11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING...

11

ASSESSING THE NEED FOR SECURITY

Chapter 1

Chapter 1: Assessing the Need for Security 2

ASSESSING THE NEED FOR SECURITY

Security design concepts

Assets

Threats

Vulnerabilities

Countermeasures

Historical compromises


SECURITY DESIGN INFLUENCES

Legal requirements

Business risk tolerance

Finance

Current events

Technology


THE THREE PILLARS OF INFORMATION SECURITY

Confidentiality

Integrity

Availability


DEFENSE-IN-DEPTH

Use multiple layers of defense. For example: Security guards and security cameras

Network firewalls and host-based firewalls

Log on as a non-administrator and use antivirus software

Protects against any single vulnerability

Gives you time to test critical updates


THE SCOPE OF SECURITY

Security architecture

Physical security

Cryptography

Access control

Network security


THE SCOPE OF SECURITY (CONT.)

Applications and systems development

Operations security

Security management practices

Law, investigations, and ethics

Business continuity planning


ATTACK COMPONENTS

Asset

Threat agent

Threat

Vulnerability

Compromise

Countermeasure


ASSET

Items that you have purchased: Software

Hardware

Facilities

People

Information

Anything else deserving protection


THREAT AGENT

The attacker: Malicious attackers

Nonmalicious attackers

Mechanical failures

Catastrophic events


THREAT AGENT: MALICIOUS ATTACKERS

The classic hacker attacking from outside

Disgruntled employees attacking from inside

Likely to have specific goals and objectives

To anticipate their attacks, study their motivations


THREAT AGENT: NONMALICIOUS ATTACKERS

People make mistakes that can cause damage such as invalid data or failed services

Examples: programming bugs, data-entry errors

Mitigate with: Thorough testing procedures

Backups

Business continuity plans


THREAT AGENT: MECHANICAL FAILURES

Power outages, hardware failures, network outages

Mitigate with: Business continuity plans

Network redundancy

Server clustering

Service level guarantees


THREAT AGENT: CATASTROPHIC EVENTS

Extreme weather: tornadoes, hurricanes, earthquakes, tsunami

Fire

Acts of war

Catastrophic events are rare, but the damage is tremendous. Therefore, the total risk is often high.


THREAT

Threat agent is the attacker, threat is the attack

Use STRIDE to remember the six main types of threat: Spoofing identity Tampering with data Repudiation Information disclosure Denial-of-service Elevation of Privilege


VULNERABILITY

Also known as a weakness Has the potential to be a compromise when

combined with a threat Common vulnerability types:

Physical Natural Hardware and software Media Communications Human


COMPROMISE

A successful attack, often called an exploit

Occurs when a threat agent creates a threat for an unprotected vulnerability

If the threat does not penetrate your defenses, you were merely attacked. Attacks are not a problem; compromises are a problem.


COUNTERMEASURE

Also known as a safeguard

Reduce the likelihood of a vulnerability

Does not eliminate a vulnerability

Three main types: Preventative

Detective

Reactive


PREVENTATIVE COUNTERMEASURES

Prevent threats from exploiting a vulnerability

Examples: Firewalls

Software updates

Antivirus software

Employee security training


DETECTIVE COUNTERMEASURES

Used to detect an attack or a compromise

Can enable you to respond after an attack begins, but before a compromise occurs

Can also be used to detect a successful attack

Examples: Intrusion-detection system

Security logs


REACTIVE COUNTERMEASURES

Used after a compromise

Examples: On-site or off-site backups

Disaster recovery plans

Law enforcement


ATTACK COMPONENTS


HISTORICAL COMPROMISES

The fundamentals of security design remain constant throughout history

A Windows network will be subject to the same types of attack that were used before computers even existed

“Those who cannot learn from history are doomed to repeat it”


1938: POLES BREAK NAZI ENCRYPTION

Nazis use encryption to communicate privately over public radio communications

Poles spend many years studying the communications

Poles break the encryption because of Nazi mistakes

Lesson: Humans make mistakes


1972: CAP’N CRUNCH CRACKS PHONE SYSTEM

Blind children discover that a whistle in a Cap’n Crunch cereal box makes a 2600-hertz (Hz) tone also used by telephone equipment

Blow the whistle and get free long-distance calls

Telephone company’s services are stolen, but catch John Draper (a threat agent) by monitoring usage logs

Lesson: Do not rely on security by obscurity and use detective countermeasures


1988: MITNICK STEALS CODE FROM DEC

Kevin Mitnick uses social engineering to gain access to user credentials

Abuses credentials to access internal network

FBI monitors, arrests, and convicts Mitnick of multiple computer crimes

Lesson: Sophisticated attackers use unconventional attacks


2000: ATTACKER STEALS MICROSOFT SOURCE CODE

Microsoft employee runs Trojan horse received in e-mail

Trojan horse opens a back door that contacts threat agents

Threat agents use access to collect passwords and steal source code

Damage limited because credentials gave threat agents access to limited portions of the source code

Microsoft’s tarnished security reputation caused immeasurable damage

Lesson: Valuable data deserves expensive countermeasures


SUMMARY

Technology is the least important of the influences to security design

Important assets deserve multiple layers of protection

Understand the components of an attack

Learn from the mistakes of other security designers

Date post:	18-Dec-2015
Category:	Documents
Upload:	sara-reeves
View:	220 times
Download:	1 times

11 ASSESSING THE NEED FOR SECURITY Chapter 1. Chapter 1: Assessing the Need for Security2 ASSESSING...

Documents