SlideShare a Scribd company logo

Foundations Computer Security Fundamentals

Download as PPTX, PDF
C
chandutidake

nis notes part 1

Education
1 of 58
FOUNDATIONS OF COMPUTER SECURITY COMPUTER SECURITY BASICALLY IS THE PROTECTION OF COMPUTER SYSTEMS AND INFORMATION FROM HARM, THEFT, AND UNAUTHORIZED USE. IT IS THE PROCESS OF PREVENTING AND DETECTING UNAUTHORIZED USE OF YOUR COMPUTER SYSTEM. • COMPUTER SECURITY REFERS TO TECHNIQUES FOR ENSURING THAT DATA STORED IN A COMPUTER CANNOT BE READ OR COMPROMISED BY ANY INDIVIDUALS WITHOUT AUTHORIZATION.
FOUNDATIONS OF COMPUTER SECURITY • INFORMATION SECURITY IS SECURING INFORMATION FROM UNAUTHORIZED ACCESS, MODIFICATION & DELETION • CYBERSECURITY IS DEFINED AS PROTECTING COMPUTER SYSTEMS, WHICH COMMUNICATE OVER THE COMPUTER NETWORKS
NEED OF COMPUTER SECURITY • NEED OF COMPUTER SECURITY: • 1. FOR PREVENTION OF DATA THEFT SUCH AS BANK ACCOUNT NUMBERS, CREDIT CARD INFORMATION, PASSWORDS, WORK RELATED DOCUMENTS OR SHEETS, ETC. • 2. TO MAKE DATA REMAIN SAFE AND CONFIDENTIAL. • 3. TO PROVIDE CONFIDENTIALITY WHICH ENSURES THAT ONLY THOSE INDIVIDUALS SHOULD EVER BE ABLE TO VIEW DATA THEY ARE NOT ENTITLED TO. • 4. TO PROVIDE INTEGRITY WHICH ENSURES THAT ONLY AUTHORIZED INDIVIDUALS SHOULD EVER BE ABLE CHANGE OR MODIFY INFORMATION. • 5. TO PROVIDE AVAILABILITY WHICH ENSURE THAT THE DATA OR SYSTEM ITSELF IS AVAILABLE FOR USE WHEN AUTHORIZED USER WANTS IT. • 6. TO PROVIDE AUTHENTICATION WHICH DEALS WITH THE DESIRE TO ENSURE THAT AN AUTHORIZED INDIVIDUAL.
NEED OF SECURITY • TO KEEP CONFIDENTIAL INFORMATION OUT OF THE WRONG HANDS • TO MAINTAIN THE INTEGRITY OF THE SYSTEM AND THE DATA SO IT CAN BE TRUSTED • TO GUARANTEE THAT THE SYSTEM AND DATA IS THERE AND ABLE TO BE ACCESSED AT WILL.
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY • IT CONSISTS OF CONFIDENTIALITY, INTEGRITY AND AVAILABILITY. • THIS MODEL IS DESIGNED TO GUIDE THE ORGANIZATION WITH THE POLICIES OF CYBER SECURITY IN THE AREA OF INFORMATION SECURITY.
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY
CONFIDENTIALITY ● THE PRINCIPLE OF CONFIDENTIALITY SPECIFIES THAT ONLY THE SENDER AND INTENDED RECIPIENT SHOULD BE ABLE TO ACCESS THE CONTENTS OF A MESSAGE. ● CONFIDENTIALITY GETS COMPROMISED IF AN UNAUTHORIZED PERSON IS ABLE TO ACCESS THE CONTENTS OF A MESSAGE User A Computer User B Computer User B Computer User A Computer User C Computer M M Fig. Confidentiality Fig. Loss of Confidentiality (interception attack)
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY  CONFIDENTIALITY IS THE ACTION OF HIDING SOMETHING OR PREVENTING IT FROM BEING KNOWN.  ALSO, THERE IS A NEED TO KEEP INFORMATION SECRET FROM OTHER THIRD PARTIES, SO THAT JUST THE RIGHT PEOPLE CAN HAVE ACCESS TO IT  IT DEFINES THE RULES THAT LIMITS THE ACCESS OF INFORMATION.  CONFIDENTIALITY TO RESTRICT THE SENSITIVE INFORMATION FROM BEING ACCESSED BY CYBER ATTACKERS AND HACKERS AND UNAUTHORIZED PERSON.
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY CONFIDENTIALITY MAINTAIN BY USER ID /PASSWORD/OTP  VARIOUS WAYS TO ENSURE CONFIDENTIALITY: TWO-FACTOR AUTHENTICATION, DATA ENCRYPTION, DATA CLASSIFICATION, BIOMETRIC VERIFICATION, AND SECURITY TOKENS.
INTEGRITY  WHEN THE CONTENTS OF THE MESSAGE ARE CHANGED AFTER THE SENDER SENDS IT, BUT BEFORE IT REACHES THE INTENDED RECIPIENT, WE SAY THAT THE INTEGRITY OF THE MESSAGE IS LOST  CHANGE OF CONTENT OF A MESSAGE DURING TRANSMISSION SUCH TYPE OF ATTACK IS KNOWN AS MODIFICATION ATTACK. User B Computer User A Computer User C Computer Transfer 1000Rs Fig. loss of Integrity (modification attack) Transfer 5000Rs Transfer 1000Rs
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY INTEGRITY:  THIS ASSURES THAT THE DATA IS CONSISTENT, ACCURATE AND TRUSTWORTHY DURING THE TRANSMISSION.  IT MEANS THAT THE DATA WITHIN THE TRANSMISSION SHOULD NOT BE CHANGED, ALTERED, DELETED OR ILLEGALLY BEING ACCESSED. • THERE SHOULD BE TOOLS AND TECHNOLOGIES IMPLEMENTED TO DETECT ANY CHANGE OR BREACH IN THE DATA. • VARIOUS ORGANIZATIONS USES A CHECKSUM, AND EVEN CRYPTOGRAPHIC CHECKSUM TO VERIFY THE INTEGRITY OF DATA.
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY Integrity: Example in real life − Let’s say you are doing an online payment of 5 USD, but your information is tampered without your knowledge in a way by sending to the seller 500 USD, this would cost you too much. In this case cryptography plays a very major role in ensuring data integrity.
AVAILABILITY PRINCIPLE OF AVAILABILITY ENSURES THAT RESOURCES SHOULD BE AVAILABLE TO AUTHORIZED PARTIES AT ALL TIMES WITHOUT ANY INTERRUPTION. Server Attacker Client Service Unavailable Fig. Attack on Availability (interruption attack)
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY AVAILABILITY  AVAILABILITY REFERS TO THE ABILITY TO ACCESS DATA OR A RESOURCE WHEN IT IS NEEDED.THE INFORMATION HAS VALUE ONLY IF THE AUTHORIZED PEOPLE CAN ACCESS AT RIGHT TIME  ALL NECESSARY COMPONENTS LIKE HARDWARE, SOFTWARE, NETWORKS, DEVICES AND SECURITY EQUIPMENT SHOULD ALL BE MAINTAINED AND UPGRADED  THIS WILL ENSURE THE SMOOTH FUNCTIONING AND ACCESS OF DATA WITHOUT ANY DISRUPTION
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY AVAILABILITY….  IT ALSO INVOLVES OPTING FOR EXTRA SECURITY EQUIPMENT IN CASE OF ANY DISASTER. UTILITIES LIKE FIREWALLS, DISASTER RECOVERY PLANS, PROXY SERVERS AND A PROPER BACKUP SOLUTION SHOULD ENSURE TO COPE WITH DOS ATTACKS.  EXAMPLE IN REAL LIFE − LET’S SAY A HACKER HAS COMPROMISED A WEBSERVER OF A BANK AND PUT IT DOWN. YOU AS AN AUTHENTICATED USER WANT TO DO AN E-BANKING TRANSFER BUT IT IS IMPOSSIBLE TO ACCESS IT, THE UNDONE TRANSFER IS A MONEY LOST FOR THE BANK.
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY ACCOUNTABILITY : ACCOUNTABILITY IS AN ESSENTIAL PART OF AN INFORMATION SECURITY PLAN.  ACCOUNTABILITY GUARANTEES THAT ALL OPERATIONS CARRIED OUT BY INDIVIDUALS, SYSTEMS CAN BE IDENTIFIED (IDENTIFICATION) AND THAT THE TRACE TO THE AUTHOR (TRACEABILITY)  ONE EXAMPLE WOULD BE A POLICY STATEMENT THAT ALL EMPLOYEES MUST AVOID INSTALLING OUTSIDE SOFTWARE ON A COMPANY-OWNED INFORMATION INFRASTRUCTURE.
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY ACCOUNTABILITY……  THE PERSON IN CHARGE OF INFORMATION SECURITY SHOULD PERFORM PERIODIC CHECKS TO SEE THAT THE POLICY IS BEING FOLLOWED.  EVERY INFORMATION ASSET SHOULD BE "OWNED" BY AN INDIVIDUAL IN THE ORGANIZATION WHO IS PRIMARILY RESPONSIBLE EACH ONE.  THE DUTIES AND RESPONSIBILITIES OF ALL EMPLOYEES, AS THEY RELATE TO INFORMATION NEED TO BE SPECIFIED IN DETAIL.
NON-REPUDIATION  SOMETIMES USER SEND THE MESSAGE AND LATER REFUSES THAT HE HAD NOT SENT THAT MESSAGE. THE PRINCIPLE OF NON-REPUDIATION REDUCE SUCH POSSIBILITIES.  EG. USER A REQUEST FOR FUND TRANSFER TO A BANK , BANK COMPLETE THE FUND TRANSFER AS PER REQUEST OF USER A BUT LATER USER A REFUSE THAT HE HAS NOT MADE SUCH TYPE OF REQUEST.  PRINCIPLE OF NON-REPUDIATION IMPLEMENT BY USING DIGITAL SIGNATURES. ACCESS CONTROL  PRINCIPLE OF ACCESS CONTROL DETERMINES WHO SHOULD BE ABLE TO ACCESS WHAT. UNDER ACCESS CONTROL WE DECIDE ROLE OF USERS AND ALSO RULE FOR USERS TO ACCESS DIFFERENT RESOURCES OF THE ORGANIZATION.
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY  NON REPUDIATION IS THE ASSURANCE THAT SOMEONE CANNOT DENY SOMETHING.  NONREPUDIATION IS A WAY TO GUARANTEE THAT THE SENDER OF A MESSAGE CANNOT LATER DENY HAVING SENT THE MESSAGE AND THAT THE RECIPIENT CANNOT DENY HAVING RECEIVED THE MESSAGE.  TYPICALLY, NONREPUDIATION REFERS TO THE ABILITY TO ENSURE THAT A PARTY CANNOT DENY THE AUTHENTICITY OF THEIR SIGNATURE ON A DOCUMENT OR THE SENDING OF A MESSAGE THAT THEY ORIGINATED.  EMAIL NONREPUDIATION INVOLVES METHODS SUCH AS EMAIL TRACKING THAT ARE DESIGNED TO ENSURE THAT THE SENDER CANNOT DENY HAVING SENT A MESSAGE AND/OR THAT THE RECIPIENT CANNOT DENY HAVING RECEIVED IT. • NONREPUDIATION CAN BE OBTAINED THROUGH THE USE OF: • DIGITAL SIGNATURES- • CONFIRMATION SERVICES – • TIMESTAMPS --
SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY • RELIABILITY: COMPUTERS NEED TO BE RELIABLE FOR PEOPLE TO USE THEM AND HAVE CONFIDENCE IN THEM. IF THEY ARE NOT RELIABLE, THEN THEY WILL QUICKLY BE ABANDONED. ************************************************************************************** *********************** • COMPUTER SYSTEMS NEED TO BE RELIABLE IF THEY ARE TO BE CONFIDENTLY USED. IF PEOPLE CANNOT RELY ON THEM, THEN THEY WILL QUICKLY BE ABANDONED.
DEFINATIONS THREAT  A POTENTIAL CAUSE TO A INCIDENT THAT BECOME HARMFUL FOR SYSTEM OR ORGANIZATION.  AN UNDESIRED EVENT THAT MAY RESULT IN LOSS, DISCLOSURE OR DAMAGE TO ORG ASSET. • THREAT IS POTENTIAL FOR VIOLATION OF SECURITY RISK . RISK CALCULATIONS RISK = ASSETS X THREATS X VULNERABILITIES •. A COMPUTER SECURITY RISK IS ANY EVENT OR ACTION THAT COULD CAUSE A LOSS OR DAMAGE TO COMPUTER HARDWARE, SOFTWARE, DATA, OR INFORMATION OR RISK IS PROBABILITY OF THREATS THAT MAY OCCUR BECAUSE OF PRESENCE OF VULNERABILITY IN A SYSTEM
• QUANTITATIVE RISK ANALYSIS: -A PROCESS OF ASSIGNING A NUMERIC VALUE TO THE PROBABILITY OF LOSS BASED ON KNOWN RISKS, ON FINANCIAL VALUES OF THE ASSETS AND ON PROBABILITY OF THREATS. - IT IS USED TO DETERMINE POTENTIAL DIRECT AND INDIRECT COSTS TO THE COMPANY BASED ON VALUES ASSIGNED TO COMPANY ASSETS AND THEIR EXPOSURE TO RISK. ASSETS CAN BE RATED AS THE COST OF REPLACING AN ASSET, THE COST OF LOST PRODUCTIVITY, OR THE COST OF DIMINISHED BRAND REPUTATION. IN THIS 100% QUANTITATIVE RISK ANALYSIS IS NOT POSSIBLE. • QUALITATIVE RISK ANALYSIS: -A COLLABORATIVE PROCESS OF ASSIGNING RELATIVE VALUES TO ASSETS, ASSESSING THEIR RISK EXPOSURE AND ESTIMATING THE COST OF CONTROLLING THE RISK. -IT UTILIZES RELATIVE MEASURES AND APPROXIMATE COSTS RATHER THAN PRECISE VALUATION AND COST DETERMINATION. ASSETS CAN BE RATED BASED ON CRITICALITY - VERY IMPORTANT, IMPORTANT, NOT-IMPORTANT ETC. VULNERABILITIES CAN BE RATED BASED ON HOW IT IS FIXED - FIXED SOON, SHOULD BE FIXED, FIX IF SUITABLE ETC. THREATS CAN BE RATED BASED ON SCALE OF LIKELY - LIKELY, UNLIKELY, VERY LIKELY ETC. IN THIS 100% QUALITATIVE RISK ANALYSIS IS FEASIBLE.
DEFINATIONS COUNTERMEASURE AN ACTION, PROCEDURE, OR TECHNIQUE THAT REDUCES A THREAT, A VULNERABILITY.  ASSET ASSET IS ANY THING (HARDWARE, SOFTWARE, DATA,INFORMATION) THAT OWNER WANT TO SECURE. OR ASSET IS ANY DATA, DEVICE, OR OTHER COMPONENT OF THE ENVIRONMENT THAT SUPPORTS INFORMATION-RELATED ACTIVITIES. ASSETS GENERALLY INCLUDE HARDWARE, SOFTWARE AND CONFIDENTIAL INFORMATION
DEFINITION'S  VULNERABILITY IS A WEAKNESS IN THE INFORMATION INFRASTRUCTURE OF ORG  IT WILL ACCIDENTALLY OR INTENTIONALLY DAMAGE THE ASSET •  IT IS A WEAKNESS IN COMPUTER SYSTEM & NETWORK. THE TERM "VULNERABILITY" REFERS TO THE SECURITY FLAWS IN A SYSTEM THAT ALLOWS AN ATTACK TO BE SUCCESSFUL.  TESTING FOR VULNERABILITIES IS USEFUL FOR MAINTAINING ON-GOING SECURITY  VULNERABILITIES CAN BE…………… – PROGRAMS WITH UNNECESSARY PRIVILEGE – ACCOUNTS DEFAULT PASSWORD NOT CHANGED – PROGRAM WITH KNOWN FAULTS. – WEAK ACCESS CONTROL – WEAK FIREWALL
HACKING • HACKING IN SIMPLE TERMS MEANS AN ILLEGAL INTRUSION INTO A COMPUTER SYSTEM AND/OR NETWORK. • GOVERNMENT WEBSITES ARE THE HOT TARGET OF THE HACKERS DUE TO THE PRESS COVERAGE, IT RECEIVES. • /OR / • HACKING IS THE ACT OF IDENTIFYING AND THEN EXPLOITING WEAKNESSES IN A COMPUTER SYSTEM OR NETWORK, USUALLY TO GAIN UNAUTHORIZED ACCESS TO PERSONAL OR ORGANIZATIONAL DATA. • HACKING IS NOT ALWAYS A MALICIOUS ACTIVITY, BUT THE TERM HAS MOSTLY NEGATIVE CONNOTATIONS DUE TO ITS ASSOCIATION WITH CYBERCRIME.
THREAT TO SECURITY  VIRUSES  WORMS  TROJAN HORSE  INTRUDERS  INSIDERS
VIRUSES  VIRUS IS A PROGRAM WHICH ATTACHES ITSELF TO ANOTHER PROGRAM AND CAUSES DAMAGE TO THE COMPUTER SYSTEM OR THE NETWORK.  IT IS LOADED ONTO YOUR COMPUTER WITHOUT YOUR KNOWLEDGE AND RUNS AGAINST YOUR WISHES  ALMOST ALL VIRUSES ARE ATTACHED TO AN EXECUTABLE FILE, WHICH MEANS THE VIRUS MAY EXIST ON YOUR COMPUTER BUT IT ACTUALLY CANNOT INFECT YOUR COMPUTER UNLESS YOU RUN OR OPEN THE MALICIOUS PROGRAM.  COMPUTER VIRUS ATTACH ITSELF TO A PROGRAM OR FILE ENABLING IT TO SPREAD FROM ONE COMPUTER TO ANOTHER , LEAVING INFECTION AS IT TRAVELS FROM PC TO PC OR OVER NETWORK.  IT COPIES ITSELF INTO PREVIOUSLY UNINFECTED PROGRAMS OR FILES, AND EXECUTES OVER OTHER SOURCE OF ATTACK.  IT CAN CAUSE THE LOSS OR ALTERATION OF PROGRAM OR DATA AND CAN BREAK CONFIDENTIALITY. IT IS ALMOST ATTACHED WITH EXECUTABLE FILE.
VIRUS • DEFINITION: VIRUS IS A PROGRAM WHICH ATTACHES ITSELF TO ANOTHER PROGRAM AND CAUSES DAMAGE TO THE COMPUTER SYSTEM OR THE NETWORK. IT IS LOADED ONTO YOUR COMPUTER WITHOUT YOUR KNOWLEDGE AND RUNS AGAINST YOUR WISHES. DURING THE LIFECYCLE OF VIRUS IT GOES THROUGH THE FOLLOWING FOUR PHASES: • 1. DORMANT PHASE: THE VIRUS IS IDLE AND ACTIVATED BY SOME EVENT. • 2. PROPAGATION PHASE: IT PLACES AN IDENTICAL COPY OF ITSELF INTO OTHER PROGRAMS OR INTO CERTAIN SYSTEM AREAS ON THE DISK. • 3. TRIGGERING PHASE: THE VIRUS IS ACTIVATED TO PERFORM THE FUNCTION FOR WHICH IT WAS INTENDED. • 4. EXECUTION PHASE: THE FUNCTION OF VIRUS IS PERFORMED •
PHASES OF VIRUSES A TYPICAL VIRUS GOES THROUGH PHASES OF: – DORMANT – PROPAGATION – TRIGGERING – EXECUTION
PHASES OF VIRUSES • DURING THE LIFECYCLE OF VIRUS IT GOES THROUGH THE FOLLOWING FOUR PHASES: • 1. DORMANT PHASE: THE VIRUS IS IDLE AND ACTIVATED BY SOME EVENT. THE VIRUS WILL BE ACTIVATED BY SOME EVENT SUCH AS A DATE, THE PRESENCE OF ANOTHER PROGRAM OR FILE, OR THE CAPACITY OF THE DISK EXCEEDING SOME LIMIT. NOT ALL VIRUSES HAVE THIS STAGE. • 2. PROPAGATION PHASE: • IT PLACES AN IDENTICAL COPY OF ITSELF INTO OTHER PROGRAMS OR INTO CERTAIN SYSTEM AREAS ON THE DISK.
PHASES OF VIRUSES • 3. TRIGGERING PHASE: THE VIRUS IS ACTIVATED TO PERFORM THE FUNCTION FOR WHICH IT WAS INTENDED. 4. EXECUTION PHASE: THE FUNCTION OF VIRUS IS PERFORMED. THE FUNCTION MAY BE HARMLESS, SUCH AS A MESSAGE ON THE SCREEN, OR DAMAGING, SUCH AS THE DESTRUCTION OF PROGRAMS AND DATA FILES.
STEPS VIRUS PROGRAM IS LAUNCHED.  VIRUS CODE IS LOADED INTO DESTINATION.  VIRUS DELIVERS ITSELF DESTRUCTIVE PAYLOAD.  VIRUS COPIES ITSELF TO ANOTHER PROGRAM.  CHARACTERISTICS ARE: HARD TO DETECT, NOT EASILY DESTROYABLE, SPREADS INFECTION WIDELY, EASY TO CREATE, MACHINE AND OPERATING SYSTEM INDEPENDENT
TYPES OF VIRUSES TYPES OF VIRUSES: PARASITIC VIRUSES  MEMORY RESIDENT VIRUSES NON-RESIDENT VIRUSES BOOT SECTOR VIRUSES OVERWRITING VIRUSES STEALTH VIRUS MACRO VIRUSES
TYPES OF VIRUSES  PARASITIC VIRUSES: IT ATTACHES ITSELF TO EXECUTABLE CODE AND REPLICATES ITSELF. ONCE CODE IS INFECTED IT WILL FIND ANOTHER PROGRAM TO INFECT.  MEMORY RESIDENT VIRUSES: A MEMORY-RESIDENT VIRUS IS A VIRUS THAT IS LOCATED IN THE MEMORY OF A COMPUTER, EVEN AFTER THE 'HOST' APPLICATION OR PROGRAM HAS STOPPED RUNNING (BEEN TERMINATED).LIVES IN MEMORY AFTER ITS EXECUTION IT BECOMES A PART OF OPERATING SYSTEM OR APPLICATION AND CAN MANIPULATE ANY FILE THAT IS EXECUTED, COPIED OR MOVED.  NON- RESIDENT VIRUSES: NON-MEMORY-RESIDENT VIRUSES ARE ONLY ACTIVATED ONCE THE APPLICATION OR PROGRAM IS STARTED.IT EXECUTES ITSELF AND TERMINATES OR DESTROYS AFTER SPECIFIC TIME.
TYPES OF VIRUSES OVERWRITING VIRUSES: IT OVERWRITES THE CODE WITH ITS OWN CODE. SOME VIRUSES ARE DESIGNED SPECIFICALLY TO DESTROY A FILE OR APPLICATION'S DATA. AFTER INFECTING A SYSTEM, AN OVERWRITE VIRUS BEGINS OVERWRITING FILES WITH ITS OWN CODE. THESE VIRUSES CAN TARGET SPECIFIC FILES OR APPLICATIONS OR SYSTEMATICALLY OVERWRITE ALL FILES ON AN INFECTED DEVICE. BOOT SECTOR VIRUSES :A BOOT SECTOR IS A RESERVED SECTION OF A DISK THAT CONTAINS THE CODE AND DATA NEEDED TO START THE OPERATING SYSTEM (OS) OF A COMPUTER. A BOOT SECTOR VIRUS IS A TYPE OF MALWARE THAT INFECTS A SYSTEM'S BOOT PARTITION OR THE MASTER BOOT RECORD (MBR) OF A HARD DISK
TYPES OF VIRUSES STEALTH VIRUS: THIS VIRUS HIDES THE MODIFICATION IT HAS MADE IN THE FILE OR BOOT RECORD. MACRO VIRUSES: THESE ARE NOT EXECUTABLE. IT AFFECTS MICROSOFT WORD LIKE DOCUMENTS, THEY CAN SPREADS THROUGH EMAIL. POLYMORPHIC VIRUSES: IT PRODUCES FULLY OPERATIONAL COPIES OF ITSELF, IN AN ATTEMPT TO AVOID SIGNATURE DETECTION.  COMPANION VIRUSES: CREATES A PROGRAM INSTEAD OF MODIFYING AN EXISTING FILE.  EMAIL VIRUSES: VIRUS GETS EXECUTED WHEN EMAIL ATTACHMENT IS OPEN BY RECIPIENT. VIRUS SENDS ITSELF TO EVERYONE ON THE MAILING LIST OF SENDER.  METAMORPHIC VIRUSES: KEEPS REWRITING ITSELF EVERY TIME, IT MAY CHANGE THEIR BEHAVIOR AS WELL AS APPEARANCE CODE
