possible threats to internet users. the circumstances: is it avoidable? a risk is taken every time a...
TRANSCRIPT
Possible Possible threats to threats to internet usersinternet users
The Circumstances:The Circumstances:Is It Avoidable?Is It Avoidable?
A risk is taken every timea computer connects to a network and starts to communicate with other users, e.g. private or legal persons or organizations of any kind. All those who may potentially use the system.
The Circumstances:The Circumstances:What Is It All About?What Is It All About?
As for the Internet, the real risk concerns merely the internet accounts and the files stored in the computer. However, an intrusion of an unknown user may have serious repercussions in the reality.
Particularly when increasingly significant parts of both human and corporate lives become virtualized.
Legal Conditions Legal Conditions Clinton’s 1995 Internet Privacy ActNo authority to control the Internet
worldwide or effective national control
Legal control vs. personal libertyUsers, servers and programmers
may be subject to different legal orders
Legal rules, their disputability and interpretations; law awareness
The law is always ‘one step behind’
Better safe Better safe than sorry?than sorry?
What You LoseWhat You LoseBeing Secured Being Secured
Savings on firewall and antivirus programs
No blocked websites
Received emails shown in the original form (with all the images etc.)
Easier downloads (new programs or files)
Easier connection with new devices
Easier work with not standardized coding systems and alphabets other than the Latin script in the English version
Why To Attack?Why To Attack?
Victim’s Loss Victimizer's Gain
Privacy loss Possibilities of more accurate marketing research
Information loss Access to restricted information
Money outflow Money
Password confidence Can act in the victim’s name
Addiction Increased demand for their services (social engineering)
Moral loss Satisfaction, Money,Increased demand for their services
Unhealthy lifestyle None
When You Can Be When You Can Be AttackedAttacked
Victim’s Loss Agents Of Hazard
Privacy loss Any activity in the Internet, especially if the security measures that you have taken do not efficiently protect youInformation loss
Money outflow Having an internet bank account, online shopping, advanced fee frauds
Password confidence Imprudence, fallible security systems
Addiction Using social networking services, online gambling, games and shopping
Moral loss Particular user’s psychological weaknesses
Unhealthy lifestyle Spending too much time online
WaysWays You Can Be You Can Be AttackedAttacked In In
Through a Backdoor
For Cross Site Scripting (XSS)
Cross-site request forgery (CSRF)
Code Injection
Facing the Facing the danger…danger…
Wireless Connection Wireless Connection SafetySafety(after USA Today)(after USA Today) If your wireless network is unsecured then you
are highly susceptible to:Fraudulent charges on your credit cardLoans, apartment rentals, and other white
collar crimes in your name Wireless network viruses that destroy your
computer and attack your cell phone
Not to mention, with an average cost of $1000 per victim and 30 hours spent to resolve the situation, you might as well go work pro bono at a really lousy job for half a month. Hackers can easily decrypt wireless signals that contain muchof the network's information, such as the network'sSSID (Service Set Identifier).
Wireless Connection Wireless Connection SafetySafety(after USA Today)(after USA Today) To avoid it:1. Change the administrator's password regularly.2. Limit the strength of your wireless network so it
cannot be detected outside the bounds of your home or office.
3. Turn off SSID broadcasting4. Don’t rely on WEP (Wired Equivalent Privacy)
Encryption. Use "Shared Key" authentication and change your key regularly.
5. Enable MAC Address filtering.
Wi-Fi Protected Access (WPA) is the newest and best available standard in Wi-Fi security. Two modes are available: Pre-Shared Key and RADIUS. Pre-Shared Key gives you a choice of two encryption methods: TKIP (Temporal Key Integrity Protocol), which utilizes a stronger encryption method and incorporates Message Integrity Code (MIC) to provide protection against hackers, and AES (Advanced Encryption System), which utilizes a symmetric 128-Bit block data encryption. RADIUS (Remote Authentication Dial-In User Service) utilizes a RADIUS server for authentication and the use of dynamic TKIP, AES, or WEP.
Email securityEmail security
Spam definitions:Spam definitions:
Unsolicited bulk e-mail (UBE)Unsolicited bulk e-mail (UBE)
Unsolicited commercial e-mail (UCEUnsolicited commercial e-mail (UCE))
Any email message that is fraudulentAny email message that is fraudulentAny email message where the sender’s Any email message where the sender’s identity is forged, or messages sent though identity is forged, or messages sent though unprotected SMTP servers, unauthorized unprotected SMTP servers, unauthorized proxies, or botnetsproxies, or botnets
Zombie spammingZombie spamming
The spam is channelled through your computer to the outside world, so you appear to be the sender
Types of spamTypes of spamIdiotic spam:Idiotic spam: Viagra and sex enhancementViagra and sex enhancement Weight-los scamsWeight-los scams Get rich quick schemesGet rich quick schemes
Who falls for it = idiotsWho falls for it = idiots
Content spamContent spam Games & quizzesGames & quizzes Personality testsPersonality tests ““Free” application or content downloadsFree” application or content downloads
Who falls for it = all of usWho falls for it = all of us
How does content spam How does content spam work?work?
How many eyes above? 97,6% get this question wrong
How does content spam How does content spam work?work?
