1 / 20

Unit 32 – Networked Systems Security

Unit 32 – Networked Systems Security. https://www.tes.com/lessons/k-4i3DlopqkOYA/review-week-unit-32-networked-systems-security. Lesson 2 - Security & Sources of Attacks. Dictionary.com says: 1. Freedom from risk or danger; safety. 2. Freedom from doubt, anxiety, or fear; confidence.

sboyd
Télécharger la présentation

Unit 32 – Networked Systems Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Unit 32 – Networked Systems Security https://www.tes.com/lessons/k-4i3DlopqkOYA/review-week-unit-32-networked-systems-security

  2. Lesson 2 - Security & Sources of Attacks

  3. Dictionary.com says: 1. Freedom from risk or danger; safety. 2. Freedom from doubt, anxiety, or fear; confidence. 3. Something that gives or assures safety, as: 1. A group or department of private guards: Call building security if a visitor acts suspicious. 2. Measures adopted by a government to prevent espionage, sabotage, or attack. 3. Measures adopted, as by a business or homeowner, to prevent a crime such as burglary or assault: Security was lax at the firm's smaller plant. …etc. What is Security?

  4. Protect vital information while still allowing access to those who need it • Trade secrets, medical records, etc. • Provide authentication and access control for resources • Guarantee availability of resources Why do we need Security?

  5. Financial institutions and banks • Internet service providers • Pharmaceutical companies • Government and defense agencies • Contractors to various government agencies • Multinational corporations • ANYONE ON THE NETWORK Who is Vulnerable?

  6. http://www.calyptix.com/top-threats/top-7-network-attack-types-in-2015-so-far/http://www.calyptix.com/top-threats/top-7-network-attack-types-in-2015-so-far/ What is the percentage of Denial of Service attacks? Top 7 Network Attacks 2015 (so far)

  7. Internal • Disaffected Staff • Social Engineering • Downloads • External • Internet Connections • Unsecured Wireless Points • Viruses introduce by email Sources of Attacks

  8. Malicious damage can occur through internal means in that it comes from within an organisation, perhaps the result of a disgruntled employee • Breaking or sabotaging equipment • Deleting, altering or making public business- sensitive or embarrassing data Internal Attack

  9. Jeffrey Delisle: Canadian spy passed on UK secrets http://www.bbc.co.uk/news/uk-20112616 Former MI6 man sentenced for secret files leak http://www.bbc.co.uk/news/uk-england-london-1117643 Edward Snowden – whistleblower http://www.bbc.co.uk/news/world-us-canada-22837100

  10. The threat has spread from outside of an organisation, perhaps for self-gain or self-satisfaction, or maybe for a competitor company. Examples are: – hacking – theft – criminal damage – industrial espionage. However, the distinction between internal and external malicious damage is not black and white: the four external damage examples listed could also result from within an organisation and so could be classed as internal External Attack

  11. External attacks involving internet connections will normally be mitigated by the company Internet security policy and rules. The objective is to establish rules and measures to use against attacks over the Internet. External Attack - Internet

  12. Wi-Fi has provided significant benefits for businesses and their customers but it also has generated significant headaches. “Rogue” access points operating without company blessing and potentially installed for industrial espionage are a real threat to a secure corporate computing environment. External Attack - Through unsecured wireless access points

  13. Man arrested over wi-fi 'theft‘ http://news.bbc.co.uk/1/hi/england/london/6958429.stm Two cautioned over wi-fi 'theft‘ http://news.bbc.co.uk/1/hi/england/hereford/worcs/6565079.stm External Attack - Through unsecured wireless access points

  14. Google admits wi-fi data blunder http://news.bbc.co.uk/1/hi/uk/8684639.stm Security warning over wireless networks http://news.bbc.co.uk/1/hi/technology/8309779.stm External Attack - Through unsecured wireless access points

  15. Virus authors adapted to the changing computing environment by creating the e-mail virus. For example, the Melissa virus in March 1999 was spectacular in its attack. Melissa spread in Microsoft Word documents sent via e-mail. How Computer Viruses Work http://computer.howstuffworks.com/virus4.htm External Attack - Virus introduced via email

  16. Categorise the threats into the sources they come from. • Internal • Disaffected Staff • Social Engineering • Downloads • External • Internet Connections • Unsecured Wireless Points • Via email • Other • Both • Threats - • Denial of service, • Back door, • Spoofing, • Mathematical, • Brute force, • Adware. • Theft of data • Ransomware • Data modification • Identity theft • Software exploitation, • Viruses, • Rootkits, • Worms, • Trojans, • spyware, • Eavesdropping • Man in the middle Create a table in which you can categorise the different threats. They may appear in more than one source. Task Order the threats in each category from highest to lowest damage they may cause

  17. Choose 5 types of threats that attack a network, summarise each attack. • Why is it a dangerous type of attack? • When is a company usually susceptible to this type of attack? • Who normally perpetrates this type of attack? • Include a diagram of this attack (if possible) Task Recommend ways the attack can be mitigated

  18. http://www.its.ms.gov/Services/Pages/Security-Quizzes-Tests.aspxhttp://www.its.ms.gov/Services/Pages/Security-Quizzes-Tests.aspx

  19. Read this http://www.securityweek.com/virus-threats is there anything interesting? Discuss

  20. Illustrate the need for security. • Categorise network attacks into different sources • Summarise different security attacks on networks Learning Objectives

More Related