Possible Possible threats to threats to internet usersinternet users

The Circumstances:The Circumstances:Is It Avoidable?Is It Avoidable?

A risk is taken every timea computer connects to a network and starts to communicate with other users, e.g. private or legal persons or organizations of any kind. All those who may potentially use the system.

The Circumstances:The Circumstances:What Is It All About?What Is It All About?

As for the Internet, the real risk concerns merely the internet accounts and the files stored in the computer. However, an intrusion of an unknown user may have serious repercussions in the reality.

Particularly when increasingly significant parts of both human and corporate lives become virtualized.

Legal Conditions Legal Conditions Clinton’s 1995 Internet Privacy ActNo authority to control the Internet

worldwide or effective national control

Legal control vs. personal libertyUsers, servers and programmers

may be subject to different legal orders

Legal rules, their disputability and interpretations; law awareness

The law is always ‘one step behind’

Better safe Better safe than sorry?than sorry?

What You LoseWhat You LoseBeing Secured Being Secured

Savings on firewall and antivirus programs

No blocked websites

Received emails shown in the original form (with all the images etc.)

Easier downloads (new programs or files)

Easier connection with new devices

Easier work with not standardized coding systems and alphabets other than the Latin script in the English version

Why To Attack?Why To Attack?

Victim’s Loss Victimizer's Gain

Privacy loss Possibilities of more accurate marketing research

Information loss Access to restricted information

Money outflow Money

Password confidence Can act in the victim’s name

Addiction Increased demand for their services (social engineering)

Moral loss Satisfaction, Money,Increased demand for their services

Unhealthy lifestyle None

When You Can Be When You Can Be AttackedAttacked

Victim’s Loss Agents Of Hazard

Privacy loss Any activity in the Internet, especially if the security measures that you have taken do not efficiently protect youInformation loss

Money outflow Having an internet bank account, online shopping, advanced fee frauds

Password confidence Imprudence, fallible security systems

Addiction Using social networking services, online gambling, games and shopping

Moral loss Particular user’s psychological weaknesses

Unhealthy lifestyle Spending too much time online

WaysWays You Can Be You Can Be AttackedAttacked In In

Through a Backdoor

For Cross Site Scripting (XSS)

Cross-site request forgery (CSRF)

Code Injection

Facing the Facing the danger…danger…

Wireless Connection Wireless Connection SafetySafety(after USA Today)(after USA Today) If your wireless network is unsecured then you

are highly susceptible to:Fraudulent charges on your credit cardLoans, apartment rentals, and other white

collar crimes in your name Wireless network viruses that destroy your

computer and attack your cell phone

Not to mention, with an average cost of $1000 per victim and 30 hours spent to resolve the situation, you might as well go work pro bono at a really lousy job for half a month. Hackers can easily decrypt wireless signals that contain muchof the network's information, such as the network'sSSID (Service Set Identifier).

Wireless Connection Wireless Connection SafetySafety(after USA Today)(after USA Today) To avoid it:1. Change the administrator's password regularly.2. Limit the strength of your wireless network so it

cannot be detected outside the bounds of your home or office.

3. Turn off SSID broadcasting4. Don’t rely on WEP (Wired Equivalent Privacy)

Encryption. Use "Shared Key" authentication and change your key regularly.

5. Enable MAC Address filtering.

Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.

Email securityEmail security

Spam definitions:Spam definitions:

Unsolicited bulk e-mail (UBE)Unsolicited bulk e-mail (UBE)

Unsolicited commercial e-mail (UCEUnsolicited commercial e-mail (UCE))

Any email message that is fraudulentAny email message that is fraudulentAny email message where the sender’s Any email message where the sender’s identity is forged, or messages sent though identity is forged, or messages sent though unprotected SMTP servers, unauthorized unprotected SMTP servers, unauthorized proxies, or botnetsproxies, or botnets

Zombie spammingZombie spamming

The spam is channelled through your computer to the outside world, so you appear to be the sender

Types of spamTypes of spamIdiotic spam:Idiotic spam: Viagra and sex enhancementViagra and sex enhancement Weight-los scamsWeight-los scams Get rich quick schemesGet rich quick schemes

Who falls for it = idiotsWho falls for it = idiots

Content spamContent spam Games & quizzesGames & quizzes Personality testsPersonality tests ““Free” application or content downloadsFree” application or content downloads

Who falls for it = all of usWho falls for it = all of us

How does content spam How does content spam work?work?

How many eyes above? 97,6% get this question wrong

How does content spam How does content spam work?work?

SCAMSCAMAdvance fee frauds„Nigerian spam”

Lottery win frauds

++NOTIFICATION OF YOUR LOTTO WINNING+

CONGRATULATIONS!!!AWARD FINAL

NOTIFICATIONCONGRATULATIONS, YOU

HAVE BEEN SELECTED.

