Computer security risk

Perpetrators of cyber crime and other intrusions fall into seven basic categories: Hacker Cracker script kiddie corporate spy unethical employee cyber extortionist cyber terrorist

Task

Research each of the seven categories

Give a short summary of each of them and the impacts their actions have on society and the general public

Internet and Network Attacks

Information transmitted over networks has a higher degree of security risk than information kept on a company's premises.

In a business, network administrators usually take measures to protect a network from security risks.

On the Internet, where there is no central administrator, the security risk is even higher.

Internet and Network Attacks

To determine if your computer is vulnerable to an Internet or network attack you could use an online security service.

An online security service is a Web site that evaluates your computer to check for Internet and email vulnerabilities. The service then provides recommendations of how to address the vulnerabilities.

Find and name two…if possible compare and chose the best option for you needs…the schools needs

Companies and individuals requiring assistance or information about Internet security breaches can visit the Web site for the Computer Emergency Response Team Coordination Centre (CERT/CC)

This is an American federally funded Internet security research centre.

Is there an Australian equivalent???

Internet and Network Attacks

Internet and network attacks that jeopardise security include:

Viruses worms Trojan horses Botnets denial of service attacks backdoors spoofing

Computer Viruses

Every unprotected computer is susceptible to viruses

A computer virus is a potentially damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user's knowledge or permission.

Once the virus infects the computer it can spread throughout causing damage to files and system software.

Worms and Trojan Horses

A worm is: a program that copies itself repeatedly for example in memory or on a network using up resources and possibly shutting down the

computer or network.

A Trojan horse (named after the Greek myth) is: a program that hides within or looks like a

legitimate program. A certain condition or action usually triggers it. Unlike a virus or worm it does not replicate itself to

other computers.

Malware

Computer viruses, worms and Trojan horses are classified as malware (short for malicious software) are: programs that act without the users knowledge

and deliberately alter the computers operations. Other classes of malware include:

backdoors and spyware. Although malware often falls into one of these

classes, they often will have characteristics of one or more. E.g.

MyDoom and Blaster are worms Melissa has elements of a virus, worm and Trojan.

Task

Research safeguards against viruses, worms and Trojan horses.

What are precautions a user can take to stop them?

If they become infected what can they do to remove it?

What would you be your advice to a small business owner wishing to protect his LAN?

Botnets

A botnet is a group of compromised computers connected to a network such as the Internet that are being used as part of a network that attacks other networks.

A compromised computer, known as a zombie, is one whose owner is unaware the computer is being controlled by an outsider.

A "bot" is a program that performs a repetitive task on a network.

Cyber criminals install malicious bots on unprotected computers to create a botnet, also affectionately known as a zombie army.

The perpetrator then uses the botnet to spam email, spread viruses and other malware, or commit a distributed denial of service attack.

Denial of Service Attacks:

A denial of service attack, or DoS attack, is an assault whose purpose is to disrupt computer access to an Internet service such as the Web or email.

Perpetrators carry out DoS attacks in a variety of ways. E.g.

they use an unsuspecting computer to send an influx of confusing data messages or useless traffic to a computer network.

The victim computer network eventually jams, blocking legitimate visitors from accessing the network.

A more devastating type of DoS attack is the DDoS (distributed DoS) attack multiple unsuspecting computers are used to attack multiple

computer networks. DDoS attacks have been able to temporarily stop operations

at websites including: Yahoo!, Amazon, eBay and CNN Any others you know of?? Anonymous???

Back Doors A back door is a program or set of

instructions in a program that allow users to bypass security controls when accessing a program, computer, or network.

Once perpetrators gain access to unsecure computers they often install a back door or modify an existing program to include a back door allows them to continue to access the computer

without the user's knowledge. Some worms leave back doors, which have been

used to distribute junk email from the unsuspecting victim computers.

Spoofing Spoofing is a technique intruders use to make

their network or Internet transmission seem legitimate to the victim computer or user.

Several types of spoofing schemes exist. Email spoofing

occurs when the sender's address or other components of the email header are altered so it appears the email originated from a different sender.

used for spam and phishing scams. IP spoofing

occurs when an intruder computer fools a network into believing its IP address is associated with a trusted source.

