SlideShare a Scribd company logo

Ratzan2

Download as PPT, PDF
M
MAFANTIRI SELLO

Iinformation security

Technology
1 of 35
UNDERSTANDINGUNDERSTANDING INFORMATION SECURITYINFORMATION SECURITY Lee Ratzan, MCP, Ph.D.Lee Ratzan, MCP, Ph.D. School of Communication, Information & Library Studies atSchool of Communication, Information & Library Studies at Rutgers UniversityRutgers University Lratzan@scils.rutgers.eduLratzan@scils.rutgers.edu VIRUSES, WORMS, HOAXES, And TROJAN HORSES
IT’S A JUNGLE OUT THEREIT’S A JUNGLE OUT THERE Computer Viruses Trojan Horses Address Book theft DNS Poisoning Zombies, IP Spoofing Password Grabbers Logic Bombs Network Worms Hijacked Home Pages Denial of Service Attacks Buffer Overruns Password Crackers
AND THE EVER POPULAR:AND THE EVER POPULAR: Hoaxes Ploys Pop-Ups Scams Spam
In 1980 a computer cracked a 3-characterIn 1980 a computer cracked a 3-character password within one minute.password within one minute. DID YOU KNOW? In 2004 a computer virus infected 1In 2004 a computer virus infected 1 million computers within one hour.million computers within one hour. In 1999 a team of computers cracked a 56-In 1999 a team of computers cracked a 56- character password within one day.character password within one day.
DEFINITIONSDEFINITIONS A computer programA computer program Computer viruses, network worms,Computer viruses, network worms, Trojan HorseTrojan Horse Tells a computerTells a computer what to do and how to do it.what to do and how to do it. These are computer programs.These are computer programs.
SALIENT DIFFERENCESSALIENT DIFFERENCES 1) Computer Virus: •Needs a host file 2) Network Worm: •No host (self-contained) •Copies itself •Executable •Copies itself •Executable 3) Trojan Horse: • No host (self-contained) •Does not copy itself •Imposter Program
TYPICAL SYMPTOMSTYPICAL SYMPTOMS • File deletionFile deletion • File corruptionFile corruption • Visual effectsVisual effects • Pop-UpsPop-Ups • Erratic (and unwanted) behaviorErratic (and unwanted) behavior • Computer crashesComputer crashes
BIOLOGICAL METAPHORSBIOLOGICAL METAPHORS 1. Bacterial Infection Model: 2. Virus Infected Model: •Single bacterium •Viral DNA Fragment •Replication •Dispersal •Infected Cells •Replication •Dispersal A computer virus spreads similarly, hence the name
WHY DO WE HAVE THISWHY DO WE HAVE THIS PROBLEM?PROBLEM?  Software companies rushSoftware companies rush products to the consumerproducts to the consumer market (“No program should gomarket (“No program should go online before its time…”)online before its time…”)  Recycling old code reduces development time, but perpetuates old flaws.
AND A FEW MOREAND A FEW MORE REASONSREASONS Market share is more important than security Interface design is more important than security New feature designs are more important than security Ease of use is more important than security
HACKER MOTIVATIONSHACKER MOTIVATIONS Attack the Evil EmpireAttack the Evil Empire (Microsoft)(Microsoft) Display of dominance Misdirected creativity “Who knows what evil lurks in the hearts of men?” Showing off, revenge Embezzlement, greed
NETWORKED SYSTEMS VSNETWORKED SYSTEMS VS SECURED SYSTEMSSECURED SYSTEMS NETWORKS SECURITY Open Communication Closed Communication Full Access Full Lockdown Managers must strike a balance Some platforms are more secure than others
POPULAR FALLACIESPOPULAR FALLACIES If I never log off then my computer can never get a virus If I lock my office door then my computer can never get a virus Companies create viruses so they can sell anti-virus software My ISP will protect me? Microsoft will protect me
