Internet Security Fundamentals (PDF)

Summary

This document provides a foundational understanding of internet security by explaining how the internet and email work and highlighting security risks associated with browsers, malvertising, and drive-by downloads. It emphasizes the importance of security best practices for email and web browsing.

Full Transcript

Fundamentals of Cybersecurity

Internet Security
 Security Domains

Computer
Internet Security
Security

Mobile
Security

Personal
Security Workspace
Security
Fundamentals of 2
Cybersecurity
 Security Domains

Computer
Internet Security
Security

Mobile
Security

Personal Workspace
Security Security
Fundamentals of 3
Cybersecurity
 Objectives
1. Explain how the Internet and email function

2. Describe how attackers can use browser
vulnerabilities, malvertising, and drive-by
downloads to spread malware

3. List the security risks with using email

4. Describe how to use Web browser settings and
browser additions to create stronger security

5. List several Internet security best practices
Fundamentals of Cybersecurity 4
 The Internet
A global network that allows
devices connected to it to
exchange information

Composed of networks to which
devices are attached

Not owned or regulated by any
organization or government entity

Computers loosely cooperate to
make the Internet a global
information resource
Fundamentals of Cybersecurity 5
Fundamentals of Cybersecurity 6
 IP Packets

Fundamentals of Cybersecurity 7
 Internet Routing Paths

Fundamentals of Cybersecurity 8
 Two Main Tools of the Internet

1. World Wide Web(www); and

1. Electronic Mail (email)

Fundamentals of Cybersecurity 9
 The World Wide Web (part 1 of 5)

World Wide Web (WWW)
– Better known as the web
– Internet server computers that provide online
information in a specific format e.g.
www.google.com, www.qu.edu.qa,
www.amazon.com
Components of the WWW
1. HTML
2. Web Server
3. Web Browser
4. HTTP

Fundamentals of Cybersecurity 10
 The World Wide Web (2 of 5)

Hypertext Markup Language (HTML)
– Allows Web authors to combine text, graphic
images, audio, video, and hyperlinks
Web Server
– Stores HTML documents
Web browser
– Displays the words, pictures, and other elements on
a user’s screen
– Chrome, Safari, Firefox, Edge

Fundamentals of Cybersecurity 11
 Web
Page
Display
Example

Fundamentals of Cybersecurity 12
 HTML Display Example

Figure 4-1 Browser displaying HTML code

Fundamentals of Cybersecurity 13
 The World Wide Web (part 3 of 5)
Hypertext Transport Protocol (HTTP)
– Standards or protocols used by Web servers to
distribute HTML documents
– Subset of Transmission Control Protocol/Internet
Protocol standards (TCP/IP)

Fundamentals of Cybersecurity 14
 The World Wide Web (part 4 of 5)

Figure 4-2 Web transmission process

1. Web browser on the user’s computer sends a request to a
remote web server.

2. Web server responds by sending the HTML document to the
user’s local computer.

3. User’s web browser displays the document.
Fundamentals of Cybersecurity 15
 The World Wide Web (part 5 of 5)

Transfer-and-store process
– Entire document is transferred and then stored on
the local computer before the browser displays it
– Creates opportunities for sending different types of
malicious code to the user’s computer

Fundamentals of Cybersecurity 16
 The World Wide Web
“Send me the amazon
web page”
www.amazon.com

HTTP HTTP

HTTP HTTP

Amazon

“Here is the HTML
code of amazon.com”

Fundamentals of Cybersecurity 17
 Email

Fundamentals of Cybersecurity 18
 Email
(part 1 of 3)
Estimate: over 2.4 billion emails are sent per
second
Two different email systems in use today.
An earlier email system uses two TCP/IP
protocols:
– Simple Mail Transfer Protocol (SMTP)
Handles outgoing mail
– Post Office Protocol (POP or POP3)
Responsible for incoming mail

Fundamentals of Cybersecurity 19
 Email
(part 2 of 3)
Internet Mail Access Protocol (IMAP)
– A more recent and advanced email system
– Email remains on the email server and is not
downloaded to user’s computer
– Mail can be organized into folders on the server
– Can be read from any device
Desktop computer, tablet, smartphone, etc…
– Current version is IMAP4

