Network Security and Applications - Global Perspective - Michael Bitz

8/3/2019 Network Security and Applications - Global Perspective - Michael Bitz

1/50

UNITED NATIONSUNITED NATIONS

ECONOMIC COMMISSION FOR AFRICAECONOMIC COMMISSION FOR AFRICA

11

Network Security &Network Security &ApplicationsApplications

Global PerspectiveGlobal Perspective

Forum on ICTs, Trade andForum on ICTs, Trade andEconomic GrowthEconomic Growth

Addis Ababa, EthiopiaAddis Ababa, Ethiopia March 14March 14--16, 200616, 2006


2/50



22

According to an FBIAccording to an FBI

study, 90% of USstudy, 90% of US

companies suffered acompanies suffered a

security incident in 2005security incident in 2005


3/50



33

The FBI also estimatesThe FBI also estimatesthat cyber crime cost USthat cyber crime cost US

companies an average ofcompanies an average of$24,000 last year, down$24,000 last year, down

from $56,000 in 2004from $56,000 in 2004


4/50



44

But, they estimate thatBut, they estimate that

the total cost of cyberthe total cost of cyber

crime to the US was overcrime to the US was over

$400 billion in 2005 alone$400 billion in 2005 alone


5/50



55

THE INTERNETTHE INTERNET


6/50



66

The Internet (ARPANET), wasThe Internet (ARPANET), was

started in 1960s, established itsstarted in 1960s, established its

first connection in 1969, wasfirst connection in 1969, wasspread across the US by 1971,spread across the US by 1971,

and reached Europe by 1973and reached Europe by 1973


7/50



77

ARPANETs LegacyARPANETs Legacy

It all starts with a handshakeIt all starts with a handshake

Transmission Control ProtocolTransmission Control Protocol

(TCP) & Internet Protocol (IP)(TCP) & Internet Protocol (IP)

Well designed with manyWell designed with many

different paths to a destination,different paths to a destination,

where routers constantly monitorwhere routers constantly monitor

the integrity and select the bestthe integrity and select the bestpath, making it robust in the facepath, making it robust in the face

of severe physical damageof severe physical damage


8/50



88

Despite its apparent goodDespite its apparent good

design, the Internet was notdesign, the Internet was not

originally conceived with internaloriginally conceived with internalsecurity in mind, making itsecurity in mind, making it

vulnerable to attacksvulnerable to attacks


9/50



99

NetworkTrafficNetworkTraffic


10/50



1010

CYBERCRIMECYBERCRIME


11/50



1111

Criminal acts using computersCriminal acts using computers

and networks as tools or targetsand networks as tools or targets

Traditional crimes conductedTraditional crimes conducted

through the use of computersthrough the use of computers


12/50



1212

Modern Computer CrimesModern Computer Crimes

Can be based on malicious code such as aCan be based on malicious code such as a

virus, email virus, worm or Trojan horse.virus, email virus, worm or Trojan horse.

a.k.a. Passive Attacksa.k.a. Passive Attacks

Or actively perpetrated byOr actively perpetrated by

knowledgeable individuals,knowledgeable individuals,

whowho attempt to exploit network,attempt to exploit network,

computer, and software flawscomputer, and software flaws

a.k.a. Active Attacksa.k.a. Active Attacks


13/50



1313

Traditional CrimesTraditional Crimes

PrePre--existing crimes that are facilitated by theexisting crimes that are facilitated by the

Internet or ones that have found new lifeInternet or ones that have found new life

because the Internet has madebecause the Internet has made

them lucrative endeavours.them lucrative endeavours.

Theft, theft of information,Theft, theft of information,

financial crimes, fraud, copyrightfinancial crimes, fraud, copyrightinfringement, child pornography, scams, harassment,infringement, child pornography, scams, harassment,

and terrorismand terrorism


14/50



1414

A BriefWord On PhishingA BriefWord On Phishing


15/50



1515

WHAT AREWE UPWHAT AREWE UPAGAINST?AGAINST?


