• Save
 

Conference Presenation Cyber security and big data , Prof. Lili Saghafi

on

  • 1,355 views

Cyber security and big data talks about the effect of all the data that every create in the globe and how it affects our lives, I will talk about , Big Data from Social Networking and its effect on ...

Cyber security and big data talks about the effect of all the data that every create in the globe and how it affects our lives, I will talk about , Big Data from Social Networking and its effect on Digital Marketing, INFORMATION Assurance, Cyber Crime Definition and Examples, Recent Research Results on Cyber crime and Social Media, Cyber War and finally if there is a solution, what is that Solutions?

Statistics

Views

Total Views
1,355
Views on SlideShare
1,354
Embed Views
1

Actions

Likes
0
Downloads
0
Comments
0

1 Embed 1

http://www.linkedin.com 1

Accessibility

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Conference Presenation Cyber security and big data , Prof. Lili Saghafi Conference Presenation Cyber security and big data , Prof. Lili Saghafi Presentation Transcript

  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012CYBER SECURITYANDBIG DATAProfessor Lili Saghafiprofsaghafi_cybersecurityexperts@eon.law.harvard.eduPersonal Web: https://sites.google.com/site/professorlilisaghafi/Seminar on Digital Marketing –Impact of Social Media Tools‘Oct 10th, 2012Cyber Security,Social Networking andDigital Media
  • Seminar on Digital Marketing - Impactof Social Media Tools‘Oct 10th, 2012•AgendaSeminar on Digital Marketing - Impact of Social Media Tools‘The impact of Cyber Security and Social Networking on Digital MediaINFORMATION AssuranceCyber Crime Definition and ExamplesSocial Networking and Digital MediaCyber WarSolutionsPart CPart DPart GPart EPart FRecent Research Results on Cyber crimeand Social Media2Prof. Lili SaghafiCYBER SECURITYPart BPart APart HBig Data, In memory processing, HANABig Data from Social Networking and its effect onDigital Marketing
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Every day, we create 2.5 quintillion bytes of data — so muchthat 90% of the data in the world today has been created inthe last two years alone.• What we can do with big Data?• Social Networking can be one source of Big Data• Analytic using Big Data• Just add Analytic , see the resultProf. Lili Saghafi3•What is Big Data?
  • 4 Prof. Lili Saghafi•CAIRO• Cairo population is approximately 17million. It is the most populousmetropolitan area in Africa and also ranks16th amongst the most populousmetropolitan area in the world.• Majority of the population in Cairo areEgyptians, with less number of foreigners.• One third of the total population in Cairo isunder 15 and nearly three fifth is under 30.• The positive implication is that Cairopopulation is relatively young. Lifeexpectancy averages for both men andwomen is 70 years.• WHAT CAN WE DO THIS DATA?
  • • population of 16.3 million in2011, the city is also theeighth most populousmetropolis in the world• Day time populationincrease to 25.7 million ??!!• Add Analytic and see whatyou can do.• WHAT CAN WE DO THISDATA?5Prof. Lili Saghafi•Delhi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Just Add Analytics – Even to ToothbrushesProf. Lili Saghafi6•What is Analytic?
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• I recently saw a presentation mentioning that there ―are moremobile phones than toothbrushes in the world‖, andaccording to some research by the 60 second marketer, itseems that in all likelihood, this is absolutely true:Prof. Lili Saghafi7•Analytic
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012Prof. Lili Saghafi8“why not combine the two?!”. Here’s my quickmockup of an iPhone case of the future:
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012The Beam Toothbrush is a bluetooth-enabled toothbrush andassociated iphone application:Prof. Lili Saghafi9It provides detailed analytics, recording how long eachperson brushes their teeth:
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012Prof. Lili Saghafi10And like any good performance managementtool, it uses gamification techniques toencourage the right behavior…Gamification is the use of game design elements, game thinkingand game mechanics to enhance non-game contexts.
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012Prof. Lili Saghafi11It seems as if analytics is being embedded inevery device possible, such as the new NikeHyperdunk+ basketball shoes and associatedapplication:
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• First, big data can unlock significant value bymaking information transparent and usable atmuch higher frequency.• Second, as organizations create and storemore transactional data in digital form, theycan collect more accurate and detailedperformance information on everything fromproduct inventories to sick days, and thereforeexpose variability and boost performance.Prof. Lili Saghafi12BIG DATAThere are five broad ways in which using bigdata can create value to any organization
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Leading companies are using datacollection and analysis to conductcontrolled experiments to make bettermanagement decisions;• others are using data for basic low-frequency forecasting to high-frequencynowcasting to adjust their businesslevers ( tactics) just in time.Prof. Lili Saghafi13Using big data…….