Fundamentals of Cybersecurity 20
 Email
(part 3 of 3)
Email attachments
– Documents attached to an email message
– Encoded in a special format
– Sent in a single transmission with email message

Fundamentals of Cybersecurity 21
 Internet Security Risks

Variety of risks from using the Internet
– Browser vulnerabilities
– Malvertising
– Drive-by-downloads
– Cookies
– Email risks

Fundamentals of Cybersecurity 22
 Internet Security Risks

Variety of risks from using the Internet
– Browser vulnerabilities
– Malvertising
– Drive-by-downloads
– Cookies
– Email risks

Fundamentals of Cybersecurity 23
 Browser Vulnerabilities (part 1 of 10)

In early days of web, users viewed static content
– Information that does not change
Today, users demand dynamic content
– Content that changes (animation or customized info)
Scripting code
– Computer code that commands the browser to
perform specific actions
– JavaScript is the most popular scripting code

Fundamentals of Cybersecurity 24
 Browser Vulnerabilities (part 2 of 10)

Figure 4-3 JavaScript

Fundamentals of Cybersecurity 25
 Browser Vulnerabilities (part 3 of 10)

JavaScript
– Embedded in HTML document
– Executed by browser
– Defense mechanisms in place to prevent JavaScript
programs from causing serious harm
JavaScript cannot read, write, or delete files from a
local computer
– A malicious JavaScript program can capture and
send user information without the user’s knowledge
or authorization

Fundamentals of Cybersecurity 26
 Browser Vulnerabilities (part 4 of 10)
Defense Explanation
Limit capabilities JavaScript does not support certain capabilities. For
example, JavaScript running on a local computer cannot
read, write, create, delete, or list the files on that computer.

Sandboxing By only permitting JavaScript to run in a restricted
environment (“sandbox”) this can limit what computer
resources it can access or actions it can take.

Same origin This defense restricts a JavaScript downloaded from Site A
from accessing data that came from Site B.

Table 4-1 JavaScript defenses

Fundamentals of Cybersecurity 27
 Browser Vulnerabilities (part 5 of 10)

Technologies for to enhancing browser capabilities:
– Extensions
– Plug-ins
– Add-ons

Fundamentals of Cybersecurity 28
 Browser Vulnerabilities (part 6 of 10)

Extensions
– Expand the normal capabilities of a web browser for
a specific webpage
– Most are written in JavaScript
– Generally have wider access privileges than
JavaScript running in a webpage
– Browser-dependent
Extensions that work in Google Chrome will not
function in Microsoft Edge

Fundamentals of Cybersecurity 29
Examples of Extensions on Google Chrome

Fundamentals of Cybersecurity 30
 Browser Vulnerabilities (part 7 of 10)

Plug-in
– Adds new functionality to the browser so users can
play music, view videos, or display special graphic
images
– Most widely used plug-ins are:
Java, Adobe Flash player, Apple QuickTime, and
Adobe Acrobat Reader

Fundamentals of Cybersecurity 31
 Browser Vulnerabilities (part 8 of 10)

Add-Ons
– Add a greater degree of functionality to the entire
browser; not just a single webpage as with a plug-in
– Add-ons can do the following:
Create additional web browser toolbars
Change browser menus
Be aware of other tabs open in the same browser
process
Process the content of every webpage that is loaded

Fundamentals of Cybersecurity 32
 Browser Vulnerabilities (part 9 of 10)
Name Description Location Browser Examples
Support

Extension Written in Part of web Only works with Download
JavaScript and browser a specific selective links
has wider browser on webpage,
access to display specific
privileges fonts
Plug-in Links to external Outside of web Compatible with Audio, video,
programs browser many different PDF file display
browsers

Add-on Adds Part of web Only works with Dictionary and
functionality to browser a specific language packs
browser itself browser

Table 4-2 Browser additions

Fundamentals of Cybersecurity 33
 Browser Vulnerabilities (part 10 of 10)

Efforts being made to minimize risks associated
with extensions, plug-ins, and add-ons
– Some web browsers block plug-ins
– Other browsers use a “Click to Play” feature that
enables a plug-in only after the user gives approval
– HTML5 (most recent version) standardizes sound
and video formats so that plug-ins like Flash are not
needed.