Perpetrators of IP spoofing trick their victims into interacting with the phony Web site. E.g.

the victim may provide confidential information or download files containing viruses, worms or other malware.

Task

Safeguards against Botnets, DoS Attacks, Back Doors and Spoofing: Some antivirus programs protect from

these forms of attacks but they are not the final line when it comes to protecting a network or individual computer from attacks.

What are some of the other ways a computer can be protected? Provide information on your answers and explain why they are so useful.

How should virus authors be punished?

Punishment in the US is about the same as auto theft – 18 months to 4 years in prison

Is this punishment suitable? Organisations can exaggerate damages

Some believe that lax security on the part of the internet users is to blame and those who help to spread the virus unwittingly should be punished as well

Should government make new laws? Should virus authors be punished in terms of the relative damage

caused?

International problem - How do countries coordinate law enforcement and punishment?

Payload

The destructive event or prank the program is intended to deliver

Symptoms

Screen displays unusual message or image Music or unusual sounds play randomly Memory is less than expected Existing programs or files disappear Files become corrupted Programs or files do not work properly Unknown programs or files mysteriously

appear System properties change Operating system runs slower than normal

Delivery methods

1. When user opens an infected file2. Runs an infected program3. Boots the computer with infected

removable material in a drive, or plugged into a port

4. Connects an unprotected computer to a network

5. Opening email attachments

180,000 known viruses (?)

http://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net.html

Unauthorised access and use Unauthorised access is the use of a computer

or network without permission. Unauthorised use is the use of a computer or its

data for unapproved or possibly illegal activities. includes a variety of activities:

an employee using an organisation’s computer to send personal email messages

an employee using a word-processing program to keep track of his or her child's soccer league scores

someone gaining access to a bank computer and performing an unauthorised transfer

For the home user most unauthorised use occurs on computers that have always-on Internet connections, such as through DSL lines.

Safeguarding Measures

Companies take several measures to help prevent unauthorised usage.

acceptable use policy identifies which activities the computer and network can be used for. identify the acceptable use of computers for personal reasons. Some companies prohibit such use entirely. Others allow employees to use it on their own time such as lunch breaks. Whatever the policy, a company should document and explain it to employees.

Task: What is the acceptable use policy at Trinity? Where is it documented?

To protect your own personal computers from unauthorised use you should always make sure that file and printer sharing is disabled on your Internet connection. This security measure attempts to ensure that others cannot access your files or your printer.

  Other measures that safeguard against unauthorised access include

firewalls and intrusion detection software as well as authenticating users.

Safeguarding Measures

Protecting your own personal computers: always make sure that file and printer sharing

is disabled on your Internet connection. This security measure attempts to ensure

that others cannot access your files or your printer.

Other measures that safeguard against unauthorised access include: Firewalls intrusion detection software authenticating users

Identifying and Authenticating Users

Many companies use access controls to minimise the chance that: a perpetrator intentionally may access or an employee accidentally access

confidential information they don't have rights to

An access control is a security measure that: defines who can access a computer. the computer should also maintain an audit

trail that records in a file both successful and unsuccessful password attempts.

Identification and Authentication

Many systems implement access controls using a two-phase process called identification and authentication. Identification verifies an individual is a valid

user Authentication verifies that individual is who

they claim to be. Three methods include:

user names and passwords possessed objects biometric devices.

Biometric Devices

Authenticates a person's identity by: translating a personal characteristic

E.g. a users voice or fingerprint into a digital code compared with a digital code stored on the computer.

Task: Look further into biometric devices. What are some examples? How do they work? What are advantages and disadvantages of this technology?

Why aren’t we using fingerprint scanners at Trinity?

Ethics and Society

As with any powerful technology, computers can be used for both good and bad intentions.

The standards that determine whether an action is perceived as good or bad are known as ethics.

  Computer ethics govern the use of computers and

information systems. Six frequently discussed areas of computer ethics are:

unauthorised use of computers and networks software theft (piracy) information accuracy intellectual property rights codes of conduct information privacy 

Information Accuracy

Information accuracy today is a concern because many users access information maintained by other people on the Internet.