HOW TO DEAL WITH COMPUTER VIRUSES STEP 1: USE A RELIABLE ANTIVIRUS PROGRAM  IF YOU ALREADY HAVE ANTIVIRUS SOFTWARE INSTALLED ON YOUR COMPUTER AND IT STILL GOT INFECTED WITH A VIRUS, THE SOFTWARE YOU WERE USING IS MOST LIKELY UNRELIABLE.  UNINSTALL IT, AND GET A NEW ONE.  YOU CAN DOWNLOAD ONE ONLINE OR BUY AN INSTALLER FROM YOUR LOCAL TECH SHOP. STEP 2: SCAN YOUR COMPUTER  A WIDE VARIETY OF MALICIOUS PROGRAMS EXIST TODAY, AND SOME OF THE MOST COMMON INCLUDE TROJANS, VIRUSES, WORMS, AND RANSOMWARE.  IN ORDER TO CHECK IF YOUR COMPUTER IS ACTUALLY INFECTED WITH ANY OF THESE (AS WELL AS IDENTIFY WHICH OF THEM MAY HAVE INFECTED YOUR COMPUTER), PERFORM A FULL SCAN OF YOUR COMPUTER USING YOUR NEW ANTIVIRUS SOFTWARE, AND MAKE SURE THAT THE ANTIVIRUS IS FULLY UPDATED BEFORE YOU START THE SCAN.
HOW TO DEAL WITH COMPUTER VIRUSES STEP 3: REMOVE THE MALWARE • ONCE YOUR SOFTWARE IDENTIFIES THE INFECTION, IT WILL PROVIDE YOU WITH PROMPTS ON HOW TO TREAT IT. • ANTIVIRUS PROGRAMS ALL HAVE DIFFERENT METHODS, BUT SOME OF THE MOST COMMON OPTIONS INCLUDE PERMANENT DELETION OF THE VIRUS OR STORING IT IN A SECURE FOLDER (A.K.A. “QUARANTINE”) WHERE IT WON’T BE ABLE TO CAUSE MORE DAMAGE. STEP 4: STOP FUTURE INFECTIONS • WHEN IT COMES TO VIRUS PROTECTION, PREVENTION IS ALWAYS BETTER THAN CURE. YOU CAN PREVENT YOUR COMPUTER FROM GETTING INFECTED BY TAKING THESE PRECAUTIONARY MEASURES: • PERFORM SCANS USING YOUR ANTIVIRUS SOFTWARE AT REGULAR INTERVALS. • MOST PROGRAMS HAVE THE OPTION TO SCHEDULE AUTOMATIC SCANS BASED ON YOUR PREFERRED DEGREE OF FREQUENCY: DAILY, WEEKLY, BI-WEEKLY, AND SO ON. • DO NOT OPEN SUSPICIOUS-LOOKING EMAILS. THEY COULD BE INFECTED WITH SPYWARE. • ONLY VISIT SECURE WEBSITES
VIRUS VS WORM
WORM  A COMPUTER WORM IS A PIECE OF SOFTWARE THAT COPIES ITSELF FROM ONE COMPUTER TO ANOTHER. UNLIKE A VIRUS, IT IS A STANDALONE PROGRAM THAT DOESN’T REQUIRE A HOST. IT USUALLY DOESN’T TARGET FILES ON AN INDIVIDUAL COMPUTER. INSTEAD, IT TAKES ON ENTIRE NETWORKS IN AN ATTEMPT TO CREATE LARGE BOTNETS A WORM IS SIMILAR TO A VIRUS BY DESIGN AND IS CONSIDERED TO BE A SUB-CLASS OF A VIRUS.  WORMS SPREAD FROM COMPUTER TO COMPUTER, BUT UNLIKE A VIRUS, IT HAS THE CAPABILITY TO TRAVEL WITHOUT ANY HUMAN ACTION. THE BIGGEST DANGER WITH A WORM IS ITS CAPABILITY TO REPLICATE ITSELF ON YOUR SYSTEM SO RATHER THAN YOUR COMPUTER SENDING OUT A SINGLE WORM, IT COULD SEND OUT HUNDREDS OR THOUSANDS OF COPIES OF ITSELF, CREATING A HUGE DEVASTATING EFFECT. DUE TO THE COPYING NATURE OF A WORM AND ITS CAPABILITY TO TRAVEL ACROSS NETWORKS THE END RESULT IN MOST CASES IS THAT THE WORM CONSUMES TOO MUCH SYSTEM MEMORY (OR NETWORK BANDWIDTH), CAUSING WEB SERVERS, NETWORK SERVERS AND INDIVIDUAL COMPUTERS TO STOP RESPONDING
WORM VS VIRUS
WORMS . 1.INTERNET WORMS 2. EMAIL WORMS 3.INSTANT MESSAGING WORMS 4. FILE-SHARING WORMS 5.INTERNET RELAY CHAT (IRC) WORM
TROJAN HORSE
TROJAN HORSE
TROJAN HORSE  A TROJAN HORSE, OR TROJAN, IS A TYPE OF MALICIOUS CODE OR SOFTWARE THAT LOOKS LEGITIMATE BUT CAN TAKE CONTROL OF YOUR COMPUTER. OR  A TROJAN HORSE OR TROJAN IS A TYPE OF MALWARE THAT IS OFTEN DISGUISED AS LEGITIMATE SOFTWARE. TROJANS CAN BE EMPLOYED BY CYBER-THIEVES AND HACKERS TRYING TO GAIN ACCESS TO USERS' SYSTEMS  A TROJAN IS DESIGNED TO DAMAGE, DISRUPT, STEAL YOUR DATA OR PERFORM HARMFUL ACTION ON NETWORK. • ONCE ACTIVATED, TROJANS CAN ENABLE CYBER-CRIMINALS TO SPY ON YOU, STEAL YOUR SENSITIVE DATA, AND GAIN BACKDOOR ACCESS TO YOUR SYSTEM. THESE ACTIONS CAN INCLUDE: • DELETING DATA • BLOCKING DATA • MODIFYING DATA • COPYING DATA • DISRUPTING THE PERFORMANCE OF COMPUTERS OR COMPUTER NETWORKS • UNLIKE COMPUTER VIRUSES AND WORMS, TROJANS ARE NOT ABLE TO SELF-REPLICATE
TYPES OF TROJAN MALWARE • BACKDOOR TROJAN • DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACK TROJAN • DOWNLOADER TROJAN • FAKE AV TROJAN • GAME-THIEF TROJAN • RANSOM TROJAN • REMOTE ACCESS TROJAN • MAIL FINDER TROJAN • SMS • SMS TROJAN
BACK-DOOR ATTACK & FRONT-DOOR ATTACK BACK-DOOR ATTACK • IN THE WORLD OF CYBERSECURITY, A BACKDOOR REFERS TO ANY METHOD BY WHICH AUTHORIZED AND UNAUTHORIZED USERS ARE ABLE TO GET AROUND NORMAL SECURITY MEASURES AND GAIN HIGH LEVEL USER ACCESS (AKA ROOT ACCESS) ON A COMPUTER SYSTEM, NETWORK, OR SOFTWARE APPLICATION. • A NETWORK ADMINISTRATOR (NA) MAY INTENTIONALLY CREATE OR INSTALL A BACKDOOR PROGRAM FOR TROUBLESHOOTING OR OTHER OFFICIAL USE. HACKERS USE BACKDOORS TO INSTALL MALICIOUS SOFTWARE (MALWARE) FILES OR PROGRAMS, MODIFY CODE OR DETECT FILES AND GAIN SYSTEM AND/OR DATA ACCESS.
FRONT-DOOR ATTACK • ALL FRONT-DOOR ATTACKS REQUIRE THE ACTIONS OF THE USER TO ALLOW THE VIRUS TO INFECT THE SYSTEM. THIS IS WHY THEY ARE REFERRED TO AS A FRONT-DOOR ATTACK, AS METAPHORICALLY, THE USER IS TRICKED INTO OPENING THE FRONT DOOR AND LETTING THE VIRUS IN. THE MOST COMMON WAYS IN WHICH THIS STYLE OF ATTACK IS DISGUISED ARE EMAILS, WEB BROWSING OR DOWNLOADS. • ONCE YOU'VE ALLOWED THE VIRUS TO ENTER YOUR SYSTEM, IT THEN HAS CONTROL OF ALL OF YOUR DATA. THE HACKERS THEN HAVE THE ABILITY TO RUN A PROGRAM WITH ALL YOUR RIGHTS AND PRIVILEGES. THIS ALSO MEANS THAT THEY CAN DELETE ALL OF YOUR STORED FILES TOO. BACK-DOOR ATTACK & FRONT-DOOR ATTACK
INTRUDERS • A OUTSIDE PERSON WHO TRY TO ACCESS ORGANIZATION RESOURCES WITHOUT PERMISSION IS KNOWN AS INTRUDER. INTRUDERS ARE EXTREMELY PATIENT PERSONS. THEY ALWAYS TRY TO FIND OUT A WEAK POINT OF SYSTEM SECURITY TO GAIN ACCESS TO SYSTEM. • INTRUDERS ARE EXTREMELY PATIENCE SINCE THE PROCESS TO GAIN ACCESS REQUIRES PERSISTENCE AND DETERMINATION • IF FIRST ATTACK GETS FAIL THEY TRY IN DIFFERENT ANGLE (SEARCH FOR ANOTHER POSSIBLE VULNERABILITY) • SECOND ATTACK MAY BE BLOCKED/FAIL, THEY TRY FOR THIRD AND SO ON TILL THEY GET VULNERABILITY OR ACCESS • THERE ARE THREE CATEGORIES OF INTRUDERS. 1) NOT TECHNICALLY EXPERT TO WRITE VULNERABLE SCRIPTS. 2) CAPABLE OF WRITING SCRIPTS TO EXPLOIT EXISTING VULNERABILITY. 3) CAPABLE WRITING SCRIPTS TO EXPLOIT EXISTING VULNERABILITY AND ALSO CAPABLE TO FIND OUT NEW VULNERABILITIES.
TYPES/CLASSES OF INTRUDERS THREE CLASSES OF INTRUDERS: – MASQUERADER: AN INDIVIDUAL WHO IS NOT AUTHORIZED TO USE THE COMPUTER AND WHO PENETRATES A SYSTEM’S ACCESS CONTROLS TO EXPLOIT A LEGITIMATE USER’S ACCOUNT MISFEASOR: A LEGITIMATE USER WHO ACCESSES DATA, PROGRAMS, OR RESOURCES FOR WHICH SUCH ACCESS IS NOT AUTHORIZED, OR WHO IS AUTHORIZED FOR SUCH ACCESS BUT MISUSES HIS OR HER PRIVILEGES CLANDESTINE USER: AN INDIVIDUAL WHO SEIZES SUPERVISORY CONTROL OF THE SYSTEM AND USES THIS CONTROL TO EVADE AUDITING AND ACCESS CONTROLS OR TO SUPPRESS AUDIT COLLECTION
INSIDERS AN INSIDER THREAT IS A MALICIOUS THREAT TO AN ORGANIZATION THAT COMES FROM PEOPLE WITHIN THE ORGANIZATION, SUCH AS EMPLOYEES, FORMER EMPLOYEES, CONTRACTORS OR BUSINESS ASSOCIATES, WHO HAVE INSIDE INFORMATION. INSIDERS ARE AUTHORIZED USERS WHO TRY TO ACCESS SYSTEM OR NETWORK FOR WHICH HE IS UNAUTHORIZED. MORE DANGEROUS THAN OUTSIDE INTRUDERS  MOST DIFFICULT TO DETECT AND PREVENT HAVE ACCESS AND KNOWLEDGE TO CAUSE IMMEDIATE DAMAGE TO AN ORGANIZATION. HAVE KNOWLEDGE OF THE SECURITY SYSTEMS IN PLACE AND WILL BE BETTER ABLE TO AVOID DETECTION.  EMPLOYEES ARE NOT THE ONLY INSIDERS BUT THERE ARE OTHER PEOPLE WHO HAVE ACCESS LIKE CONTRACTORS OR PARTNERS. THERE IS NO SECURITY MECHANISM TO PROTECT SYSTEM FROM INSIDERS. SO THEY CAN HAVE ALL THE ACCESS TO CARRY OUT CRIMINAL ACTIVITY LIKE FRAUD
PREVENTING INSIDER ATTACKER FOR PREVENTING INSIDER ATTACKER • ENFORCE LEAST PRIVILEGE, ALLOW ACCESS TO RESOURCES THAT EMPLOYEE NEED TO DO THEIR JOB • SET LOGS TO SEE WHAT USERS ACCESS AND WHAT COMMANDS THEY ARE ENTERING. • PROTECT SENSITIVE RESOURCES WITH STRONG AUTHENTICATION • UPON TERMINATION, DELETE EMPLOYEES COMPUTER AND NETWORK ACCESS.
INTRUDERS VS INSIDERS
Foundations Computer Security Fundamentals
Foundations Computer Security Fundamentals