Fundamentals of Cybersecurity 34
 Internet Security Risks

Variety of risks from using the Internet
– Browser vulnerabilities
– Malvertising
– Drive-by-downloads
– Cookies
– Email risks

Fundamentals of Cybersecurity 35
 Malvertising (part 1 of 3)

Attackers use third-party advertising networks to
distribute malware
– Through ads sent to users’ web browsers
Advantages for the attacker:
– Occurs on “big-name” websites
– Usually website owners are unaware malware is
being distributed through their website ads
– Ad network rotate content quickly, making it difficult
to determine if malvertising was the culprit of attack
– Attackers can narrowly target victims

Fundamentals of Cybersecurity 36
 Malvertising (part 2 of 3)

Figure 4-5 Malvertising

Fundamentals of Cybersecurity 37
 Malvertising (part 3 of 3)

Fundamentals of Cybersecurity 38
 Internet Security Risks

Variety of risks from using the Internet
– Browser vulnerabilities
– Malvertising
– Drive-by-downloads
– Cookies
– Email risks

Fundamentals of Cybersecurity 39
 Drive-By Downloads (1/4)

Drive-by downloads
– Attack attempting to infect the website directly
– Can result in a user’s computer becoming infected
just from viewing the website
– Attackers attempt to inject malicious content by
exploiting it through a vulnerability in the web server
– Injected content is virtually invisible to the naked eye

Fundamentals of Cybersecurity 40
 Drive-By Downloads (2/4)

Fundamentals of Cybersecurity 41
 Drive-By Downloads (3/4)

Fundamentals of Cybersecurity 42
 Drive-By Downloads (4/4)

Fundamentals of Cybersecurity 43
 Internet Security Risks

Variety of risks from using the Internet
– Browser vulnerabilities
– Malvertising
– Drive-by-downloads
– Cookies
– Email risks

Fundamentals of Cybersecurity 44
 Cookies(1/3)

User-specific information file created by server, stored on
local computer e.g. user preferences.

Fundamentals of Cybersecurity 45
 Types of Cookies (2/3)

First-party cookie
– Created by the Web site the user is currently viewing
Third-party cookie
– Often come from Web site advertisers
– Used to tailor advertising to a user
Locally shared object (LSO) also called a flash
cookie
– Store data more complex than in a regular cookie

Fundamentals of Cybersecurity 46
 Cookies (3/3)

Security and privacy risks of cookies
– First-party cookies can be stolen and used to
impersonate user
– Third-party cookies can be used to track user’s
browsing and buying habits.

Fundamentals of Cybersecurity 47
 Internet Security Risks

Variety of risks from using the Internet
– Browser vulnerabilities
– Malvertising
– Drive-by-downloads
– Cookies
– Email risks

Fundamentals of Cybersecurity 48
 E-Mail Risks (part 1 of 4)
Spam
– Unsolicited email
– Lucrative business – costs very little to send
– Almost all spam is sent from botnets
Spam filters
– Block email containing specific words
Image spam
– Uses graphical images of text to circumvent text-
based filters

Fundamentals of Cybersecurity 49
E-Mail Risks
(part 2 of 4)

Figure 4-6 Image
spam example

Fundamentals
Security of5th Edition
Awareness, 50
 E-Mail Risks (part 3 of 4)

Effects of spam
– Lost productivity
– Money spent on spam-filtering software
– Wide distribution of malware
Malicious attachments
– Files sent with email
– When attachment is opened, computer is infected
– Replicate by sending themselves in an email
message to entire list of contacts in infected
computer

Fundamentals of Cybersecurity 51
 E-Mail Risks (part 4 of 4)

Embedded hyperlinks
– Hyperlink contained within email message body
– Directs users to attacker’s Web site
– Hyperlink may display only words
Hides address of actual site
– Example: Qatar University
Attacker’s site may look like a legitimate site
– Tricks user into entering personal information

Fundamentals of Cybersecurity 52
 Internet Defenses
Defending against Internet-based attacks begins with
having the computer properly secured against
computer attacks:
– Manage patches, configure firewalls, install anti-
malware software, monitor User Account Control,
create data backups, and know how to recover from an
attack
Once computer is secured, additional steps to resist
Internet-based attacks include:
– Securing the web browser
– Maintaining email defenses
– Follow Internet security best practices
Fundamentals of Cybersecurity 53
 Internet Defenses
Securing the web browser
Maintaining email defenses
Follow Internet security best practices

