5 Computer and Network Security

8/16/2019 5 Computer and Network Security

1/22

& ITProfessional

PracticesComputer and

Network Securit

Colle!e of Information Technolo! " #NITEN


2/22

….getting more and moreimportant…•

Computers getting faster and less expensive• Utility of networked computers increasing

• Shopping and banking• Social Media• Booking and reservations ( ight movies !"• Managing personal information• Controlling industrial processes

• #ncreasing use of computers → growing importance ocomputer security



3/22

Specifc threats•

$acking• Malware• Cyber crime and cyber attacks• %nline voting



4/22

The original hackers (the goodguys)$IT%s Tech $odel ailroad Clu' in1()*s

• %riginal meaning of hacker& explorer risk taker systeminnovator

• 'he history of model railroading parallels that of M#'although the rst student group the 'ech Model)ailroad Club ('M)C" was not established until *+,-.

'M)C moved into the famous old )adiation /abstructure Building 01 a year later and beganconstructing its rst layout. )ealism mattered and clubmembers became fanatical in the design fabricationand operation of their 2uarter3scale world. 4lectrical4ngineering 5rofessor Carlton 'ucker was the facultyadvisor who helped supply the club with sophisticatedelectronics. +urin! peak mem'ership ears in the1()*s and 1(,*s" man T$ C mem'ers 'ecameinterested in computers- 'hanks to 'ucker and6igital 42uipment Corporation (64C" club membersbegan experimenting with such pioneering computersas the '731 5653* and 5653**. 'he group membersbecame legends and were featured in Steven /evy8spaean Hackers—Heroes of the Computer Revolution .

'oday the 'M)C is considered by some to be the'irthplace of hacker culture . 'he trains can still beColle!e of Information Technolo! " #NITEN

Source: http://

museum.mit.edu/150/6

http://museum.mit.edu/150/63http://museum.mit.edu/150/63http://museum.mit.edu/150/63http://museum.mit.edu/150/63


5/22

Evolution o the hackers (good turned political)

• $acking has a long (starting with ')MC" and variably honored history• %ne of the key elements of these hackers9 work was that the computers

and software they hacked was open for modi cation improvement andextension.• :hen you bought your computer it came with the source code to any programs

bundled with it in the full expectation that the owner would want to take it apart.• By *+;1 the trend started to change.

• and manufacturers began restricting copying redistribution and modi cation ofthe software they provided.

• it rapidlybecame known for both exposing security aws and for advocatingfreedom of information.


!end" #. $rossman% Modern 'hackers' are not orthy o the name!http"## .theguardian.com#commentis ree#$%&%#dec#&%#modern hackers hac


6/22

The modern hackers (..and theyecame evil)

•

By the early *++1s


7/22

The hackers today • hacker is someone who seeks and exploits

weaknesses in a computer system or computernetwork.• $ackers may be motivated by a multitude of

reasons such as pro t protest challenge oren?oyment.

• 'here are hackers who are politically3edged&• :ikileakers (freedom3of3information activist. 'hey like to

think of themselves as ?ournalist"• $acktivist (they claim that they are protesting actions

they believe to be unfair even morally bankrupt in a waythat attracts public notice"



8/22

The hackings


.'tainin! /o!inNames andPasswords0• 4avesdropping• 6umpster

diving• Social

engineering

ide ariet ofcriminal

hacker3relatedacti ities0• 'ransmitting code that

damages a computer• ccessing any #nternet3

connected computerwithout authoriAation

•

'ransmitting classi edgovernmentinformation

• 'ra@cking in computerpasswords

• Computer fraud• Computer extortion

Side ack• hi?ack

:eb sescapturicookie

• Side?aon unewirelesbecaus

send cothe cle

• #nternecommucomplaside?acvulnera

yearsecomm


9/22

Mal are


orm0• Self3contained program• Spreads through a computer

network• 4xploits security holes in

networked computers

irus"• 5iece of self3replicating code

embedded within anotherprogram (host"

