malicious attacks by katya, grace, lachlan, sairus and eric!
TRANSCRIPT
Malicious AttacksMalicious Attacks
By Katya, Grace, Lachlan, Sairus By Katya, Grace, Lachlan, Sairus and Eric!and Eric!
IntroductionIntroduction
• Symantec's Symantec's Government Internet Security Government Internet Security Threat ReportThreat Report states that the U.S. is the states that the U.S. is the top country for overall malicious activity in top country for overall malicious activity in 2008. 2008.
• It’s also ranked first for malicious code, It’s also ranked first for malicious code, phishing website hosts, and originating phishing website hosts, and originating attacks. attacks.
• Attacks on government computer networks Attacks on government computer networks in U.S. that resulted in compromised or in U.S. that resulted in compromised or stolen information increased by 40 percent stolen information increased by 40 percent from 2007 to 2008. from 2007 to 2008.
• In July 2009, an average of 89 percent In July 2009, an average of 89 percent of all email messages were spam!of all email messages were spam!
• It’s clear that the effects of malicious It’s clear that the effects of malicious cyber attacks affect everyone!cyber attacks affect everyone!
• If the internet is to become a safer If the internet is to become a safer place, we must understand the trends place, we must understand the trends and developments taking place in the and developments taking place in the internet threat landscape and internet threat landscape and maintain online security best maintain online security best practices. practices.
Background Background InformationInformation
Types of AttacksTypes of Attacks
Trojan HorseTrojan Horse
WormsWorms
VirusesViruses
HoaxesHoaxes
SpamSpam
PhishingPhishing
Challenges of Preventing Challenges of Preventing Mallicious Attacks Mallicious Attacks
• Integration of open-source software Integration of open-source software and commercial software. and commercial software.
• Inherent security limitations in Inherent security limitations in various technologies. various technologies.
• Ignorance of people. Ignorance of people. • Activities performed by people. Activities performed by people. • International legal environments. International legal environments.
• The integration of open-source software The integration of open-source software and commercial software sometimes and commercial software sometimes provides security issues. provides security issues.
• Commerial operating system vendors Commerial operating system vendors will often include open-source software will often include open-source software in their products. in their products.
• But vulnerabilities are often found in the But vulnerabilities are often found in the open source software that the public open source software that the public becomes aware of and can use to becomes aware of and can use to compromise the commercial software. compromise the commercial software.
• Some technologies have inherent Some technologies have inherent security limitations that can inhibit security limitations that can inhibit efforts to prevent malicious attacks. efforts to prevent malicious attacks.
• For example, email cannot always be For example, email cannot always be verified as coming from a specific server verified as coming from a specific server because secure certificates are not because secure certificates are not included in email standards. included in email standards.
• Additionally, it can be challenging for Additionally, it can be challenging for spam software to be completely sure that spam software to be completely sure that it has detected that a message is spam it has detected that a message is spam and therefore some software must be and therefore some software must be conservative to prevent deleting conservative to prevent deleting legitimate messages. legitimate messages.
• Many people are ignorant about basic Many people are ignorant about basic attack mechanisms and thus attackers are attack mechanisms and thus attackers are successful in using trivial attack successful in using trivial attack mechanisms. mechanisms.
• This is fundamental to an understanding of This is fundamental to an understanding of why phinshing attacks are so successful. why phinshing attacks are so successful.
• People often do not carefuly inspect the People often do not carefuly inspect the sender address of their emails and sender address of their emails and therefore can be easily lead to believe that therefore can be easily lead to believe that emails come from legitimate sources. emails come from legitimate sources.
• People's activities sometimes People's activities sometimes increase their chances of becoming increase their chances of becoming attacked. attacked.
• For example, some people download For example, some people download materials from questionable sources. materials from questionable sources.
• Spam attacks are encouraged Spam attacks are encouraged because some people actually because some people actually purchase the products described in purchase the products described in these messages. these messages.
• Many countries outside the United States Many countries outside the United States have legal climates that make it difficult to have legal climates that make it difficult to punish those participating in malicious punish those participating in malicious attacks. attacks.
• For example, captcha-sweatshops have For example, captcha-sweatshops have been erected in some countries that allows been erected in some countries that allows attackers to obtain a large number of email attackers to obtain a large number of email addresses from trusted domains such as addresses from trusted domains such as yahoo.com and gmail.com for the purpose yahoo.com and gmail.com for the purpose of distributing spam!of distributing spam!
Lessening the Lessening the ”PROBLEM””PROBLEM”
With the right amount of computer software, an education about what the problem is, and good computer habits you can minimize
the potential threat of a Malicious Attack.
Here’s How:
Know the attackers strategies. If you understand how an attack could happen you are more likely to see one coming.
Install software programs such as; firewalls, a spyware scanner, a Trojan horse program, as well as an antivirus program. (Make sure that you ALWAYS run up-to-date scans otherwise your computer is not actually secure)
Mind your computer manners! – Now that you have software checking for issues you must follow good habits to keep your computer safe and healthy. To do so you must: keep your hard drive clean, backup important files, and, when opening a downloaded file make sure to “SAVE” before you “RUN”- this will ensure that your software will scan the file and make sure that it is safe to run on your computer
Now that you know how to prevent a malicious attack don’t be lazy! Stay safe and smart!
What What WeWe Think Think
• We need to be prepared to combat We need to be prepared to combat malicious attacks by being able to malicious attacks by being able to identify dangerous software and identify dangerous software and practicing proper safety measurespracticing proper safety measures
• We believe we should increase the We believe we should increase the penalty for hackers and spammers in penalty for hackers and spammers in order to lessen the amount of order to lessen the amount of Malicious attacksMalicious attacks
To ConcludeTo Conclude
• The U.S. has the largest Malicious Attack The U.S. has the largest Malicious Attack problem in the world problem in the world
• Always remember there are 6 types of Always remember there are 6 types of attacks:attacks:
• Trojan Horses, Worms, Viruses, Hoaxes, Trojan Horses, Worms, Viruses, Hoaxes, Spam, and Phishing.Spam, and Phishing.
• Use proper software programs such as Use proper software programs such as firewalls and anti-viruses and good firewalls and anti-viruses and good computing habits to keep your computer computing habits to keep your computer healthy and happy!healthy and happy!
The EndThe End