The document provides an agenda for a wireless security lecture. The agenda includes an introduction that defines network security and discusses virus, worm, trojan, and intrusion attacks. It also outlines Bapinger's wireless security solutions and concludes with key points about securing today's networks.
4. NETWORK SECURITY Bapinger Solution: Wireless Security 4
DEFINITION
1. The protection of networks and their services from unauthorized
modification, destruction, or disclosure. Network security provides
for assurance that a network performs its critical functions correctly
and there are no harmful side effects. (US Army Information
Assurance Security Officer (IASO) /
http://ia.gordon.army.mil/iaso/default.htm)
2. Computer security is the effort to create a secure computing
platform, designed so that agents (users or programs) can only
perform actions that have been allowed. This involves specifying
and implementing a security policy. The actions in question can be
reduced to operations of access, modification and deletion.
Computer security can be seen as a subfield of security
engineering, which looks at broader security issues in addition to
computer security.
(Wikipedia / en.wikipedia.org/wiki/Network_security)
7-Dec-09
5. Bapinger Solution: Wireless Security 5
TELECOMMUNICATION
NETWORK SECURITY
Quote from Houlin Zhao, Director of the Telecom
Standardization Bureau, ITU :
“All businesses face pressure to increase revenue and
reduce costs. And in the face of this pressure, security is
often sidelined as non-essential. But investment in
security is money in the bank. And investment in the
making of security standards means that manufacturers
and service providers can be sure that their needs and
views are taken into account. “
(http://www.itu.int/ITU-T/lighthouse/articles/ecta-
2004.html)
7-Dec-09
6. VIRUS, WORM, TROJAN Bapinger Solution: Wireless Security 6
AND INTRUSION ATTACK
What is a virus?
A computer virus, according to Webster's Collegiate Dictionary, is
"a computer program usually hidden within another seemingly
innocuous program that produces copies of itself and inserts them
into other programs or files, and that usually performs a malicious
action (such as destroying data)".
Two categories of viruses:
- macro viruses
- worms
Computer viruses are never naturally occurring; they are always
man-made. Once created and released, however, their spread is
not directly under human control.
(Indiana University Knowledge Base / http://kb.iu.edu/data/aehm.html )
7-Dec-09
7. VIRUS, WORM, TROJAN Bapinger Solution: Wireless Security 7
AND INTRUSION ATTACK
What is a Trojan horse?
Named after the wooden horse the
Greeks used to infiltrate Troy. According
to some people, a virus is a particular
case of a Trojan horse, namely one which
is able to spread to other programs (i.e.,
it turns them into Trojans too). According
to others, a virus that does not do any
deliberate damage (other than merely
replicating) is not a Trojan. Finally,
despite the definitions, many people use
the term "Trojan" to refer only to a non-
replicating malicious program.
(Indiana University Knowledge Base /
http://kb.iu.edu/data/aehm.html )
7-Dec-09
8. VIRUS, WORM, TROJAN Bapinger Solution: Wireless Security 8
AND INTRUSION ATTACK
What is a Intrusion Attack?
The willful or negligent unauthorized
activity that affects the availability,
confidentiality, or integrity of computer
resources. Computer abuse includes
fraud, embezzlement, theft, malicious
damage, unauthorized use, denial of
service, and misappropriation.
Operations to disrupt, deny, degrade,
or destroy information resident in
computers and computer networks, or the
computers and networks themselves.
(DODD S-3600.1 of 9 Dec 96)
(Texas State Library Home Page / http://www.tsl.state.tx.us/ld/pubs/compsecurity/glossary.html
)
7-Dec-09
10. Business Position
10
Practice
Areas
• Network Support • Planning & Design • GAMA • Managed Operations
• Optimization • Install & Comm (Services Services
Key • Operations • Network Integration Development • Seamless Mobility
Elements & Maintenance • Program and Delivery Management
• Network Management Platform) • Managed Security
Management • Hosted Services Services
• Content • Project and Outsource
•Security Management Management Services
• Training • IMS/non-IMS
Revenue Based
“Total Network Care”
Applications
Bapinger Solution: Wireless Security 7-Dec-09
11. Future Growth is in IP Based Services
11 Billions of
Subscribers
1.8
1.6 IP Services:
VoIP
1.4 IP Enabled PoC, Push-to-View
1.2 SMS & IM
1 Music
Gaming
0.8 Presence
Location Based Srvs
0.6
Multimedia Messaging
0.4 Circuit Only Video Streaming
0.2 Converged Voice
Srvs
0
2002 2003 2004 2005 2006 2007 2008
Source: IMS Research
Market is moving towards IP enabled service
Bapinger Solution: Wireless Security 7-Dec-09
12. GROWTH IN DATA SERVICES
Worldwide Wireless
Operator Data Revenue ($M)
100.000
92.011
80.000
71.272
60.000 51.897 Total
SMS
Rich Data
34.117 MMS
40.000
20.311
20.000 12.978
0 Source:
2003 2004 2005 2006 2007 2008 MOT est.
Introduce new applications and services
consistently and securely while optimizing
total cost of ownership, time-to-revenue
and delivery of compelling new
applications
13. OPERATOR FOCUS / CONCERNS
13
Planning & Strategy
Enterprise customers recognize security as
differentiator
Focus Concerned about migration to open, IP-based
network
Impact of government regulations and requirements
How do we improve security while controlling costs?
Security into Operations
How do I structure my security organization?