SCAMSCAMAdvance fee frauds„Nigerian spam”
Lottery win frauds
++NOTIFICATION OF YOUR LOTTO WINNING+
CONGRATULATIONS!!!AWARD FINAL
NOTIFICATIONCONGRATULATIONS, YOU
HAVE BEEN SELECTED.
Personal information scams Personal information scams ((PHISHINGPHISHING))
you receive email messages that appear to come from a legitimate companyyou are asked to update or verify your personal informationscammers then use this information to commit identity theft
PHISHING (Adress spoofing)PHISHING (Adress spoofing)
It makes it easy for phishers to create messages that look like they came from a legitimate source.
PHISHING (Other tricks)PHISHING (Other tricks)Obfuscated links:
Using misspelled versions of the spoofed company's URL
Including the targeted company's name within an URL that uses another domain name
Using HTML to present links deceptivePopup windows and frames with
malicious codeHTML. HTML markup containing
invisible words and instructions helps the message bypass anti-spam software.
PharmingPharming change the hosts file on the victim’s computer:
changing DNS (Domain name system) server information
Redirect a website’s traffic to another
Bogus websites
Other mOther malicious programs alicious programs pphishers use in their scams: hishers use in their scams:
Key loggers and screen capture Trojans record and report information to the phisher. Remote access Trojans turn victims' computers into zombiesBots maintain fabricated conversations with victims in chat rooms or coordinate zombie networks. Spyware tracks and records users' online behavior
Is it possible to stop spam? Is it possible to stop spam? Probably not -- but you can Probably not -- but you can
significantly reduce it.significantly reduce it.
Malware - definitonMalware - definiton
Programs designed to harm or compromise a computer are called malware (as in malicious software). Malware includes a wide array of nasty batches of code that can wreak havoc to your computer or your network.
MalwareMalwareInfectious malware: Viruses,
WormsConcealment: Roootkits,
Backdoors, TrojansMalware for profit: Spyware,
Botnet, Keystroke logging, Dialers
Viruses vs. WormsViruses vs. Wormsviruses and worms, are known for the
manner in which they spread, rather than any other particular behavior,
The term computer virus is used for a program which has infected some executable software and which causes that software, when run, to spread the virus to other executable software. Viruses may also contain a payload which performs other actions, often malicious,
a virus requires user intervention to spread, whereas a worm spreads automatically
Trojan HorsesTrojan HorsesTrojan horse - a program that claims to do one thing, but actually either damages the computer or opens a back door to your system. It invites the user to run it, concealing a harmful or malicious payload.
Rootkits and BackdoorsRootkits and Backdoors
• Once a malicious program is installed on a system, it is essential that it stays concealed, to avoid detection and disinfection. • Techniques known as rootkits allow this concealment, by modifying the host operating system so that the malware is hidden from the user. Rootkits can prevent a malicious process from being visible in the system's list of processes, or keep its files from being read.
Rootkits and Backdoors Rootkits and Backdoors A backdoor is a method of bypassing normal authentication procedures. Once a system has been compromised one or more backdoors may be installed, in order. Backdoors may also be installed prior to malicious software, to allow attackers entry.
Malware for profitMalware for profit
More recently, the greater share of malware programs have been written with a financial or profit motive in mind.
SpywareSpywareSpyware is computer software
that is installed surreptitiously on a personal computer to collect information about a user, their computer or browsing habits without the user's informed consent.
SpywareSpyware
Keystroke loggingKeystroke logging
Key loggers - programs that record keystrokes made by a user, allowing crackers to discover passwords and login codes.
DialersDialers
Dialer software dials up a premium-rate telephone number such as a 0-700 number and leave the line open, charging the toll to the infected user.
BotnetBotnetIn order to coordinate the activity of many
infected computers, attackers have used coordinating systems known as botnets. In a botnet, the malware or malbot logs in to an Internet Relay Chat channel or other chat system. The attacker can then give instructions to all the infected systems simultaneously. Botnets can also be used to push upgraded malware to the infected systems, keeping them resistant to anti-virus software or other security measures.
BotnetBotnet
Botnet- sending e-mail Botnet- sending e-mail spamspamA botnet operator sends out viruses or
worms, infecting ordinary users' computers, whose payload is a malicious application -- the bot.
The bot on the infected PC logs into a particular C&C server (often an IRC server, but, in some cases a web server).
A spammer purchases access to the botnet from the operator.
The spammer sends instructions via the IRC server to the infected PCs, ...
...causing them to send out spam messages to mail servers.
Beyond The Real Beyond The Real ThreatsThreats Software companies may try to take
advantage from average users’ ignorance.
Little knowledge of the security rules may provoke paranoid behavior. Imaginary and real dangers, periodical propagation of viruses.
Underestimating the human factor is much worse than not being fully protected by the technology.
Security rules for shared computer users.
ReferencesReferenceshttp://www.scambusters.org/
stopspam/index.htmlhttp://
computer.howstuffworks.com/phishing.htm/
http://arstechnica.com/security/http://
computer.howstuffworks.com/zombie-computer1.htm
Thank you for Thank you for your attentionyour attention
Marzena DaskoPawel PoplawskiAdam Kaminski