greg lamb. introduction it is clear that we as consumers and entrepreneurs cannot expect complete...
Post on 15-Jan-2016
219 Views
Preview:
TRANSCRIPT
COMPUTER INFORMATION:
SECURITY THREATS
Greg Lamb
IntroductionIt is clear that we as consumers and entrepreneurs cannot
expect complete privacy when discussing business matters.
However…
There are three key aspects of privacy that we all do expect.
1. Freedom from intrusion
2. Amount of control of information about oneself that we have
3. Freedom from surveillance
Laws Protecting Our Privacy
4th Amendment in U.S. Constitution
Privacy Act of 1974○ Restrict the data in federal government records to “relevant
and necessary information” to the legal purpose for which they are collected.
○ Allow people to access their records and correct inaccurate information.
○ Require procedures to protect the security of the information in databases.
○ Prohibit disclosure of information about a person without his or her consent.
Personal Information Threats
Privacy threats come in several categories:
Intentional, institutional uses of personal information Unauthorized use or release by “insiders” Theft of information Inadvertent leakage of information through negligence or
carelessness Our own actions
○ Trade-offs○ Lack of knowledge (Invisible information gathering)
Statistics
Over 80% of security breaches are caused by insiders
More than 20% of attacks on the corporate web are coming from the inside
30% of companies, experience more than 5 attacks from the insider per year
Government Databases
Tax Records Medical Records Marriage/Divorce records Property Ownership Welfare records, including family details Motor vehicle records Books checked out at public libraries
Computer Error
ATM’s All transactions are recorded in a database at the bank.
This information can help track a persons whereabouts and activities.○ Example: An error in the computer program that operates ATM’s for a
New York bank caused accounts to be debited twice the amount of the actual withdrawal. Less than 24 hours More than 150,000 transactions Totaling around $15 million
Threats Customer database breaches can occur for any
number of reasons. Attack on a credit card company’s server A laptop lost by a health insurance employee Since 2005, more than 500 million customer records have been exposed
illegally.
Facebook While social networking sites are designed to help users share
information with others, it can be just as easy for unknown visitors to eavesdrop.
Within the past few years, Facebook has come under fire for allowing third-party app developers to collect and sell information about users.
Threats (cont.) Phishing
Sending millions of e-mails fishing for information to use to impersonate someone and steal money or goods
Pharming A technique that lures people to fake Web sites where
thieves collect personal data.
Cyber stalking The use of the internet or other electronic means to stalk or
harass an individual. ○ False accusations○ Monitoring○ Making threats○ Identity theft○ Damage to data or equipment
Threats (cont.)
Wi-Fi Hijacking Public Wi-Fi spots often not setup with
security. (Un-secured network)This is when one user on a network grabs a
browser session from another user after he’s logged into a supposedly secure website, such as Facebook.
The attacker then has complete access to the victim’s account and can change the password to lock the victim out.
top related