16/50



1616

FIRSTFIRST

We are faced with weakWe are faced with weak

underlying technology andunderlying technology and

inherently vulnerable softwareinherently vulnerable software


17/50



1717

SECONDSECOND

Issues such as users anonymityIssues such as users anonymity

coupled with uninformed,coupled with uninformed,misguided, and malicious usersmisguided, and malicious users

contribute to the problemcontribute to the problem


18/50



1818

FINALLYFINALLY

Weak or nonWeak or non--existent legal,existent legal,

regulatory, and policy environmentsregulatory, and policy environmentslimit many countries ability tolimit many countries ability to

tackle cyber crimestackle cyber crimes


19/50



1919

CYBERCRIMINALSCYBERCRIMINALS


20/50



2020

Cyber criminals come inCyber criminals come in

many forms. The mostmany forms. The most

harmful can be maliciousharmful can be maliciousinsiders, and disgruntled orinsiders, and disgruntled or

uninformed employeesuninformed employees


21/50



2121

The Internet also has its share ofThe Internet also has its share ofprofessional criminals likeprofessional criminals like

hackers, organized crime andhackers, organized crime andpedophiles, who make a living offpedophiles, who make a living off

of their well honed skills andof their well honed skills and

criminal endeavourscriminal endeavours


22/50



2222

Finally, competing business,Finally, competing business,

governments and terroristsgovernments and terrorists

will also use the internet towill also use the internet toimprove their position orimprove their position or

further their causefurther their cause


23/50



2323

IS AFRICA ATARGET?IS AFRICA ATARGET?


24/50



2424

Ongoing analysis by SymantecOngoing analysis by Symantec

and McAfee indicate thatand McAfee indicate thatAfrica is not a major source orAfrica is not a major source or

target of cyber attackstarget of cyber attacks


25/50



2525

Limited connectivity, fewLimited connectivity, few

appealing targets and a smallappealing targets and a small

number of users, are factors thatnumber of users, are factors thatcurrently shield potential Africancurrently shield potential African

targets from most attackstargets from most attacks


26/50



2626

As the African eAs the African e--environmentenvironment

evolves, so to will its cyberevolves, so to will its cyber

crime environmentcrime environment

Most likely for the worseMost likely for the worse


27/50



2727

A shift from active toA shift from active topassive attacks willpassive attacks will

probably accelerate theprobably accelerate theproblem, negating anyproblem, negating any

protection limitedprotection limited

connectivity providesconnectivity provides


28/50



2828

CAN ANYTHING BECAN ANYTHING BEDONE?DONE?


29/50


30/50



3030

HUMAN FACTORSHUMAN FACT

ORS

Industry, government andIndustry, government and

educators must first addresseducators must first addresshuman behaviour that allowshuman behaviour that allows

cyber crime to thrive and/orcyber crime to thrive and/or

undermine security effortsundermine security efforts


31/50



3131

A significant number ofA significant number of

security breaches are in partsecurity breaches are in part

caused by human actions,caused by human actions,whether intentional orwhether intentional or

otherwiseotherwise


32/50



3232

Examples include:Examples include:Use of weak passwordsUse of weak passwords

Divulging passwords

Divulging passwordsUse of unauthorised softwareUse of unauthorised software

Opening of unknown emailOpening of unknown email

Unauthorised use of networkUnauthorised use of network


33/50



3333

Breaches are not limited toBreaches are not limited to

novice or inexperienced users.novice or inexperienced users.Incidents have been caused byIncidents have been caused by

network administratorsnetwork administrators


34/50



3434

Outlining acceptable networkOutlining acceptable network

use, authorised software, alonguse, authorised software, along

with awareness campaigns andwith awareness campaigns andtraining, can help mitigatetraining, can help mitigate