Personal information scams Personal information scams ((PHISHINGPHISHING))

you receive email messages that appear to come from a legitimate companyyou are asked to update or verify your personal informationscammers then use this information to commit identity theft

PHISHING (Adress spoofing)PHISHING (Adress spoofing)

It makes it easy for phishers to create messages that look like they came from a legitimate source.

PHISHING (Other tricks)PHISHING (Other tricks)Obfuscated links:

Using misspelled versions of the spoofed company's URL

Including the targeted company's name within an URL that uses another domain name

Using HTML to present links deceptivePopup windows and frames with

malicious codeHTML. HTML markup containing

invisible words and instructions helps the message bypass anti-spam software.

PharmingPharming change the hosts file on the victim’s computer:

changing DNS (Domain name system) server information

Redirect a website’s traffic to another

Bogus websites

Other mOther malicious programs alicious programs pphishers use in their scams: hishers use in their scams:

Key loggers and screen capture Trojans record and report information to the phisher. Remote access Trojans turn victims' computers into zombiesBots maintain fabricated conversations with victims in chat rooms or coordinate zombie networks. Spyware tracks and records users' online behavior

Is it possible to stop spam? Is it possible to stop spam? Probably not -- but you can Probably not -- but you can

significantly reduce it.significantly reduce it.

Malware - definitonMalware - definiton

Programs designed to harm or compromise a computer are called malware (as in malicious software). Malware includes a wide array of nasty batches of code that can wreak havoc to your computer or your network.

MalwareMalwareInfectious malware: Viruses,

WormsConcealment: Roootkits,

Backdoors, TrojansMalware for profit: Spyware,

Botnet, Keystroke logging, Dialers

Viruses vs. WormsViruses vs. Wormsviruses and worms, are known for the

manner in which they spread, rather than any other particular behavior,

The term computer virus is used for a program which has infected some executable software and which causes that software, when run, to spread the virus to other executable software. Viruses may also contain a payload which performs other actions, often malicious,

a virus requires user intervention to spread, whereas a worm spreads automatically

Trojan HorsesTrojan HorsesTrojan horse - a program that claims to do one thing, but actually either damages the computer or opens a back door to your system. It invites the user to run it, concealing a harmful or malicious payload.

Rootkits and BackdoorsRootkits and Backdoors

• Once a malicious program is installed on a system, it is essential that it stays concealed, to avoid detection and disinfection. • Techniques known as rootkits allow this concealment, by modifying the host operating system so that the malware is hidden from the user. Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read.

Rootkits and Backdoors Rootkits and Backdoors A backdoor is a method of bypassing normal authentication procedures. Once a system has been compromised one or more backdoors may be installed, in order. Backdoors may also be installed prior to malicious software, to allow attackers entry.

Malware for profitMalware for profit

More recently, the greater share of malware programs have been written with a financial or profit motive in mind.

SpywareSpywareSpyware is computer software

that is installed surreptitiously on a personal computer to collect information about a user, their computer or browsing habits without the user's informed consent.

SpywareSpyware

Keystroke loggingKeystroke logging

Key loggers - programs that record keystrokes made by a user, allowing crackers to discover passwords and login codes.

DialersDialers

Dialer software dials up a premium-rate telephone number such as a 0-700 number and leave the line open, charging the toll to the infected user.

BotnetBotnetIn order to coordinate the activity of many

infected computers, attackers have used coordinating systems known as botnets. In a botnet, the malware or malbot logs in to an Internet Relay Chat channel or other chat system. The attacker can then give instructions to all the infected systems simultaneously. Botnets can also be used to push upgraded malware to the infected systems, keeping them resistant to anti-virus software or other security measures.

BotnetBotnet

Botnet- sending e-mail Botnet- sending e-mail spamspamA botnet operator sends out viruses or

worms, infecting ordinary users' computers, whose payload is a malicious application -- the bot.

The bot on the infected PC logs into a particular C&C server (often an IRC server, but, in some cases a web server).

A spammer purchases access to the botnet from the operator.

The spammer sends instructions via the IRC server to the infected PCs, ...

...causing them to send out spam messages to mail servers.

Beyond The Real Beyond The Real ThreatsThreats Software companies may try to take

advantage from average users’ ignorance.

Little knowledge of the security rules may provoke paranoid behavior. Imaginary and real dangers, periodical propagation of viruses.

Underestimating the human factor is much worse than not being fully protected by the technology.

Security rules for shared computer users.

ReferencesReferenceshttp://www.scambusters.org/

stopspam/index.htmlhttp://

computer.howstuffworks.com/phishing.htm/

http://arstechnica.com/security/http://

computer.howstuffworks.com/zombie-computer1.htm

Thank you for Thank you for your attentionyour attention

Marzena DaskoPawel PoplawskiAdam Kaminski