Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers •...
Transcript of Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers •...
![Page 1: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/1.jpg)
Self-learning materials for Information Technology Competence (ITC) Test
1
![Page 2: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/2.jpg)
• Fundamental Concepts
• IS Issues in Daily Computer and Internet Usage
• Public Key Infrastructure, SSL, and Digital Certificates
• Information Security Software Demo
• Information Security Policies and Practices
• Useful Links on Information Security
Outline
2
![Page 3: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/3.jpg)
Security (Information Security) Services:
What does information security (IS) provide?
• Authentication
• Confidentiality
• Integrity
• Non-repudiation
• Availability
Security Services
3
![Page 4: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/4.jpg)
• Authentication – refers to the validation of the identity of
an entity, before it is being authorized to access further information and services
• Confidentiality – refers to the protection of information
from being disclosed to unauthorized parties
• Integrity – refers to the protection of information from
being altered by unauthorized parties
• Non-repudiation – refers to the prevention of message
senders or digital signature signers to deny having sent or signed the corresponding digital message
• Availability – refers to the assurance that information is
available to authorized parties when requested
Security Services
4
![Page 5: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/5.jpg)
Hackers
• Hackers are those who attack computer systems and networks for unauthorized accesses
• Some of them do so for malicious purposes such as stealing or corrupting data
• Some of them are just for fun
• Some of them hack with the goal of testing the security of systems and networks
Threats to Information Security
5
![Page 6: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/6.jpg)
Backdoors
• Backdoors are mechanisms that originally established by system administrators and software manufacturers for system maintenance and software status checking
• Allow one to bypass normal authentication and gain access to computer systems
• Backdoor accesses remain hidden from casual inspection. One may not even know their existence on the computer
• However, hackers always have their ways to find them out and uses backdoor as a springboard to hack
Threats to Information Security
6
![Page 7: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/7.jpg)
Security Loopholes
• Security loopholes are bugs in software that can be exploited for security attacks and intrusions
• Even popular software such as Microsoft Windows cannot totally eliminate loopholes
• Sometimes, backdoors which are originally benign in nature are exploited by hackers to launch intrusions, and they eventually become security loopholes
Threats to Information Security
7
![Page 8: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/8.jpg)
To defense against various security threats, we should:
• Install protection software such as anti-virus programs and personal firewalls
• Perform regular software updates to block the security loopholes
• Software manufacturers announce security bugs and release security patches from time to time • Pay attention to newly available patches and perform
software updates often e.g. Microsoft Safety & Security Center (http://www.microsoft.com/security/)
Information Security Measures
8
![Page 9: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/9.jpg)
Let’s have a brief introduction of
IS Issues in Daily Computer and Internet Usage
9
Computer Viruses Worms
Trojans
Spyware
Network Security for Computer Users
Spam
Adware
Phishing
![Page 10: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/10.jpg)
• Computer viruses are executable codes that hide inside a program and then infect other programs
• Computer viruses damage our computers in many different ways, such as • Deleting files
• Erasing programs, and
• Prompting annoying messages
• They can also replicate themselves without user intervention
Computer Viruses
10
![Page 11: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/11.jpg)
Symptoms of computer virus infection include (but not limited to)
• Display of unusual messages or images
• Reduction of available memory
• Appearance of unknown programs or files
• Corrupted files
• Malfunction of programs and files
Computer Viruses
11
![Page 12: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/12.jpg)
• First, the virus hides inside a program or file and remains inactive until the infected program is run
• Once the infected program or file is executed, the virus is run as well
• It then infects other programs on the computer hard disk by duplicating itself
• The computer is then inflected
How Computer Viruses Work?
12
![Page 13: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/13.jpg)
• How we get the infected files?
• We can receive files and programs that are infected by computer viruses in many ways, including • Email attachments
• Newsgroup message attachments
• Internet downloads, and
• File transfer through instant messaging
How Computer Viruses Work?
13
![Page 14: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/14.jpg)
• Is a special kind of computer virus
• The name Trojans come from the story of Trojan horse, in which the Greek solders hid inside a hollow wooden structure and thus sneaked through the city walls of Troy
• In computer security, a Trojan is a program that performs other than what it is expected • e.g. A program claims to be a game but instead it creates
backdoors for the hackers to gain unauthorized accesses to a computer
• Unlike general computer viruses, Trojans do not replicate themselves normally
Trojans
14
![Page 15: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/15.jpg)
• Worms are another kind of computer viruses
• Spread directly from computer to computer without any action taken part by the computer users • e.g. The Sasser worms that widespread in 2004
automatically scans computers on a network that have a particular Windows security loophole
Worms
15
![Page 16: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/16.jpg)
In case we suspect a computer being infected by viruses …
• We should disconnect the computer from the network immediately!