AND A FEW MORE….AND A FEW MORE…. I got this disc from my (mother, boss, friend) so it must be okay You cannot get a virus by opening an attachment from someone you know But I only downloaded one file I am too smart to fall for a scam You can catch a cold from a computer virus My friend who knows a lot about computers showed me this really cool site…
THINGS THE LIBRARY CAN DOTHINGS THE LIBRARY CAN DO ACTION PLAN: •Designate security support staff (and fund them) •Make security awareness a corporate priority (and educate your staff) •Enable real-time protection •Update all vendor security patches •Subscribe to several security alert bulletins
•Periodically reboot or re-load all computers •Control, limit or block all downloads and installs •Install anti-virus software on computers (keep it current) “It takes a carpenter to build a house but one jackass can knock it down” (Variously attributed to Mark Twain, Harry Truman, Senator Sam Rayburn)
WHAT CAN THE LIBRARIAN DO?WHAT CAN THE LIBRARIAN DO? Set bookmarks to authoritative: • virus hoax Web pages •public free anti-virus removal tools Provide patrons with: up-to-date information about viruses, etc. Confirm: that desktops have the latest anti-virus updates •anti-virus Web pages
BACK IT UPBACK IT UP Offline copies: Grandfather/father/son (monthly/weekly/daily) Online copies: Shared network drive Changes only: Incremental/differential Do not back up a file on the same disc as the original! Assume every disc, CD, etc is suspect, no matter who gave it to you “Doveryay, No Proveryay” (Trust but Verify)
MACHINE INFECTED?MACHINE INFECTED? ACTION PLAN:ACTION PLAN: 1)Write down the error or alert message verbatim •inform your tech support team •quarantine the machine 2) Look up the message in an authoritative anti-virus site (demo) •diagnose the problem •take recommended remedial action
If appropriate: 3) Reboot the machine •Run a full system scan before placing the machine back in service •Apply all missing critical security patches (demo) •Download, install, run the anti-virus removal tool (demo)
THE HOAX STOPS HERETHE HOAX STOPS HERE •tells you to do something •tells you to take immediate action •cites a recognizable source to give itself credibility (“Microsoft has warned that…”) •does not originate from a valid computer vendor IF THE MESSAGE:
•lacks specific verifiable contact information IF IN DOUBT, CHECK IT OUT Confirm the hoax by checking it against authoritative hoax sites Inform other staff so the hoax does not propagate AND:
POPULAR HOAXES INCLUDE:POPULAR HOAXES INCLUDE:  JDBGMGR (teddy-bearJDBGMGR (teddy-bear icon)icon) NIGERIA $800 FROM MICROSOFT Tricks users into deleting a file Money scam Pyramid scheme
STOPPING THE TROJAN HORSESTOPPING THE TROJAN HORSE The Horse must be “invited in” ….The Horse must be “invited in” …. How does it get in? Downloading a file By: Installing a program Opening an attachment Opening bogus Web pages Copying a file from someone else
A Trojan Horse exploits computer ports letting its “friends” enter, and Security patches often close computer ports and vulnerabilities MORE ON THE HORSE……. “once a thief gets into your house he opens a rear window for his partners”
NOTE #1NOTE #1  Search engines are NOT reliable sources ofSearch engines are NOT reliable sources of virus informationvirus information Information may be inaccurate, incomplete or out of date Search engines generate huge numbers of indiscriminate hits Some anti-virus Web sites are scams (or contain trojan Horses) Go directly to authoritative anti-virus sites
NOTE #2NOTE #2  Computer companies areComputer companies are NOTNOT reliablereliable sources of virus informationsources of virus information are not in the anti-virus business Usually refer you to an anti-virus vendor themselves are victims! Computer companies:
ONLINE RESOURCESONLINE RESOURCES Authoritative Hoax InformationAuthoritative Hoax Information  securityresponse.symantec.com/avcenter/hoax.htmlsecurityresponse.symantec.com/avcenter/hoax.html  vil.mcafeesecurity.com/vil/hoaxes.aspvil.mcafeesecurity.com/vil/hoaxes.asp Authoritative Anti-Virus Vendor InformationAuthoritative Anti-Virus Vendor Information  ssecurityresponse.symantec.com/avcenter/vinf odb.htmlecurityresponse.symantec.com/avcenter/vinf odb.html  www.mcafeesecurity.com/us/security/vil.htmwww.mcafeesecurity.com/us/security/vil.htm
REFERENCESREFERENCES Authoritative Security Alert InformationAuthoritative Security Alert Information  securityresponse.symantec.comsecurityresponse.symantec.com// (Symantec)(Symantec)  wwww.microsoft.com/securityww.microsoft.com/security (Microsoft)(Microsoft)  www.apple.com/support/security/www.apple.com/support/security/ (Apple)(Apple)
Authoritative Anti-Virus OrganizationsAuthoritative Anti-Virus Organizations  www.cert.orgwww.cert.org (Computer Emergency Response Team-CMU)(Computer Emergency Response Team-CMU)  www.ciac.org/ciacwww.ciac.org/ciac (CIAC-Department of Energy)(CIAC-Department of Energy)  www.sans.org/aboutsans.phpwww.sans.org/aboutsans.php (Server and Network Security)(Server and Network Security)  www.first.orgwww.first.org (Forum of Incident Response and Security Teams)(Forum of Incident Response and Security Teams)  www.cirt.rutgers.eduwww.cirt.rutgers.edu (Computing Incident Response Team-Rutgers(Computing Incident Response Team-Rutgers))
Authoritative Free Public Anti-Virus RemovalAuthoritative Free Public Anti-Virus Removal Tool InformationTool Information  securityresponse.symantec.com/avcenter/tools.securityresponse.symantec.com/avcenter/tools. list.htmllist.html  vil.nai.com/vil/averttools.aspvil.nai.com/vil/averttools.asp  mssg.rutgers.edu/documentation/virusesmssg.rutgers.edu/documentation/viruses (Rutgers)(Rutgers)  some professional library sites have pointers tosome professional library sites have pointers to reliable anti-virus informationreliable anti-virus information
PRINT RESOURCESPRINT RESOURCES  Allen, Julia, (2001)Allen, Julia, (2001) The CERT Guide toThe CERT Guide to System and Network Security PracticesSystem and Network Security Practices,, Addison-Wesley, New YorkAddison-Wesley, New York  Crume, Jeff, (2000)Crume, Jeff, (2000) Inside Internet SecurityInside Internet Security,, Addison-Wesley, New YorkAddison-Wesley, New York  Ratzan, Lee, (January 2005)Ratzan, Lee, (January 2005) A new role forA new role for librarieslibraries, SC Magazine (Secure Computing, SC Magazine (Secure Computing Magazine), page 26Magazine), page 26
 Ratzan, Lee, (2004)Ratzan, Lee, (2004) UnderstandingUnderstanding Information SystemsInformation Systems, American Library, American Library Association, ChicagoAssociation, Chicago
A NEW ROLE FOR LIBRARIES?A NEW ROLE FOR LIBRARIES?
THE AUTHOR ACKNOWLEDGESTHE AUTHOR ACKNOWLEDGES  The cooperation of InfoLinkThe cooperation of InfoLink (www.infolink.org) for promoting library(www.infolink.org) for promoting library professional development programsprofessional development programs  The Monroe Public Library for the useThe Monroe Public Library for the use of its facilitiesof its facilities  SC Magazine for publishing an essay onSC Magazine for publishing an essay on libraries being at the forefront oflibraries being at the forefront of information securityinformation security  Lisa DeBilio for her production of theLisa DeBilio for her production of the PowerPoint slides.PowerPoint slides. THANK YOU ALL