Do not assume everything that you read on the Internet is true

Be aware that the company providing the information may not always be the creator of the information.

In addition to concerns about the accuracy of computer input, some individuals and organisations raise questions of ethics in using computers to alter output, primarily graphical output such as retouched photographs.

Using graphics equipment and software users can digitise photographs, adding and removing parts of the original images.

Ethics and Society A company requires employees to wear badges that track their whereabouts while at work. A supervisor reads an employees email. An employee uses his computer at work to send email messages to a friend. An employee sends an email message to several co-workers and blind copies to his supervisor. An employee forwards an email to a third party without permission from the sender. An employee uses her computer at work to complete an assignment for school. The vice president of your Student Government Associate downloads a photograph from the Web

and uses it in a flier to recruit members. A student copies text from the Web and uses it in a research paper for his English class. An employee sends political campaign material to individuals on her employer's mailing list. As an employee in the registration office, you have access to students grades. You look up grades for

your friends, so they do not have to wait for delivery of their reports in the mail An employee makes a copy of software and installs it on her home computer. No one uses her home

computer while she's at work, and she uses her home computer only to finish projects from work. An employee who has been laid off installs a virus on his employer's computer. A person designing a Web page finds one on the Web similar to his requirements, copies it, modifies

it and publishes it as his own. A student researches using only the Web to write a report. In a society in which all transactions occur online (a cashless society), the government tracks every

transaction you make and automatically deducts taxes from your bank account. Someone copies a well-known novel to the Web and encourages others to read it. A person accesses a company's network and reports to the company and vulnerabilities discovered.

As you can see that while the laws and standards may be very black and white, whether an activity is ethical or unethical raises questions that highlight the shades of grey. Some of the questions are very easy to answer in terms of whether they were ethical or not where as others are more difficult to answer.

Intellectual Property Rights

Intellectual property refers to unique and original works such as: Ideas Inventions Art Writings Processes company and product names logos

Intellectual property rights are the rights to which creators are entitled for their work.

Certain issues arise surrounding IP today because many of these works are available digitally.

Copyright

A copyright gives authors and artists exclusive rights to: Duplicate Publish sell their materials.

A copyright protects any tangible form of expression.

A common infringement of copyright is piracy. People pirate (illegally copy) software, movies and music. NOT clear-cut with respect to the law

Because copyright law gives the public fair use to copyrighted material.

The issues surround the phrase, fair use, which allows use for educational and critical purposes.

Fair Use

This vague definition is subject to widespread interpretation and raises many questions:

Should individuals be able to download contents of your Web site, modify it and then it on the Web again as their own?

Should a faculty member have the right to print material from the Web and distribute it to all members of a class for teaching purposes only?

Should someone be able to scan photographs or pages from a book, publish them to the Web, and allow others to download them?

Should someone be able to put lyrics to a song on the Web?

Should students be able to post their essays and exams they have written on the Web, making it tempting for others to copy them?

Codes of Conduct Recognising that individuals need specific standards for the ethical use of

computers, a number of IT related organisations established an IT Codes of Conduct.

An IT code of conduct is a written guideline that helps determine whether a specific computer action is ethical or

unethical

Sample IT Codes of Conduct 1. Computers may not be used to harm other people. 2. Employees may not interfere with others' computer work. 3. Employees may not meddle in others' computer files. 4. Computers may not be used to steal. 5. Computers may not be used to bear false witness. 6. Employees may not copy or use software illegally. 7. Employees may not use others' computer resources without authorisation. 8. Employees may not use others' intellectual property as their own. 9. Employees shall consider the social impact of programs and systems they

design. 10. Employees always should use computers in a way that demonstrates

consideration and respect to others.

Privacy

A growing concern control of what information one reveals about

oneself over the Internet who can access that information

These concerns include whether: email can be stored or read by third parties

without consent third parties can track the web sites you have

visited web sites which are visited collect, store, and

possibly share personally identifiable information about users.

Cookies

 An HTTP cookie is data stored on a user's computer that assists in

automated access to websites or web features, or other state information required in complex web sites.

Data may also be used for user-tracking by storing special usage history data in a cookie. concern in the field of privacy. Some types of cookies are classified as a tracking

cookie. Usually cookies used for legitimate technical

purposes, cases of abuse DO occur.

