Lec1_Introduction,Need.ppt

Full Transcript

Security Threats (Class Activity)

 Virus
 Worms
 Phishing
 Botnet
 Rootkit
 Keylogger

Principles of Information Security, 2nd Edition 1
 Security Threats

 Virus
 A computer virus is a type of malicious software (malware) that is
designed to replicate itself and spread from one computer to
another.
 May corrupt your sensitive information as well.
 Computer viruses are often created by malicious individuals or
groups with the intent of causing damage, stealing information, or
disrupting computer systems.
 Melissa, Sasser, Conficker, CodeRed, WannaCry, Nimda

Principles of Information Security, 2nd Edition 2
 Security Threats
 Computer Worm
 Computer worms are a type of malicious software that can
self-replicate and spread without needing to attach
themselves to other programs or files.
 Unlike viruses, worms don't require a host to propagate;
they can independently move across networks and
systems.
 Worms can have various negative effects from slowing
down networks to causing data breaches.
 Morris Worm, Slammer, Blaster, Mydoom, Sasser.

Principles of Information Security, 2nd Edition 3
Principles of Information Security, 2nd Edition 4
 Security Threats
 Phishing
 Phishing is a type of cyber attack that involves tricking
individuals into revealing sensitive information, such as
passwords, credit card numbers, or personal details.
 This is typically done by posing as a legitimate and
trustworthy entity, such as a reputable company,
government agency, or financial institution.
 Email phishing, Spear Phishing, Smishing, Vishing,
Pharming, Clone Phishing, Whaling.

Principles of Information Security, 2nd Edition 5
 Security Threats: Botnets
 A botnet is a network of compromised computers, often
referred to as "bots" or "zombies," that are under the control
of a single entity or attacker.
 These compromised computers are usually infected with
malicious software or malware, which allows the attacker to
remotely control and manipulate them without the knowledge
or consent of their owners.
 Botnets can send out vast amounts of spam emails,
promoting scams, phishing attempts, or other malicious
activities.

Principles of Information Security, 2nd Edition 6
 Security Threats: Rootkit
 A rootkit is a type of malicious software
(malware) designed to gain unauthorized
access and control over a computer system,
while remaining hidden from the system's legitimate users and
security tools.
 Rootkits get their name from the term "root," which refers to
the highest level of administrative access in Unix-like
operating systems, and "kit," which implies a collection of
tools.
 This makes them difficult to detect using traditional antivirus
and anti-malware software, as they can alter the way the
operating system functions and effectively hide their
presence.

Principles of Information Security, 2nd Edition 7
 Security Threats: Keylogger
 A keylogger is a type of software or hardware device
designed to record and log every keystroke made on a
computer's keyboard.
 It's typically used to capture the information entered by a
user, including passwords, usernames, credit card numbers,
personal messages, and other sensitive data.
 Keyloggers can be employed for legitimate purposes such as
monitoring computer usage, but they can also be used
maliciously to steal confidential information.

Principles of Information Security, 2nd Edition 8
 Types of cyber attacks
 Direct
 Hacker uses their computer to break into a system
 Indirect
 System is compromised and used to attack other
systems

Principles of Information Security, 2nd Edition 9
 Computer Security Attacks
Social engineering is a form of cyberattack that
manipulates individuals into revealing sensitive
information, taking certain actions, or
compromising security measures.
It exploits human psychology and behavior rather
than relying solely on technical vulnerabilities.
Social engineering attacks often involve
manipulation, deception, and psychological tricks
to gain unauthorized access to systems, networks,
or information.
Examples??

Principles of Information Security, 2nd Edition 10
 Computer Security Attacks: Password Attacks
Password attacks are
techniques used by
cyber attackers to
gain unauthorized
access to computer
systems, accounts, or
networks by exploiting
weaknesses in
passwords.
These attacks target
the security
vulnerabilities of
passwords and aim to
either guess or
circumvent them,
allowing the attacker
Principles of Information Security, 2nd Edition 11
 Forms of attacks
Active and passive attacks
An attacker tries to change the content of the messages
in an active attack.
Active Attack is a danger to Integrity as well
as availability.
DOS
An attacker monitors the communications and duplicates
them in a passive attack.
Passive Attack is a danger to Confidentiality.
Traffic analysis, Data capturing, Eavesdropping.

Principles of Information Security, 2nd Edition 12
 Denial of Service
 Purpose: Make a network service unusable, usually
by overloading the server or network
 Many different kinds of DoS attacks
 SYN flooding
 SMURF
 Distributed attacks
 Mini Case Study: Code-Red

13
 Measures taken to improve Information
Security
Security Awareness Training: Many organizations provide
security awareness training to employees to help them identify
and respond to security threats.
Encryption: Encryption is used to protect sensitive information
as it is transmitted or stored. This helps prevent unauthorized
access or theft of data.
Firewalls: Firewalls are used to control access to computer
networks and help prevent unauthorized access to sensitive
information.
Access Controls: Access controls are used to restrict access to
sensitive information and systems to only those who need it.
Penetration Testing: Penetration testing is used to identify
vulnerabilities in an organization’s systems and to test its
defenses against cyber attacks.

Principles of Information Security, 2nd Edition 14