Recommended

Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
Virtualization in cloud computing
Virtualization in cloud computingVirtualization in cloud computing
Virtualization in cloud computingMohammad Ilyas Malik
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computingNitish Awasthi (anitish_225)
 
Mobile security
Mobile security Mobile security
Mobile security Himmatsingh Rajpurohit
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Clear Linux OS - Architecture Overview
Clear Linux OS - Architecture OverviewClear Linux OS - Architecture Overview
Clear Linux OS - Architecture OverviewOpen Source Technology Center MeetUps
 
Cloud computing virtualization
Cloud computing virtualizationCloud computing virtualization
Cloud computing virtualizationAyaz Shahid
 
Honey Pot
Honey PotHoney Pot
Honey Potiradarji
 

Recommended

Network Security
Network SecurityNetwork Security
Network Securityforpalmigho
 
Virtualization in cloud computing
Virtualization in cloud computingVirtualization in cloud computing
Virtualization in cloud computingMohammad Ilyas Malik
 
Virtualization security threats in cloud computing
Virtualization security threats in cloud computingVirtualization security threats in cloud computing
Virtualization security threats in cloud computingNitish Awasthi (anitish_225)
 
Mobile security
Mobile security Mobile security
Mobile security Himmatsingh Rajpurohit
 
FireWall
FireWallFireWall
FireWallrubal_9
 
Clear Linux OS - Architecture Overview
Clear Linux OS - Architecture OverviewClear Linux OS - Architecture Overview
Clear Linux OS - Architecture OverviewOpen Source Technology Center MeetUps
 
Cloud computing virtualization
Cloud computing virtualizationCloud computing virtualization
Cloud computing virtualizationAyaz Shahid
 
Honey Pot
Honey PotHoney Pot
Honey Potiradarji
 
Cloud Computing: Virtualization
Cloud Computing: VirtualizationCloud Computing: Virtualization
Cloud Computing: VirtualizationDr.Neeraj Kumar Pandey
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Adware
AdwareAdware
AdwareAvani Patel
 
Virtualization security for the cloud computing technology
Virtualization security for the cloud computing technologyVirtualization security for the cloud computing technology
Virtualization security for the cloud computing technologyDeep Ranjan Deb
 
The seminar report on cloud computing
The seminar report on cloud computingThe seminar report on cloud computing
The seminar report on cloud computingDivyesh Shah
 
Synchronized Security Presentation
Synchronized Security PresentationSynchronized Security Presentation
Synchronized Security PresentationGraham Prior
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber securityAvani Patel
 
Cloud computing
Cloud computingCloud computing
Cloud computingDulith Kasun
 
Cloud computing using virtualization (Virtual Data Center)
Cloud computing using virtualization (Virtual Data Center)Cloud computing using virtualization (Virtual Data Center)
Cloud computing using virtualization (Virtual Data Center)Sarbjeet Singh
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Browser security
Browser securityBrowser security
Browser securityRitikRathaur
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAnumadil1
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxRambilashTudu
 
Sandbox
SandboxSandbox
Sandboxayush_nitt
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computingAhmed Nour
 
Firewall
FirewallFirewall
FirewallNilkanth Shingala
 
vm provisioning
vm provisioningvm provisioning
vm provisioningROSHNI PRADHAN
 
CLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGECLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGEShalini Toluchuri
 
Automatic Pill Dispenser Presentation
Automatic Pill Dispenser PresentationAutomatic Pill Dispenser Presentation
Automatic Pill Dispenser PresentationBryson Wynter
 
Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & securitynadikari123
 
Patrick armstrong athens
Patrick armstrong athensPatrick armstrong athens
Patrick armstrong athensjoseph armstrong augusta georgia
 
protection & security of e-commerce ...
protection & security of e-commerce ...protection & security of e-commerce ...
protection & security of e-commerce ...Rishav Gupta
 

More Related Content

What's hot

Virtualization security for the cloud computing technology
Virtualization security for the cloud computing technologyVirtualization security for the cloud computing technology
Virtualization security for the cloud computing technologyDeep Ranjan Deb
 
The seminar report on cloud computing
The seminar report on cloud computingThe seminar report on cloud computing
The seminar report on cloud computingDivyesh Shah
 
Synchronized Security Presentation
Synchronized Security PresentationSynchronized Security Presentation
Synchronized Security PresentationGraham Prior
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber securityAvani Patel
 
Cloud computing using virtualization (Virtual Data Center)
Cloud computing using virtualization (Virtual Data Center)Cloud computing using virtualization (Virtual Data Center)
Cloud computing using virtualization (Virtual Data Center)Sarbjeet Singh
 
Firewall protection
Firewall protectionFirewall protection
Firewall protectionVC Infotech
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hackingAnumadil1
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxRambilashTudu
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computingAhmed Nour
 
Automatic Pill Dispenser Presentation
Automatic Pill Dispenser PresentationAutomatic Pill Dispenser Presentation
Automatic Pill Dispenser PresentationBryson Wynter
 
Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & securitynadikari123
 

What's hot (20)

Cloud Computing: Virtualization
Cloud Computing: VirtualizationCloud Computing: Virtualization
Cloud Computing: Virtualization
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Adware
AdwareAdware
Adware
 
Virtualization security for the cloud computing technology
Virtualization security for the cloud computing technologyVirtualization security for the cloud computing technology
Virtualization security for the cloud computing technology
 
The seminar report on cloud computing
The seminar report on cloud computingThe seminar report on cloud computing
The seminar report on cloud computing
 
Synchronized Security Presentation
Synchronized Security PresentationSynchronized Security Presentation
Synchronized Security Presentation
 
Ppt on cyber security
Ppt on cyber securityPpt on cyber security
Ppt on cyber security
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Cloud computing using virtualization (Virtual Data Center)
Cloud computing using virtualization (Virtual Data Center)Cloud computing using virtualization (Virtual Data Center)
Cloud computing using virtualization (Virtual Data Center)
 
