1 / 65

Security

Learn about cybercrime and the different types of threats, such as identity theft, computer viruses, logic bombs, time bombs, worms, and hackers. Discover ways to protect yourself from these risks.

amundson
Télécharger la présentation

Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security CSCI 101

  2. Cybercrime • Any crime that is conducted through the computer. • In 2012 the internet crime complaint center received 289,000 cybercrime complaints.

  3. Identity Theft • Occurs when someone steals your personal information, e.g. your social security number, bank account number, credit card info… • Basically someone tries to be you, steals form you, and pollutes your reputation. • People can use, and destroy your credit rating. • It can take a long time to fix.

  4. Computer Viruses An entryway into your computer

  5. Computer Viruses • Malicious Computer programs that are attached to other programs. • When they are downloaded they copy themselves into other programs, and files. • When files are exchanged with other computers, the viruses will infect another computer.

  6. What’s the harm of viruses? • Viruses can simply be annoying, e.g. cause popup windows to appear • Or they can destroy files on your computer • Even worse they can gather and report your sensitive information to the viruses' creator.

  7. How to get a virus • You download malware, e.g. a contaminated movie • You open up an attachment on an email that is infected • You open a file on a usb drive that is infected.

  8. Types of Viruses

  9. Logic Bomb Logic Bomb: When a set of conditions are true the virus will begin, e.g. opening a file a certain number of times. If speed < 50 miles per hour, Bomb fires

  10. Logic Bomb Example • Whac-A-Mole Sabatage • A man programmer planted a logic bomb in Whac-A-Mole games, causing them to stop working after they had been turned on and off a number of times. • He did this to achieve job security, as he was responsible for fixing these machines.

  11. Logic Bomb Example • http://www.cbsnews.com/news/logic-bomb-dropped-on-brokerage/ • Created a logic bomb which caused > $3 million in damages • He purchased put options on the companies stock in anticipation, assuming the stock value would plummet and he would benefit

  12. Time Bomb Time Bomb: A virus that will execute at a certain time, or after a set of time passes. Hence, a large number of computers could all go down at the same time.

  13. Time Bomb Example • Michelangelo Virus • In 1991 this virus was create that would fire on March 6th, the famous artist Michelangelo’s birthday. • “the virus overwrites the first one hundred sectors of the hard disk with nulls.”

  14. Time Bomb Example • http://www.wired.com/2013/03/logic-bomb-south-korea-attack/ • The time bomb waited till March 20th 2013 and then started erasing data from bank machines • Wiped the machines of 3 banks and 2 media companies • Also, took down some ATMs

  15. Worms Worms: Spread through email or network connections. The user doesn’t need to take any action to spread these, they just travel through vulnerabilities in the operating systems.

  16. Worm Example • ILove you Worm • In May of 2000 a worm that effected Windows Personal computers got sent over emails. • Users would get an email with the subject “ILove you” with a script attached. • When users opened the attachment it ran a script that did damage to your computer and overwrote your images. • Then the script sent out the same email to everyone on your Outlook contact list.

  17. How do you know you have a virus? • Your homepage on your browser changes • Popups start appearing • Files start being corrupted • …

  18. Hackers What do they do, and How do we protect Ourselves

  19. Hackers Someone who unlawfully breaks into a computer or a network. Black-hat Hackers: Someone who hacks into computers with malicious intent. This is a crime and can result in serious penalties. White-hat Hackers (Ethical Hackers): Someone who hacks into a system to expose it’s weaknesses to the company or the general public. These individuals are often hired by companies to increase the security of their systems.

  20. Famous Hackers Jonathan James • At age 15 he was convicted of breaking into BellSouth, the United States Department of Defense, and NASA • He intercepted over 3 thousand messages going to the USDD using a packet sniffer • He lost NASA $41,000

  21. Famous Hackers Albert Gonzalez • Collected over 170 million credit and ATM card numbers in 2 years (2005 – 2007). • He would sell these for profit • He also hacked into databases to get credit card numbers. • In 2010 went to prison for 20 years

  22. Famous Hackers Kevin Poulsen • Took over all of the phone lines for LA’s KISS-FM radio station making himself be the 102 caller and win a Porsche • Hacked into federal systems and stole wiretap information. (http://www.makeuseof.com/tag/5-of-the-worlds-most-famous-hackers-what-happened-to-them/) • When to prison for 5 years and banned from his computer for 3 years after • He now works for WIRED, and he helped take down 744 sex offenders on MySpace.

  23. Types of Hacking

  24. Packet Sniffing • Hackers use programs to listen in on the packets you are sending over the internet. • Here they can put together the data you are sending, and gather your sensitive information. • Be careful when you are using free public wifi like at coffee shops as they are particularly vulnerable. • Firewalls will help you prevent these attacks.

