Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg
Upcoming SlideShare
Loading in...5
×
 

Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg

on

  • 244 views

Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg

Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg

Statistics

Views

Total Views
244
Views on SlideShare
244
Embed Views
0

Actions

Likes
0
Downloads
15
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg Information Security Lesson 2 - Attackers and Attacks - Eric Vanderburg Presentation Transcript

  • Information Security Chapter 2 Attackers & Attacks Information Security © 2006 Eric Vanderburg
  • Hacker • “Hacker” – Someone who likes to play with and learn new things about computers • Hacker – someone who breaks into computer systems • Ethical Hacker – Hacks systems to find and report vulnerabilities. Employed or freelance • Hacker code of ethics – Break into systems but do not steal, vandalize, or release information from a target. Information Security © 2006 Eric Vanderburg
  • Cracker • • • • • • Violates system security maliciously Destroy data Make data or services unavailable Tamper with information Create and deploy viruses Coined in 1985 by ethical hackers Information Security © 2006 Eric Vanderburg
  • Script Kiddie • • • • Low skilled Use hacking tools Random targets Attack to build ego or gain credibility Information Security © 2006 Eric Vanderburg
  • Spy • Hired to obtain information or sabotage operations • Highly skilled • Could be employed by a government or military organization • Could be an organized attack Information Security © 2006 Eric Vanderburg
  • Employee • Could be accidental • Could be acting as a result of social engineering • Could be malicious – Ego building – Revenge – Monetary gain • Easier because they are a trusted individual Information Security © 2006 Eric Vanderburg
  • Hacktivist • • • • • • Skill level varies Tries to bring attention to a cause Deface sites Steal and release confidential information Damage operations Hacktivist Bronc Buster disabled firewalls to allow Chinese Internet users uncensored Internet access. • Hacktivists worked to slow, block, and reroute traffic for web servers associated with the World Trade Organization, the World Economic Forum, and the World Bank. Information Security © 2006 Eric Vanderburg
  • Cyberterrorist • • • • • Spreads propaganda Damages operations Corrupts data Organized attack Could target the Internet itself Information Security © 2006 Eric Vanderburg
  • Types of Attackers Attacker Hacker Cracker Script Kiddie Spy Employee Hacktivist Cyberterrorist Skill Level High High Low High Varies Varies High Motivation Improve Security Harm Systems Gain Recognition Earn Money Varies Promote cause Support Ideology Information Security © 2006 Eric Vanderburg
  • Attacks • Social Engineering • Dumpster Diving – going through trash to find confidential information • Phishing – Spoofing a request for information • Pharming – Redirect DNS queries to an alternative site to gain information • Buffer Overflow • Mathematical attack – compare encrypted data to find keys Information Security © 2006 Eric Vanderburg
  • Attacks • Password guessing – automated / brute force / dictionary attack – Use strong passwords • • • • • • Alphanumeric Special characters Not words No personal information Different passwords for different accounts Change regularly • Finding weak keys to decrypt messages – Key – encryption seed for an algorithm – Algorithm – mathematical formula used for encryption Information Security © 2006 Eric Vanderburg
  • Attacks • Birthday attack – Randomly selected values result in duplicate keys much sooner than if a pattern was used. Duplicate keys are useful in cracking the encryption so they should be avoided. – Birthday paradox – the probability of finding someone else with the same birthday increases much faster as you meet more people. 23 people, 50% chance, 60 people, 99% chance. • Man in the Middle • Replay attack • Hijacking / Spoofing – – – – IP Spoofing ARP Spoofing – change ARP table MAC Spoofing SSID Spoofing Information Security © 2006 Eric Vanderburg
  • Attacks • DoS (Denial of Service) • DDoS (Distributed Denial of Service) – Handler – distributor of hijacking software – Zombie / Bot – hijacked computer that can be used together with others to perform an attack • Smurf attack – send a spoofed ping to all computers on a network and the responses overwhelm the spoofed server Information Security © 2006 Eric Vanderburg
  • Malware • Virus - self-replicating code segment which is be attached to an executable. When the program is started, the virus code may also run. If possible, the virus will replicate by attaching a copy of itself to another file. – Logic Bomb - A virus with an additional payload that runs when specific conditions are met. – Macro Virus – A virus written with preprogrammed steps performed by a user. These steps are performed automatically to do some malicious act. • Worm - self-replicating program, does not require a host program, creates a copy and causes it to execute; no user intervention is required. Worms commonly utilize network services to propagate to other computer systems Information Security © 2006 Eric Vanderburg
  • Malware • Trojan horse - malicious code pretending to be a legitimate application. The user believes they are running an innocent application when the program is actually initiating its ulterior activities. Trojan horses do not replicate. • Spyware - a program that secretly monitors your actions. Could be a remote control program used by a hacker, or it could be used to gather data about users for advertising, aggregation/research, or preliminary information for an attack. Some spyware is configured to download other programs on the computer. Information Security © 2006 Eric Vanderburg
  • Protection • Hygiene – Antivirus – Antispyware – Software patches – Backup data regularly • Techniques – Firewall Information Security © 2006 Eric Vanderburg
  • Other access methods • Backdoors – Created by programmers – Added by hackers • Rootkit - conceal running processes, files or system data. Helps an intruder maintain access to a system without the user's knowledge. – Rooted computer – A computer with a rootkit installed – Many times used on a handler or illegal server Information Security © 2006 Eric Vanderburg
  • Acronyms • • • • ARP, Address Resolution Protocol DoS, Denial of Service DDoS, Distributed Denial of Service MAC, Media Access Control Information Security © 2006 Eric Vanderburg