• Next, run antivirus program to scan the computer for viruses
• If the computer is infected, the antivirus program will report the found viruses and the corresponding infected files after the virus scanning • Usually, antivirus programs try cleaning the found viruses
• In case the viruses cannot be cleaned, the infected files will be quarantined
• It is too late to install antivirus programs at time you suspect your computer having been infected by viruses • Therefore, antivirus programs should always be installed at the very
first beginning
What If My Computer Get Infected?!
16
![Page 17: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/17.jpg)
• Not being regarded as computer viruses • Yet can be very annoying and dangerous
• Sometimes being referred to as malware
Malware = software that has malicious purposes
• Computer users often install them unknowingly
Spyware and Adware
17
![Page 18: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/18.jpg)
• Spyware monitors computer users and collect their information • e.g. a keyboard monitor
spyware program can log every keystroke you type
• Adware’s mission is to show advertisements • Usually via pop-up
windows or embedded in a Web page
Spyware and Adware
18
![Page 19: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/19.jpg)
• How do we get them? • They install themselves onto a computer by exploiting
Web browser security loopholes
• Sometimes come with the freeware that can be freely downloaded from the Web
• We may get them also when we click unknown hyperlinks out of curiosity
• We should take precautions similar to those dealing with computer viruses
Spyware and Adware
19
![Page 20: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/20.jpg)
• Internet connection is essential to almost every computer
• Security risk also increases
Network Security for Users
20
![Page 21: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/21.jpg)
• Data being transmitted over the network can be read by computer software called “Packet Analyzers”
• Wireless networks are vulnerable because users are sharing the same network in open air
Packet Sniffing
21
0010101… Network Segment …00110101… Client computer Server (e.g. Gmail.com)
010101…
010101…
Network Analyzed installed
![Page 22: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/22.jpg)
Email Viruses
• Are computer viruses that spread by means of emails
• Can spread by duplicating and sending themselves to email addresses in the address book of the email application
• Usually exist in form of email file attachments
• Sometimes can spoof sender addresses
• In March 1999, the Melissa email virus forced a number of global companies, including Microsoft, to turn off their e-mail systems completely!
Electronic Communication Security
22
![Page 23: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/23.jpg)
• Email Spam • Unsolicited junk emails from
unknown sender
• Can arrive in a huge volume and can be annoying
• Why it is bad? • Spam occupies Internet and email
server resources
• Uses up email disk quota
• Takes extra time from us to wade through a large number of spam emails to locate the legitimate ones
Electronic Communication Security
23
![Page 24: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/24.jpg)
Dealing with Spam (at Server Side)
• Most Internet Service Providers have installed Anti-spam programs in their email servers • e.g. the IronPort Anti-Spam Service of ITS
http://its.web.ied.edu.hk/antispam/
• Emails that are suspected to be spam are put to the quarantine server and are not directly delivered to users’ email boxes
Electronic Communication Security
24
![Page 25: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/25.jpg)
Dealing with Spam (at Client Side)
• Server side anti-spam measures cannot totally remove spam • We should take client-side precautions, for example:
• Do not response to the spam
• Do not post your and your friends’ email addresses on the Web
• Avoid including HTML email links in your personal homepage
• Create filter rules in our own email applications to filter out unwanted spam emails
Electronic Communication Security
25
![Page 26: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/26.jpg)
Phishing • Is a technique to steal ones’ important personal
information • Is usually conducted by emails • Phishers pretend as organizations such as a bank,
send emails and ask the recipients to enter personal information, account numbers and passwords to a counterfeit Web site that looks like that of the “real” organization
• Beware! Legitimate organization do not seek clients’ information in such way. When in doubt, you should call the genuine organization’s customer service hotline to verify.
