6. VULNERABILITIES
Have 3 elements:
• a system susceptibility or flaw
• attacker access to the flaw
• and attacker capability to
exploit the flaw.
7. • A malicious attempt to
make a server or a
network resource
unavailable to users,
usually by temporarily
interrupting or
suspending the
services of a host
connected to the
Internet.
DENIAL OF SERVICE (DOS)
8. • An unauthorized person
gaining physical access
to your computer or
part of your computer,
then installing devices
to compromise security
DIRECT ACCESS
9. • Act of surreptitiously
listening to a private
conversation, typically
between hosts on a
network.
EAVESDROPPING
10. • A software tool
designed to take
advantage of a flaw in a
computer system.
EXPLOITS
11. • Act of exploiting a bug,
design flaw or
configuration oversight
in an operating system
or software application
to gain elevated access
to resources that are
normally protected
from an application or
user.
PRIVILEGE ESCALATION
12. • A situation where the
authenticity of a
signature is being
challenged.
REPUDIATION
13. • Is a method of
bypassing normal
authentication, securing
unauthorized remote
access to a computer,
obtaining access to
plaintext, etc., while
attempting to remain
undetected
• Can be default
passwords
BACKDOORS
15. • Malware program
containing malicious
code that, when
executed, carries out
actions determined by
the nature of the
Trojan, typically
causing loss or theft of
data, and possible
system harm.
TROJANS
16. • A situation in which
one person or program
successfully
masquerades as
another by falsifying
data and thereby
gaining an illegitimate
advantage.
SPOOFING
24. LARGEST CYBER ATTACKS IN
HISTORY
1. Logic Bomb, 1982- CIA blew up portion of Russian gas
pipeline
2. Titan Rain, 2004- China infiltrates computer networks (NASA,
Lockeed, SNL)
3. Moonlight Maze, 1988- Russian attacked US military systems
4. Epsilon, 2011- hackers infiltrate financial systems, estimated
cost upward to 4 Billion dollars
5. Estonian Cyberwar, 2007- Pro-Kremlin group penetrates
Estonian govt. facilities rendering them useless
(Source: List25.com)
27. WHERE IS THE SAFEST PLACE TO KEEP
EXTREMELY SENSITIVE DATA?
• O _ _ _ _ _ _
28. • Backup Software
• -> CD/DVD's,
External Hard
Drives, FTP's
• Online Backup Services
• -> Stored on offsite
data center
BACKUP DATA
+ Pros
Access
Advanced security
- Cons
Need internet access
Monthly fee
Security breach
+ Pros
1 time fee
- Cons
Physical damage
Hardware failure
Theft
29. 70% of attacks are
through the internet
Antivirus
Firewall
Patch
Other 30% is through
LANS & WLANS
Traffic filtering
User accounts
Data encryption
THREAT PREVENTION
https://www.youtube.com/watch?v=sYvGYHEryxw