Fundamentals of Cybersecurity 54
 Securing the Web Browser
(part 1 of 4)
Web Browser Configuration Settings
– Most Web browsers are highly customizable
– E.g. Google’s Chrome web browser can be
configured for security and privacy
Content Settings include:
– Cookies
– JavaScript
– Plug-ins
– Pop-ups
– Unsandboxed plug-in access

Fundamentals of Cybersecurity 55
Securing the Web Browser (part 2 of 4)

Figure 4-7 Google Chrome Privacy and Security settings

Fundamentals of Cybersecurity 56
 Securing the Web Browser
(part 3 of 4)
Web Browser Configuration Settings
– Google’s Chrome web browser can be configured for
security and privacy (cont’d)
Advanced Settings
– Passwords and forms
– Downloads
– Clear browsing data
– Use a web service to help resolve navigation
errors
– Advanced sync settings

Fundamentals of Cybersecurity 57
 Securing the Web Browser
(part 4 of 4)
Browser Security Additions
– Popular additions include:
Website reputation
Plug-in validation
URL expander
Website tracker
Ad blocker
Cookie stopper

Fundamentals of Cybersecurity 58
 Internet Defenses
Securing the web browser
Maintaining email defenses
Follow Internet security best practices

Fundamentals of Cybersecurity 59
 E-Mail Defenses (part 1 of 4)

Types of defenses
– Spam filtering
– Setting security options in client-based email
programs and web email
– Securing attachments
Spam filters
– Can be implemented on user’s computer:
Or at corporate or ISP level

Fundamentals of Cybersecurity 60
 E-Mail Defenses (part 2 of 4)

Email client spam filter settings (DEMO)
– Blocked senders (also known as a blacklist)
– Allowed senders (also known as a whitelist)
– Blocked top-level domain list
Email security settings
– Local Email Client settings:
Read messages using a reading pane
– Malicious scripts are not activated
Block external content
– Hyperlinks to pictures or sounds

Fundamentals of Cybersecurity 61
 E-Mail Defenses (part 3 of 4)

Email security settings (cont’d)
– Web Email considerations:
Set up account recovery options
Check account for unusual activity
Verify general settings

Fundamentals of Cybersecurity 62
 E-Mail Defenses (part 4 of 4)

Attachments
– Some email clients can allow preview of attachments
without opening them e.g. MS Outlook.
Microsoft Office attachment protection
– Attachments opened in “Protected View”
Read only mode disables editing functions
– Users can Enable Editing

Fundamentals of Cybersecurity 63
 Internet Defenses
Securing the web browser
Maintaining email defenses
Follow Internet security best practices

Fundamentals of Cybersecurity 64
 Internet Security Best Practices

Internet security best practices:
– Downloading files only from well-established sites
– Controlling cookies
Browser should be set to delete all cookies when
browser is closed
– Private browsing – pages visited will not be
recorded to history or address bar
– Browsing history should be deleted
– Pop-up blockers should be turned on
– Clearing the cache on a regular basis

Fundamentals of Cybersecurity 65
 Summary (part 1 of 3)

The Internet is a worldwide network of computer
networks
Dynamic Web content requires scripting code
– JavaScript
– Extensions
– Plug-ins and add-ons
Attackers use third party advertising networks to
distribute malware to website visitors through a
process known as malvertising

Fundamentals of Cybersecurity 66
 Summary (part 2 of 3)

A cookie file contains user-specific information
stored by Web site on local computer
Email is a common means of distributing
malware attacks
– Spam
– Email attachments
– Embedded hyperlinks
Defenses to protect against Internet attacks
– Configure security settings on the web browser

Fundamentals of Cybersecurity 67
 Summary (part 3 of 3)

Defenses to protect against Internet attacks
(cont’d)
– Configure email settings
Spam filters
Block external content
Attachment protection
Internet security best practices include:
– Use caution when downloading files and control
cookies
– Delete browsing history, maintain pop-up blockers,
and clear cache regularly
Fundamentals of Cybersecurity 68