Transcript Chapter 8 Security Issues and Strategies
Chapter 8 Security Issues and Strategies
Chapter 8
Security Issues and Strategies
© Paradigm Publishing, Inc.
8-1
Presentation Overview
Network and Internet Security Risks
Hardware and Software Security Risks
Security Strategies for Protecting Computer Systems and Data
© Paradigm Publishing, Inc.
8-2
Risk Assessment Why is risk assessment important when defining security strategies?
– In order to protect their systems adequately, organizations need to assess the level of security risk that they face. – The two factors that determine the level of security risk are • •
Threat – the severity of a security breach Vulnerability – the likelihood of a security breach
© Paradigm Publishing, Inc.
8-3
Risk Assessment The higher the level of vulnerability and threat, the higher the level of risk.
© Paradigm Publishing, Inc.
8-4
Risk Assessment Companies today face security problems in three broad areas:
– Network and Internet security risks – Computer viruses – Hardware and software security risks © Paradigm Publishing, Inc.
8-5
Network and Internet Security Risks What are the security risks on networks and the Internet?
– Unauthorized access – Denial of service attacks – Information theft © Paradigm Publishing, Inc.
8-6
Network and Internet Security Risks Unauthorized Access
– A
hacker
is a computer expert that seeks programming, security, and system challenges.
– A
cracker
is a hacker with malicious or criminal intent.
– A
cyberwar
occurs when a group of hackers attacks a site in a competing country when news events between two potential foes cause a flare-up of tensions.
© Paradigm Publishing, Inc.
8-7
Network and Internet Security Risks Annual Percentage of Unauthorized Access to Computers
© Paradigm Publishing, Inc.
8-8
Network and Internet Security Risks Unauthorized Access
–
User IDs and passwords
– hackers gain entry by finding a working user ID and password –
System backdoor
– a test user ID and password that provides the highest level of authorization © Paradigm Publishing, Inc.
8-9
Network and Internet Security Risks Unauthorized Access
–
Spoofing
–fooling another computer by pretending to send packets from a legitimate source –
Online predator
– an individual who uses the Internet to talk young people into meeting or exchanging photos with him or her © Paradigm Publishing, Inc.
8-10
Network and Internet Security Risks In a denial of service (DoS) attack , one or more hackers run multiple copies of a program that asks for the same information from a Web site over and over again, flooding the system and essentially shutting it down.
© Paradigm Publishing, Inc.
8-11
Network and Internet Security Risks Information Theft
– Stealing corporate information is easy to do and difficult to detect.
– The limited security of wireless devices has made it even easier.
Wired Equivalent Privacy (WEP)
is a security protocol that makes it more difficult for hackers to intercept wireless data transmissions.
–
Data browsing
is when workers invade the privacy of others by viewing private data.
© Paradigm Publishing, Inc.
8-12
Computer Viruses
• •
A computer virus is a program, written by a hacker or cracker, that is designed to perform some kind of trick upon an unsuspecting victim.
A worm doesn’t wait for a user to execute an attachment or open a file with a macro; instead, it actively attempts to move and copy itself.
© Paradigm Publishing, Inc.
8-13
© Paradigm Publishing, Inc.
Computer Viruses Viruses are often transmitted over the Internet and through shared devices such as flash drives.
8-14
Computer Viruses Virus Symptoms
© Paradigm Publishing, Inc.
8-15
Computer Viruses Impact of Viruses
– A
nuisance virus
usually does no real damage, but is rather just an inconvenience.
– An
espionage virus
does not inflict immediate damage, but it allows the hacker or cracker to enter the system later to steal data or spy.
– A
data-destructive virus
is designed to erase or corrupt files so that they are unreadable.
© Paradigm Publishing, Inc.
8-16
Computer Viruses Methods of Virus Operation
– A
macro virus
is written specifically for one program, such as Microsoft Word.
•
If the user activates macros, infecting the program, every file created or edited using that program will become infected too.
– A
variant virus
is programmed to change itself to fool programs meant to stop it.
– A
stealth virus
tries to hide from software designed to find and destroy it.
© Paradigm Publishing, Inc.
8-17
Computer Viruses Methods of Virus Operation
– A
boot sector virus
is designed to alter the
boot sector
of a disk (which contains a variety of information) so that whenever the operating system reads the boot sector, the computer will become infected.
– A
Trojan horse virus
hides inside another legitimate program or data file.
