CSC 382 Computer Security Threats CSC 382 Computer
- Slides: 28
CSC 382: Computer Security Threats CSC 382: Computer Security 1
What are threats? • What threats can you think of to your home? • To your money (including bank accounts, checks, credit and debit cards)? • To your home computer? CSC 382: Computer Security 2
What are threats? • Home: • Computer: – Burglary – Fire – Vandalism • Money (cash/credit): – – Theft. Counterfeiting. Signature forgery. Identity theft. CSC 382: Computer Security – – – Viral/worm infection. Adware/spyware. Denial of service. Data destruction. Physical destruction (overheat, flash “ROM” overwriting) – Use of computer for felonious purposes. 3
Digital Threats: More of the Same • • Theft Vandalism Extortion Con Games Fraud Stalking Voyeurism CSC 382: Computer Security 4
Digital Threats: What’s Different Automation – Salami Attack from Office Space. Action at a Distance – Volodya Levin, from St. Petersburg, Russia, stole over $10 million from US Citibank. Arrested in London. – Operators of CA BBS tried and convicted in TN court because TN had d/led pornography f/ CA. Technique Propagation – Criminals share techniques rapidly and globally. CSC 382: Computer Security 5
CSC 382: Computer Security 6
Survival Time CSC 382: Computer Security 7
Current Threat Information • • • SANS Internet Storm Center Bugtraq CERT Packet Storm Risks Digest CSC 382: Computer Security 8
Who are the Attackers? • Hackers vs Crackers • Levels of attackers – Developer • Finds new security vulnerabilities • Writes tools and exploits – User • Understands tools; modifies tools/exploits – Script Kiddie CSC 382: Computer Security 9
Who are the Attackers? • Criminals. – 1993: Thieves installed bogus ATM at Manchester Mall. Saved account#s + PINs. • Organized crime. – 2000: Mafia-led organization members arrested for attempt to steal $680 million from Bank of Sicily. • Malicious insiders. – 2001: Mike Ventimiglia deletes files of his employer, GTE. $200, 000 damage. • Industrial espionage. – 2001: Verdicts in Cadence Design Systems vs. Avant against 7 employees incl CEO. 5 sentenced to jail. CSC 382: Computer Security 10
Who are the Attackers? • Press. – 1998: Cincinnati Enquirer reporter Michael Gallagher breaks into Chiquita Fruits voicemail to expose illegal activities. • Police. – 1997: LAPD illegal wiretapping scandal. • Terrorists. – 1999: DOS attacks and web defacements against NATO country computers during Kosovo bombings. • National Intelligence. – 2000: Former CIA Directory Woolsey admitted to using ECHELON information to help US companies win foreign contracts. CSC 382: Computer Security 11
What Are Our Defences? • • • Firewalls Virus Scanners Spyware Scanners Patches Backups Prevent Detect Recover Respond CSC 382: Computer Security 12
What Are The Attacks? • • • Phishing Malware Ransomware Spyware Botnets CSC 382: Computer Security 13
Phishing E-mail CSC 382: Computer Security 14
Phishing Site CSC 382: Computer Security 15
Malware • Trojan Horses • Viruses • Worms CSC 382: Computer Security 16
Ransomware CSC 382: Computer Security 17
Spyware and Adware Most Trojan Horses, some infect directly. – Browser hijacking – Pop-up advertisements – Keystroke and network logging – Steal confidential data from email and files 80% of PCs are infected with spyware (Oct 2004 AOL/NCSA survey. ) CSC 382: Computer Security 18
Rootkits • • Execution Redirection File Hiding Process Hiding Network Hiding User Program Rootkit OS CSC 382: Computer Security 19
Botnets Worm or direct attack usurps control of PC, then installs control software to listen for instructions. Instructions can include: • • • Attempt to infect other PCs Send spam message Launch DOS attack Upgrade attack and control software Virus writers sell botnets to spammers for $0. 10/compromised PC CSC 382: Computer Security 20
