Security Awareness:

1
Security Awareness Applying Practical Security
in Your World, Second Edition

• Chapter 2
• Desktop Security

2
Objectives

• Describe the type of attacks that are launched
  against a desktop computer
• List the defenses that can be set up to protect a
  desktop computer
• Describe the steps for recovering from an attack

3
Attacks on Desktop Security

• Malicious software (malware)
• Can break into and create havoc on desktop
  computers
• Internet service providers (ISPs) in North
  America
• Spend 245 million annually to combat malware
• Virus
• Secretly attaches itself to document or program
  and executes when document or program is opened

4
(No Transcript)
5
Viruses

• Require a host to carry them from one system to
  another
• Possible effects
• Cause a computer to continually crash
• Erase files from a hard drive
• Install hidden programs
• Reduce security settings
• Reformat the hard disk drive

6
Viruses (continued)

• Symptoms that indicate virus infection
• Program suddenly disappears from computer
• New programs do not install properly
• Out-of-memory error messages appear
• Unusual dialog boxes or message boxes appear
• Computer runs slowly and takes a long time to
  start
• Significant amount of modem activity

7
Worms

• Difference between worms and viruses
• Virus
• Must attach itself to a computer document
• Spreads by traveling along with the document
• Requires action by computer user to begin
  execution
• Worm
• Does not attach to a document to spread
• Can travel by itself
• Needs user to perform an action

8
Logic Bombs

• Computer programs that lay dormant until
  triggered by a specific logical event
• Once triggered
• Can perform various malicious activities
• Extremely difficult to detect before triggered

9
Basic Attacks

• Social engineering
• Password guessing
• Physical theft or lost data
• Improper use of recycled computers

10
Social Engineering

• Relies on tricking and deceiving someone to
  access a system
• Dumpster diving
• Digging through trash receptacles to find
• Computer manuals
• Printouts
• Password lists

11
Password Guessing

• Password
• Secret combination of letters and numbers that
  validates or authenticates a user
• Characteristics of weak passwords
• Passwords that are short
• Common word used as a password
• Using the same password for all accounts
• Personal information in a password

12
(No Transcript)
13
Password Guessing (continued)

• Brute force
• Attacker attempts to create every possible
  password combination
• Dictionary attack
• Attacker takes each word from dictionary and
  encodes it
• Attacker then compares the encoded dictionary
  words against those in the encoded password file

14
(No Transcript)
15
Physical Theft or Lost Data

• February 2005
• Bank of America lost computer backup tapes
• Containing personal information on about 1.2
  million charge card users
• May 2005
• AOL reported that information on 600,000 current
  and former employees was missing
• June 2005
• Citigroup announced that personal information on
  3.9 million consumer lending customers of its
  CitiFinancial subsidiary was lost or stolen

16
Improperly Recycled Computers

• Many organizations and individuals recycle older
  computers by giving them to schools, charities,
  or selling them online
• Deleting files does not remove the information
• Only deletes filename from hard disk table
• Even reformatting a drive, or preparing the hard
  drive to store files, may not fully erase data on
  it

17
Desktop Defenses

• Patch software
• Software security updates
• Microsoft Windows operating system
• Most frequently distributed patch software
• Microsoft
• Releases patches on second Tuesday of every month
• Typically releases 5-15 software patches for
  download and installation

18
Desktop Defenses (continued)

• Microsoft classifies patches based on level of
  vulnerability that patch fixes
• Critical
• Important
• Moderate
• Low

19
Desktop Defenses (continued)

• Update configuration options
• Automatic
• Download
• Notify
• Turnoff

20
(No Transcript)
21
Antivirus Software

• Best defense against viruses
• Generally configured to
• Constantly monitor for viruses
• Automatically check for updated signature files
• Allows for manual signature updates

22
(No Transcript)
23
(No Transcript)
24
Strong Authentication Methods

• Basic rules for creating strong passwords
• Passwords must have at least eight characters
• Passwords must contain a combination of letters,
  numbers, and special characters
• Passwords should be replaced every 30 days
• Passwords should not be reused for 12 months
• Same password should not be used on two or more
  systems or accounts

25
(No Transcript)
26
Strong Authentication Methods (continued)

• Biometrics
• Uses unique human characteristics for
  authentication
• Most common biometric device
• Fingerprint scanner
• High-end scanners
• Relatively expensive
• Can be difficult to use
• Can reject authorized users while accepting
  unauthorized users

27
(No Transcript)
28
Protecting Laptop Computers

• Device lock
• Consists of a steel cable and a lock
• Economical, simple and quick to install
• Very portable
• Stealth signal transmitter
• Software installed on laptop that cannot be
  detected

29
(No Transcript)
30
Cryptography

• Science of transforming information
• So that it is secure while being transmitted or
  stored
• Does not attempt to hide the existence of data
• Scrambles data so that it cannot be viewed by
  unauthorized users

31
Cryptography (continued)

• Encryption
• Changing original text to secret message using
  cryptography
• Decryption
• Changing secret message back to its original form

32
Public and Private Keys

• Private key system
• Same key is used to encrypt and decrypt message
• Public key system
• Two mathematically related keys are used
• Public key and a private key

33
(No Transcript)
34
(No Transcript)
35
Digital Signatures

• Digital signature
• Code attached to an electronic message that helps
  to prove that
• Person sending message with public key is not an
  imposter
• Message was not altered
• Message was sent
• Encrypted hash of a message that is transmitted
  along with message

36
Digital Signatures (continued)

• Hash
• Creates encrypted text that is never intended to
  be decrypted
• Used in a comparison for authentication purposes

37
(No Transcript)
38
(No Transcript)
39
Digital Certificates

• Link or bind a specific person to a public key
• Provided by a certification authority (CA)
• Public key that has been digitally signed by a
  recognized authority (the CA)
• Attesting that owner of the key is not an imposter

40
Properly Retiring Old Computers

• Files that should be removed when selling or
  donating an old computer
• E-mail contacts
• E-mail messages
• All personal documents
• All files in the recycle bin or trash folder
• Internet files
• All nontransferable software

41
Recovering from Attacks

• Major steps to take when preparing for an attack
  
• Back up your data
• Back up system information
• Creating a data backup involves
• Copying data onto digital media
• Storing it in a secure location

42
Recovering from Attacks (continued)

• Questions when creating a data backup
• What information should be backed up?
• How often should it be backed up?
• What media should be used?
• Where should the backup be stored?
• How should the backup be performed?

43
Saving Automated System Recovery (ASR) Data

• Windows XP Automated System Recovery (ASR)
• Includes an ASR backup and ASR restore
• ASR backup records
• System state
• System services
• All disks associated with operating system
  components

44
Restoring the Computer

• To recover from an attack using ASR
• Insert original operating system installation CD
  into the CD drive
• Restart computer
• Press the F2 key when prompted
• Insert the ASR floppy disk when prompted
• Follow remaining directions on the screen

45
Clean up the Attack

• Microsoft Windows Malicious Software Removal Tool
  
• Helps remove infections by specific malware
• When done, displays a report describing outcome

46
Restore Data from Backups

• Most vendors
• Provide an automated wizard that guides user
  through process of restoring files
• After any successful attack
• Analyze why attack got through defenses

47
Summary

• Malicious software
• Programs designed to break into or create havoc
  on desktop computers
• Social engineering
• Relies on trickery and deceit
• Is considered a basic attack
• Patch software
• Describes software security updates

48
Summary (continued)

• Strong passwords
• Important defense mechanism against attackers
• Important to perform regular data backups
• If a computer becomes infected with malware
• Remove computer from network
• Try to reboot computer