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012View In Presentation Mode For Interactivity
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012•Third, big data allows ever-narrower segmentation ofcustomers and therefore muchmore precisely tailored products orservices.Prof. Lili Saghafi15BIG DATA
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012•Fourth, sophisticated analytics cansubstantially improve decision-making.Prof. Lili Saghafi17BIG DATA
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012View In Presentation Mode For Interactivity
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012View In Presentation Mode For Interactivity
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Finally, big data can be used to improvethe development of the nextgeneration of products andservices. For instance, manufacturersare using data obtained from sensorsembedded in products to createinnovative after-sales service offeringssuch as proactive maintenance(preventive measures that take placebefore a failure occurs or is even noticed).Prof. Lili Saghafi20•BIG DATA
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012“A man without DATA is just a man with an opinion”
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• SAP is the market and technology leader in businessmanagement software, solutions, services for improvingbusiness process.• The SAP HANA appliance software aggregates hugevolumes of valuable data and produces relevant results forbusiness at lightning speeds.• Blink. Youve Just Analyzed 460 Billion Rows ofData with SAP HANAProf. Lili Saghafi22What is in memory processing
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012Prof. Lili Saghafi23Knowledge makes you a LEADER in Businessnot a follower
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Social networks, search engine poisoning, webapplications and Adobe Corp.‘s software are amongthe top 12 security risks that companies face.• Joining them in the deadly dozen are moretargeted botnets, cloud computing, routinenegligence and the always popular AdvancedPersistent Threat – cyberwarfare. And, of course, thetempting target mobile devices now present.• Credit to FORBESProf. Lili Saghafi24•Top 12 Security Risks For 2012
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Using social media ‘Big Data’ analytics to analyzeor predict events• In July, the Defense Advanced Research ProjectsAgency (DARPA) issued an RFP ( Request for Proposal )looking for new Big Data tools to track social mediapostings and interactions, reflecting a growing interestwithin government to use social media and open sourcedata to "fill-in" and "complement" traditional datasources.• The focus for the government is on using this public datato develop analytics that can be used to anticipate how anadversary or potential friend "thinks" and "feels" about aparticular situation, with the hope of being able to predicttheir behavior, actions and reactions.Prof. Lili Saghafi25Social Networking Sites are the source of Big Data
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Face Book• My Space• Orkut• Twitter• Flicker• YouTube• LinkdIn• http://www.crime-research.org/latestnews/Computer Crime Research CenterProf. Lili Saghafi26•Social Networking
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Many cyber police is getting more complaints about Orkut these daysas many fake profiles being created and thus leads to crime.• Orkut is a social networking service which is run by Google andnamed after its creator, an employee of Google - Orkut Büyükkökten.• The service states that it was designed to help users meet new friendsand maintain existing relationships.• Similar to Facebook, Friendster and MySpace, Orkut goes a stepfurther by permitting the creation of easy-to-set-up simple forums(called "communities") of users.• Since October 2006, Orkut has permitted users to create accountswithout an invitation.• Orkut is the most visited website in India and 2nd most visitedsite in Brazil.• The initial target market for orkut was the United States, but themajority of its users are in India and Brazil.• In fact, as of March 2008, 67.5% of the traffic comes from Brazil,followed by 15.4%, which comes from India.Orkut27 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012Cyber Crime• Although the term cyber crime is usually restricted todescribing criminal activity in which the computer or networkis an essential part of the crime, this term is also used toinclude traditional crimes in which computers or networks areused to enable the illicit activity.• DefinitionCyber Crime28 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• By the use of Social Media and Social Networking the numberof Cyber Crimes increased dramaticallyProf. Lili Saghafi29•Cyber Crime
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Cyber Security Prevent Cyber CrimesProf. Lili Saghafi30•Cyber Security
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Youve heard the news stories about credit card numbersbeing stolen and email viruses spreading.• Maybe youve even been a victim yourself.• One of the best defenses is understanding the risks, whatsome of the basic terms mean, and what you can do toprotect yourself against them.Prof. Lili Saghafi31Why is Cyber Security a Problem?