Recommended

Ratzan2
Ratzan2Ratzan2
Ratzan2haneefvf1
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
Dark side presentation lwhippedtc515
Dark side presentation lwhippedtc515Dark side presentation lwhippedtc515
Dark side presentation lwhippedtc515lisawhipp
 
Computer virus
Computer virusComputer virus
Computer virusBGS Model Public School
 
The process of computer security
The process of computer securityThe process of computer security
The process of computer securityWritingHubUK
 
Computer viruses. - Free Online Library
Computer viruses. - Free Online LibraryComputer viruses. - Free Online Library
Computer viruses. - Free Online Librarywirelessbroadbandinternet57
 
Timeline of computer viruses
Timeline of computer virusesTimeline of computer viruses
Timeline of computer virusesSmart Technology Services, Inc.
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPESMALWARE AND ITS TYPES
MALWARE AND ITS TYPESdaniyalqureshi712
 

Recommended

Ratzan2
Ratzan2Ratzan2
Ratzan2haneefvf1
 
Thane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationThane Barnier MACE 2016 presentation
Thane Barnier MACE 2016 presentationJeff Zahn
 
Dark side presentation lwhippedtc515
Dark side presentation lwhippedtc515Dark side presentation lwhippedtc515
Dark side presentation lwhippedtc515lisawhipp
 
Computer virus
Computer virusComputer virus
Computer virusBGS Model Public School
 
The process of computer security
The process of computer securityThe process of computer security
The process of computer securityWritingHubUK
 
Computer viruses. - Free Online Library
Computer viruses. - Free Online LibraryComputer viruses. - Free Online Library
Computer viruses. - Free Online Librarywirelessbroadbandinternet57
 
Timeline of computer viruses
Timeline of computer virusesTimeline of computer viruses
Timeline of computer virusesSmart Technology Services, Inc.
 
MALWARE AND ITS TYPES
MALWARE AND ITS TYPESMALWARE AND ITS TYPES
MALWARE AND ITS TYPESdaniyalqureshi712
 
Virus trojanworm
Virus trojanwormVirus trojanworm
Virus trojanwormJenMorri
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 
Historyofviruses
HistoryofvirusesHistoryofviruses
HistoryofvirusesFathoni Mahardika II
 
Virus09
Virus09Virus09
Virus09defler
 
Information security
Information securityInformation security
Information securityJAMEEL AHMED KHOSO
 
Virus
VirusVirus
VirusCHITRA S
 
The malware (r)evolution
The malware (r)evolutionThe malware (r)evolution
The malware (r)evolutionITrust - Cybersecurity as a Service
 
computer virus ppt.pptx
computer virus ppt.pptxcomputer virus ppt.pptx
computer virus ppt.pptxAbiniyavk
 
MALWARE
MALWAREMALWARE
MALWAREAnupam Das
 
Modern Malware and Threats
Modern Malware and ThreatsModern Malware and Threats
Modern Malware and ThreatsMarketingArrowECS_CZ
 
Malware
MalwareMalware
MalwareNikola Milosevic
 
Internet Security in Web 2.0
Internet Security in Web 2.0 Internet Security in Web 2.0
Internet Security in Web 2.0 Arjunsinh Sindhav
 
M
MM
Mmonikamca
 
Viruses ppt finale
Viruses ppt finaleViruses ppt finale
Viruses ppt finalemishrasb4
 
C 7
C 7C 7
C 7Les Davy
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attackIcomm Technologies
 
Sophos a-to-z
Sophos a-to-z Sophos a-to-z
Sophos a-to-z Cheng Olayvar
 
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATSJazzyNF
 
How Safe is your Data?
How Safe is your Data?How Safe is your Data?
How Safe is your Data?Michael Soltys
 
Iss lecture 9
Iss lecture 9Iss lecture 9
Iss lecture 9Ali Habeeb
 
ratzan2.ppt
ratzan2.pptratzan2.ppt
ratzan2.pptamyray28
 
Today's malware aint what you think
Today's malware aint what you thinkToday's malware aint what you think
Today's malware aint what you thinkNathan Winters
 

More Related Content

What's hot

Virus trojanworm
Virus trojanwormVirus trojanworm
Virus trojanwormJenMorri
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 
Virus09
Virus09Virus09
Virus09defler
 
computer virus ppt.pptx
computer virus ppt.pptxcomputer virus ppt.pptx
computer virus ppt.pptxAbiniyavk
 
Internet Security in Web 2.0
Internet Security in Web 2.0 Internet Security in Web 2.0
Internet Security in Web 2.0 Arjunsinh Sindhav
 
Viruses ppt finale
Viruses ppt finaleViruses ppt finale
Viruses ppt finalemishrasb4
 
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATSJazzyNF
 
How Safe is your Data?
How Safe is your Data?How Safe is your Data?
How Safe is your Data?Michael Soltys
 

What's hot (20)

Virus trojanworm
Virus trojanwormVirus trojanworm
Virus trojanworm
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides ppt
 