against human errorsagainst human errors


35/50



3535

TECHNOLOGY FACTORSTECHNOLOGY FACTORS

Technology plays a key role inTechnology plays a key role in

securing computers andsecuring computers and

networks, but only if properlynetworks, but only if properly

deployed and maintaineddeployed and maintained


36/50



3636

There are a panoply of securityThere are a panoply of security

tools at your disposal. If usedtools at your disposal. If usedproperly they will shield yourproperly they will shield your

organization from most attacksorganization from most attacks


37/50



3737

Security ranges from theSecurity ranges from thebasics likebasics like limiting access tolimiting access to

the networkthe network, forcing users to, forcing users tochange passwordschange passwords at regularat regular

intervals, to physicallyintervals, to physically limitinglimiting

accessaccess to certain computersto certain computers


38/50



3838

A step up would involveA step up would involvevirusvirus

scannersscanners that inspect incomingthat inspect incoming

files for viruses, tofiles for viruses, to firewallsfirewalls,,which limit incoming andwhich limit incoming and

outgoing network trafficoutgoing network traffic


39/50



3939

To sophisticated tools likeTo sophisticated tools likeintrusion detection systemsintrusion detection systems,,

which constantly analyzewhich constantly analyzenetwork traffic and send outnetwork traffic and send out

alerts or shut off access in thealerts or shut off access in the

event of anomaliesevent of anomalies


40/50



4040

If information must be sentIf information must be sent

over the Internet,over the Internet, encryptionencryption

technologytechnology can shieldcan shieldsensitive data when it must besensitive data when it must be

transmittedtransmitted


41/50



4141

POLICY FACTORSPOLICY FACTORSEnsure laws, regulations andEnsure laws, regulations and

policies provide the necessarypolicies provide the necessarysupport and focus that cansupport and focus that can

complement cyber securitycomplement cyber security

endeavoursendeavours


42/50



4242

A strong legal framework sendsA strong legal framework sends

a message that cyber crime willa message that cyber crime will

be dealt with seriously and thatbe dealt with seriously and thatlimits on online conduct will belimits on online conduct will be

imposed.imposed.


43/50



4343

It must also ensure thatIt must also ensure that

countries are able tocountries are able toinvestigate, arrest andinvestigate, arrest and

prosecute cyber criminalsprosecute cyber criminals


44/50



4444

A well articulated regulatoryA well articulated regulatoryscheme will ensure that keyscheme will ensure that key

players such as TSPs,players such as TSPs,government and industrygovernment and industry

understand their roles inunderstand their roles in

ensuring a secure environmentensuring a secure environment


45/50



4545

Well articulated policies thatWell articulated policies that

outline the roles, responsibilitiesoutline the roles, responsibilities

and commitments of users, TSPand commitments of users, TSPand governments will bring alland governments will bring all

this togetherthis together


46/50



4646

A FEWWORDS ABOUTA FEWWORDS ABOUTSECURITY POLICIESSECURITY POLICIES


47/50



4747

INDUSTRY POLICIESINDUSTRY POLICIES

Should address acceptable usage,Should address acceptable usage,

minimum security standards, andminimum security standards, andcommitments by organisation tocommitments by organisation to

educate and support userseducate and support users


48/50



4848

GOVERNMENT POLICIESGOVERNMENT POLICIES

Identify short and mid termIdentify short and mid term

security objectives, support tosecurity objectives, support to

key players, investments inkey players, investments insecurity technology andsecurity technology and

training, and awarenesstraining, and awarenessinitiativesinitiatives


49/50



4949

FINAL COMMENTSFINAL COMMENTS


50/50



5050

Michael BitzMichael Bitz

ee--Security & Cyber Crime ConsultingSecurity & Cyber Crime Consulting

Dar es Salaam, TanzaniaDar es Salaam, Tanzania

[email protected]@rogers.com

(+255) 746 77 64 76(+255) 746 77 64 76

Network Security and Applications - Global Perspective - Michael Bitz

Documents

Transcript of Network Security and Applications - Global Perspective - Michael Bitz