Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cyber Attacks

  • Login to see the comments

  • Be the first to like this

Cyber Attacks

  1. 1. Cyber Attacks <ul><li>Stages of a smart attack </li></ul><ul><ul><li>Check for an open door!!! </li></ul></ul><ul><ul><li>Get into the system </li></ul></ul><ul><ul><li>Delete all tracks, which might prove you have being inside the system </li></ul></ul>
  2. 2. The lasts attacks: <ul><li>Yahoo, CNN, Amazon & E-Bay </li></ul>Zombie University Web sites Million of Users DDOS Attack 900MB per sec. Group of Hackers <ul><li>Hackers breaks into powerful computers which are connected with fast lines to the web. </li></ul><ul><li>The hacker send a program which sleeps on the target PC. </li></ul><ul><li>The hacker cleans the way he got into the system so it can not be traced. </li></ul><ul><li>A Target is selected by the hackers. </li></ul><ul><li>This is bombed with lots of requests for information from the powerful PC. </li></ul><ul><li>The large amount of requests causes overload on the target server. </li></ul><ul><li>This one finally crashes. </li></ul><ul><li>The Target server being down causes denial of service for million users which are trying to reach the site. </li></ul>+
  3. 3. <ul><li>I Love You vbs. Virus </li></ul>The last attacks: Million of Users System Crash ISP Modem ISP Extranet LAN <ul><li>In a few hours it spread through the net </li></ul>ISP
  4. 4. Encryption FW- VPN
  5. 5. Encryption Standards <ul><li>SSL - Secure Socket Layer </li></ul><ul><li>SET - Secure Electronic Transaction </li></ul><ul><li>STRONG - 3 DES </li></ul><ul><li>How can I recognize a secure site? </li></ul><ul><ul><li>Verisign </li></ul></ul><ul><ul><li>Voltimore </li></ul></ul><ul><ul><li>Entrust </li></ul></ul>
  6. 6. Symmetric Encryption A B Encrypt Decrypt Key Key <ul><li>Lots of Security Problems </li></ul><ul><li>The same keys is used both ways </li></ul>
  7. 7. Asymmetric Encryption A B Encrypt Decrypt Public Key Private Key <ul><li>Lots of Security Problems </li></ul><ul><li>The same keys is used both ways </li></ul>
  8. 8. VPN FW FW <ul><li>Encrypt - Decrypt by the FW VPN Module </li></ul><ul><li>Virtual Private Network </li></ul>Secure Area Secure Area
  9. 9. Cyber Terrorism <ul><li>Gulf War </li></ul><ul><li>Bosnia Crisis </li></ul><ul><li>Info War </li></ul><ul><li>Encryption </li></ul>
  10. 10. Legal Issues <ul><li>Non extradition treaty </li></ul><ul><li>Jurisdiction areas </li></ul><ul><li>Interpol – FBI </li></ul><ul><li>Local Authorities </li></ul>
  11. 11. Non-Cooperative Countries Antigua Guatemala
  12. 12. Non-Cooperative Countries Switzerland Luxembourg
  13. 13. Global Luxembourg Switzerland Antigua Guatemala Servers Network
  14. 14. Internet Security Solutions <ul><li>מספר שכבות ורמות הגנה </li></ul><ul><li>הפרדה וניתוק מערכת האינטרנט מהרשתות הפנימיות </li></ul><ul><li>הצפנת התקשורת בנקודות קריטיות בין הלקוח למערכת </li></ul><ul><li>תירגום כתובות ( NAT ) </li></ul><ul><li>מעבר פורטים ספציפיים מתחייבים </li></ul><ul><li>הגבלת כיוון יזימת ההתקשרות </li></ul><ul><li>Firewall </li></ul><ul><li>פילטרים בנתבים </li></ul>ISP Intranet Modem LAN Extranet Remote
  15. 15. <ul><li>IDS </li></ul><ul><li>אחסון מידע בשרתים פנימיים ( DB ) הקשחה וניוון שרתים </li></ul><ul><li>עדכון שוטף בתיקונים של מערכת ההפעלה ותוכנות השונות </li></ul><ul><li>המרת פרוטוקולים </li></ul><ul><li>שימוש בשרתי גישה והזדהות מאובטחים </li></ul><ul><li>שימוש בתוכנות אנטי וירוס </li></ul><ul><li>הגנות ברמת האפליקציה - בקרת תוכן </li></ul>ISP Intranet Modem LAN Extranet Remote
  16. 16. <ul><li>Auditing של הפניות והפעולות במערכת </li></ul><ul><li>גיבוי ושרידות </li></ul><ul><li>נהלי עבודה לתחזוקה שוטפת </li></ul>ISP Intranet Modem LAN Extranet Remote
  17. 17. FAQ <ul><li>How can I get Info on the web? </li></ul><ul><li>How can I trace an attacker ? </li></ul><ul><li>How can I get Info on Ip address? </li></ul><ul><li>Is there a thing such as maximum Security ? </li></ul><ul><li>ISP obligations </li></ul><ul><li>International jurisdiction </li></ul>
  18. 18. Solutions (for now): <ul><li>Awareness </li></ul><ul><li>Disconnect systems from the public eye </li></ul><ul><li>Anti-Virus (updated) </li></ul><ul><li>FW (configuration) </li></ul><ul><li>Intruder Detection Systems </li></ul><ul><li>Proper Encryption </li></ul><ul><li>Control & Inspection </li></ul>

×