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• It seems that everything relies on computers and the internetnow — communication (email, cellphones), entertainment(digital cable, mp3s), transportation (car engine systems,airplane navigation), shopping (online stores, credit cards),medicine (equipment, medical records), and the list goes on.• How much of your daily life relies on computers? How muchof your personal information is stored either on your owncomputer or on someone elses system?• Cyber security involves protecting that information bypreventing, detecting, and responding to attacks.Prof. Lili Saghafi32•What is cyber security?
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• There are many risks, some more serious thanothers.• Among these dangers are viruses erasing yourentire system, someone breaking into your systemand altering files, someone using your computerto attack others, or someone stealing your creditcard information and making unauthorizedpurchases. (Hacking and Cracking)• Unfortunately, theres no 100% guarantee thateven with the best precautions some of thesethings wont happen to you, but there are stepsyou can take to minimize the chances.Prof. Lili Saghafi33What are the risks?
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• The first step in protecting yourself is torecognize the risks and become familiar withsome of the terminology associated withthem:1. Hacker, attacker, or intruder2. Malicious code3. VulnerabilityProf. Lili Saghafi34What can you do?
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• These terms are applied to the people who seek toexploit weaknesses in software and computersystems for their own gain.• Although their intentions are sometimes fairly benign andmotivated solely by curiosity, ( Hacking) their actions aretypically in violation of the intended use of the systemsthey are exploiting.• The results can range from mere mischief (creating a viruswith no intentionally negative impact) to malicious activity(stealing or altering information, Conficker).Prof. Lili Saghafi35Hacker, attacker, or intruder -
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Malicious code, sometimes called malware, is a broad category thatincludes any code that could be used to attack your computer. Maliciouscode can have the following characteristics:• It might require you to actually do something before it infects yourcomputer. This action could be opening an email attachment or goingto a particular web page.• Some forms propagate without user intervention and typically start byexploiting a software vulnerability. Once the victim computer hasbeen infected, the malicious code will attempt to find and infect othercomputers. This code can also propagate via email, websites, ornetwork-based software, or even with a call on your cell!. MobileViruses• Some malicious code claims to be one thing while in fact doingsomething different behind the scenes. For example, a program thatclaims it will speed up your computer may actually be sendingconfidential information to a remote intruder.• Viruses and worms are examples of malicious code.Prof. Lili Saghafi36•Malicious code -
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• In most cases, vulnerabilities are caused by programmingerrors in software.• Attackers might be able to take advantage of these errors toinfect your computer, so it is important to apply updates orpatches that address known vulnerabilitiesProf. Lili Saghafi37•Vulnerability -
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 20121. Confidentiality, Privacy2. Integrity (information hasn‘t change)3. Availability4. Authentication ( the person is who they say they are)5. Non repudiation ( legal aspect of tiding a contract andsignature)• Examples: Health care Data and RecordsINFORMATION Assurance Is Based On5 Pillars38 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 20121. Capability2. Resources3. Intent4. Motivation5. Access6. Risk Version•Treat / Adversary Model39 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012•Examples of cybercrime which thecomputer or network is a tool of thecriminal activity include :• Spamming and• Criminal copyright crimes,particularly those facilitated throughpeer-to-peer networks.A- Examples of CyberCrime40 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012•Examples of cybercrime in whichthe computer or network is a targetof criminal activity include:•Unauthorized access (i.e, defeatingaccess controls),•Malicious code•Denial-of-service DSA attacks.•B- Examples of CyberCrime41 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012•Examples of cybercrime in whichthe computer or network is a placeof criminal activity include :•Theft of service (in particular,telecom fraud)•Certain financial frauds.•C- Examples of CyberCrime42 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Finally, examples of traditional crimesfacilitated through the use of computers ornetworks include :• Nigerian 419 or other gullibility or• Social engineering frauds (e.g., hacking"phishing", identity theft, child pornography,online gambling, securities fraud, etc.).• Cyberstalking is an example of a traditional crime-- harassment -- that has taken a new form whenfacilitated through computer networks.•D- Examples of CyberCrime43 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Additionally, certain other informationcrimes, including:• Trade secret theft• industrial or economic espionage, aresometimes considered cybercrimeswhen computers or networks areinvolved.•E- Examples of CyberCrime44 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Cybercrime in the context of national security• may involve hacktivism (online activityintended to influence policy),• traditional espionage, or• information warfare and related activities.Prof. Lili Saghafi45•F- Examples of CyberCrime
