7/30/2019 Chapter 1 - Security Concepts
1/26
INTRODUCTION TO SECURITY INTRODUCTION TO INTERNET SECURITY AND
SECURITY FROM INTERNET SOURCES SECURITY POLICIES AND PROCEDURE STATEMENTS SECURITY THREATS
7/30/2019 Chapter 1 - Security Concepts
2/26
INTRODUCTION TO SECURITY INTRODUCTION TO INTERNET SECURITY AND
SECURITY FROM INTERNET SOURCES SECURITY POLICIES AND PROCEDURE STATEMENTS SECURITY THREATS
7/30/2019 Chapter 1 - Security Concepts
3/26
Protection of network & their services
Protects from: unauthorized modification,destruction, disclosure
Ensures the network performs it functionscorrectly & no harmful side effect
7/30/2019 Chapter 1 - Security Concepts
4/26
To protect company assets. To gain a competitive advantage.
To comply with regulatory requirements andfiduciary responsibilities.
To keep your job
7/30/2019 Chapter 1 - Security Concepts
5/26
In 1999, a survey conducted jointly by the AmericanSociety for Industrial Security and Pricewaterhouse-Coopers (ASIS/PWC) reported that:-
Fortune 1000 companies lost more than $45 billion fromtheft of "proprietary information.
45% of the respondents said that they had suffered afinancial loss as a result of information loss, theft, ormisappropriation.
On average, the responding companies reported 2.45incidents with an estimated cost of $500,000 per incident.
The number of reported incidents per month hadincreased over the last 17 months.
7/30/2019 Chapter 1 - Security Concepts
6/26
The FBI/CSI survey received 521 responses fromindividuals in the computer security field. 30 % of the respondents reported an intrusion from an outside
source.
55% of the respondents reported an unauthorized intrusion by asource inside the organization.
Of those respondents that reported a loss, the average lossfrom the theft of proprietary information increased from$1,677,000 in 1998 to $1,847,652 in 1999.
The average loss from financial fraud rose from $388,000 in1998 to over $1,400,000 in 1999.
The total financial losses due to computer-related crime for the521 respondents amounted to more than $120 million.
7/30/2019 Chapter 1 - Security Concepts
7/26
From Message Labs - 17 Jan, 2004
Processing between 50,000 and 60,000 new
copies per hour, "W32/Mydoom.A has exceededthe infamous SoBig.F virus in terms of copiesintercepted, and the number continues to rise."
Message Labs collected over 1.2 Million copies of
W32/Mydoom.A-mm At its peak infection rate, about 1 in 12 emails on
the Internet were MyDoom Viruses
7/30/2019 Chapter 1 - Security Concepts
8/26
From Trend Micro - 16 Jan, 2004
It is estimated that PC Viruses cost businesses
approximately $55 Billion in damages in 2003. The same calculations in were done in 2002 and
2001, at $20-30 Billion and $13 Billion,
respectively.
7/30/2019 Chapter 1 - Security Concepts
9/26
Top 10 viruses1. The Morris Worm2. The Concepts Virus
3. CIH4. The Anna Kournikova Worm5. Iloveyou6. The Melissa Virus
7. The Blaster Worm8. Netsky And Sasser9. OSX/Rsplug Trojan10. Storm Worm
*** Information courtesy of Sophos
7/30/2019 Chapter 1 - Security Concepts
10/26
Top 10 Spyware Malware1. New.net W32/Sdbot.ftp2. Cydoor W32/Netsky.P.worm
3. BetterInet Trj/Qhost.gen4. Altnet W32/Gaobot.gen.worm5. Petro-Line Trj/Citifraud.A6. MarketScore Trj/Zapchast.D
7. Virtumonde W32/Parite.B8. Media-motor W32/Netsky.D.worm9. Aveo-Attune W32/Sasser.ftp10. Aureate-Radiate VBS/Psyme.C
Sources : spotlightingnews.com 2006
7/30/2019 Chapter 1 - Security Concepts
11/26
Logon using strong password (encryptedlogin)
File system install security patches
regularly (install firewall) Data Communication restricted
connection (do not open the network to thepublic without any monitoring)
Administrative depending to the networksecurity personnel (monitor the networktraffic all the time)
7/30/2019 Chapter 1 - Security Concepts
12/26
INTRODUCTION TO SECURITY INTRODUCTION TO INTERNET SECURITY AND
SECURITY FROM INTERNET SOURCES SECURITY POLICIES AND PROCEDURE STATEMENTS
SECURITY THREATS
7/30/2019 Chapter 1 - Security Concepts
13/26
Electronic Mail and News File transfer Remote Access to hosts Real time conferencing
7/30/2019 Chapter 1 - Security Concepts
14/26
Information Theft Information theft, one disgruntled (dissatisfied)
employee who has either the desire to harm his or her
employer or is motivated by financial gain to presentan insider threat to the organization.