Firewall protection
Firewall protectionFirewall protection
Firewall protection
 
Browser security
Browser securityBrowser security
Browser security
 
Ethical hacking
Ethical hackingEthical hacking
Ethical hacking
 
Cyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptxCyber Security – Challenges [Autosaved].pptx
Cyber Security – Challenges [Autosaved].pptx
 
Sandbox
SandboxSandbox
Sandbox
 
Privacy in cloud computing
Privacy in cloud computingPrivacy in cloud computing
Privacy in cloud computing
 
Firewall
FirewallFirewall
Firewall
 
vm provisioning
vm provisioningvm provisioning
vm provisioning
 
CLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGECLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGE
 
Automatic Pill Dispenser Presentation
Automatic Pill Dispenser PresentationAutomatic Pill Dispenser Presentation
Automatic Pill Dispenser Presentation
 
Social network privacy & security
Social network privacy & securitySocial network privacy & security
Social network privacy & security
 

Similar to Foundations Computer Security Fundamentals

protection & security of e-commerce ...
protection & security of e-commerce ...protection & security of e-commerce ...
protection & security of e-commerce ...Rishav Gupta
 
Information security
Information securityInformation security
Information securityOnkar Sule
 
What Not-for-Profits Can Do To Prevent "Uninspired" Theft
What Not-for-Profits Can Do To Prevent "Uninspired" TheftWhat Not-for-Profits Can Do To Prevent "Uninspired" Theft
What Not-for-Profits Can Do To Prevent "Uninspired" TheftCBIZ, Inc.
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineeringSweta Kumari Barnwal
 
Module 2 - Information Assurance Concepts.pptx
Module 2 - Information Assurance Concepts.pptxModule 2 - Information Assurance Concepts.pptx
Module 2 - Information Assurance Concepts.pptxHumphrey Humphrey
 
E commerce- securing the business on internet
E commerce- securing the business on internetE commerce- securing the business on internet
E commerce- securing the business on internetSandhi Shivanya
 
Cyber Security and Fraud Prevention Tools Tactics
Cyber Security and Fraud Prevention Tools TacticsCyber Security and Fraud Prevention Tools Tactics
Cyber Security and Fraud Prevention Tools TacticsBen Graybar
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityBharath Rao
 
Information System Security
Information System Security Information System Security
Information System Security Syed Asif Sherazi
 
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...Precise Testing Solution
 
Security and privacy in cloud computing.pptx
Security and privacy in cloud computing.pptxSecurity and privacy in cloud computing.pptx
Security and privacy in cloud computing.pptxTRSrinidi
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and riskEY
 
Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?CBIZ, Inc.
 
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inCYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inOllieShoresna
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfCareerera
 

Similar to Foundations Computer Security Fundamentals (20)

Patrick armstrong athens
Patrick armstrong athensPatrick armstrong athens
Patrick armstrong athens
 
protection & security of e-commerce ...
protection & security of e-commerce ...protection & security of e-commerce ...
protection & security of e-commerce ...
 
Information security
Information securityInformation security
Information security
 
What Not-for-Profits Can Do To Prevent "Uninspired" Theft
What Not-for-Profits Can Do To Prevent "Uninspired" TheftWhat Not-for-Profits Can Do To Prevent "Uninspired" Theft
What Not-for-Profits Can Do To Prevent "Uninspired" Theft
 
Module 3-cyber security
Module 3-cyber securityModule 3-cyber security
Module 3-cyber security
 
Ethical hacking and social engineering
Ethical hacking and social engineeringEthical hacking and social engineering
Ethical hacking and social engineering
 
Module 2 - Information Assurance Concepts.pptx
Module 2 - Information Assurance Concepts.pptxModule 2 - Information Assurance Concepts.pptx
Module 2 - Information Assurance Concepts.pptx
 
E commerce- securing the business on internet
E commerce- securing the business on internetE commerce- securing the business on internet
E commerce- securing the business on internet
 
Cyber Security and Fraud Prevention Tools Tactics
Cyber Security and Fraud Prevention Tools TacticsCyber Security and Fraud Prevention Tools Tactics
Cyber Security and Fraud Prevention Tools Tactics
 
internet security and cyber lawUnit1
internet security and cyber lawUnit1internet security and cyber lawUnit1
internet security and cyber lawUnit1
 
The CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information SecurityThe CIA Triad - Assurance on Information Security
The CIA Triad - Assurance on Information Security
 
CLOUD SECURITY_CIA (1).pptx
CLOUD SECURITY_CIA (1).pptxCLOUD SECURITY_CIA (1).pptx
CLOUD SECURITY_CIA (1).pptx
 
Information System Security
Information System Security Information System Security
Information System Security
 
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
The Three Major Goals of Cybersecurity for Business Organizations-precise tes...
 
Security and privacy in cloud computing.pptx
Security and privacy in cloud computing.pptxSecurity and privacy in cloud computing.pptx
Security and privacy in cloud computing.pptx
 
Insights into cyber security and risk
Insights into cyber security and riskInsights into cyber security and risk
Insights into cyber security and risk
 
Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?Hacking the Human - How Secure Is Your Organization?
Hacking the Human - How Secure Is Your Organization?
 
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief inCYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
CYBER SECURITY PRIMERCYBER SECURITY PRIMERA brief in
 
Top Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdfTop Cyber Security Interview Questions and Answers 2022.pdf
Top Cyber Security Interview Questions and Answers 2022.pdf
 
security IDS
security IDSsecurity IDS
security IDS
 

Recently uploaded

Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...RKavithamani
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 

Recently uploaded (20)

Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
Privatization and Disinvestment - Meaning, Objectives, Advantages and Disadva...
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 

