190 likes | 211 Vues
Learn about security threats, encryption, malware, data theft, and more. Explore defenses like IDS, passwords, and firewalls against internet and internal threats. Enhance protection with digital certificates and antivirus software.
E N D
MIS 2000 Class 22 System Security Update: 2018
Outline • Security threats concept • Sniffing • Encryption defense • Malware • Data theft • Intrusion detections system, password & firewall defenses • Internet threats and defenses • Internal threats & defenses • Summary
Information Systems’ Vulnerability • Network-related challenges: • Access to local and wide area networks (Internet) brings risks. • Anyone from inside/outside the organization can attemptto infiltrate information systems. The risks of unauthorized access to data, stealing and destruction is greater than with paper that exists in one original form and can be securely locked. • Digital data can also be changed, while the fraud is not easily detected. One of disadvantages in comparison with paper.*
Security Threats - External Power failure, Natural disaster Sniffing False identity (spoofing/phishing) Data theft Malware (virus, worm…)
Sniffing • Sniffing refers to listening to a communication channel performed by an uninvited party. • Sniffing is a version of unauthorized access. Precursor is the classical phone’s wire tapping. • Sniffing affects: • wired communication on computer networks • wireless communication - WiFi (packet sniffing) • cell phones calls
Protection from Sniffing: Encryption • Encryption = Scrambling of a message to prevent unauthorized parties from reading it. • The content is scrambled into illegible format by using some programming method. * • Example: “Hi, how are you?” can be encrypted into something like “ij ipy bsf zpv”. See next slide. • The strength of the encryption key matters; measured in bits (64 bits, 256 bits) – the more bits in the key, the more complicate the scrambling.
Encryption/Decryption Security • Two kinds of securing communications: • Single key method – Both parties use the same private key for encryption and decryption. (Communication Party is computer, phone) • Double key method – Parties use a matching public and private key; just one instance pf private key in the world, public key is shareable B encrypt A decrypt message message message transfer SINGLE KEY SECURITY Shared key encrypt A decrypt B DOUBLE KEY SECURITY message transfer message message B’s private key B’s public key
Strengthening Security Digital Certificate - public key and a proof of its validity issued by a certificate authority (e.g., VeriSign); licensed annually. • Enhancing communication security and the management of security on the Internet. • Critical for e-commerce; important in other Internet communications
Dangerous Malware • Malware = malicious software that can harm data, and/or computer software and even hardware. • Virus (a legend about virus origin)– destructive to data & software* • Warm – replicates itself taking computing resources and impairing computer functioning (e.g., speed, and screen freeze). • Trojan – blocks system security functions, so opening doors for other malware. • Ransomware – encrypts storage, new and frequent threat
Other Malware • Adware – presents unwanted ads in pop-up or pop-under windows. • Spyware – observes user's activities and reports it to external party. • Defenses: • Anti-virus software. Automatic, updated online by vendor. Critical for Internet. * • Firewall (see later slide)
Check Point 1 1. Match the concepts below with explanations at the bottom: 1. Computer worm 2. Trojan 3. Adware 4. Spyware 5. Sniffing 6. Computer virus 7. Ransomware ____ refers to listening to a communication channel by an uninvited party. ____ destroys data and software. ____ replicates itself and can slow down the computer. ____ puts down system security. ____ encrypts storage against the owner's will. ____ presents unwanted ads in pop-up or pop-under windows. ____ observes user's activities and reports it to an external party.
Data Theft • Data theft is stealing data by hackers. This is also internal threat in organizations when unauthorized person accesses data. • Data storage devices or mobile tech. can be stolen or lost. • Defenses: • Firewall: a whole system focused on security; guards access to uninvited parties; prevents data theft but also planting of malware
More Defenses from Data Theft • Intrusion Detection System (IDS). Automatically detects suspicious network traffic – outside or inside a company. Signals the alarm. Can shut down the local network. • Passwords for access • Physical: Locking up computers and storage devices. • Mobile tech. methods: Combining passwords, storage encryption*, locks, remote data wipes. I D S
False Identity • Also called spoofing, phishing, social engineering…* • A malevolent party pretends to be a company or a person they really are not, and tries to get personal data (credit card numbers etc.). • Defense: Vigilance and caution! • Never go to Web sites your are invited to via email or on social media, unless you are absolutely sure the site/invitation is real.** • Never engage in “money transfer” schemes unknown persons offer you via email or texting.
Internal Security Threats • Within organizations. Threats are bigger as people are closer to technologies and data storage. • Unauthorized access, change and copying of data; also, stealing data storage. • Unauthorized access to data: when a user does not have a particular privilege (read, write, change, delete) but gets it somehow. • Human errors: leaving data unprotected, poor & lost passwords, not locking data/hardware/software.
Internal Security Threats & Defenses • Defenses: • Physical securing; passwords; biometric methods (fingertip & retina readers). • Managing access to data (system administrators) • Training, supervision
Power failure & Natural disasters • Power failure can be internal or external threat. • Defense: Have backup electricity generators ready to take over. • Natural disasters belong to external threats. • Defense: • Have disaster management plans • Extra computing facilities off-site (can be rented). • Keep backup data off-site. • Run regular checks to assess preparedness.
Check Point 2 2) Security threats and defenses - true/false: a. The defense against Malware is Encryption. b. The defense against Sniffing is in Anti-virus software. c. The defense against False Identity/Phishing is in user's vigilance and caution. d. The defense against internal security threats is in using Trojan software. e. A Firewall defends against data theft by outsiders. Security defenses are: • Encryption • Anti-virus software • Firewall • Vigilance and caution • Managing and monitoring access to data
Summary • Security threats are external and internal, and include malware, false identity, sniffing, data theft, and unauthorized access and change of data tempering. • Mobile phones and devices and wireless channels are very vulnerable. • Internet increases security risks. • Defenses include data encryption, intrusion detections system, passwords, firewalls, physical means, and managing system access.