What is risk online operation:

massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.

To unauthorized access, data theft ,and defacing of web pages

There has been a surge in denial of service attacks hijacking of computers.

Risks to Information System Risks to application and data

1. Theft of information

2. Data alteration, data destruction, and defacement

3. Computer viruses and logic bombs

4. No malicious misshapes

Risks to Information System

Risks to Online Operations

Many hackers try daily to interrupt online businesses

Types of attacks include: Unauthorized access Data theft Defacing of Web pages Denial of service Hijacking

Risks to online operation Denial of Service (DoS)

Too many requests are received to log on to a Web site’s pages

If perpetrated from multiple computers it is called distributed denial of service (DDoS)

Spoofing Deception of users to make them think they are

logged on at one site while they actually are on another

Risks to data and applications theft of data: may be for identity theft, corporate espionage, etc.

identity theft: using another person's credentials social engineering: using human weaknesses to gain access to

confidential information keystroke logging: intercepts keystrokes and either stores them or

sends them someplace on the Internet (very useful for stealing usernames, passwords, account information, etc.)

phishing: fraudulent messages (typically emails) which lure recipients into going to a fake website to try to get them to enter confidential information

pharming: replacing a real website with an impostor to try to get people to enter confidential information

data alteration: sometimes hard to notice. but can be very damaging

data destruction: usually very noticeable, and can be alleviated somewhat by having good backup procedures in place

web defacement: basically vandalism, similar to graffiti, but can cost businesses a lot in lost revenue

tarpit: a host on the network designed to expect attacks and respond very slowly, allowing the attacker to not get much done and spend enough time on the machine to be tracked

honey pot: a host on the network designed to lure attackers in so waiting monitors can attempt to track the attacker

honey token: a piece of data which is extremely unlikely to be accessed legitimately, but which an attacker is likely to access; it has special monitoring to immediately alert system administrators when it is accessed with information about where the access request originated

virus: software designed to spread from one computer to another based on something a user does, such as open a file

worm: software that can spread itself through a network without human intervention

Trojan horse: a malicious program disguised as a potentially helpful or useful program; the program may even appear to be carrying out useful tasks while the malicious part of the code silently carries out its tasks or waits for the right time to spring into action; Trojans are a form of virus

logic bomb: a program where malicious code lies dormant waiting for a specific time or set of conditions to become active and cause damage

DoS (denial of service): prevents the use of online resources; often done by flooding servers with so many requests that the servers can't handle legitimate traffic; can also be done by locking out access to a server or application

DDoS(distributed denial of service): a DoS attack where many computers are used to send the flood of requests; the attacking computers are usually machines which have been previously attacked and have malicious software waiting for commands from some other machine on the Internet

zombie: a zombie is a machine which has been attacked and has been infected with malicious software which awaits commands to carry out DDoS attacks; the user is usually unaware of the problem

hijacking: taking control of a computer or website without the owners consent; zombies are hijacked computers

Hijacking: using some or all of a computer’s resources without the consent of its owner Often done for making a DDoS attack Done by installing a software boot on the computer Main purpose of hijacking is usually to send spam

Bots are planted by exploiting security holes in operating systems and communications software A boot usually installs e-mail forwarding software

Denial of Service

Denial of service (DoS): an attacker launches a large number of information requests Slows down legitimate traffic to site

Distributed denial of service (DDoS): an attacker launches a DoS attack from multiple computers Usually launched from hijacked personal

computers called “zombies” No definitive cure for this A site can filter illegitimate traffic

Risks to ISs include risks to hardware, data, and networks, and natural disaster and vandalism

Risks to data and applications include theft of information, identity theft, data alteration, data destruction, defacement of Web sites, viruses, worms, logic bombs, and no malicious mishaps

Risks to online systems include denial of service and hijacking

Summary