T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct...
-
Upload
beverly-garrison -
Category
Documents
-
view
213 -
download
1
Transcript of T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct...
![Page 1: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/1.jpg)
Computer Security- An Introduction-
T.A 2013/2014
![Page 2: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/2.jpg)
Wake Up Call!
• Malware hijacks your email, sends death threats. Found in Japan (Oct 2012)
• Standford University Recent Network Hack May Cost Them Millions.– Its network had been hacked for the 2nd time in three months. (August
2013)
• Three Georgia Tech Hackers have disclosed how to hack iPhones and iPad with malwer in under sixty seconds using a “malicious charger”. (August 2013).
![Page 3: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/3.jpg)
“If you know your enemy and know your self, you need not fear the result of a hundred battles”
(art of war by Sun Tzu)
![Page 4: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/4.jpg)
Why Computer Security?• If your personnel do not know or understand how to maintain
confidentiality of information, • or how to secure it appropriately, not only do you risk having one of
your most valuable business assets (information) mishandled, inappropriately used, or obtained by unauthorized persons, • but you also risk being in non-compliance of a growing number of
laws and regulations that require certain types of information security and privacy awareness and training activities. • You also risk damaging another valuable asset, corporate
reputation.
(Rebecca Herold, "Managing an Information Security and Privacy Awareness and Training Program" 2005)
![Page 5: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/5.jpg)
Definition
NIST Computer security handbook : Computer security : the protection afforded
to an automated information system in order to attain the application of preserving the integrity, availability, and confidentiality of incoming system resources (includes hardware, software, firmware, information/data, and telecommunications)
![Page 6: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/6.jpg)
Key Security Concepts
Secure System
![Page 7: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/7.jpg)
Aspect of Computer Security• Confidentiality– The protection of data from unauthorized disclosure.
• Availability– protects a system to ensure its availability
• Integrity– The assurance that data received are exactly as sent
by an authorized entity (i.e., contain no modification, insertion, deletion, or replay).
![Page 8: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/8.jpg)
Aspect of Computer Security
• Authentication– The assurance that the communicating entity is the one
that it claims to be
• Access control– The prevention of unauthorized use of a resource
• Non-repudiation– Provides protection against denial by one of the entities
involved in a communication of having participated in all or part of the communication.
![Page 9: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/9.jpg)
The Scope of Computer Security
![Page 10: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/10.jpg)
Computer Security Challenges1. not simple2. must consider potential attacks (on mechanisms)3. procedures used counter-intuitive4. involve algorithms and secret info5. must decide where to deploy mechanisms6. battle of wits between attacker / admin7. not perceived (appreciated) on benefit until fails8. requires regular monitoring9. too often an after-thought10. regarded as impediment to using system
![Page 11: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/11.jpg)
The Threat• Interruption• Interception• Modification• Fabrication
![Page 12: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/12.jpg)
The Damage
![Page 13: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/13.jpg)
Implementation of Security Technology
![Page 14: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/14.jpg)
Security Taxonomy
![Page 15: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/15.jpg)
The Strategy
• Policy : what is the security scheme supposed to do?– Value from protected asset– System Vulnerability– Potential treat
• Implementation : How does it to do?– Preventing– Detection– Responding– Recovery
• Assurance and evaluation : Does it really work?
![Page 16: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/16.jpg)
Summary• security concepts• Terminology• The threat• The damage• security taxonomy• security strategy
![Page 17: T.A 2013/2014. Wake Up Call! Malware hijacks your email, sends death threats. Found in Japan (Oct 2012) Standford University Recent Network Hack May Cost.](https://reader035.fdocuments.in/reader035/viewer/2022070413/5697bfd71a28abf838cae5cf/html5/thumbnails/17.jpg)
end