Historyofviruses
HistoryofvirusesHistoryofviruses
Historyofviruses
 
Virus09
Virus09Virus09
Virus09
 
Information security
Information securityInformation security
Information security
 
Virus
VirusVirus
Virus
 
The malware (r)evolution
The malware (r)evolutionThe malware (r)evolution
The malware (r)evolution
 
computer virus ppt.pptx
computer virus ppt.pptxcomputer virus ppt.pptx
computer virus ppt.pptx
 
MALWARE
MALWAREMALWARE
MALWARE
 
Modern Malware and Threats
Modern Malware and ThreatsModern Malware and Threats
Modern Malware and Threats
 
Malware
MalwareMalware
Malware
 
Internet Security in Web 2.0
Internet Security in Web 2.0 Internet Security in Web 2.0
Internet Security in Web 2.0
 
M
MM
M
 
Viruses ppt finale
Viruses ppt finaleViruses ppt finale
Viruses ppt finale
 
C 7
C 7C 7
C 7
 
Anatomy of a cyber-attack
Anatomy of a cyber-attackAnatomy of a cyber-attack
Anatomy of a cyber-attack
 
Sophos a-to-z
Sophos a-to-z Sophos a-to-z
Sophos a-to-z
 
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
[EMPOWERMENT TECHNOLOGIES] - INTERNET THREATS
 
How Safe is your Data?
How Safe is your Data?How Safe is your Data?
How Safe is your Data?
 
Iss lecture 9
Iss lecture 9Iss lecture 9
Iss lecture 9
 

Similar to Ratzan2

ratzan2.ppt
ratzan2.pptratzan2.ppt
ratzan2.pptamyray28
 
Today's malware aint what you think
Today's malware aint what you thinkToday's malware aint what you think
Today's malware aint what you thinkNathan Winters
 
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security ThreatsSophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security ThreatsConnecting Up
 
Trojan horsies prez
Trojan horsies prezTrojan horsies prez
Trojan horsies prezStudio Sheen
 
Information Technology - System Threats
Information Technology - System ThreatsInformation Technology - System Threats
Information Technology - System ThreatsDrishti Bhalla
 
CyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicCyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicpiyushkamble6
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxanbersattar
 
4598 cybercrime
4598 cybercrime4598 cybercrime
4598 cybercrimeravikanthh
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & preventionPriSim
 
Defend Your Company Against Ransomware
Defend Your Company Against RansomwareDefend Your Company Against Ransomware
Defend Your Company Against RansomwareKevo Meehan
 
4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilitiesricharddxd
 
Please read below and respond with 150 words or more in your own opi.docx
Please read below and respond with 150 words or more in your own opi.docxPlease read below and respond with 150 words or more in your own opi.docx
Please read below and respond with 150 words or more in your own opi.docxSONU61709
 

Similar to Ratzan2 (20)

ratzan2.ppt
ratzan2.pptratzan2.ppt
ratzan2.ppt
 
Today's malware aint what you think
Today's malware aint what you thinkToday's malware aint what you think
Today's malware aint what you think
 
Computers Diseases
Computers DiseasesComputers Diseases
Computers Diseases
 
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security ThreatsSophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Trojan horsies prez
Trojan horsies prezTrojan horsies prez
Trojan horsies prez
 
Information Technology - System Threats
Information Technology - System ThreatsInformation Technology - System Threats
Information Technology - System Threats
 
CyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topicCyberSecurity presentation for basic knowledge about this topic
CyberSecurity presentation for basic knowledge about this topic
 
System-Security-acit-Institute
System-Security-acit-InstituteSystem-Security-acit-Institute
System-Security-acit-Institute
 
virus
virusvirus
virus
 
Information-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptxInformation-Security-Lecture-5.pptx
Information-Security-Lecture-5.pptx
 
4598 cybercrime
4598 cybercrime4598 cybercrime
4598 cybercrime
 
Cybercrime 1
Cybercrime 1Cybercrime 1
Cybercrime 1
 
Malware
MalwareMalware
Malware
 
Computer Worms
Computer WormsComputer Worms
Computer Worms
 
Computer security threats & prevention
Computer security threats & preventionComputer security threats & prevention
Computer security threats & prevention
 