Foundations Computer Security Fundamentals

  • 1. FOUNDATIONS OF COMPUTER SECURITY COMPUTER SECURITY BASICALLY IS THE PROTECTION OF COMPUTER SYSTEMS AND INFORMATION FROM HARM, THEFT, AND UNAUTHORIZED USE. IT IS THE PROCESS OF PREVENTING AND DETECTING UNAUTHORIZED USE OF YOUR COMPUTER SYSTEM. • COMPUTER SECURITY REFERS TO TECHNIQUES FOR ENSURING THAT DATA STORED IN A COMPUTER CANNOT BE READ OR COMPROMISED BY ANY INDIVIDUALS WITHOUT AUTHORIZATION.
  • 2. FOUNDATIONS OF COMPUTER SECURITY • INFORMATION SECURITY IS SECURING INFORMATION FROM UNAUTHORIZED ACCESS, MODIFICATION & DELETION • CYBERSECURITY IS DEFINED AS PROTECTING COMPUTER SYSTEMS, WHICH COMMUNICATE OVER THE COMPUTER NETWORKS
  • 3. NEED OF COMPUTER SECURITY • NEED OF COMPUTER SECURITY: • 1. FOR PREVENTION OF DATA THEFT SUCH AS BANK ACCOUNT NUMBERS, CREDIT CARD INFORMATION, PASSWORDS, WORK RELATED DOCUMENTS OR SHEETS, ETC. • 2. TO MAKE DATA REMAIN SAFE AND CONFIDENTIAL. • 3. TO PROVIDE CONFIDENTIALITY WHICH ENSURES THAT ONLY THOSE INDIVIDUALS SHOULD EVER BE ABLE TO VIEW DATA THEY ARE NOT ENTITLED TO. • 4. TO PROVIDE INTEGRITY WHICH ENSURES THAT ONLY AUTHORIZED INDIVIDUALS SHOULD EVER BE ABLE CHANGE OR MODIFY INFORMATION. • 5. TO PROVIDE AVAILABILITY WHICH ENSURE THAT THE DATA OR SYSTEM ITSELF IS AVAILABLE FOR USE WHEN AUTHORIZED USER WANTS IT. • 6. TO PROVIDE AUTHENTICATION WHICH DEALS WITH THE DESIRE TO ENSURE THAT AN AUTHORIZED INDIVIDUAL.
  • 4. NEED OF SECURITY • TO KEEP CONFIDENTIAL INFORMATION OUT OF THE WRONG HANDS • TO MAINTAIN THE INTEGRITY OF THE SYSTEM AND THE DATA SO IT CAN BE TRUSTED • TO GUARANTEE THAT THE SYSTEM AND DATA IS THERE AND ABLE TO BE ACCESSED AT WILL.
  • 5. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY • IT CONSISTS OF CONFIDENTIALITY, INTEGRITY AND AVAILABILITY. • THIS MODEL IS DESIGNED TO GUIDE THE ORGANIZATION WITH THE POLICIES OF CYBER SECURITY IN THE AREA OF INFORMATION SECURITY.
  • 7. CONFIDENTIALITY ● THE PRINCIPLE OF CONFIDENTIALITY SPECIFIES THAT ONLY THE SENDER AND INTENDED RECIPIENT SHOULD BE ABLE TO ACCESS THE CONTENTS OF A MESSAGE. ● CONFIDENTIALITY GETS COMPROMISED IF AN UNAUTHORIZED PERSON IS ABLE TO ACCESS THE CONTENTS OF A MESSAGE User A Computer User B Computer User B Computer User A Computer User C Computer M M Fig. Confidentiality Fig. Loss of Confidentiality (interception attack)
  • 8.
  • 9. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY  CONFIDENTIALITY IS THE ACTION OF HIDING SOMETHING OR PREVENTING IT FROM BEING KNOWN.  ALSO, THERE IS A NEED TO KEEP INFORMATION SECRET FROM OTHER THIRD PARTIES, SO THAT JUST THE RIGHT PEOPLE CAN HAVE ACCESS TO IT  IT DEFINES THE RULES THAT LIMITS THE ACCESS OF INFORMATION.  CONFIDENTIALITY TO RESTRICT THE SENSITIVE INFORMATION FROM BEING ACCESSED BY CYBER ATTACKERS AND HACKERS AND UNAUTHORIZED PERSON.
  • 10. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY CONFIDENTIALITY MAINTAIN BY USER ID /PASSWORD/OTP  VARIOUS WAYS TO ENSURE CONFIDENTIALITY: TWO-FACTOR AUTHENTICATION, DATA ENCRYPTION, DATA CLASSIFICATION, BIOMETRIC VERIFICATION, AND SECURITY TOKENS.
  • 11. INTEGRITY  WHEN THE CONTENTS OF THE MESSAGE ARE CHANGED AFTER THE SENDER SENDS IT, BUT BEFORE IT REACHES THE INTENDED RECIPIENT, WE SAY THAT THE INTEGRITY OF THE MESSAGE IS LOST  CHANGE OF CONTENT OF A MESSAGE DURING TRANSMISSION SUCH TYPE OF ATTACK IS KNOWN AS MODIFICATION ATTACK. User B Computer User A Computer User C Computer Transfer 1000Rs Fig. loss of Integrity (modification attack) Transfer 5000Rs Transfer 1000Rs
  • 12.
  • 13. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY INTEGRITY:  THIS ASSURES THAT THE DATA IS CONSISTENT, ACCURATE AND TRUSTWORTHY DURING THE TRANSMISSION.  IT MEANS THAT THE DATA WITHIN THE TRANSMISSION SHOULD NOT BE CHANGED, ALTERED, DELETED OR ILLEGALLY BEING ACCESSED. • THERE SHOULD BE TOOLS AND TECHNOLOGIES IMPLEMENTED TO DETECT ANY CHANGE OR BREACH IN THE DATA. • VARIOUS ORGANIZATIONS USES A CHECKSUM, AND EVEN CRYPTOGRAPHIC CHECKSUM TO VERIFY THE INTEGRITY OF DATA.
  • 14. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY Integrity: Example in real life − Let’s say you are doing an online payment of 5 USD, but your information is tampered without your knowledge in a way by sending to the seller 500 USD, this would cost you too much. In this case cryptography plays a very major role in ensuring data integrity.
  • 15. AVAILABILITY PRINCIPLE OF AVAILABILITY ENSURES THAT RESOURCES SHOULD BE AVAILABLE TO AUTHORIZED PARTIES AT ALL TIMES WITHOUT ANY INTERRUPTION. Server Attacker Client Service Unavailable Fig. Attack on Availability (interruption attack)
  • 16. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY AVAILABILITY  AVAILABILITY REFERS TO THE ABILITY TO ACCESS DATA OR A RESOURCE WHEN IT IS NEEDED.THE INFORMATION HAS VALUE ONLY IF THE AUTHORIZED PEOPLE CAN ACCESS AT RIGHT TIME  ALL NECESSARY COMPONENTS LIKE HARDWARE, SOFTWARE, NETWORKS, DEVICES AND SECURITY EQUIPMENT SHOULD ALL BE MAINTAINED AND UPGRADED  THIS WILL ENSURE THE SMOOTH FUNCTIONING AND ACCESS OF DATA WITHOUT ANY DISRUPTION
  • 17. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY AVAILABILITY….  IT ALSO INVOLVES OPTING FOR EXTRA SECURITY EQUIPMENT IN CASE OF ANY DISASTER. UTILITIES LIKE FIREWALLS, DISASTER RECOVERY PLANS, PROXY SERVERS AND A PROPER BACKUP SOLUTION SHOULD ENSURE TO COPE WITH DOS ATTACKS.  EXAMPLE IN REAL LIFE − LET’S SAY A HACKER HAS COMPROMISED A WEBSERVER OF A BANK AND PUT IT DOWN. YOU AS AN AUTHENTICATED USER WANT TO DO AN E-BANKING TRANSFER BUT IT IS IMPOSSIBLE TO ACCESS IT, THE UNDONE TRANSFER IS A MONEY LOST FOR THE BANK.
  • 18. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY ACCOUNTABILITY : ACCOUNTABILITY IS AN ESSENTIAL PART OF AN INFORMATION SECURITY PLAN.  ACCOUNTABILITY GUARANTEES THAT ALL OPERATIONS CARRIED OUT BY INDIVIDUALS, SYSTEMS CAN BE IDENTIFIED (IDENTIFICATION) AND THAT THE TRACE TO THE AUTHOR (TRACEABILITY)  ONE EXAMPLE WOULD BE A POLICY STATEMENT THAT ALL EMPLOYEES MUST AVOID INSTALLING OUTSIDE SOFTWARE ON A COMPANY-OWNED INFORMATION INFRASTRUCTURE.
  • 19. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY ACCOUNTABILITY……  THE PERSON IN CHARGE OF INFORMATION SECURITY SHOULD PERFORM PERIODIC CHECKS TO SEE THAT THE POLICY IS BEING FOLLOWED.  EVERY INFORMATION ASSET SHOULD BE "OWNED" BY AN INDIVIDUAL IN THE ORGANIZATION WHO IS PRIMARILY RESPONSIBLE EACH ONE.  THE DUTIES AND RESPONSIBILITIES OF ALL EMPLOYEES, AS THEY RELATE TO INFORMATION NEED TO BE SPECIFIED IN DETAIL.
  • 20. NON-REPUDIATION  SOMETIMES USER SEND THE MESSAGE AND LATER REFUSES THAT HE HAD NOT SENT THAT MESSAGE. THE PRINCIPLE OF NON-REPUDIATION REDUCE SUCH POSSIBILITIES.  EG. USER A REQUEST FOR FUND TRANSFER TO A BANK , BANK COMPLETE THE FUND TRANSFER AS PER REQUEST OF USER A BUT LATER USER A REFUSE THAT HE HAS NOT MADE SUCH TYPE OF REQUEST.  PRINCIPLE OF NON-REPUDIATION IMPLEMENT BY USING DIGITAL SIGNATURES. ACCESS CONTROL  PRINCIPLE OF ACCESS CONTROL DETERMINES WHO SHOULD BE ABLE TO ACCESS WHAT. UNDER ACCESS CONTROL WE DECIDE ROLE OF USERS AND ALSO RULE FOR USERS TO ACCESS DIFFERENT RESOURCES OF THE ORGANIZATION.
  • 21. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY  NON REPUDIATION IS THE ASSURANCE THAT SOMEONE CANNOT DENY SOMETHING.  NONREPUDIATION IS A WAY TO GUARANTEE THAT THE SENDER OF A MESSAGE CANNOT LATER DENY HAVING SENT THE MESSAGE AND THAT THE RECIPIENT CANNOT DENY HAVING RECEIVED THE MESSAGE.  TYPICALLY, NONREPUDIATION REFERS TO THE ABILITY TO ENSURE THAT A PARTY CANNOT DENY THE AUTHENTICITY OF THEIR SIGNATURE ON A DOCUMENT OR THE SENDING OF A MESSAGE THAT THEY ORIGINATED.  EMAIL NONREPUDIATION INVOLVES METHODS SUCH AS EMAIL TRACKING THAT ARE DESIGNED TO ENSURE THAT THE SENDER CANNOT DENY HAVING SENT A MESSAGE AND/OR THAT THE RECIPIENT CANNOT DENY HAVING RECEIVED IT. • NONREPUDIATION CAN BE OBTAINED THROUGH THE USE OF: • DIGITAL SIGNATURES- • CONFIRMATION SERVICES – • TIMESTAMPS --