• Eiruses associated withprogram les

• $ard disks oppy disksC63)%MS

• 4mail attachments• $ow viruses spread

•

6iskettes or C6s• 4mail• Files downloaded from

#nternet

*ntivirus"• llow computer users to detect and destroy viruses• Must be kept up3to3date to be most eGective• Many people do not keep their antivirus software

packages up3to3date• Consumers need to 'eware of fake anti irus

applications

$orris worm 51(667o'ert Tappan $orris" 8r-

Hraduate student at Corn)eleased worm onto #ntercomputer

• 4Gect of wormSpread to signi cant numcomputers#nfected computers kept became unresponsive

'ook a day for xes to be • #mpact on Morris

Suspended from CornellI years8 probation J ,11 hcommunity serviceK*L1 111 in legal fees a

• 'oday )obert 'appan Morrismerican computer scienti

entrepreneur


10/22

Mal are


+ootkit" set of programs that provides

privileged access to a computerctivated every time computer is

bootedUses security privileges to maskits presence

Tro,an horse"5rogram with benigncapability that masksa sinister purposeBackdoor 'ro?an&

'ro?an horse thatgives attack access tovictim8s computer-ot"

kind of backdoor 'ro?an that responds tocommands sent by a command3and3controlprogram on another computer• First bots supported legitimate activities

#nternet )elay Chat

Multiplayer #nternet games• %ther bots support illegal activities6istributing spamCollecting person information for #6theft6enial3of3service attacks

Botnet& Collection of bot3infectedcomputers controlled by the same

command3and3control programBot herder& Someone who controls a botnet

Spy are &5rogram that commover an #nternet cowithout user8s knowconsent

Monitor :eb su/og keystrokes

'ake snapshots screenSend reports bcomputer

*d are & 'ype of spyware thatpop3up advertisemto user8s activityBackdoor 'ro?ans ofdeliver spyware and


11/22

y er rime and y er *ttacks


/hishing"/arge3scale eGort to gain sensitive information from gullible computer users

t least -N 111 phishing attacks globally in second half of 01*1Oew development& phishing attacks on Chinese e3commerce sites

Spear phishing"Eariant of phishing in which email addresses chosen selectively to target particulargroup of recipientsS01 2n,ections"

Method of attacking a database3driven :eb application with improper securityttack inserts (in?ects" SP/ 2uery into text string from client to applicationpplication returns sensitive information

nial o service attack"entional action designed to prevent legitimate users from making use of a computer service

of a 6oS attack is not to steal information but to disrupt a server8s ability to respond to its clientstri uted denial o service attack"

S attack launched from many computers such as a botnet


12/22

y er rime

Criminal organiAations making signi cant amounts ofmoney form malware• Qeanson Qames ncheta• 5harmamaster• lbert HonAaleA• valanche Hang



13/22


4eanson 4ames *nchetancheta was going to 6owney $igh School in California until 011* when he

dropped out of school. $e later entered an alternative program for studentswith academic or behavioral problems. $e worked at an #nternet cafe andaccording to his family wanted to ?oin the military reserves. round Qun011, he started to work with botnets after discovering rxbot a commoncomputer worm that could spread his net of infected computers.

ackers have for some time utiliAed Botnets for various purposes but ncheta set himself above the crowdy actively advertising his network of bots on #nternet chat channels. :eb site ncheta ran included ange of prices he charged people who wanted to rent out the machines along with guidelines on how ma

ots were re2uired to bring down a particular type of :eb site.


14/22


Ruvayev is a )ussian mericanspammer Tbelieved to be the ringleader ofone of the world9s biggest spam gangs.

nti3spam group Spamhaus.org currentlyfeatures Ruvayev as 0 on its 'op *1worst spammers list. #n 011L theattorney general of Massachusettssuccessfully sued Ruvayev for violations

of the C O3S5 M ct 3 he and sixbusiness partners were ned KIN million

#t was found that they were responsiblefor millions of unsolicited e3mails per day.

ccording to Spamhaus he could be the


15/22

Ethical Evaluation

• Rantian evaluation

• Social contract theory evaluation

• Utilitarian evaluation

• Bene ts& V•

$arms& V• Conclusion& V


•

:hat do you say on themorality of theseindividual8s actionsV

• o'ert Tappan $orris" 8r-• 8eanson 8ames 9ncheta•

/eonid 9leksandro itch:u a e


16/22

y er attacks

Politicall moti ated

• 4stonia (011N"

• Heorgia (011;"

• Heorgia (011+"

• 4xiled 'ibetan Hovernment (011+"• United States and South Rorea (011+"

• Stuxnet :orm (011+"

9ttacks on social networkin!