Defend Your Company Against Ransomware
Defend Your Company Against RansomwareDefend Your Company Against Ransomware
Defend Your Company Against Ransomware
 
4 threatsandvulnerabilities
4 threatsandvulnerabilities4 threatsandvulnerabilities
4 threatsandvulnerabilities
 
Please read below and respond with 150 words or more in your own opi.docx
Please read below and respond with 150 words or more in your own opi.docxPlease read below and respond with 150 words or more in your own opi.docx
Please read below and respond with 150 words or more in your own opi.docx
 
radhika.pdf
radhika.pdfradhika.pdf
radhika.pdf
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 

Ratzan2

  • 1. UNDERSTANDINGUNDERSTANDING INFORMATION SECURITYINFORMATION SECURITY Lee Ratzan, MCP, Ph.D.Lee Ratzan, MCP, Ph.D. School of Communication, Information & Library Studies atSchool of Communication, Information & Library Studies at Rutgers UniversityRutgers University Lratzan@scils.rutgers.eduLratzan@scils.rutgers.edu VIRUSES, WORMS, HOAXES, And TROJAN HORSES
  • 2. IT’S A JUNGLE OUT THEREIT’S A JUNGLE OUT THERE Computer Viruses Trojan Horses Address Book theft DNS Poisoning Zombies, IP Spoofing Password Grabbers Logic Bombs Network Worms Hijacked Home Pages Denial of Service Attacks Buffer Overruns Password Crackers
  • 3. AND THE EVER POPULAR:AND THE EVER POPULAR: Hoaxes Ploys Pop-Ups Scams Spam
  • 4. In 1980 a computer cracked a 3-characterIn 1980 a computer cracked a 3-character password within one minute.password within one minute. DID YOU KNOW? In 2004 a computer virus infected 1In 2004 a computer virus infected 1 million computers within one hour.million computers within one hour. In 1999 a team of computers cracked a 56-In 1999 a team of computers cracked a 56- character password within one day.character password within one day.
  • 5. DEFINITIONSDEFINITIONS A computer programA computer program Computer viruses, network worms,Computer viruses, network worms, Trojan HorseTrojan Horse Tells a computerTells a computer what to do and how to do it.what to do and how to do it. These are computer programs.These are computer programs.
  • 6. SALIENT DIFFERENCESSALIENT DIFFERENCES 1) Computer Virus: •Needs a host file 2) Network Worm: •No host (self-contained) •Copies itself •Executable •Copies itself •Executable 3) Trojan Horse: • No host (self-contained) •Does not copy itself •Imposter Program
  • 7. TYPICAL SYMPTOMSTYPICAL SYMPTOMS • File deletionFile deletion • File corruptionFile corruption • Visual effectsVisual effects • Pop-UpsPop-Ups • Erratic (and unwanted) behaviorErratic (and unwanted) behavior • Computer crashesComputer crashes
  • 8. BIOLOGICAL METAPHORSBIOLOGICAL METAPHORS 1. Bacterial Infection Model: 2. Virus Infected Model: •Single bacterium •Viral DNA Fragment •Replication •Dispersal •Infected Cells •Replication •Dispersal A computer virus spreads similarly, hence the name
  • 9. WHY DO WE HAVE THISWHY DO WE HAVE THIS PROBLEM?PROBLEM?  Software companies rushSoftware companies rush products to the consumerproducts to the consumer market (“No program should gomarket (“No program should go online before its time…”)online before its time…”)  Recycling old code reduces development time, but perpetuates old flaws.
  • 10. AND A FEW MOREAND A FEW MORE REASONSREASONS Market share is more important than security Interface design is more important than security New feature designs are more important than security Ease of use is more important than security
  • 11. HACKER MOTIVATIONSHACKER MOTIVATIONS Attack the Evil EmpireAttack the Evil Empire (Microsoft)(Microsoft) Display of dominance Misdirected creativity “Who knows what evil lurks in the hearts of men?” Showing off, revenge Embezzlement, greed
  • 12. NETWORKED SYSTEMS VSNETWORKED SYSTEMS VS SECURED SYSTEMSSECURED SYSTEMS NETWORKS SECURITY Open Communication Closed Communication Full Access Full Lockdown Managers must strike a balance Some platforms are more secure than others