  • 22. SECURITY BASICS/CIA MODEL/PRINCIPLES OF SECURITY • RELIABILITY: COMPUTERS NEED TO BE RELIABLE FOR PEOPLE TO USE THEM AND HAVE CONFIDENCE IN THEM. IF THEY ARE NOT RELIABLE, THEN THEY WILL QUICKLY BE ABANDONED. ************************************************************************************** *********************** • COMPUTER SYSTEMS NEED TO BE RELIABLE IF THEY ARE TO BE CONFIDENTLY USED. IF PEOPLE CANNOT RELY ON THEM, THEN THEY WILL QUICKLY BE ABANDONED.
  • 23. DEFINATIONS THREAT  A POTENTIAL CAUSE TO A INCIDENT THAT BECOME HARMFUL FOR SYSTEM OR ORGANIZATION.  AN UNDESIRED EVENT THAT MAY RESULT IN LOSS, DISCLOSURE OR DAMAGE TO ORG ASSET. • THREAT IS POTENTIAL FOR VIOLATION OF SECURITY RISK . RISK CALCULATIONS RISK = ASSETS X THREATS X VULNERABILITIES •. A COMPUTER SECURITY RISK IS ANY EVENT OR ACTION THAT COULD CAUSE A LOSS OR DAMAGE TO COMPUTER HARDWARE, SOFTWARE, DATA, OR INFORMATION OR RISK IS PROBABILITY OF THREATS THAT MAY OCCUR BECAUSE OF PRESENCE OF VULNERABILITY IN A SYSTEM
  • 24. • QUANTITATIVE RISK ANALYSIS: -A PROCESS OF ASSIGNING A NUMERIC VALUE TO THE PROBABILITY OF LOSS BASED ON KNOWN RISKS, ON FINANCIAL VALUES OF THE ASSETS AND ON PROBABILITY OF THREATS. - IT IS USED TO DETERMINE POTENTIAL DIRECT AND INDIRECT COSTS TO THE COMPANY BASED ON VALUES ASSIGNED TO COMPANY ASSETS AND THEIR EXPOSURE TO RISK. ASSETS CAN BE RATED AS THE COST OF REPLACING AN ASSET, THE COST OF LOST PRODUCTIVITY, OR THE COST OF DIMINISHED BRAND REPUTATION. IN THIS 100% QUANTITATIVE RISK ANALYSIS IS NOT POSSIBLE. • QUALITATIVE RISK ANALYSIS: -A COLLABORATIVE PROCESS OF ASSIGNING RELATIVE VALUES TO ASSETS, ASSESSING THEIR RISK EXPOSURE AND ESTIMATING THE COST OF CONTROLLING THE RISK. -IT UTILIZES RELATIVE MEASURES AND APPROXIMATE COSTS RATHER THAN PRECISE VALUATION AND COST DETERMINATION. ASSETS CAN BE RATED BASED ON CRITICALITY - VERY IMPORTANT, IMPORTANT, NOT-IMPORTANT ETC. VULNERABILITIES CAN BE RATED BASED ON HOW IT IS FIXED - FIXED SOON, SHOULD BE FIXED, FIX IF SUITABLE ETC. THREATS CAN BE RATED BASED ON SCALE OF LIKELY - LIKELY, UNLIKELY, VERY LIKELY ETC. IN THIS 100% QUALITATIVE RISK ANALYSIS IS FEASIBLE.
  • 25. DEFINATIONS COUNTERMEASURE AN ACTION, PROCEDURE, OR TECHNIQUE THAT REDUCES A THREAT, A VULNERABILITY.  ASSET ASSET IS ANY THING (HARDWARE, SOFTWARE, DATA,INFORMATION) THAT OWNER WANT TO SECURE. OR ASSET IS ANY DATA, DEVICE, OR OTHER COMPONENT OF THE ENVIRONMENT THAT SUPPORTS INFORMATION-RELATED ACTIVITIES. ASSETS GENERALLY INCLUDE HARDWARE, SOFTWARE AND CONFIDENTIAL INFORMATION
  • 26. DEFINITION'S  VULNERABILITY IS A WEAKNESS IN THE INFORMATION INFRASTRUCTURE OF ORG  IT WILL ACCIDENTALLY OR INTENTIONALLY DAMAGE THE ASSET •  IT IS A WEAKNESS IN COMPUTER SYSTEM & NETWORK. THE TERM "VULNERABILITY" REFERS TO THE SECURITY FLAWS IN A SYSTEM THAT ALLOWS AN ATTACK TO BE SUCCESSFUL.  TESTING FOR VULNERABILITIES IS USEFUL FOR MAINTAINING ON-GOING SECURITY  VULNERABILITIES CAN BE…………… – PROGRAMS WITH UNNECESSARY PRIVILEGE – ACCOUNTS DEFAULT PASSWORD NOT CHANGED – PROGRAM WITH KNOWN FAULTS. – WEAK ACCESS CONTROL – WEAK FIREWALL
  • 27. HACKING • HACKING IN SIMPLE TERMS MEANS AN ILLEGAL INTRUSION INTO A COMPUTER SYSTEM AND/OR NETWORK. • GOVERNMENT WEBSITES ARE THE HOT TARGET OF THE HACKERS DUE TO THE PRESS COVERAGE, IT RECEIVES. • /OR / • HACKING IS THE ACT OF IDENTIFYING AND THEN EXPLOITING WEAKNESSES IN A COMPUTER SYSTEM OR NETWORK, USUALLY TO GAIN UNAUTHORIZED ACCESS TO PERSONAL OR ORGANIZATIONAL DATA. • HACKING IS NOT ALWAYS A MALICIOUS ACTIVITY, BUT THE TERM HAS MOSTLY NEGATIVE CONNOTATIONS DUE TO ITS ASSOCIATION WITH CYBERCRIME.
  • 28. THREAT TO SECURITY  VIRUSES  WORMS  TROJAN HORSE  INTRUDERS  INSIDERS
  • 29. VIRUSES  VIRUS IS A PROGRAM WHICH ATTACHES ITSELF TO ANOTHER PROGRAM AND CAUSES DAMAGE TO THE COMPUTER SYSTEM OR THE NETWORK.  IT IS LOADED ONTO YOUR COMPUTER WITHOUT YOUR KNOWLEDGE AND RUNS AGAINST YOUR WISHES  ALMOST ALL VIRUSES ARE ATTACHED TO AN EXECUTABLE FILE, WHICH MEANS THE VIRUS MAY EXIST ON YOUR COMPUTER BUT IT ACTUALLY CANNOT INFECT YOUR COMPUTER UNLESS YOU RUN OR OPEN THE MALICIOUS PROGRAM.  COMPUTER VIRUS ATTACH ITSELF TO A PROGRAM OR FILE ENABLING IT TO SPREAD FROM ONE COMPUTER TO ANOTHER , LEAVING INFECTION AS IT TRAVELS FROM PC TO PC OR OVER NETWORK.  IT COPIES ITSELF INTO PREVIOUSLY UNINFECTED PROGRAMS OR FILES, AND EXECUTES OVER OTHER SOURCE OF ATTACK.  IT CAN CAUSE THE LOSS OR ALTERATION OF PROGRAM OR DATA AND CAN BREAK CONFIDENTIALITY. IT IS ALMOST ATTACHED WITH EXECUTABLE FILE.
  • 30. VIRUS • DEFINITION: VIRUS IS A PROGRAM WHICH ATTACHES ITSELF TO ANOTHER PROGRAM AND CAUSES DAMAGE TO THE COMPUTER SYSTEM OR THE NETWORK. IT IS LOADED ONTO YOUR COMPUTER WITHOUT YOUR KNOWLEDGE AND RUNS AGAINST YOUR WISHES. DURING THE LIFECYCLE OF VIRUS IT GOES THROUGH THE FOLLOWING FOUR PHASES: • 1. DORMANT PHASE: THE VIRUS IS IDLE AND ACTIVATED BY SOME EVENT. • 2. PROPAGATION PHASE: IT PLACES AN IDENTICAL COPY OF ITSELF INTO OTHER PROGRAMS OR INTO CERTAIN SYSTEM AREAS ON THE DISK. • 3. TRIGGERING PHASE: THE VIRUS IS ACTIVATED TO PERFORM THE FUNCTION FOR WHICH IT WAS INTENDED. • 4. EXECUTION PHASE: THE FUNCTION OF VIRUS IS PERFORMED •
  • 31. PHASES OF VIRUSES A TYPICAL VIRUS GOES THROUGH PHASES OF: – DORMANT – PROPAGATION – TRIGGERING – EXECUTION
  • 32. PHASES OF VIRUSES • DURING THE LIFECYCLE OF VIRUS IT GOES THROUGH THE FOLLOWING FOUR PHASES: • 1. DORMANT PHASE: THE VIRUS IS IDLE AND ACTIVATED BY SOME EVENT. THE VIRUS WILL BE ACTIVATED BY SOME EVENT SUCH AS A DATE, THE PRESENCE OF ANOTHER PROGRAM OR FILE, OR THE CAPACITY OF THE DISK EXCEEDING SOME LIMIT. NOT ALL VIRUSES HAVE THIS STAGE. • 2. PROPAGATION PHASE: • IT PLACES AN IDENTICAL COPY OF ITSELF INTO OTHER PROGRAMS OR INTO CERTAIN SYSTEM AREAS ON THE DISK.
  • 33. PHASES OF VIRUSES • 3. TRIGGERING PHASE: THE VIRUS IS ACTIVATED TO PERFORM THE FUNCTION FOR WHICH IT WAS INTENDED. 4. EXECUTION PHASE: THE FUNCTION OF VIRUS IS PERFORMED. THE FUNCTION MAY BE HARMLESS, SUCH AS A MESSAGE ON THE SCREEN, OR DAMAGING, SUCH AS THE DESTRUCTION OF PROGRAMS AND DATA FILES.
  • 34.
  • 35. STEPS VIRUS PROGRAM IS LAUNCHED.  VIRUS CODE IS LOADED INTO DESTINATION.  VIRUS DELIVERS ITSELF DESTRUCTIVE PAYLOAD.  VIRUS COPIES ITSELF TO ANOTHER PROGRAM.  CHARACTERISTICS ARE: HARD TO DETECT, NOT EASILY DESTROYABLE, SPREADS INFECTION WIDELY, EASY TO CREATE, MACHINE AND OPERATING SYSTEM INDEPENDENT
  • 36. TYPES OF VIRUSES TYPES OF VIRUSES: PARASITIC VIRUSES  MEMORY RESIDENT VIRUSES NON-RESIDENT VIRUSES BOOT SECTOR VIRUSES OVERWRITING VIRUSES STEALTH VIRUS MACRO VIRUSES
  • 37. TYPES OF VIRUSES  PARASITIC VIRUSES: IT ATTACHES ITSELF TO EXECUTABLE CODE AND REPLICATES ITSELF. ONCE CODE IS INFECTED IT WILL FIND ANOTHER PROGRAM TO INFECT.  MEMORY RESIDENT VIRUSES: A MEMORY-RESIDENT VIRUS IS A VIRUS THAT IS LOCATED IN THE MEMORY OF A COMPUTER, EVEN AFTER THE 'HOST' APPLICATION OR PROGRAM HAS STOPPED RUNNING (BEEN TERMINATED).LIVES IN MEMORY AFTER ITS EXECUTION IT BECOMES A PART OF OPERATING SYSTEM OR APPLICATION AND CAN MANIPULATE ANY FILE THAT IS EXECUTED, COPIED OR MOVED.  NON- RESIDENT VIRUSES: NON-MEMORY-RESIDENT VIRUSES ARE ONLY ACTIVATED ONCE THE APPLICATION OR PROGRAM IS STARTED.IT EXECUTES ITSELF AND TERMINATES OR DESTROYS AFTER SPECIFIC TIME.
  • 38. TYPES OF VIRUSES OVERWRITING VIRUSES: IT OVERWRITES THE CODE WITH ITS OWN CODE. SOME VIRUSES ARE DESIGNED SPECIFICALLY TO DESTROY A FILE OR APPLICATION'S DATA. AFTER INFECTING A SYSTEM, AN OVERWRITE VIRUS BEGINS OVERWRITING FILES WITH ITS OWN CODE. THESE VIRUSES CAN TARGET SPECIFIC FILES OR APPLICATIONS OR SYSTEMATICALLY OVERWRITE ALL FILES ON AN INFECTED DEVICE. BOOT SECTOR VIRUSES :A BOOT SECTOR IS A RESERVED SECTION OF A DISK THAT CONTAINS THE CODE AND DATA NEEDED TO START THE OPERATING SYSTEM (OS) OF A COMPUTER. A BOOT SECTOR VIRUS IS A TYPE OF MALWARE THAT INFECTS A SYSTEM'S BOOT PARTITION OR THE MASTER BOOT RECORD (MBR) OF A HARD DISK