Unauthorised Disclosure That an organization suspects some of its employees
of leaking confidential information to its competitor.It is also usually believed that its competitor actuallyplanted spies within the organization in order totarget and steal new product plans.
7/30/2019 Chapter 1 - Security Concepts
15/26
Information Warfare Information warfare is the offensive and defensive use
of information and information system to deny,
exploit, corrupt or destroy and adversarysinformation ,information-based processes,information systems and computer-based networkswhile protecting ones own.
Accidental data loss Most common data loss cause, simply accidentally
deleting a file that wasn't supposed to be deleted.Caused by a careless employee or an untrainedemployee who did not know better.
7/30/2019 Chapter 1 - Security Concepts
16/26
INTRODUCTION TO SECURITY INTRODUCTION TO INTERNET SECURITY AND
SECURITY FROM INTERNET SOURCES SECURITY POLICIES AND PROCEDURE STATEMENTS
SECURITY THREATS
7/30/2019 Chapter 1 - Security Concepts
17/26
A security policy is a formal statement of the rules bywhich people who are given access to anorganization's technology and information assets
must abide. Addresses the constraints on behavior of its members
as well as constraints imposed on adversaries bymechanisms such as doors, locks, keys and walls.
For systems, the security policy addresses constraintson functions and flow among them, constraints onaccess by external systems and adversaries includingprograms and access to data by people.
7/30/2019 Chapter 1 - Security Concepts
18/26
To inform users, staff and managers of theirobligatory requirements for protecting
technology and information assets. To provide a baseline from which to acquire,
configure and audit computer systems andnetworks for compliance with the policy.
7/30/2019 Chapter 1 - Security Concepts
19/26
Site security administrator Information technology technical staff (e.g.,
Staff from computing center)
Administrators of large user groups within theorganization (e.g., Business divisions, computerscience department within a university, etc.)
Security incident response team Representatives of the user groups affected by
the security policy Responsible management Legal counsel (if appropriate)
7/30/2019 Chapter 1 - Security Concepts
20/26
At a minimum, a good security usage policy should Be readily accessible to all members of the organization. Define a clear set of security goals. Accurately define each issue discussed in the policy.
Clearly show the organizations position on each issue. Describe the justification of the policy regarding each issue. Define under what circumstances the issue is applicable. State the roles and responsibilities of organizational members with
regard to the described issue. Spell out the consequences of noncompliance with the described
policy. Provide contact information for further details or clarification
regarding the described issue. Define the users expected level of privacy. Include the organizations stance on issues not specifically defined.
7/30/2019 Chapter 1 - Security Concepts
21/26
Access to Internet-based Web server resources shall onlybe allowed for the express purpose of performing work-related duties. This policy is to insure the effective use ofnetworking resources and shall apply equally to allemployees. This policy shall be enforced during bothproduction and non-production time periods. All Webserver access can be monitored by networkingpersonnel, and employees may be required to justifyWeb server access to their direct supervisor. Failure tocomply with this policy will result in the issuance of awritten warning. For more information regarding what isconsidered appropriate Web server access of Internetresources, please consult your direct supervisor.
7/30/2019 Chapter 1 - Security Concepts
22/26
INTRODUCTION TO SECURITY INTRODUCTION TO INTERNET SECURITY AND
SECURITY FROM INTERNET SOURCES SECURITY POLICIES AND PROCEDURE STATEMENTS
SECURITY THREATS
7/30/2019 Chapter 1 - Security Concepts
23/26
Insecure Architectures
A misconfigured network is a primary entry pointfor unauthorized users.
Broadcast Networks Using hardware (hubs, switch, router) without
implement protection to save the data that has
been processed there
Centralized Servers
central server can allow access to the entire
network.
7/30/2019 Chapter 1 - Security Concepts
24/26
An attacker is someone who looks to steal ordisrupt your assets.
A hacker is someone with a deepunderstanding of computers and/ornetworking.
7/30/2019 Chapter 1 - Security Concepts
25/26
Internal threats Mobile and remote users
Internet and TCP/IP Physical Phone attacks Social engineering
7/30/2019 Chapter 1 - Security Concepts
26/26
Authentication compromises. Improper input validation.
Sniffing activities. Denial of Services (DoS) Exploiting physical access. Viruses, malware and Trojans.