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Another way to define cybercrime is simply as criminal activityinvolving the information technology infrastructure, including:• illegal access (unauthorized access),• illegal interception (by technical means of non-publictransmissions of computer data to, from or within a computersystem),• data interference (unauthorized damaging, deletion,deterioration, alteration or suppression of computer data),• systems interference (interfering with the functioning of acomputer system by inputting, transmitting, damaging,deleting, deteriorating, altering or suppressing computerdata),• misuse of devices, forgery (ID theft), and electronic fraud.• CYBERCRIME46 Prof. Lili Saghafi
  • • One of the recent researchesshowed that a new cybercrime isbeing registered every 10 secondsin Britain.• During 2006 the computer crookswere able to strike 3.24 milliontimes.• The comparable volume for 2009 isalmost double at 491.2 million• Some crimes performed on-lineeven surpassed their equivalents inreal world 2012. In addition, expertsbelieve that about 90% ofcybercrimes stay unreported.•RECENT RESEARCHES47Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• According to a study performed by Shirley McGuire, aspecialist in psychology of the University of SanFrancisco, the majority of teenagers who hack andinvade computer systems are doing it for fun ratherthan with the aim of causing harm.• Shirley McGuire mentioned that quite often parentscannot understand the motivation of the teenage hackers.She performed an anonymous experiment, questioningmore than 4,800 students in the area of San Diego.• Her results were presented at the AmericanPsychological Association conference:•Research48 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• 38% of teenagers were involved in software piracy;• 18% of all youngsters confessed of entering and using theinformation stored on other personal computer or website;• 13% of all the participants mentioned they performed changes incomputer systems or computer files.• A criminal may represent himself to be a teenager, professional oranyone who suits the purpose of both the parties. Adults are just assusceptible to these crimes as the kids are.• Proper awareness and guidance are an absolute necessity so thatthe crimes can be controlled before becoming a full-growntechnological menace.• http://theviewspaper.net/cyber_crimes/•RESEARCH RESULT49 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• The study revealed that only 1 out of 10hackers were interested in causing certainharm or earn money.• Most teenagers performed illegal computeractions of curiosity, to experienceexcitement.•RESEARCH RESULT50 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• A U.S. government report entitled Annual Report toCongress on the Military Power of some countries talksextensively about the increasing role of some countriesability to conduct war over the Internet. In the past, suchtalk of a "digital Pearl Harbor" has been dismissed by somesecurity experts as largely political hot air.• Yet more and more evidence suggests that a politicallysponsored Internet event could occur sooner rather than later.•Cyber War51 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Criminal hackers follow three basic motivations:• prestige,• profit• politics• The three Ps.•The three Ps.52 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• "All of our security defense models," "were built based on amodel of threat which was purely prestige driven,"referring to the virus writer who only wanted hiscreation mentioned on the evening news. (Josh Corman,principal security strategist for IBM Internet Security Systems)• Now, were currently living in a time of profit, andhave begun to react to that. I am talking about criminalhackers--either independent or state sponsored--enteringthe realm of politics.•The three Ps.53 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012•"Political means different things," "I was tellingpeople not to be surprised if we saw the botnets (Botnetis a jargon term for a collection of software robots, or bots, which run autonomously andautomatically) They run on groups of zombie computerscontrolled remotely.• This can also refer to the network of computers usingdistributed computing software Participate in thepresidential primaries in the U.S." And then, inOctober 2007, a Ukranian botnet was linked to aflood of "Ron Paul for President" spam.• But thats small potatoes compared to what I thinksis possible.