network security allan g. dyer cissp, mhkcs, miap, aidpm, msc (tech), bsc past chair, issg, hkcs;...

Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR [email protected]

Upload: angel-tate

Post on 01-Jan-2016

215 views

Category:

Documents

0 download

Report

Download

Tags:

Embed Size (px):

TRANSCRIPT

Network Security

Allan G. DyerCISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc

Past Chair, ISSG, HKCS; President, AVAR

[email protected]

Education SuccessSven Jaschan• German Teenager• School Student• Wrote software worth

>US$157,000

•Worldwide Headlines•Interview with Stern Magazine•Job with Securepoint - German IT Security Company

Page 3: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Education Success?

• estimated damages of US$157,000 for 4 specimen victims

• Created Netsky and Sasser Worms• Arrested May 2004

– Tip-off from school friends– Confessed after arrest

• Netsky.Z attacked educational sites: www.educ.ch, www.medinfo.ufl.edu, www.nibis.de

Page 4: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Education Failure

• He "had not considered the consequences or the damage"

• "everyone in Jaschan's class knew what he was doing"

• "some of them helped him distribute [the worms]"• Parents did not recognise the significance:

– 'Papa, I've put out a computer worm.' – 'Sven, you didn't do anything stupid, did you?'

Page 5: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Education Improvements

• Students need to learn about Information Security and Ethics– Protect Themselves– Respect Others

Page 6: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

What Is Information Security?

CIAConfidentiality

IntegrityAvailability

Page 7: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Meet The Threats:

Viruses, Worms, Trojans

Page 8: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Meet The Threats:

Spyware

Page 9: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Meet The Threats:

Spam

Page 10: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Meet The Threats:

Phishing

Page 11: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Meet The Threats:

Criminals

Page 12: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Meet The Threats:

PornInappropriate Content

Page 13: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

"Ordinary" Organisation

InternetFirewall

Page 14: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

"Ordinary" Organisation

• Trusted Users Inside– Users are already Trained

• Threats Outside

Page 15: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

A School

InternetFirewall

SAMS

Classrooms

Page 16: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

A School

• Firewall is still a useful control point

• Many users (pupils) with minimal computer knowledge

• Some users may be mischievous or malicious

• SAMS an attractive target

Page 17: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

SAMS

• Attendance Records– Hide skiving– Sell the service

• Test or Exam Results

• Personal Details– Intimidate or Blackmail others

Page 18: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

SAMS: Gaining Access

• Guess Passwords

• Unattended Computer

• Network Sniffing

• Keystroke Loggers

Page 19: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

How Young?

• Some macro viruses probably written by 10 to 12 year olds

• Primary Students…– Joke programs?– Plagiarism?

Page 20: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Are

HackersEvil?

Page 21: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

The "Hacker Ethic"

• Curiosity

• Exploring

• Learning

• Testing and Pushing Limits

• Freedom

Page 22: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

HKCERT/CC• Hong Kong Computer Emergency Response

Team Coordination Centre• Established February 2001• Under Hong Kong Productivity Council, funded by

Innovation & Technology Fund• Virus Alerts:

– http://www.hkcert.org/valert/valert.html

• Security Alerts:– http://www.hkcert.org/salert/salert.html

Page 23: Network Security Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Past Chair, ISSG, HKCS; President, AVAR adyer@yuikee.com.hk

Questions?

http://www.yuikee.com.hk/computer/info-ctr/newsletter/

ASTRI’s Mission - HKCS Mobile Learning for School Children Shen-Chang Chao Vice President & Group Director Enterprise & Consumer Electronics Group Nov. 23, 2011 2 ASTRI Proprietary

Invasive species information Based on information prepared ... · IUCN Invasive Species Specialist Group (ISSG) • An IUCN/SSC specialist group • Global - 140+ experts from 42

MAD Gaze x HKCS - · PDF fileMAD Gaze x HKCS Best Smart Glass App ... TYPE_MAGNETIC_FIELD SensorEvent.values[0] ... The Mad Gaze sample project shows four example, the menu layout

Invasive Species Specialist Group-ISSG

Species Recovery Plan - ISSG references/pii/project_docs/crested... · Fijian Crested Iguana 2008 - 2012 Species Recovery Plan abundance data, basic life history information, a better

HKCS CCSIG Cloud Executive Forum keynote

Standardising and Structuring Pathways and Impacts of ...jrussell/files/rep/ISSG_Report.pdf · The Invasive Species Specialist Group (ISSG) manages a Global Invasive Species Database

Visual System: Shedding Light on Eye-Lecture by Imran Ahmad Sajid, ISSG, UOP, March 2012

