1 / 26

Cyber Security Program Overview

Cyber Security Program Overview. Air Force Association (AFA). Why do we care about Cyber Security?.

horace
Télécharger la présentation

Cyber Security Program Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Security ProgramOverview Air Force Association (AFA)

  2. Why do we care about Cyber Security? • Enterprises and government agencies are under virtually constant attack today. Significant breaches at RSA, Global Payments, ADP, Symantec, International Monetary Fund, and a number of other organizations have made headlines—and undoubtedly thousands more have occurred that we haven’t even heard about. Flame, Stuxnet, and a number of other cyber attacks have been uncovered that set an entirely new standard for complexity and sophistication.Fundamentally, these developments make clear that the cybercriminals, nation-states, and hacker activists waging these attacks are growing increasingly sophisticated and more effective in their efforts to steal and sabotage. Leveraging dynamic malware, targeted spear phishing emails, elaborate Web attacks and a host of other tactics, these criminals know how to bypass traditional security mechanisms like firewalls and next-generation firewalls, IPS, anti-virus (AV), and gateways. (Fire Eye Securities)

  3. Overview • Cyber Security is a Broad Program • Ten Domains of Security • Treat each domain independently • Ensure that each domain of protection is the best it can be as though it alone protects your facilities, networks and information • Preparation in depth is key to success

  4. Cyber Security Ten Domains • Emphasis on many levels of protection • We’ll take a closer look at all the domains highlighted in yellow • 1. Cryptography • 2. Access Control • 3. Telecomm and Network Security • 4. Information Security • 5. Software Development Security • 6. Security Architecture and Design • 7. Continuity and Disaster Recovery • 8. Legal Regulations and Compliance • 9. Security Operations • 10. Physical Security

  5. Constantly Evolving Threat • Threats • Malware in Friendly email • Spyware • Intercepting GPS locators to track unsuspecting people • Identity theft • Phishing attempts • Interception of unencrypted mail • Cyber Bullying • Credit Card abuse • Stalking • How to Prepare • Use strong passwords: 7 seconds to crack a 4-digit code, video camera faults, fake ID cards, stolen pins • Encrypt important emails with bank numbers and privacy information • Protect your computers and networks • Protect facilities and equipment • Report suspicious behavior • Share your knowledge with family and friends

  6. You are the solution

  7. Cyber Security ProgramMODULE ONECryptography Air Force Association (AFA)

  8. Cryptography • Science of protecting information by encoding it into an unreadable format that only those it is intended for can read and process. It is an excellent way to protect sensitive information. Since hackers can break almost any code now, the goal is to make obtaining the information too work-intensive or time-consuming for the hacker. • Encryption started 4,000 years ago as an art form and was used later by Greek and Roman warriors to code messages for combat. Movies of World War II show the use of Apache code talkers and German Enigma code machines that proved very effective. Today you use HTTPS and look for the lock symbol. • Let’s look at some of the older systems.

  9. SCYTALE • The ancient Greeks used parchment or leather to hide a message. They rolled the material around a staff of a certain width and wrote the message, then unrolled the material, often using it as a belt, and ran to the battlefront to deliver it to a field commander who had a staff of the same width for decoding the message.

  10. Alphabet Rotation Atbash (Hebrew) Caesar Cipher (Roman) or Rotation • Shift the alphabet by a certain number of positions. This worked because most people could not read: • ABCDEFGHIJKLMNOPQRSTUVWXYZ • Shifts to (A becomes D) • DEFGHIJKLMNOPQRSTUVWXYZABC • What does this mean? • BRX DUH VPDUW • Atbash • Flip the alphabet and use the lower one to hide the meaning: • ABCDEFGHIJKLMNOPQRSTUVWXYZ • AYZWVUTSRQPONMLKJIHGFEDCBA • What does this mean? • ZBYVI HVXFIRGB RH UFM

  11. Vigenere Cipher • To encrypt, a table of alphabets can be used, termed a tabula recta, Vigenère square, or Vigenère table. It consists of the alphabet written out 26 times in different rows, each alphabet shifted cyclically to the left compared to the previous alphabet, corresponding to the 26 possible Caesar ciphers. At different points in the encryption process, the cipher uses a different alphabet from one of the rows. The alphabet used at each point depends on a repeating keyword. The first letter of the plaintext, A, is paired with L, the first letter of the key. So use row L and column A of the Vigenère square, namely L. Similarly, for the second letter of the plaintext, the second letter of the key is used; the letter at row E and column T is X. The rest of the plaintext is enciphered in a similar fashion: • Suppose the plaintext to be encrypted is: • ATTACKATDAWN • The keyword "LEMON” repeated until it matches the length of the plaintext: • LEMONLEMONLE

  12. Code Talkers • The US used extremely rare native languages to pass information. Navajo code talkers accompanied Marines in every Pacific Campaign for three years, effectively protecting them and the information they transmitted and received. (The Navajo Code Talker's Dictionary) • When a Navajo code talker received a message, what he heard was a string of seemingly unrelated Navajo words. The code talker first had to translate each Navajo word into its English equivalent. Then he used only the first letter of the English equivalent in spelling an English word. Thus, the Navajo words "wol-la-chee" (ant), "be-la-sana" (apple) and "tse-nill" (axe) all stood for the letter "a." One way to say the word "Navy" in Navajo code would be "tsah (needle) wol-la-chee (ant) ah-keh-di- glini (victor) tsah-ah-dzoh (yucca)." Most letters had more than one Navajo word representing them. Not all words had to be spelled out letter by letter. The developers of the original code assigned Navajo words to represent about 450 frequently used military terms that did not exist in the Navajo language. Several examples: "besh- lo" (iron fish) meant "submarine," "dah-he- tih-hi" (hummingbird) meant "fighter plane" and "debeh-li-zine" (black street) meant "squad."