•Getting political54 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Those same botnet systems could "take down candidatesites, send a whole bunch of free advertising or free smearcampaigns, and potentially have an impact on who becamethe presidential candidates or who was successful onfundraising." Worse "political could mean a cyberprotest, it could mean cyber espionage, or cyberreconnaissance." Such political action has alreadyhappened in 2009.55 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• At least two "one-offs" within the last year. Thefirst is Estonia last spring, where a flashmob of ethnic Russian students in Estoniacrippled the countrys infrastructure forseveral weeks.• The other one-off is the recent CIA disclosures toCongress about foreign-state-sponsored attackson U.S. military installations.Some recent examples56 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Neither were the crippling examples that worry me, andneither were apparently well coordinated.• I think were at a point right now where the more we talkabout it, the more we use examples, well start to get to acritical mass awareness."• On profit-based attacks, "it wasnt until a number oflarge corporations were hit with a data breach, a targetedattack, or spear phishing that the security communityreally took notice. (The enterprise people) said Ouch!Sometimes someone has to say, Ouch!" I hopes that noone has to be stung by a political attack before thesecurity community starts to take that threat seriously.Critical mass awareness57 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• How to Report Cyber and IP Crime How toReport Computer- and Internet-Related Crime• How to Report Intellectual Property CrimeComputer Crime & Intellectual PropertySectionUnited States Department of Justice58 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Recently, the police captured four men who had kidnapped aJohannesburg girl. The men had reportedly lured the youngwomen from her home in Kempton Park, through herFacebook page.• The girl was rescued by police, because she managed to SMSher mother, with what she thought was her location.• In another incident last year, two men in their mid-30s werecharged with the kidnapping and rape of a 14-year-oldPretoria girl, who met the men on the popular chat roomapplication MxitPolice tackle cyber crimeBy Candice Jones, ITWeb online telecoms editorJohannesburg, 17 Mar 2010http://www.itweb.co.za/index.php?option=com_content&view=article&id=31384:police-tackle-cyber-crime&catid=160:it-in-government59 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• CyberTipline• Protect Children onlineProf. Lili Saghafi60•CyberTipline
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Online Fraud and Identity Theft have become a growingproblem. One of the means that is used to obtain your personaland financial information is through a technique known asPhishing. (pronounced"fishing") A lot of information is obtainedthrough e-mail that appears legitimate but is not. These e-mailsthen ask you to click on a link that appears correct but in fact,re-directs you to another site which then captures your sensitiveinformation. Below is a 3 minute video from Microsoft thatsome have found useful in better understanding Online Fraudand Identity Theft.•http://www.microsoft.com/athome/security/videos/Phishing8-hi.swfProf. Lili Saghafi61•Identity Theft
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Mobile Phones Malwares and Viruses• Download• Direct by sharing• MMS (Multimedia message Signal) Commworrier• Bluetooth• Solution• Antivirus• Walk awayProf. Lili Saghafi62Mobile Phones Hackers
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Reports from various sources in the security industry showthat a large takedown of servers associated with the“Bredolab” trojan occurred within few weeks.• While most of the reports have focused around the ideathat this infrastructure was solely related to the commandand control of Bredolab, research shows that these serverswere used as an all-purpose hosting infrastructure forcriminal activity.• November 4, 2010•“Bredolab” trojanhttp://www.networkforensics.com/category/cybercrime/63 Prof. Lili Saghafi
  • The number of Websites infected withmalware has doubledfrom a year ago to morethan 1.2 million,according to a studyreleased todayNovember 22, 2010 ,byInternet securitycompany Dasient..•Report: Infected Web sites double in 2010StarBurst!http://news.cnet.com/8301-27080_3-20023576-245.html?tag=mncol;posts64 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Simulation of your Computer display on Hackers Computer• ClickjackingProf. Lili Saghafi65•Conficker
  • • The definition of safe computing haschanged. Within ISS and IBM, started aneducation awareness campaign called"The Evolving Threat." "We do seminars,we made a videogame, were trying tomake some of these new securityconcepts more tangible and digestible toboth enterprise practitioners and theconsumers because some of this issimply the weakest link. "Whats allowing(the Storm botnet) to be so successful isnot an unpatched system per se, but itsan uninformed end user."•SolutionRecognizing the weakest link66 Prof. Lili Sagh
  • Also important is end-user awareness."Among ourselves in the securityintelligentsia, those of us who do security fora living, we talk about practicing safecomputing. That used to include its OK, justdont double-click on an executable, but itsfine to open a GIF, a JPEG, or an MP3. But asyouve seen, botnets are now using MP3s asa source of an infection. I mean, just the verypodcasts youre listening to could be a sourceof infection."•SolutionAwareness Among ourselves in the security intelligentsia67 Prof. Lili Sagh