(LflffllliflTffl mmmmmmmmmsm HJiflMiMpf · (LflffllliflTffl mmmmmmmmmsm HJiflMiMpf Established July, ISSG. VOIj. XX...NO. 388. IICXNOILJXTJ. HAWAIIAN ISLANDS. FKIDAY, ZS OVEMUEK 9,

ISSG/PVD Safety Standards - LowesLink Home€¦ · Lowe’s Confidential – Lowe’s and ISSG & PVD use only ISSG/PVD Safety Standards ISSUED BY & PROPERTY OF LOWE'S Loss Prevention

PACIFIC INVASIVES INITIATIVE - ISSG references/pii/training_skill_sharing... · The Pacific Invasives Initiative ... Pre-departure inspection ... A questionnaire was given to the

HKCS FinTech opportunities and challenges

Profiles of Candidates Standing for Presidency and Council ... › wp-content › uploads › AGM › 2019 › HKCS-AGM-2… · The election of President and Council Members of the

Hong Kong Computer Society - HKCS · Personal Information Collection Statement (PICS) It is a common practice for the data user to provide a written statement, generally referred

Research Report on “Development of a Certification Roadmap ... · Research Report on “Development of a Certification Roadmap for IT Professional Certification” Project HKCS

Data to Action: Results and Next Steps for the Healthy Kids Colorado Survey (HKCS) HKCS Advisory Committee Overview October 2014

VOIDING DYSFUNCTION IN ELDERLY MALE - HKCS Dysfunction in elderly Male... · Common voiding dysfunction in elderly male •Emptying •BPH ... Clinical Age-Adjusted Significance

In-Store Service Groups (ISSG) & Product Vendor Directs

How Soon Do You Want To Know? Vulnerable - AVARHow Soon Do You Want To Know? Allan G. Dyer CISSP, MHKCS, MIAP, AIDPM, MSc (tech), BSc Chief Consultant, Yui Kee Computing President,

Sense of Hearing-Lecture by Imran A. Sajid, for BS Students, ISSG, UOP

Perceptual Organization: Lecture by Imran Ahmad Sajid for BS Social Work/Sociology, ISSG, UOP-April 2012

Our vision: A resilient Pacific environment sustaining our ... · SPREP thanks Shyama Pagad from the Invasive Species Specialist Group (ISSG ) for drafting this guide. The ISSG performs

CSVoice-issue24-fullversion · 2020. 12. 26. · CSVoice-issue24-fullversion.pdf Author: HKCS Created Date: 4/4/2018 4:39:59 PM

1 Dickson K.W. Chiu PhD, SMIEEE, SMACM, Life MHKCS COMP7880: E-Business Strategies Creating effective web presence

csvoice-issue026 - Hong Kong Christian ServiceTitle csvoice-issue026.pdf Author HKCS Created Date 8/6/2018 2:22:50 PM

Surgical Treatment of BPH - HKCS · Surgical Treatment of BPH Different Modalities and Recent Advances Dr. Hung Hing Hoi Associate Consultant Department of Surgery Queen Elizabeth

Hkcs Penetration Testing Presentation

IUCN - Invasive Speciesias.biodiversity.be/meetings/200603_sos_invasions/... · The Invasive Species Specialist Group (ISSG) is part of the Species Survival Commission (SSC) of IUCN

Scott E. Carson · The ISSG recognized that to achieve the desired level of leadership they needed to move ... best practices that the ISSG recommend to be considered in evaluating

PIPA BASELINE MONITORING - ISSG references/pii/project_docs/phoenix... · NZAID – PIPA workshop notes April 2008 2 PIPA/KIRITIMATI WORKBOOK This contains additional information

Seminar Rundown - madfile.com fileSeminar Rundown • Introductory Opening • Opening Speech (by HKCS) • Welcoming Speech (by Mad Mad Group) • Introduc@on of Compe@@on Schedule

Maj De Poorter, Mick Clout, Michael Browne Invasive Species Specialist Group (ISSG), IUCN

Dickson K.W. Chiu PhD, SMIEEE, SMACM, Life MHKCS

Dickson K.W. Chiu PhD, SMIEEE, SMACM, Life MHKCS Jelassi & Enders : Chapter 12

Document1 - ISSG · MARINE BIOFOULING AND INVASIVE SPECIES: GUIDELINES FOR PREVENTION AND MANAGEMENT 1. INTRODUCTION AND BACKGROUND 1.1 Invasive species in the marine environment

network security allan g. dyer cissp, mhkcs, miap, aidpm, msc (tech), bsc past chair, issg, hkcs;...

Documents

information security

gateway security product

computer worm

school friendsconfessed

macro viruses

estimated damages of

hong kong productivity

worldwide headlinesinterview