Concerns Need to coordinate multiple organizations, no standards
We need a security baseline to develop a plan
We’re concerned about virus activity
How to define and split security domains, what to protect?
Potential vulnerabilities from the roaming environment
Bapinger Solution: Wireless Security 7-Dec-09
14. SECURITY – ALREADY AFFECTING
WIRELESS CARRIERS
14
Total 183 Million Reported Security Incidents
Number of Internet Security Incidents Reported
Attacks Are: 90
80
82.1
($000's)
► Occurring More Frequently 70
► Disruptive And Costly 60 52.7
50
► Impacting Operators As Data Usage Grows 40
30 21.8
20
9.9
10
0.1 0. 0.4 0.8 1.3 2.3 2. 2. 2.1 3.7
0 3 4 6
Downtime Impact/Revenue Per Hour 88 89 90 91 92 93 94 95 96 97 98 99 00 01 02
($000's)
$3,000
Cost of Computer Crime & Security Losses
$2,500
Total Losses Reported (1997-2002): $1.43B
$2,000 450 $425
400 $378
$1,500
350
$1,000 300 $265
$500 250
200
$- $137
150 $124
Energy Telecom MFG Financial Info Insurance Retail $100
Tech 100
Source: Meta Group 50
0
1997 1998 1999 2000 2001 2002E
Source: CSI/FBI Survey
Bapinger Solution: Wireless Security 7-Dec-09
15. FASTER CYCLES:
Time From Vulnerability To Attack
300
250 300 days from known vulnerability
until widespread attack in 1999…
200
150
100
50 Now only 10 days!!!
0
1999 2000 2001 2002 2003 2004
Foundstone Data
Vulnerability Management Capability is Baseline Requirement
16. OPERATOR’S DILEMMA
16
Significant Barriers to Improving Network Security
Determining NW Security Requirements
Operators Know The
Importance Of Security… Cost of Products/tools
Lack of Experienced staff
Justify Cost/Benefit to Mgmt
Importance of Improving
Network Security Other projects
Very Important Staff Training
75%
Lack of Products/Tools
Staff Turnover
0% 10% 20% 30% 40% 50% 60%
Not So Somewhat
Important Important
6% 19%
…But Seeking Assistance
On How To Address It
Source: IDC, Lucent Network Security Survey
Bapinger Solution: Wireless Security 7-Dec-09
18. THE CHALLENGE – WIRELESS
OPERATORS
Rapidly Expanding Operations
Subscriber Base; Coverage; Revenue-Generating Services
Operations in Multiple Markets
Multiple operations
Varied policy and processes
Management Realization
Growing awareness of need
Minimal understanding of security capability
Lack comprehensive vulnerability data
Suspected breeches, reactive approach
Security Purchases/Effort Integration
19. THE CHALLENGE – WIRELESS
OPERATORS
Vulnerabilities & Issues
Quantity Varies with Size of Network
From 200 to over 1000 issues identified
High + Medium Risk = 30% to 70% of issues
Multiple Sources of Issues
Policy – Few Policies, Low/No Framework or Policy
Management
Process – Security updates, monitoring of network
Operations – Lack of metrics and vulnerability data or
remediation programs
Password Management – Easily cracked passwords, shared or no
passwords
Funding – Prioritization, requisite skills or resource investment
But….
Operational Awareness of Need
Small contingent usually working to improve
Project based, slow evolution of management support, want
ability to focus
20. THE CHALLENGE – WIRELESS
OPERATORS
Examples
Charging Gateway Vulnerabilities
High + Medium Risk = up to 53% of issues on these elements
DNS Servers vulnerabilities
High + Medium Risk = up to 32% of issues on these elements
DNS Cache poisoning, flooding from mobile devices
Firewall Vulnerabilities
High + Medium Risk = up to 65% of issues on these elements
GTP-aware capability available but not configured
FTP Servers
Known vulnerabilities with potential for DoS attacks; establish Superuser permissions; control FTP
sites
Lack of Defense-in-Depth
Internal network with unrestricted protocol and service access
Spoofed source address from GRX into network, Remove GTP tunnels
Inject routing changes, Ability to leverage access across network
Undocumented Network Elements
Not documented = not managed. Unrestricted access, potential impact to availability
21. THE CHALLENGE – WIRELESS
OPERATORS
Examples
Test Systems: Higher level of vulnerabilities
But unrestricted access to production network
Additional threat vector; Ability to bypass firewall protection
Network Management Systems
Access to broad range of network elements
Comprehensive policy for access and management not evident
Secure communication not addressed
Policy – Passwords, Access controls
Managing, changing, logging, distribution & storage procedures required
Incomplete password management policy and/or not enforced
Easily cracked passwords
Access rights - Lack consistent procedure to update, review as roles/personnel change
Policy – Audits
Baseline vulnerability data unavailable, lack of remediation plan or process
23. CONCLUSION :
Bapinger Solution: Wireless Security 23
1. The successful operation of today’s communications
networks demands that many disparate systems and
applications can talk to each other. It’s no wonder there
are a few loopholes that make vulnerability on the
networks.
2. In recent years the most obvious threat to computer
systems has come from viruses. These attacks can usually
be traced to exploitation of one of a small number of
security flaws.
3. Insider attacks are almost certainly more common and
have the potential to be much more damaging.
4. A simple policy of ensuring that all systems are kept up to
date with the latest security patches and users are aware
of some simple security rules will thwart the majority of
these attacks.
7-Dec-09