Future of Attacks • • • VM Rootkits Mobile Malware Gone in 20 Minutes RFID Viruses Virtual Property Theft CSC 382: Computer Security 21
Key Points • Computer crimes same as pre-computer crimes. • Differences in digital threats – Automation – Action at a distance – Technique propagation • Digital threats – – – Phishing Malware Ransomware Spyware Botnets CSC 382: Computer Security 22
References 1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. Alexander Gostev et. al. , “Malware Evolution: January – March 2006, ” Virus List, http: //www. viruslist. com/en/analysis? pubid=184012401, April 12, 2006. The Honeynet Project, Know Your Enemy, 2 nd edition, Addison-Wesley, 2004. John Leyden, "The illicit trade in compromised PCs, " The Register, Apr 30 2004. Stuart Mc. Clure, Joel Scambray, and George Kurtz, Hacking Exposed, 5 th edition, Mc. Graw-Hill, 2005. Rachna Dhamija and J. D. Tygar, "The Battle Against Phishing: Dynamic Security Skins, " Proceedings of the Symposium on Usable Privacy and Security (SOUPS), July 2005. SANS Internet Storm Center, http: //isc. sans. org/survivalhistory. php Schneier, Bruce, Beyond Fear, Copernicus Books, 2003. Ed Skoudis, Counter Hack Reloaded, Prentice Hall, 2006 Stuart Staniford, Vern Paxson, and Nicholas Weaver, "How to 0 wn the Internet in Your Spare Time, " Proceedings of the 11 th USENIX Security Symposium, 2002. Richard Stiennon, "Spyware: 2004 Was Only the Beginning, " CIO Update, Jan 26 2005. Thompson, Ken, “Reflections on Trusting Trust”, Communication of the ACM, Vol. 27, No. 8, August 1984, pp. 761 -763 (http: //www. acm. org/classics/sep 95/) CSC 382: Computer Security 23
Extra Slides CSC 382: Computer Security 24
Classes of Threats • Disclosure – unauthorized access to data – Examples • copyright infringement • unauthorized CC use • Deception – acceptance of false data – Examples • Anti-spam filter techniques • “Social engineering” CSC 382: Computer Security 25
Classes of Threats • Disruption – interruption of correct system operation – Examples: • DDOS attacks • Usurpation – unauthorized control of system component – Example: Nicholas Jacobsen • Controlled T-mobile’s systems in 2004 • Monitored e-mail, downloaded web-cam photos • Sold customer records (incl SSN, voicemail pw, etc) CSC 382: Computer Security 26
Types of Threats • Snooping – interception of data – Examples: • Reading email, or intercepting cleartext passwords. • ECHELON. • Modification – Examples: • Changing student grades in War Games. • Web site defacing (>1500/month recorded at attrition. org in 2001) • Spoofing – impersonation – Examples: • Spam emails almost always spoof source address. • The many Citibank phishing scams. CSC 382: Computer Security 27
Types of Threats • Repudiation of Origin – Deny ordering goods. • Denial of Receipt – Deny receipt of payment or goods. – Examples • e. Bay • Credit card payments. • Denial of Service – Examples: • 2000: “Mafiaboy” DDOS takes down Amazon, e. Bay, Yahoo. • Filling up disk with spam, unauthorized copies of files. CSC 382: Computer Security 28
- Computer network threats
- Wireless security threats and vulnerabilities
- Cyber security threats and countermeasures
- Modern network security threats
- Ecommerce security threats
- Wireless security threats
- Provate security
- Kj no 382
- 49 cfr 382
- Ramsedo
- Btm 382
- Ce 382
- Cmput 382
- Advanced data modeling
- Btm 382
- John molson school of business
- Kj 4 not angka
- Comp 382
- Ce 382
- Major threats to biodiversity
- Desert biome threats
- Threats to biodiversity a case study of hawaiian birds
- Strength weakness opportunity threat template
- Strengths opportunities threats weaknesses
- Threats of new entrants
- Owasp top 20 automated threats
- Threatening face
- For weakness
- Folk customs usually originate from