Cookies

Flash cookies, also known as Local Shared Objects, work the same ways as normal cookies and are used by the Adobe Flash Player to store information at the user's computer.

They exhibit a similar privacy risk as normal cookies, but are not as easily blocked, meaning that the option in most browsers to not accept cookies does not affect flash cookies.

One way to view and control them is with browser extensions or add-ons.

Electronic Profiling

Many people have digital cameras and post their photos online.

The people depicted in these photos might not want to have them appear on the Internet.

The same is happening with YouTube. When you subscribe to a Web site, a

product or database of your personal Internet presence is becoming bigger and more profound.

Electronic Profiling – Search Engines

Search engines have the ability to track a user’s searches.

Personal information can be revealed through searches including: search items used the time of the search Patterns More ????

Search engines have claimed a necessity to retain such information in order to: provide better services protect against security pressure protect against fraud

A search engine takes all of its users and assigns each one a specific ID number.

Spam Spam is

the use of electronic messaging systems including most broadcast media, digital delivery

systems to send unsolicited bulk messages

indiscriminately. Spamming remains economically viable

because: advertisers have no operating costs beyond

the management of their mailing lists it is difficult to hold senders accountable for

their mass mailings.

Spam Increasingly, e-mail spam today is sent via "zombie

networks“ networks of virus- or worm-infected personal computers

in homes and offices around the globe many modern worms install a backdoor which allows the

spammer access to the computer and use it for malicious purposes.

An industry of e-mail address harvesting is dedicated to collecting email addresses and selling compiled databases.

Some of these address harvesting approaches rely on users not reading the fine print of agreements, resulting in them agreeing to send messages indiscriminately to their contacts.

Phishing

Phishing is a criminally fraudulent process of trying to obtain sensitive information such as: user names Passwords credit card or bank information

It is an internet crime in which someone masquerades as a trustworthy entity in some form of electronic communication

Typically carried out by e-mail spoofing or instant

messaging

Often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.

Health Concerns and Personal Welfare

Users are a key component in any information system.

Protecting the user is just as important as protecting the hardware, software and data.

  Widespread use of computers has led to

some important health and personal safety concerns

Users should be proactive and minimise their chance of risk.

Personal Welfare and Safety

Originally for military and academic purposes now accessible by everyone

anybody can upload content The Internet is not one network but many

it is a network of networks does not provide one type of service offering but

many – Increasing

Services have many different characteristics The ethics debate has to take account of this

how we approach chat rooms many not be how we approach newsgroups, especially where children are concerned.

Personal Welfare and Safety

As professionals and students studying this particular area we need to make sure that we are not only well informed about the technical practices but how to use our systems appropriately.

If we are educated in the ethical side as well as the technical side we are better equipped to make well informed arguments as to why and how networks can better enhance our lives.

Cyber Bullying Cyber bullying involves:

the use of technology to personally attack or harass an individual. It can be committed through the use of:

the Internet on social networking sites over mobile devices gaming technologies.

It causes emotional and psychological distress for the person being bullied, impacting on their confidence and self esteem.

Cyber bullying makes the victims feel unsafe because they can still be bullied while their at home.

Acts of cyber bullying can include: rumours spread over the Internet posting defamatory comments on social networking sites excluding an individual from an online group sending unwanted text, email or instant messages.

Statistics

A quarter of Australian children report they have been cyber bullied.   Cyber-bullying is more prevalent in older children:

31% of 14-17 year olds reporting that they have been cyber-bullied 21% of 10-13 year olds (Microsoft/Galaxy Research, 2008).

22% of parents of children aged 4-18 admit they have no control over their children's online activities.

Although most parents (78 %) claim to control their children's computer use, only one-in-three has Internet filtering in place.

760,000 teenagers are allowed to have computers in their bedrooms.

40% of parents are restricting Internet use to shared family areas with 42 % say they never check the history of websites their kids have

been visiting.

TASK

While we are aware of the effects of cyber bullying and threats to our personal welfare through computer systems

What can we do as individuals to better equip ourselves and to stop it from happening to others?