. 562
11
Computer Viruses, Worms, and Trojan Horses
12
VIRUS FACT BOX

• Following are brief descriptions of some of the
  major viruses according to various security firms
  including TruSecure/ICSA labs, Trend Micro,
  F-Secure Corp., Sophos, Network Associates, and
  Symantec Corporation.

13
VIRUS FACT BOX

• 1986, 2 brothers Amjad and Basit Farooq Alvi,
  wrote the first PC virus to infect floppy dubbed
  as Pakistani Brain
• Design to advertise their software company, Brain
  Computer Service in Lahore

14
VIRUS FACT BOX

• 2 Nov, 1988, the first worm released by Cornell
  graduate student, Robert Morris Junior
• The Morris Worm exploited flaw in UNIX and
  spread within days to 6,000 mainframes
• Morris was convicted by Computer Fraud and Abuse
  Act

15
VIRUS FACT BOX

• 1989, a teenager in Sofia, Bulgaria released Dark
  Angel virus, that destroyed data and contained
  references to lyrics from metal rock band Iron
  Maiden including Eddy livessomewhere in time.
• He also wrote the first polymorphic virus which
  change charactereristic to avoid detection

16
VIRUS FACT BOX

• 1998, Ching Ing-hau, a sergeant in Taiwanese Army
  wrote the Chernobyl virus, CIH
• Set to activate on the anniversary of the
  Chernobyl nuclear disaster on 26 April
• Try to erase hard drive
• Wrote to get revenge on the antivirus industry
  after the army got infected by a virus

17
VIRUS FACT BOX

• 1999, David Smith of New Jersey wrote Melissa
  virus that spread via email and infected MSWord
  document
• Smith is now serving time in prison

18
VIRUS FACT BOX

• 2000, Filipino university student, Onel de Guzman
  released the IloveYou or Loveletter email
  virus.
• It tricked people into opening an infected file
  attachment and installed a keystroke logger to
  get accessed to passwords on infected machines

19
VIRUS FACT BOX

• 2001, JAN De Wit, from Netherland, wrote Anna
  Kournikovan virus using the alias On The Fly
• Created with virus generation software, the worm
  trick email users into clicking on an attachment
  that purported to be a picture of Russian tennis
  star Kournikova
• Was charged spreading data via computer with the
  intent to cause damage

20
VIRUS FACT BOX

• Aug. and Sept 03, BLASTER worm and SoBig email
  virus disabled computers and snarled internet
  traffic across the globe
• SoBigF became one of the most widespread virus
  ever, crippling corporate email networks and
  filling home users inbox with a glut of messages
  before jetting copies off exponentially to more
  victims
• Blaster spread through a security hole in Windows

21
VIRUS FACT BOX

• MyDOOM worm the fastest-spreading attack since
  twin attacks by Blaster worm and SoBig virus
• First detected at 1303 GMT, 26 Jan. 04
• An innocuous attachment in an email from Russia
  triggered a minor alarm at the Global Operations
  Centre of MessageLabs, a leading email security
  firm
• After 8-hrs, millions of copies poured across
  internet, buckled-up email servers
• Within 24-hrs MyDoom had flooded world email
  network

22
Unauthorized Access and Use

• What is unauthorized access and how is it
  achieved?

Use of a computer or network without permission
Hackers typically break into computer by
connecting to it and then logging in as a
legitimate user

• Hacker, or cracker, is someone who tries to
  access a computer or network illegally

p. 11.07
23
Unauthorized Access and Use

• What is a firewall?

• Security system consisting of hardware and/or
  software that prevents unauthorized network access

p. 11.08 Fig. 11-7
24
Unauthorized Access and Use

• What is a personal firewall?

• Program that protects personal computer and its
  data from unauthorized intrusions
• Monitors transmissions to and from computer
• Informs you of attempted intrusion

p. 11.09 Fig. 11-8
25
Unauthorized Access and Use

• What are other ways to protect your personal
  computer?

• Disable file and printer sharing on Internet
  connection
• Use online security serviceWeb site that
  evaluates computer to check for Web and e-mail
  vulnerabilities

File and printer sharing turned off
p. 11.09 Fig. 11-9
26
Unauthorized Access and Use

• How can companies protect against hackers?

p. 11.10
27
Unauthorized Access and Use

• What is a user name?