  • • Democratic politicians areproposing a novel approachto cybersecurity: finetechnology companies$100,000 a day unless theycomply with directivesimposed by the U.S.Department of HomelandSecurity.• A "bunker" in this case is anew IP address served to abusiness that is underpersistent DDoS attack butlacks the funds or resourcesto protect itself.• Traffic from the DDoS attackcontinues to hit the original IPaddress while the businessremains in operation under anew address.• Distributed Denial of Service(DDoS) attacks• Google has launcheda program toencourage outsidersto find securityvulnerabilities in itsWeb properties.• http://news.cnet.com/8301-30685_3-20021436-264.html?tag=mncol;mlt_relatedCybersecurity bill gives DHSpower to punish tech firmshttp://news.cnet.com/8301-13578_3-20023464-38.html#ixzz16BwzIU9MFights Ddos Attacks WithDigital Bunkers‗http://news.cnet.com/8301-1009_3-20023260-83.html?tag=nl.e757Google offers cash for findingWeb security holes68 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Facebook application developers are able to store their own check-in data in theFacebook Places database and retrieve information from the database.• But Facebook is far from the only source of "leakage" for this location data.• EPIC cites an AT&T research paper (PDF) that found some kind of private data leaked to thirdparties in all 20 of the mobile online social networks studied. The services examined includeFacebook, MySpace, Twitter, Flickr, Foursquare, Yelp, and Loopt.• While these services may have robust privacy policies, the advertisers and developersthey deal with may be less secure.• As reported last February on the ReadWriteWeb, a site named PleaseRobMe aggregatedinformation from several location-based services to indicate houses whoseresidents were away, making them easy pickings for thieves.•Report Your Location To A Social Network And Get A Coupon ForDiscounts And Prizes. The Price?http://news.cnet.com/8301-13880_3-20022700-68.html#ixzz16C5xfMhX69 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Location-based services promise to make iteasier to connect with family, friends, andassociates and to be rewarded for being aloyal customer.• But in their current form, the services make ittoo easy for people and organizations toaccess your private information without yourexplicit consent.• Prevent Facebook friends from checking you in•Solution70 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Cloud computing is Internet-based computing,whereby shared resources, software, andinformation are provided to computers and otherdevices on demand, as with the electricity grid.• Cloud computing is a natural evolution of thewidespread adoption of virtualization, Service-oriented architecture and utility computing.• Details are abstracted from consumers, who nolonger have need for expertise in, or control over, thetechnology infrastructure "in the cloud" that supportsthem.Prof. Lili Saghafi71Is Cloud the Solution?
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• The major cloud service providers include Amazon,Salesforce, SAP, Microsoft and Google.• Some of the larger IT firms that are actively involved incloud computing are Fujitsu, Dell, Hewlett Packard, IBM,VMware, NetApp and Microsoft.Prof. Lili Saghafi72•Cloud Computing
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• We have all kinds of controls, but theydont work very well• Its the little things that lead to mostinternal compromises, like walkingaway from your desk and not lockingyour screen• It would be very easy for an IT guy toswap out a hard-drive and justtake it (impact on financialinstitution)Prof. Lili Saghafi73Internal Problem VS External Problems
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Most chief security information officers CSIO focus on outsidethreats -- cyber attacks, socially engineered breaches likephishing and vishing (phishing over phones) , and theinterception of transaction data.• While it might not be easy to limit the information employeesmust access, it is relatively easy to monitor thataccess -- keeping an eye on whatinformation and files are beingviewed, by whom and how often,Prof. Lili Saghafi74Internal Problem VS External Problems
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Espionage (Spy versus spy)• Technology race (Space, atomic weapon)•Cold War in 7075 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Espionage - Cyber• Technology Race – CyberProf. Lili Saghafi76•Cold War Now
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• In the past government was target now is technology• Who are the adversary was clear on COLDWAR• today are unknown hackers in CYBERWAR• Consider the Model of adversary every hacker/kid /organized cyber crime has it1. Capability (computer knowledge)2. Resources (a laptop computer and access to internet)3. Intent4. Motivation5. Access (to homes cyber)6. Risk Version (no risk for them)Prof. Lili Saghafi77•Comparison