  • 13. POPULAR FALLACIESPOPULAR FALLACIES If I never log off then my computer can never get a virus If I lock my office door then my computer can never get a virus Companies create viruses so they can sell anti-virus software My ISP will protect me? Microsoft will protect me
  • 14. AND A FEW MORE….AND A FEW MORE…. I got this disc from my (mother, boss, friend) so it must be okay You cannot get a virus by opening an attachment from someone you know But I only downloaded one file I am too smart to fall for a scam You can catch a cold from a computer virus My friend who knows a lot about computers showed me this really cool site…
  • 15. THINGS THE LIBRARY CAN DOTHINGS THE LIBRARY CAN DO ACTION PLAN: •Designate security support staff (and fund them) •Make security awareness a corporate priority (and educate your staff) •Enable real-time protection •Update all vendor security patches •Subscribe to several security alert bulletins
  • 16. •Periodically reboot or re-load all computers •Control, limit or block all downloads and installs •Install anti-virus software on computers (keep it current) “It takes a carpenter to build a house but one jackass can knock it down” (Variously attributed to Mark Twain, Harry Truman, Senator Sam Rayburn)
  • 17. WHAT CAN THE LIBRARIAN DO?WHAT CAN THE LIBRARIAN DO? Set bookmarks to authoritative: • virus hoax Web pages •public free anti-virus removal tools Provide patrons with: up-to-date information about viruses, etc. Confirm: that desktops have the latest anti-virus updates •anti-virus Web pages
  • 18. BACK IT UPBACK IT UP Offline copies: Grandfather/father/son (monthly/weekly/daily) Online copies: Shared network drive Changes only: Incremental/differential Do not back up a file on the same disc as the original! Assume every disc, CD, etc is suspect, no matter who gave it to you “Doveryay, No Proveryay” (Trust but Verify)
  • 19. MACHINE INFECTED?MACHINE INFECTED? ACTION PLAN:ACTION PLAN: 1)Write down the error or alert message verbatim •inform your tech support team •quarantine the machine 2) Look up the message in an authoritative anti-virus site (demo) •diagnose the problem •take recommended remedial action
  • 20. If appropriate: 3) Reboot the machine •Run a full system scan before placing the machine back in service •Apply all missing critical security patches (demo) •Download, install, run the anti-virus removal tool (demo)
  • 21. THE HOAX STOPS HERETHE HOAX STOPS HERE •tells you to do something •tells you to take immediate action •cites a recognizable source to give itself credibility (“Microsoft has warned that…”) •does not originate from a valid computer vendor IF THE MESSAGE:
  • 22. •lacks specific verifiable contact information IF IN DOUBT, CHECK IT OUT Confirm the hoax by checking it against authoritative hoax sites Inform other staff so the hoax does not propagate AND:
  • 23. POPULAR HOAXES INCLUDE:POPULAR HOAXES INCLUDE:  JDBGMGR (teddy-bearJDBGMGR (teddy-bear icon)icon) NIGERIA $800 FROM MICROSOFT Tricks users into deleting a file Money scam Pyramid scheme
  • 24. STOPPING THE TROJAN HORSESTOPPING THE TROJAN HORSE The Horse must be “invited in” ….The Horse must be “invited in” …. How does it get in? Downloading a file By: Installing a program Opening an attachment Opening bogus Web pages Copying a file from someone else
  • 25. A Trojan Horse exploits computer ports letting its “friends” enter, and Security patches often close computer ports and vulnerabilities MORE ON THE HORSE……. “once a thief gets into your house he opens a rear window for his partners”
  • 26. NOTE #1NOTE #1  Search engines are NOT reliable sources ofSearch engines are NOT reliable sources of virus informationvirus information Information may be inaccurate, incomplete or out of date Search engines generate huge numbers of indiscriminate hits Some anti-virus Web sites are scams (or contain trojan Horses) Go directly to authoritative anti-virus sites