  25. Packet Sniffing Cidney is buying items online with her credit card, and a hacker is listening in, getting her credit card number. 23428 32522 Cidney 90234 234283252290234

  26. Packet Sniffing Security You should use secure protocols (https) for all important communication so that your data is all encrypted when sent over the line and can’t be sniffed.

  27. Trojan Horses

  28. Trojan Horses • Trojan horses are when hackers get into your computer through a back door and can take control. • They can access/delete files/send emails… • They can also use your computers processing for larger attacks. Particularly, if hackers take over lots of computers they can launch Denial of Service Attacks.

  29. Trojan Horse Naming • In Greek mythology at the end of the War of Troy they had a plan where they created a giant hollow horse and filled it with soldiers, pretending it to be a piece offering. • At night the soldiers came out. Athens Troy Fighting Peace Offering

  30. Trojan Horse Naming Trojan Horse Malware programs are named after this mythological horse because they disguise themselves as good programs so people install them, but they turn out to be malware. Malware Your Computer Hackers now have a entryway into your computer You download a movie from a sketchy site

  31. Example Beast Trojan Horse (2002) • Infected Windows 95 and XP • The hacker could control the infected computer • Could use password tools to get at your passwords • Could get screenshots and use your webcam

  32. Denial-of-Service Attacks (DoS) • In DoS attacks, hackers keep sending out so much requests on a server, that the server doesn’t have enough capacity to address the legitimate requests. • To achieve this, hackers often take over many other computers, and program them all to continuously make requests. • The computers they take over are called Zombies

  33. Denial of Service Attacks

  34. Denial of Service Example Project Rivolta • In 2000 MafiaBoy (Michael Demon Calce) a Canadian High School student launched a Denial of Service attack • He took down Yahoo for an hour, which was the most popular search engine at the time • He also continued to bring down Ebay, CNN, Amazon and Dell

  35. Live Denial of Service Attacks • This map shows a live view of the current denial of service attacks that are being executed across the globe • http://www.digitalattackmap.com/

  36. Key Loggers • Key Loggers are a form of spyware. • These program track each of your keystrokes • They can put this information together to gather your secure information

  37. Key Logger Example 2 million Facebook, Twitter, AND Gmail passwords stolen (Dec 4th, 2013) • Keylogging software was maliciously installed on users computers • This malware recorded users passwords

  38. Protecting Yourself How can I protect myself?

  39. Information Security Information Security: A set of techniques and policies enforced by an organization or individual to ensure proper access to protected data. (CSI)

  40. Information Security Triad Confidentiality: Ensuring key data remains protected from unauthorized access. (CSI) Integrity: Ensuring that data can be modified only by appropriate mechanisms. (CSI) Availability: Degree to which authorized users can access appropriate information for legitimate purposes when needed. (CSI)

  41. Preventing Unauthorized Access • We need user to authenticate themselves to only allow access to legit users. • Ways to authenticate: • Passwords • Smart Card • Biometrics • CAPTCHA • Fingerprint Analysis

  42. Weak Passwords • Many people use very week passwords for internet sites, such as 12345 or password! • With week passwords, hackers can get into these sites and steal your information • Even with common words hackers can easily determine your passwords, as they run scripts which can check tons of passwords in matters of seconds.

  43. Increasing Passwords Security Let’s increase the security of this password !*M0nK3y45 Monkey M0nkey M0nk3y M0nK3y Substitute numbers for letters Add special characters Mix capitol and lower case letters

  44. Reusing your Passwords • People often use the same passwords from many different sites. • Hackers sometimes get access into less secure sites, find your passwords, and then try the same passwords on your bank’s site. • Hence, make sure you have a unique password for more secure sites.

  45. Creating Strong Passwords • Here’s a helpful article on creating strong passwords: https://support.mozilla.org/en-US/kb/create-secure-passwords-keep-your-identity-safe

  46. How to protect my computer • Install an antivirus. They can only stop viruses they know about. Keep installing updates to your antivirus to protect against new viruses. • Keep your computer’s OS and other programs up to date. Often OS’s are updated to protect against viruses, so make sure you have these updates.

  47. Windows Defender • This anti-virus is in newer versions of windows: • http://windows.microsoft.com/en-us/windows/security-essentials-download • You can download Windows Security Essentials on earlier versions of Windows too (Windows 7 and Vista)

  48. Firewalls • Can block access to your ports, & filter the packets that are trying to enter. They will deny malicious packets entry into your computer. • They use a process called network address translation to hide your IP address from intruders, so they can’t find your computer.

  49. Backup Your Data • Always have backups of your data. • If you get attacked you could lose all of your information.

  50. Scams Don’t give people your personal data!

More Related