• Unique combination of characters that identifies
  user
• Password is private combination of characters
  associated with the user name that allows
  access to computer resources

28
Unauthorized Access and Use

• How can you make your password more secure?

• Longer passwords provide greater security

29
Unauthorized Access and Use

• What is a possessed object?

• Item that you must carry to gain access to
  computer or facility
• Often used with numeric password called
  personal identification number (PIN)

30
Unauthorized Access and Use

• What is a biometric device?

• Authenticates persons identity using personal
  characteristic
• Fingerprint, hand geometry, voice, signature, and
  iris

31
Information Theft

• What is encryption?

• Safeguards against information theft
• Process of converting plaintext (readable data)
  into ciphertext (unreadable characters)
• Encryption key (formula) often uses more than one
  method
• To read the data, the recipient must decrypt, or
  decipher, the data

32
Information Theft

• What does an encrypted file look like?

p. 11.17 Fig. 11-17
33
Internet Security Risks

• What is a denial of service attack?

Hacker uses unsuspecting computer, called zombie,
to execute attack on other systems
Also called DoS attack
Computer Emergency Response Team Coordination
Center (CERT/CC) assists with DDoS attacks
Distributed DoS (DDoS) attack is more devastating
DoS attack in which multiple computers attack
multiple networks
p. 11.21
34
Internet Security Risks

• How do Web browsers provide secure data
  transmission?

Secure site is Web site that uses encryption to
secure data
Many Web browsers use encryption
Digital certificate is notice that guarantees Web
site is legitimate
p. 11.21
35
Internet Security Risks

• What is a certificate authority (CA)?

• Authorized person or company that issues and
  verifies digital certificates
• Users apply for digital certificate from CA

p. 11.22 Fig. 11-20
36
Internet Security Risks

• What is Secure Sockets Layer (SSL)?

• Provides encryption of all data that passes
  between client and Internet server

• Web addresses beginning with https indicate
  secure connections

Indicates secure Web page
p. 11.22 Fig. 11-21
37
Internet Security Risks

• What are methods for securing e-mail messages?

p. 11.23
38
Internet Security Risks

• What is spoofing?

Makes a network or Internet Transmission
appear legitimate
IP spoofing occurs when an intrudercomputer
fools a network into believingits IP address is
from a trusted source

• Perpetrators of IP spoofing trick theirvictims
  into interacting
• with a phony Web site

p. 563
39
Backing Up The Ultimate Safeguard

• What is a backup?

Duplicate of file, program, or disk
Full backupall files in computer
Selective backupselect which files to back up
Three-generation backuppreserves three copies
of important files
In case of system failure or corrupted files,
restore files by copying to original location
p. 576
40
Information Privacy

• What is information privacy?

Right of individuals and companies to restrict
collection and use of information about them
Difficult to maintain today because data is
stored online
Employee monitoring is using computers to observe
employee computer use
Legal for employers to use monitoring software
programs
p. 11.25 and 11.31
41
Information Privacy

• What is an electronic profile?

• Data collected when you fill out form on Web
• Merchants sell your electronic profile
• Often you can specify whether you want
  personal information distributed

Leaving these options blank indicates you do not
want to be contacted
p. 11.26 Fig. 11-26
42
Information Privacy

• What is phishing?

Scam in which a perpetratorsends an official
looking e-mail that attemptsto obtain your
personal and financial information
p. 584
43
Information Privacy

• What is a cookie?

Set browser to accept cookies, prompt you to
accept cookies, or disable cookies
Some Web sites sell or trade information stored
in your cookies
Small file on your computer that contains data
about you
User preferences
How regularly you visit Web sites
Interests and browsing habits
p. 11.27
44
Information Privacy

• What is a cookie manager?

• Software program that selectively blocks cookies

p. 11.28 Fig. 11-28
45
Information Privacy

• What are spyware and spam?

• Spyware is program placed on computer without
  users knowledge

• Secretly collects information about user

• Spam is unsolicited e-mail message sent to many
  recipients

p. 11.29 Fig. 11-29
46
Information Privacy

• How can you control spam?

E-mail filtering
Anti-spam program
p. 11.29
47
Information Privacy

• What is content filtering?

• Process of restricting access to certain material

• Internet Content Rating Association (ICRA)
  provides rating system of Web content
• Web filtering software restricts access to
  specified sites

p. 11.31 Fig. 11-31