Electronic Communication Security
26
![Page 27: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/27.jpg)
• Public Key Infrastructure, or PKI in short, is an umbrella term for a set of security technologies based on public key cryptography • Digital Certificates • Digital Signature • Public Key encryption • …
• PKI provides security to the World Wide Web as well as computer systems and networks
WWW Security and PKI
27
![Page 28: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/28.jpg)
• Cryptography enables us to communicate secretly by encrypting messages with keys • Symmetric Cryptography: a same key is used for
encryption and decryption • Asymmetric Cryptography: encryption key and decryption
key are different A pair of keys: private key and public key Therefore also called “Public Key Cryptography”
WWW Security and PKI
28
Public Key Private Key
![Page 29: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/29.jpg)
Suppose Alice wants to send a message to Bob:
“Symmetric Key Cryptography (no PKI)”
Encryption: Symmetric Key Cryptography Case
29
Alice’s Key = Bob’s Key
Encrypt the message with Alice’s key
Decrypt the message with Bob’s key
![Page 30: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/30.jpg)
Suppose Alice wants to send a message to Bob:
“Asymmetric Key Cryptography (PKI)”
Encryption: Symmetric Key Cryptography Case
30
Public Key ≠ Private Key Public key is known to the public, Private key is kept secret
Encrypt the message with Bob’s public key
Decrypt the message with Bob’s private key Bob has a pair of key: private and public
Public Key Private Key
![Page 31: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/31.jpg)
With PKI, suppose Alice wants to sign on the message to Bob so that Bob can be assured it is really from Alice:
Digital Signature with PKI
31
Verify the signature with Alice’s public key For security reason, encryption and signature should use different key pairs
Sign the message with Alice’s private key Public Key
Private Key
![Page 32: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/32.jpg)
• Public keys are published in WWW by means of digital certificates
• A digital certificate is an electronic file containing information about the certificate holder and is authorized by the Certificate Authority (CA)
• Main components on a Digital Certificate • Certificate holder’s Information • Certificate holder’s public key • Certificate Authority’s digital signature • Expiry date
Digital Signature with PKI
32
![Page 33: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/33.jpg)
• SSL is the abbreviation of Secure Socket Layer • Is a communication protocol for providing authentication
and confidentiality to Internet traffic
• Digital certificate is required for communication over SSL
• When we connect to a Web site over SSL • We can see a small lock at the lower right hand corner
• The URL begins with HTTPS instead of HTTP
33
Digital Signature with PKI
![Page 34: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/34.jpg)
• Software that safeguards security and privacy of information and computer systems
• In particular: • Anti-virus programs defend against computer viruses • Anti-spyware and anti-adware programs defend against
spyware and adware • Personal firewalls defend against security threats in
network connections
• Nowadays, popular antivirus software provide the above protections all-in-one
• Outdated security software may not be able to protect your computer
Security Software
34
![Page 35: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/35.jpg)
• Information security depends much on the safe practices of the computer users
• Computer users are often regarded as the weakest link in information security
• Organizations with a large number of computer users often define the Acceptable Use Policy (AUP) • AUP is a set of rules that governs the use of organization
computers, networks, and the Internet by members within an organization
• The HKIEd also has its own AUP for staff and students • http://its.web.ied.edu.hk/policies/regulations.htm • http://its.web.ied.edu.hk/policies/naup.htm
Security Policies and Practices
35
![Page 36: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/36.jpg)
Good Practices for Safe Computing • Install and always enable anti-virus and anti-spyware
programs • Do not open executable files from an email attachment • Read all messages in plain text • Scan all newly downloaded files and email attachments before
you open or install them • Check out and install Windows Updates regularly • Always enable personal firewalls • Set strong and non-trivial passwords (e.g. E12$n5s2), and
change the password from time to time • Backup files and data regularly • Do not share local files or directories by file sharing
36
Security Policies and Practices
![Page 37: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/37.jpg)
Good Practices for Safe Computing • Disconnect from the Internet and wireless connections when
not in use • Keep your desktop and laptop computers physically safe • Update antivirus program regularly to ensure the latest
version of the program has been installed • Always enable real-time antivirus protection • Scan the computer for viruses regularly • Check out and install Windows Updates regularly • Remember your passwords in your own memory. Don’t write
them down or share them with other people • One should promptly log out of other user’s account before
using the computer
37
Security Policies and Practices
![Page 38: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/38.jpg)
The HKIEd
• Information Security Policy • The policy aims to protect the HKIEd’s members
and its reputation through the protection and preservation of Confidentiality, Integrity and Availability (CIA); and to set out the information security management framework for protecting: • Personal, vital and sensitive information; • Infrastructure and information systems; and • Authorized information users and administrators of the
above.
Useful Links
38
![Page 39: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/39.jpg)
The HKIEd • Network Acceptance Usage Policy • This Acceptable Usage Policy applies to all users of
the HKIEd Campus Network and its purpose is to ensure that every network user can enjoy a secure, reliable and productive working environment. This policy covers areas on proper usage, legal aspects, respect for the rights of others and regulation enforcement.
Useful Links (con’t)
39
![Page 40: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/40.jpg)
Hong Kong Computer Emergency Response Team (HKCERT) • HKCERT Coordination Center • HKCERT coordinates computer and network security
incidents for Hong Kong enterprises and Internet users. Its Web site contains articles, news, and useful links of information security.
Useful Links (con’t)
40
![Page 41: Self-learning materials for Information Technology Competence … · 2012-09-24 · Hackers • Hackers are those who attack computer systems and networks for unauthorized accesses](https://reader033.fdocuments.in/reader033/viewer/2022050518/5fa246a0c2d3636299467059/html5/thumbnails/41.jpg)
Office of the Government Chief Information Officer, HKSAR Government • InfoSec • The Web site aims at promotion and public
education on information security; contains rich resources on information security as well as measures and the best practices for prevention of computer related crimes.
Useful Links (con’t)
41