This document discusses cyber security threats and defenses. It outlines several cyber attacks in history including attacks on Estonia, US military systems, and large corporations like Sony and JP Morgan. Common threats are discussed such as denial of service attacks, malware, and social engineering. The document recommends defenses like antivirus software, firewalls, patching systems, and physical access restrictions. It also compares online backup services to local backups for protecting sensitive data.

1. Team Members
Cole Bassett
Mark Cary
Michael Meehan
Alexandria Phillip
CYBER SECURITY

2. VIDEO
https://www.youtube.com/watch?feature=player_detailpage&v=E
8zandvQvUc

3. INFOGRAPHIC

4. AGENDA
Threats
• Vulnerabilites
• Vulnerable Areas
Defense
• Recent Attacks
• Protection

5. THREATS

6. VULNERABILITIES
Have 3 elements:
• a system susceptibility or flaw
• attacker access to the flaw
• and attacker capability to
exploit the flaw.

7. • A malicious attempt to
make a server or a
network resource
unavailable to users,
usually by temporarily
interrupting or
suspending the
services of a host
connected to the
Internet.
DENIAL OF SERVICE (DOS)

8. • An unauthorized person
gaining physical access
to your computer or
part of your computer,
then installing devices
to compromise security
DIRECT ACCESS

9. • Act of surreptitiously
listening to a private
conversation, typically
between hosts on a
network.
EAVESDROPPING

10. • A software tool
designed to take
advantage of a flaw in a
computer system.
EXPLOITS

11. • Act of exploiting a bug,
design flaw or
configuration oversight
in an operating system
or software application
to gain elevated access
to resources that are
normally protected
from an application or
user.
PRIVILEGE ESCALATION

12. • A situation where the
authenticity of a
signature is being
challenged.
REPUDIATION

13. • Is a method of
bypassing normal
authentication, securing
unauthorized remote
access to a computer,
obtaining access to
plaintext, etc., while
attempting to remain
undetected
• Can be default
passwords
BACKDOORS

14. • Psychological
manipulation of people
into performing actions
or divulging
confidential
information.
SOCIAL ENGINEERING

15. • Malware program
containing malicious
code that, when
executed, carries out
actions determined by
the nature of the
Trojan, typically
causing loss or theft of
data, and possible
system harm.
TROJANS

16. • A situation in which
one person or program
successfully
masquerades as
another by falsifying
data and thereby
gaining an illegitimate
advantage.
SPOOFING

17. • Intentional
modification of
products in a way
that would make
them harmful to the
consumer.
TAMPERING

18. CYBER SECURITY IS VULNERABLE IN
THE FOLLOWING AREAS:
• Financial Systems
• Consumer Devices
• Government
• Large Corporations

19. • In-store payment
systems
• ATMs
• Websites accepting or
storing credit cards
numbers and bank
account information
FINANCIAL SYSTEMS

20. • Smartphones
• Tablets
• Laptops
• Bluetooth
CONSUMER DEVICES

21. • Military installations
• Traffic lights controls
• Intelligence agency
communications
GOVERNMENT

22. • Sony Pictures
Entertainment
• J.P. Morgan Chase
• Target
LARGE CORPORATIONS

23. DEFENSE

24. LARGEST CYBER ATTACKS IN
HISTORY
1. Logic Bomb, 1982- CIA blew up portion of Russian gas
pipeline
2. Titan Rain, 2004- China infiltrates computer networks (NASA,
Lockeed, SNL)
3. Moonlight Maze, 1988- Russian attacked US military systems
4. Epsilon, 2011- hackers infiltrate financial systems, estimated
cost upward to 4 Billion dollars
5. Estonian Cyberwar, 2007- Pro-Kremlin group penetrates
Estonian govt. facilities rendering them useless
(Source: List25.com)

25. 2014 ATTACKS
• January/ Target, Neiman Marcus, Michaels, Yahoo
• April/ Aaron Brothers, AT&T
• May/ ebay, Public works
• June/ Feedly (communications), Evernote,
P.F.Changs
• August/ US Investigations, CHS, UPS, Defense
Industries
• September/ Home Depot, Google, Apple, Goodwill,
US Transportation Command Contractors
• October/ JP Morgan, DQ, Snapsave
(Source: Heritage.org)

26.  Sensitive information
 Important files
WHAT ARE YOU PROTECTING?
Hackers Employees with access

27. WHERE IS THE SAFEST PLACE TO KEEP
EXTREMELY SENSITIVE DATA?
• O _ _ _ _ _ _

28. • Backup Software
• -> CD/DVD's,
External Hard
Drives, FTP's
• Online Backup Services
• -> Stored on offsite
data center
BACKUP DATA
+ Pros
 Access
 Advanced security
- Cons
 Need internet access
 Monthly fee
 Security breach
+ Pros
 1 time fee
- Cons
 Physical damage
 Hardware failure
 Theft

29.  70% of attacks are
through the internet
 Antivirus
 Firewall
 Patch
 Other 30% is through
LANS & WLANS
 Traffic filtering
 User accounts
 Data encryption
THREAT PREVENTION
https://www.youtube.com/watch?v=sYvGYHEryxw

30. PHYSICAL SECURITY
 Authorized personnel
 Offices
 Server room
 Network equipited facilities

31. CITATION
http://www.heritage.org/research/reports/2014/10/cyber-attacks-on-us-
companies-in-2014
http://list25.com/25-biggest-cyber-attacks-in-history/5/
http://data-backup-software-review.toptenreviews.com/online-vs-
software-the-pros-and-cons-of-your-data-backup-location.html
http://www.wimp.com/howencryption/
Business Data Communications & Networking 11th Edition Fitzgerald &
Dennis