© Paradigm Publishing, Inc.
8-18
Computer Viruses Methods of Virus Operation
– A
multipartite virus
utilizes several forms of attack.
– A
logic bomb virus
sits quietly dormant, waiting for a specific event or set of conditions to occur before it infects the computer.
© Paradigm Publishing, Inc.
8-19
Hardware and Software Security Risks Systems Failure
A
power spike
is a sudden rise or fall in the power level that can cause poor performance or permanently damage hardware.
• •
A
surge protector
can guard against power spikes.
An
uninterruptible power supply (UPS)
is a more vigorous power protection system which provides a battery backup and can keep computers running during a blackout.
© Paradigm Publishing, Inc.
8-20
Hardware and Software Security Risks Employee Theft
– Businesses lose millions of dollars a year in stolen computer hardware and software. – The costs involved include • • •
The cost of the stolen software and hardware The cost of replacing lost data The cost of the time lost while the machines are gone
•
The cost of installing new machines and training people to use them
© Paradigm Publishing, Inc.
8-21
Hardware and Software Security Risks Cracking Software for Copying
– A
crack
is a method of circumventing a security scheme that prevents a user from copying a program.
•
For example, copying a CD with a burner
– Some companies are trying to make duplication difficult by scrambling some of the data on their original CDs.
© Paradigm Publishing, Inc.
8-22
Security Strategies for Protecting Computer Systems and Data Components of Physical Security
– The location of devices – The use of locking equipment © Paradigm Publishing, Inc.
8-23
Security Strategies for Protecting Computer Systems and Data Firewalls
– A
firewall
will generally allow normal Web browser operations but will prevent many other types of communication.
– The firewall checks incoming data against a list of known, trusted sources.
If a packet does not fit the profile of anything on the firewall’s list, it is rejected.
© Paradigm Publishing, Inc.
8-24
Security Strategies for Protecting Computer Systems and Data Network Sniffers
– A
network sniffer
is a software package that displays network traffic data.
– It shows which resources employees are using and the Web sites they are visiting.
– It can be used to monitor, prevent unauthorized activity, or troubleshoot network connections and improve system performance.
© Paradigm Publishing, Inc.
8-25
Security Strategies for Protecting Computer Systems and Data Antivirus Software
–
Antivirus software
detects and deletes known viruses.
– The Internet helps antivirus software to update itself.
• •
There are 10 to 20 new viruses reported daily.
Antivirus programs must be upgraded constantly.
© Paradigm Publishing, Inc.
8-26
Security Strategies for Protecting Computer Systems and Data Data Backups
– Data should always be backed up and placed in a safe spot.
– A
rotating backup
involves many copies of data which are updated on a set schedule.
• •
This is a time-saving method of backup.
If the database is lost or corrupted, many copies exist, some of which may predate the problem.
© Paradigm Publishing, Inc.
8-27
Security Strategies for Protecting Computer Systems and Data Disaster Recovery Plan
– A
disaster recovery plan
is a safety system that allows a company to restore its systems after a complete loss of data.
– A typical disaster recovery plan includes • • •
Data backup procedures Remotely located backup copies Redundant systems
A
mirrored hard drive
is one that contains exactly the same data as the original.
© Paradigm Publishing, Inc.
8-28
Security Strategies for Protecting Computer Systems and Data Authentication
–
Authentication
is proof that a user is who he says he is, and that he is authorized to access an account.
– Common forms of authentication include • • • •
Personal identification numbers User IDs and passwords Smart cards Biometrics
© Paradigm Publishing, Inc.
8-29
Security Strategies for Protecting Computer Systems and Data Data Encryption
–
Encryption
scrambles information so that it is unreadable.
This unreadable text is called
ciphertext
.
– Data encryption schemes include an
encryption key
that is shared between the two computers that wish to communicate.
© Paradigm Publishing, Inc.
8-30
Security Strategies for Protecting Computer Systems and Data Monitoring and Auditing
– Employers can monitor their employees at work in a number of ways.
• •
Keyboard loggers
store keystrokes on hard drive.
Internet traffic trackers
record the Web sites that employees visit for later auditing.
–
Auditing
involves a review of monitoring data and systems logins to look for unauthorized access or suspicious behavior.
© Paradigm Publishing, Inc.
8-31
On the Horizon Based on the information presented in this chapter and your own experience, what do you think is on the horizon?
© Paradigm Publishing, Inc.
8-32