  • 27. NOTE #2NOTE #2  Computer companies areComputer companies are NOTNOT reliablereliable sources of virus informationsources of virus information are not in the anti-virus business Usually refer you to an anti-virus vendor themselves are victims! Computer companies:
  • 28. ONLINE RESOURCESONLINE RESOURCES Authoritative Hoax InformationAuthoritative Hoax Information  securityresponse.symantec.com/avcenter/hoax.htmlsecurityresponse.symantec.com/avcenter/hoax.html  vil.mcafeesecurity.com/vil/hoaxes.aspvil.mcafeesecurity.com/vil/hoaxes.asp Authoritative Anti-Virus Vendor InformationAuthoritative Anti-Virus Vendor Information  ssecurityresponse.symantec.com/avcenter/vinf odb.htmlecurityresponse.symantec.com/avcenter/vinf odb.html  www.mcafeesecurity.com/us/security/vil.htmwww.mcafeesecurity.com/us/security/vil.htm
  • 29. REFERENCESREFERENCES Authoritative Security Alert InformationAuthoritative Security Alert Information  securityresponse.symantec.comsecurityresponse.symantec.com// (Symantec)(Symantec)  wwww.microsoft.com/securityww.microsoft.com/security (Microsoft)(Microsoft)  www.apple.com/support/security/www.apple.com/support/security/ (Apple)(Apple)
  • 30. Authoritative Anti-Virus OrganizationsAuthoritative Anti-Virus Organizations  www.cert.orgwww.cert.org (Computer Emergency Response Team-CMU)(Computer Emergency Response Team-CMU)  www.ciac.org/ciacwww.ciac.org/ciac (CIAC-Department of Energy)(CIAC-Department of Energy)  www.sans.org/aboutsans.phpwww.sans.org/aboutsans.php (Server and Network Security)(Server and Network Security)  www.first.orgwww.first.org (Forum of Incident Response and Security Teams)(Forum of Incident Response and Security Teams)  www.cirt.rutgers.eduwww.cirt.rutgers.edu (Computing Incident Response Team-Rutgers(Computing Incident Response Team-Rutgers))
  • 31. Authoritative Free Public Anti-Virus RemovalAuthoritative Free Public Anti-Virus Removal Tool InformationTool Information  securityresponse.symantec.com/avcenter/tools.securityresponse.symantec.com/avcenter/tools. list.htmllist.html  vil.nai.com/vil/averttools.aspvil.nai.com/vil/averttools.asp  mssg.rutgers.edu/documentation/virusesmssg.rutgers.edu/documentation/viruses (Rutgers)(Rutgers)  some professional library sites have pointers tosome professional library sites have pointers to reliable anti-virus informationreliable anti-virus information
  • 32. PRINT RESOURCESPRINT RESOURCES  Allen, Julia, (2001)Allen, Julia, (2001) The CERT Guide toThe CERT Guide to System and Network Security PracticesSystem and Network Security Practices,, Addison-Wesley, New YorkAddison-Wesley, New York  Crume, Jeff, (2000)Crume, Jeff, (2000) Inside Internet SecurityInside Internet Security,, Addison-Wesley, New YorkAddison-Wesley, New York  Ratzan, Lee, (January 2005)Ratzan, Lee, (January 2005) A new role forA new role for librarieslibraries, SC Magazine (Secure Computing, SC Magazine (Secure Computing Magazine), page 26Magazine), page 26
  • 33.  Ratzan, Lee, (2004)Ratzan, Lee, (2004) UnderstandingUnderstanding Information SystemsInformation Systems, American Library, American Library Association, ChicagoAssociation, Chicago
  • 34. A NEW ROLE FOR LIBRARIES?A NEW ROLE FOR LIBRARIES?
  • 35. THE AUTHOR ACKNOWLEDGESTHE AUTHOR ACKNOWLEDGES  The cooperation of InfoLinkThe cooperation of InfoLink (www.infolink.org) for promoting library(www.infolink.org) for promoting library professional development programsprofessional development programs  The Monroe Public Library for the useThe Monroe Public Library for the use of its facilitiesof its facilities  SC Magazine for publishing an essay onSC Magazine for publishing an essay on libraries being at the forefront oflibraries being at the forefront of information securityinformation security  Lisa DeBilio for her production of theLisa DeBilio for her production of the PowerPoint slides.PowerPoint slides. THANK YOU ALL