• Massive 66oS attack made 'witter service unavailableseveral hours on u

• 'hree other sites attacked at same time& Fac/iveQou

• ll sites used by a political blogger from the )epu

• ttacks occurred on rst anniversary of war between Heoand )ussia over S



17/22

y erattacks on Estonia • series of cyber attacks began on 0N pril 011N and swamped websites of 4stonian

organiAations including 4stonian parliament banks ministries newspapers andbroadcasters following the 4stonia8s disagreement with )ussia about the relocation ofthe BronAe Soldier of 'allinn ('he BronAe Soldier of 'allinn is an elaborate Soviet3eragrave marker as well as war graves in 'allinn".

• Most of the attacks that had any in uence on the general public were 66oS typeattacks ranging from single individuals using various methods like ping oods toexpensive rentals of botnets usually used for spam distribution. Spamming of biggernews portals commentaries and defacements including that of the 4stonian )eform

5arty website also occurred.• Some observers reckoned that the onslaught on 4stonia was of a sophistication not

seen before. 'he case is studied intensively by many countries and military planners asat the time it occurred it may have been the second3largest instance of state3sponsoredcyberwarfare.

#an 'raynor 'he Huardian *N May 011N& )ussia accused of unleashing cyberwar to disable 4stonia



18/22

5nited States and South 6orea ($%%7) 8 th o 4uly attack

• 66oS attack on governmental agencies and commercial :eb sites inUnited States and South Rorea.

• ttack may have been launched by Oorth Rorea in retaliation for UnitedOations sanctions

• !hile most &mericans 'ere 'atchin( )re'orks on *ul" +% hackers launched'hat 'ould turn in to a multi,da" denial,of,service attack a(ainst -.S.'e sites. he &ssociated ress reported that the c" er attack knocked out the'e sites of several (overnment a(encies includin( the -.S. reasur"% SecretService% ransportation epartment and the 2ederal rade Commission. 3naddition% the attackers tar(eted the 'e sites of the !hite House and the

enta(on ut neither 'as severel" disrupted. he attack later e4panded to anum er of other 'e sites includin( the e' ork Stock 74chan(e% &S &8and the !ashin(ton ost. South 9orean 'e sites 'ere also added to the list'ith man" of the tar(ets e4periencin( outa(es durin( the same time period.South 9orean intelli(ence o cials elieve that orth 9orea initiated theattacks and toda" -.S. o cials con)rmed that the 3 addresses of man" of theattacks ori(inated from orth 9orea. ; cials have cautioned% ho'ever% thatthere is no evidence that the /yongyang government as involved


http://'''.innovation)les.or(/thou(hts,on,+th,of,?au ([email protected]


19/22

Supervisory ontrol and 3ata *c9uisition (S *3*) Systems

• #ndustrial processes re2uire constant monitoring• Computers allow automation and centraliAation of

monitoring• 'oday SC 6 systems are open systems based on #nternet

5rotocol• /ess expensive than proprietary systems• 4asier to maintain than proprietary systems• llow remote diagnostics

• 9llowin! remote dia!nostics creates securit risk • 'OB has a large SC 6 installation



20/22

S *3* Systems arry Security+isks



21/22

1et:s ponder…$as the arrival of the internet done more harm

than goodV



22/22

;ould you mind i 2 hurtyou<5nderstand that 2 needto;ish that 2 had otherchoicesThan to harm the one 2love

;hat have you doneno <2 kno 2'd etter stoptrying=ou kno that there's nodenying2 on't sho merc on


Documents

5 Computer and Network Security