lecture 7: it security pad 6710. it security threats security threats – external- intrusion...
TRANSCRIPT
![Page 1: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/1.jpg)
Lecture 7: IT Security
PAD 6710
![Page 2: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/2.jpg)
IT Security Threats
Security Threats– External- Intrusion Threats– Network- Technological Threats– Internal- Organizational Threats
Intrusion threats– Hacking: Unauthorized access and use of sensitive
information Compromising National security data Compromising Personnel data, e.g SSN, Credit cards Compromising Personal data
– Cyber crimes ID thefts: on the rise Carding Forums: Criminal websites dedicated to the sale of
stolen personal and financial information
![Page 3: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/3.jpg)
IT Security Threats
Network threats– System vulnerabilities/ compromises– Malicious software
Viruses: Programs that attach to files, enabling them to spread from one computer to another; can damage hardware, software or files.
Worms: Self-propagating viruses Spyware: Programs that are installed without user’s knowledge,
and can potentially monitor activities or steal sensitive information
Phishing: Legitimate looking emails that tricks user into providing sensitive information
– Internet Piracy Online software scams that could potentially be a security threat
[see: http://www.bsa.org/files/Internet_Piracy_Report.pdf ]– Wireless insecurities
Wireless is more prone to security threats than wired connections
Open wireless communities (e.g. Wi-FI hotspots in public places that do not require a password) are particularly vulnerable
![Page 4: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/4.jpg)
IT Security Threats
Internal organizational threats– Employee security—who is to guard the guard?– Lax management – governments are extensive
data repositories; lax management could compromise the data
Problems of security threats– Corruption of Information– Disclosure of Information to unauthorized parties– Theft of Service– Denial-of-service to legitimate users
![Page 5: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/5.jpg)
Need for IT security
Authentication Provides the assurance that the person affixing a signature to
an electronic document is who he or she claims to be
Confidentiality Access to the content of the document is limited to
authorized persons
Integrity Assurance that the message is whole, complete, and not
changed in transmission
Nonrepudiation Neither party to a transaction can later claim that the
transaction did not take place, or that the signature is not valid
![Page 6: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/6.jpg)
Processes of Network Attacks
![Page 7: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/7.jpg)
Vulnerabilities
OperatorsProgram
mersData Entry
InternalOutsid
eIntrude
rs
Physical Destructio
n
Bombing Short
circuits
Information
Destruction
Erasing Disks
Malicious software
Malicious
software
Via modem
Data Diddling
Malicious software
False data entry
Theft of Services
Theft as user
Unauthorized action
Via modem
BrowsingTheft of media
Unauthorized access
Via modem
Theft of Informatio
n
Unauthorized access
Via modem
VULN
ERABILIT
IES
PERPETRATORS
![Page 8: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/8.jpg)
Attackers & Motivations
![Page 9: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/9.jpg)
Containing Security Threats
Legislation and Executive Branch Actions– Covers legal action against security threats
Computer Security Act (1987) –security guidelines and standards for government computers
Government Information Security Reform Act (GISRA – 2000) –complemented CSA
Homeland Security Act (HSA – 2002): CIO authority for overseeing coordination and consolidation of data
Fair and Accurate Credit Transactions Act (FACTA – 2003)
Controlling the Assault of Non-Solicited Pornography and Marketing Act (CAN-SPAM Act of 2003)
![Page 10: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/10.jpg)
Containing Security Threats
SECURITY AUDIT AND VULNERABILITY ASSESSMENT Update software
– Install the latest software patches– Install antivirus software with frequent updates
Attack halting – Stops the attack, whether it is a program or a hacker
Attack blocking– Closes the loop-hole through which the attacker gained access
Attack alerting – Either pop-up to an online admin, or email or SMS to a remote
admin Information collecting
– On what is done by the attack to the network, and from where the attack came - helps gather forensic evidence should a prosecution become necessary or possible
Full reporting – Learn from mistakes; prevent future problems
![Page 11: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/11.jpg)
Intrusion Detection Systems– Firewalls
Access limitations– Super Power passwords– CAPTCHAs (Completely Automated Turing Test
To Tell Computers and Humans Apart)
Multi level access control– Discretionary access control (DAC)– Mandatory access control (MAC)– Role based access control– Task based access control
Containing Security Threats
![Page 12: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/12.jpg)
Containing Security Threats
Fail-safe features – Encryption of data to authenticate identity of
individuals attempting to access the governmental computer systems
– In paper document, sender has written signature and seals the envelope; receiver checks document integrity by checking the seal
– Similarly, in electronic documents, sender puts an electronic signature and encrypts document; receiver performs decrypting (a message digest/hashing algorithm) to verify document
![Page 13: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/13.jpg)
Containing security threats
Public Key Infrastructure (PKI)– PKI is based upon Public Key Cryptography (PKC), an
internationally accepted method for securing electronic communications
– PKC involves a pair of mathematically related keys (large prime numbers of 1024 characters in length)
Public key: Distributed freely to anyone whom the public key owner wishes to communicate securely
Private Key: Known only by the signer; used to sign a message that only the public key can verify
PKI Process– User gets certificate of authority– Certificate creates a public key for the user– Certificate also issues matching private key– User can employ the private key to send messages– Another user can decrypt messages by using the public key
Federal ID Cards for federal employees and contractors (Smartcards)
Virtual Private Network (VPN) tunneling through secure channels
![Page 14: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/14.jpg)
Containing Security Threats
PENETRATION TESTS Agency-Level Security Policies
– Security governance and reporting– Physical Security Systems– Security Checks and Clearances– Biometrics– Configuration Management– Secure System Design– Red Teams – teams of experts– Honey Pots – proactive security strategies
![Page 15: Lecture 7: IT Security PAD 6710. IT Security Threats Security Threats – External- Intrusion Threats – Network- Technological Threats – Internal- Organizational](https://reader036.vdocument.in/reader036/viewer/2022082611/56649e755503460f94b766cf/html5/thumbnails/15.jpg)
Containing Security Threats
Comprehensive Security Policy: 1. Risk Management Structure 2. Data Stewardship 3. Risk Tracking 4. Risk Notification 5. Authentication 6. Encryption 7. Data Security 8. Data Sharing 9. Data Disposal 10. Security Training