  • 39. TYPES OF VIRUSES STEALTH VIRUS: THIS VIRUS HIDES THE MODIFICATION IT HAS MADE IN THE FILE OR BOOT RECORD. MACRO VIRUSES: THESE ARE NOT EXECUTABLE. IT AFFECTS MICROSOFT WORD LIKE DOCUMENTS, THEY CAN SPREADS THROUGH EMAIL. POLYMORPHIC VIRUSES: IT PRODUCES FULLY OPERATIONAL COPIES OF ITSELF, IN AN ATTEMPT TO AVOID SIGNATURE DETECTION.  COMPANION VIRUSES: CREATES A PROGRAM INSTEAD OF MODIFYING AN EXISTING FILE.  EMAIL VIRUSES: VIRUS GETS EXECUTED WHEN EMAIL ATTACHMENT IS OPEN BY RECIPIENT. VIRUS SENDS ITSELF TO EVERYONE ON THE MAILING LIST OF SENDER.  METAMORPHIC VIRUSES: KEEPS REWRITING ITSELF EVERY TIME, IT MAY CHANGE THEIR BEHAVIOR AS WELL AS APPEARANCE CODE
  • 40. HOW TO DEAL WITH COMPUTER VIRUSES STEP 1: USE A RELIABLE ANTIVIRUS PROGRAM  IF YOU ALREADY HAVE ANTIVIRUS SOFTWARE INSTALLED ON YOUR COMPUTER AND IT STILL GOT INFECTED WITH A VIRUS, THE SOFTWARE YOU WERE USING IS MOST LIKELY UNRELIABLE.  UNINSTALL IT, AND GET A NEW ONE.  YOU CAN DOWNLOAD ONE ONLINE OR BUY AN INSTALLER FROM YOUR LOCAL TECH SHOP. STEP 2: SCAN YOUR COMPUTER  A WIDE VARIETY OF MALICIOUS PROGRAMS EXIST TODAY, AND SOME OF THE MOST COMMON INCLUDE TROJANS, VIRUSES, WORMS, AND RANSOMWARE.  IN ORDER TO CHECK IF YOUR COMPUTER IS ACTUALLY INFECTED WITH ANY OF THESE (AS WELL AS IDENTIFY WHICH OF THEM MAY HAVE INFECTED YOUR COMPUTER), PERFORM A FULL SCAN OF YOUR COMPUTER USING YOUR NEW ANTIVIRUS SOFTWARE, AND MAKE SURE THAT THE ANTIVIRUS IS FULLY UPDATED BEFORE YOU START THE SCAN.
  • 41. HOW TO DEAL WITH COMPUTER VIRUSES STEP 3: REMOVE THE MALWARE • ONCE YOUR SOFTWARE IDENTIFIES THE INFECTION, IT WILL PROVIDE YOU WITH PROMPTS ON HOW TO TREAT IT. • ANTIVIRUS PROGRAMS ALL HAVE DIFFERENT METHODS, BUT SOME OF THE MOST COMMON OPTIONS INCLUDE PERMANENT DELETION OF THE VIRUS OR STORING IT IN A SECURE FOLDER (A.K.A. “QUARANTINE”) WHERE IT WON’T BE ABLE TO CAUSE MORE DAMAGE. STEP 4: STOP FUTURE INFECTIONS • WHEN IT COMES TO VIRUS PROTECTION, PREVENTION IS ALWAYS BETTER THAN CURE. YOU CAN PREVENT YOUR COMPUTER FROM GETTING INFECTED BY TAKING THESE PRECAUTIONARY MEASURES: • PERFORM SCANS USING YOUR ANTIVIRUS SOFTWARE AT REGULAR INTERVALS. • MOST PROGRAMS HAVE THE OPTION TO SCHEDULE AUTOMATIC SCANS BASED ON YOUR PREFERRED DEGREE OF FREQUENCY: DAILY, WEEKLY, BI-WEEKLY, AND SO ON. • DO NOT OPEN SUSPICIOUS-LOOKING EMAILS. THEY COULD BE INFECTED WITH SPYWARE. • ONLY VISIT SECURE WEBSITES
  • 43. WORM  A COMPUTER WORM IS A PIECE OF SOFTWARE THAT COPIES ITSELF FROM ONE COMPUTER TO ANOTHER. UNLIKE A VIRUS, IT IS A STANDALONE PROGRAM THAT DOESN’T REQUIRE A HOST. IT USUALLY DOESN’T TARGET FILES ON AN INDIVIDUAL COMPUTER. INSTEAD, IT TAKES ON ENTIRE NETWORKS IN AN ATTEMPT TO CREATE LARGE BOTNETS A WORM IS SIMILAR TO A VIRUS BY DESIGN AND IS CONSIDERED TO BE A SUB-CLASS OF A VIRUS.  WORMS SPREAD FROM COMPUTER TO COMPUTER, BUT UNLIKE A VIRUS, IT HAS THE CAPABILITY TO TRAVEL WITHOUT ANY HUMAN ACTION. THE BIGGEST DANGER WITH A WORM IS ITS CAPABILITY TO REPLICATE ITSELF ON YOUR SYSTEM SO RATHER THAN YOUR COMPUTER SENDING OUT A SINGLE WORM, IT COULD SEND OUT HUNDREDS OR THOUSANDS OF COPIES OF ITSELF, CREATING A HUGE DEVASTATING EFFECT. DUE TO THE COPYING NATURE OF A WORM AND ITS CAPABILITY TO TRAVEL ACROSS NETWORKS THE END RESULT IN MOST CASES IS THAT THE WORM CONSUMES TOO MUCH SYSTEM MEMORY (OR NETWORK BANDWIDTH), CAUSING WEB SERVERS, NETWORK SERVERS AND INDIVIDUAL COMPUTERS TO STOP RESPONDING
  • 45. WORMS . 1.INTERNET WORMS 2. EMAIL WORMS 3.INSTANT MESSAGING WORMS 4. FILE-SHARING WORMS 5.INTERNET RELAY CHAT (IRC) WORM
  • 48. TROJAN HORSE  A TROJAN HORSE, OR TROJAN, IS A TYPE OF MALICIOUS CODE OR SOFTWARE THAT LOOKS LEGITIMATE BUT CAN TAKE CONTROL OF YOUR COMPUTER. OR  A TROJAN HORSE OR TROJAN IS A TYPE OF MALWARE THAT IS OFTEN DISGUISED AS LEGITIMATE SOFTWARE. TROJANS CAN BE EMPLOYED BY CYBER-THIEVES AND HACKERS TRYING TO GAIN ACCESS TO USERS' SYSTEMS  A TROJAN IS DESIGNED TO DAMAGE, DISRUPT, STEAL YOUR DATA OR PERFORM HARMFUL ACTION ON NETWORK. • ONCE ACTIVATED, TROJANS CAN ENABLE CYBER-CRIMINALS TO SPY ON YOU, STEAL YOUR SENSITIVE DATA, AND GAIN BACKDOOR ACCESS TO YOUR SYSTEM. THESE ACTIONS CAN INCLUDE: • DELETING DATA • BLOCKING DATA • MODIFYING DATA • COPYING DATA • DISRUPTING THE PERFORMANCE OF COMPUTERS OR COMPUTER NETWORKS • UNLIKE COMPUTER VIRUSES AND WORMS, TROJANS ARE NOT ABLE TO SELF-REPLICATE
  • 49. TYPES OF TROJAN MALWARE • BACKDOOR TROJAN • DISTRIBUTED DENIAL OF SERVICE (DDOS) ATTACK TROJAN • DOWNLOADER TROJAN • FAKE AV TROJAN • GAME-THIEF TROJAN • RANSOM TROJAN • REMOTE ACCESS TROJAN • MAIL FINDER TROJAN • SMS • SMS TROJAN
  • 50. BACK-DOOR ATTACK & FRONT-DOOR ATTACK BACK-DOOR ATTACK • IN THE WORLD OF CYBERSECURITY, A BACKDOOR REFERS TO ANY METHOD BY WHICH AUTHORIZED AND UNAUTHORIZED USERS ARE ABLE TO GET AROUND NORMAL SECURITY MEASURES AND GAIN HIGH LEVEL USER ACCESS (AKA ROOT ACCESS) ON A COMPUTER SYSTEM, NETWORK, OR SOFTWARE APPLICATION. • A NETWORK ADMINISTRATOR (NA) MAY INTENTIONALLY CREATE OR INSTALL A BACKDOOR PROGRAM FOR TROUBLESHOOTING OR OTHER OFFICIAL USE. HACKERS USE BACKDOORS TO INSTALL MALICIOUS SOFTWARE (MALWARE) FILES OR PROGRAMS, MODIFY CODE OR DETECT FILES AND GAIN SYSTEM AND/OR DATA ACCESS.
  • 51. FRONT-DOOR ATTACK • ALL FRONT-DOOR ATTACKS REQUIRE THE ACTIONS OF THE USER TO ALLOW THE VIRUS TO INFECT THE SYSTEM. THIS IS WHY THEY ARE REFERRED TO AS A FRONT-DOOR ATTACK, AS METAPHORICALLY, THE USER IS TRICKED INTO OPENING THE FRONT DOOR AND LETTING THE VIRUS IN. THE MOST COMMON WAYS IN WHICH THIS STYLE OF ATTACK IS DISGUISED ARE EMAILS, WEB BROWSING OR DOWNLOADS. • ONCE YOU'VE ALLOWED THE VIRUS TO ENTER YOUR SYSTEM, IT THEN HAS CONTROL OF ALL OF YOUR DATA. THE HACKERS THEN HAVE THE ABILITY TO RUN A PROGRAM WITH ALL YOUR RIGHTS AND PRIVILEGES. THIS ALSO MEANS THAT THEY CAN DELETE ALL OF YOUR STORED FILES TOO. BACK-DOOR ATTACK & FRONT-DOOR ATTACK
  • 52. INTRUDERS • A OUTSIDE PERSON WHO TRY TO ACCESS ORGANIZATION RESOURCES WITHOUT PERMISSION IS KNOWN AS INTRUDER. INTRUDERS ARE EXTREMELY PATIENT PERSONS. THEY ALWAYS TRY TO FIND OUT A WEAK POINT OF SYSTEM SECURITY TO GAIN ACCESS TO SYSTEM. • INTRUDERS ARE EXTREMELY PATIENCE SINCE THE PROCESS TO GAIN ACCESS REQUIRES PERSISTENCE AND DETERMINATION • IF FIRST ATTACK GETS FAIL THEY TRY IN DIFFERENT ANGLE (SEARCH FOR ANOTHER POSSIBLE VULNERABILITY) • SECOND ATTACK MAY BE BLOCKED/FAIL, THEY TRY FOR THIRD AND SO ON TILL THEY GET VULNERABILITY OR ACCESS • THERE ARE THREE CATEGORIES OF INTRUDERS. 1) NOT TECHNICALLY EXPERT TO WRITE VULNERABLE SCRIPTS. 2) CAPABLE OF WRITING SCRIPTS TO EXPLOIT EXISTING VULNERABILITY. 3) CAPABLE WRITING SCRIPTS TO EXPLOIT EXISTING VULNERABILITY AND ALSO CAPABLE TO FIND OUT NEW VULNERABILITIES.
  • 53. TYPES/CLASSES OF INTRUDERS THREE CLASSES OF INTRUDERS: – MASQUERADER: AN INDIVIDUAL WHO IS NOT AUTHORIZED TO USE THE COMPUTER AND WHO PENETRATES A SYSTEM’S ACCESS CONTROLS TO EXPLOIT A LEGITIMATE USER’S ACCOUNT MISFEASOR: A LEGITIMATE USER WHO ACCESSES DATA, PROGRAMS, OR RESOURCES FOR WHICH SUCH ACCESS IS NOT AUTHORIZED, OR WHO IS AUTHORIZED FOR SUCH ACCESS BUT MISUSES HIS OR HER PRIVILEGES CLANDESTINE USER: AN INDIVIDUAL WHO SEIZES SUPERVISORY CONTROL OF THE SYSTEM AND USES THIS CONTROL TO EVADE AUDITING AND ACCESS CONTROLS OR TO SUPPRESS AUDIT COLLECTION
  • 54. INSIDERS AN INSIDER THREAT IS A MALICIOUS THREAT TO AN ORGANIZATION THAT COMES FROM PEOPLE WITHIN THE ORGANIZATION, SUCH AS EMPLOYEES, FORMER EMPLOYEES, CONTRACTORS OR BUSINESS ASSOCIATES, WHO HAVE INSIDE INFORMATION. INSIDERS ARE AUTHORIZED USERS WHO TRY TO ACCESS SYSTEM OR NETWORK FOR WHICH HE IS UNAUTHORIZED. MORE DANGEROUS THAN OUTSIDE INTRUDERS  MOST DIFFICULT TO DETECT AND PREVENT HAVE ACCESS AND KNOWLEDGE TO CAUSE IMMEDIATE DAMAGE TO AN ORGANIZATION. HAVE KNOWLEDGE OF THE SECURITY SYSTEMS IN PLACE AND WILL BE BETTER ABLE TO AVOID DETECTION.  EMPLOYEES ARE NOT THE ONLY INSIDERS BUT THERE ARE OTHER PEOPLE WHO HAVE ACCESS LIKE CONTRACTORS OR PARTNERS. THERE IS NO SECURITY MECHANISM TO PROTECT SYSTEM FROM INSIDERS. SO THEY CAN HAVE ALL THE ACCESS TO CARRY OUT CRIMINAL ACTIVITY LIKE FRAUD
  • 55. PREVENTING INSIDER ATTACKER FOR PREVENTING INSIDER ATTACKER • ENFORCE LEAST PRIVILEGE, ALLOW ACCESS TO RESOURCES THAT EMPLOYEE NEED TO DO THEIR JOB • SET LOGS TO SEE WHAT USERS ACCESS AND WHAT COMMANDS THEY ARE ENTERING. • PROTECT SENSITIVE RESOURCES WITH STRONG AUTHENTICATION • UPON TERMINATION, DELETE EMPLOYEES COMPUTER AND NETWORK ACCESS.