  13. Cryptoanalysis • Science of analyzing and breaking the secrecy of encryption processes, compromising authentication schemes and reverse-engineering algorithms and keys. • In World War II the German Enigma • Machine was a very effective encryption • device. It complicated the process by using • random numbers generated by a machine.

  14. Steganography • Steganography is a concealment cipher. Concealment ciphers don’t need algorithms. They cleverly use physical components all around us, like books or photos. • There are a large number of steganographic methods that most of us are familiar with (especially if you watch a lot of spy movies!), ranging from invisible ink and microdots to secreting a hidden message in the second letter of each word of a large body of text and spread spectrum radio communication. With computers and networks, there are many other ways of hiding information, such as: • Covert channels (e.g., Loki and some distributed denial-of-service tools use the Internet Control Message Protocol, or ICMP, as the communications channel between the "bad guy" and a compromised system) • Hidden text within Web pages • Hiding files in "plain sight" (for instance, what better place to "hide" a file than with an important sounding name in the c:\usps\fairfax2directory?)

  15. Steganography continued • Null ciphers (e.g., using the first letter of each word to form a hidden message in an otherwise innocuous text) • Steganography today, however, is significantly more sophisticated than the examples above suggest, allowing a user to hide large amounts of information within image and audio files. These forms of steganography often are used in conjunction with cryptography so that the information is doubly protected; first it is encrypted and then hidden so that an adversary has to first find the information (a difficult task) and then decrypt it.

  16. How Steganography hides the message in photos:

  17. Replace The Least Significant Bits • Colors are made of a series of bits in a certain order. By replacing bits that don’t seem to matter too much, people alter a picture or video slightly and the changes are usually not discernable to the human eye. As technology improves increasingly complex messages can be hidden in photos. • Can you tell which cartoon on the next slide has the hidden message?

  18. Can you tell which has the message?

  19. Security and effects • Protect your messages and know who is sending messages to you • 1. Encrypted Messages provide Confidentiality • 2. Hashed Messages provide Integrity • 3. Digital Signing provides Authentication, Non-Repudiation and Integrity • 4. Encryption and Digital Signing provide Confidentiality, Integrity, Authentication and Non-Repudiation

  20. Collision Attacks on Digital Signatures • Digital signature algorithms cannot handle a large amount of data so they compress the data that needs to be signed using a hash function. If the hash technique is not random enough, two different pieces of information may have the same hash value and this causes a collision. All public key certificates, like SSL, rely on the security of digital signature. They are compromised when there is a hash collision • Attack scenario: • Mallory creates two different documents A and B, that have an identical hash value (collision). • Mallory then sends document A to Angela, who agrees to what the document says, signs its hash and sends it back to Mallory. • Mallory illegally copies Angela’s signature from document A to document B. • Then she sends document B to Bob, claiming that Angela signed the different document. Because the digital signature matches the document hash, Bob's software is unable to detect the modification.

  21. HTTPS • Hypertext Transfer Protocol (Secure) • In order to encrypt all the information we need to secure data at the application layer (HTTP) and in transit, at the transport layer (Secure Socket Layer or SSL). • If you use SSL to securely transport banking information to the bank site but the bank site is not secure, the information becomes insecure upon delivery. HTTPS with SSL provides security during the movement and at the ends. Transport Layer Security (TLS) is the standardized version of SSL

  22. What can crypto do for us? • Prevent Attacks: • Man-In-The-Middle Attacks • Prevent Collision Attacks • Provide Encryption and Digital Signatures • Protect personal and valuable information

  23. CRYPTOGRAPHY LABS

  24. Cryptoloby Lab: Secure your information • https://www.symantec.com/verisign/ssl-certificates?tid=vrsn_sem_buy • Secure Site Pro SSL Certificates • Enable every website visitor to experience the strongest SSL encryption available to them. Includes: 128-bit minimum to 256-bit encryption, $1,250,000 warranty and vulnerability assessment. • Try it free

  25. Cryptology Lab: Check your security • One way to determine what level of protection you're getting when using a particular site is to use a packet-sniffing tool like Wireshark to record your own communications with the site. You will see about the same as what an eavesdropper on your wifi network or at your ISP would see. This way, you can determine whether some or all of your communications would be protected; however, it may be quite time-consuming to make sense of the Wireshark output with enough care to get a definitive answer.

  26. Steganography Lab

More Related