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Cyber terrorists can use unprotectedsystems to aggressively target ournation‘s critical infrastructure.• Are you an easy target?Cyber Terrorism:How Vulnerable Are We?78 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• The malicious software, known as Stuxnet, was discovered inmid July 2010, at least several months after its creation, byVirusBlokAda, a Belarussian computer security company thatwas alerted by a customer.• The malicious software has infected an unknown number ofpower plants, pipelines and factories over the past year is thefirst program designed to cause serious damage in thephysical world• The Stuxnet spreads through previously unknown holes inMicrosoft‘s Windows operating system and then looks for atype of software made by Siemens and used to controlindustrial components, including valves and brakes.Prof. Lili Saghafi79•Stuxnet Worm
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Stuxnet can hide itself, wait for certain conditionsand give new orders to the components that reversewhat they would normally do.• The commands are so specific that they appearaimed at an industrial sector, mostly atomic centersbut officials do not know which one or what theaffected equipment would do.• Cyber attacks on computer networks have slowed orstopped communication in countries such as Estoniaand Georgia,• Stuxnet is the first aimed at physical destruction andit heralds a new era in cyberwar.Prof. Lili Saghafi80•Stuxnet
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• ―It is not speculation that this is the first directed cyberweapon‖, or one aimed at a specific real-world process, saidJoe Weiss, a US expert who has testified to Congress ontechnological security threats to the electric grid and otherphysical operations.• ―The only speculation is what it is being used against, and bywhom.‖Prof. Lili Saghafi81The first directed cyber weapon
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Stuxnet‘s knowledge of Microsoft‘s Windows operatingsystem, the Siemens program and the associated hardwareof the target industry make it the work of a well-financed,highly organized team.• The malicious software marks the first attack on criticalindustrial infrastructure that sits at the foundation of moderneconomies.Prof. Lili Saghafi82Stuxnet’s knowledge of Microsoft’s Windowsoperating system,
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012•• The Operation Aurora, Zeus, and piracy• While we still use many of the same old names - viruses, Trojans, andworms - todays malware deserves much more respect than many aregiving it. Where traditional viruses mostly aimed to disrupt operationsor win fame for their coders cleverness,• todays malware enables potent multistage attacks calledadvanced persistent threats. In these carefully sequenced attacks,criminals rely on custom and constantly changing malware beingplaced where it will go unnoticed, returning the maximum value fromtheir investment.Prof. Lili Saghafi83How 3 Cyber Threats Transform IncidentResponse: Oct 2012Targeted Attacks, System Exploits, Data Theft,and You
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Intrinsic -try to build it right -commercial/technologycomponent should change frequently• Extrinsic - evaluate it so you know something aboutresidual risk• Implementation – Combine component in the best waymaintain system, patch, scan frequently• Operational – Monitor everything ,update, look for badbehaviour, Authentication, privileges and different userslevel of accessibility• Don’t only block everything have strategyProf. Lili Saghafi84How to build the assuranceA Tip for IT MANAGERS
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• It Is very real• Cyber activity is constant• All of us are target• We need to be hard target, (people are strongest link if wemake them hard target)• This is the matter of life and Death , it is about freedomour way of lifeProf. Lili Saghafi85•Cyber Crime
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• We need strong technology• We need users understanding of treatsand respond (.com/.cm) masqueradingand spoofing• We need cyber professional to knowthe risk/treats and mitigationProf. Lili Saghafi86•Solution
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• In home you can prevent 90%attacks,• In industry 80% of attacks areknown , 10% are too new to beknown , and 10% we just don’t knowit exist.• RSA (which stands for Rivest, Shamir and Adleman who first publicly described it) is analgorithm for public-key cryptography in information SecurityProf. Lili Saghafi872010 RSA Conference research result
  • REMEMBERPeople are the strongest link to build the securityassurance , Together we can , Remember we are theMasterpiece of God , he Breathed into us, we are capableof doing anything.88 Prof. Lili Saghafi
  • Seminar on Digital Marketing - Impact of SocialMedia Tools‘Oct 10th, 2012• Computer Crime Research Center• http://www.crime-research.org/news/20.03.2010/3779/• Network Forensics Blog » cybercrime• http://www.networkforensics.com/category/cybercrime/• Information Policy• http://www.i-policy.org/cybercrime/• Security• http://news.cnet.com/security/?tag=hdr;snav• RSA Conference• Computer Crime & Intellectual Property SectionUnited States Department of Justice• FORBES Magazine•REFERENCES89 Prof. Lili Saghafi
  • Thank you for beinggreat audienceAnyQuestion?90 Prof. Lili Saghafi