Module 6: Network Security

Finals Topic

Cybercrime (Computer crime)

• Any illegal act involving a computer like theft of financial assets, manipulating data for personal advantage, etc.

• All computer users should be aware of security concerns and precautions that can be taken

Unauthorized Access

• Gaining access to a computer, network, file, or other resource without permission

• Can be committed by insiders and outsiders

Unauthorized Use

• Using a computer resource for unapproved activities

• Can be committed by insiders and outsiders

Codes of Conduct

• Used to specify rules for behavior, typically by business or school

Hacking

• Using a computer to break into another computer system

• A serious threat for individuals, businesses, and the country (national security)

• Often performed via wireless networks today

• Many wireless networks are left unsecured

War Driving

• Driving around an area to find a WIFI network to access and use without authorization

WIFI piggybacking

• Accessing an unsecured WIFI network from your current location without authorization

Interception of Communications

• Messages, files, logon information etc. can be snooped in unsecured connections

Access Control Systems

• These are systems used to control access to facilities, computer networks, databases, and website accounts

Identification Systems

(Access Control Systems)

• Verify that the person trying to access the facility or system is an authorized user

Authentication Systems

(Access Control Systems)

• Determines if the person is who he or she claims to be

Possessed Knowledge Systems

(Access Control Systems)

• These systems use info that only an individual should know

• Ex: passwords, tokens, etc.

• Can be forgotten and used by someone else

Cognitive Authentication Systems

(Access Control Systems)

• Use information the individual knows

• Ex: birthplace, pet names, etc.

Two-factor authentication

(Possessed Knowledge Systems)

• Use two different factors for increased security

• Something you know (knowledge), something you have (object), something you are (biometric)

Possessed Object System

(Access Control Systems)

• Use a physical object an individual has to identify them

• Ex: Smart cards, RFIDs, USB security keys, etc.

• Can be lost or used by an unauthorized individual

Biometric Access Systems

(Access Control Systems)

• Identify users by a particular unique biological characteristic

• Ex: Fingerprint, hand, face, voice, iris, etc.

True

WIFI is less secure than wired networks

True

Enable encryption on your wireless network. WPA is more secure than WEP

True

You should not broadcast your default SSID

Firewall

• A collection of hardware and/or software intended to protect a computer or computer network from unauthorized access

• This blocks access to the computer from hackers, blocks access to the internet from programs unless authorized by the user

• Important for home computer that have a direct internet connection, as well as for business.

Encryption

• A method of scrambling contents of email or files to make them unreadable if intercepted

Private key encryption

(Encryption)

• This type of encryption uses a single key

• Most often used to encrypt files on a computer

• If used to send files to others, the recipient needs to be told the key

Public Key Encryption

(Encryption)

• This type of encryption uses 2 keys:

• Public Key can be given to anyone; used to encrypt messages to be sent to that person

• Private Key can be only be known by the individual, used to decrypt messages that are encrypted with the individual’s public key

• Key pairs can be obtained through a Certificate Authority

Secure Web Page Encryption

(Encryption)

• Uses encryption (SSL, EV SSL, etc.) to protect information transmitted via their webpages

• Signified by the lock icon on the status bar beside https:// in the url

• Only transmit sensitive data only through these secure websites

Virtual Private Network (VPN)

• This is a private secure path over the internet

• Allows authorized users to securely access a private network via the Internet

• Much less expensive than a private secure network since uses the Internet

• Can provide a secure environment over a large geographical area

• Typically used by businesses to remotely access corporate networks via the Internet

• Personal VPNs can be used by individuals to surf safely at a wireless hotspot

Public Hotspot Risks

Take precautions when using a public hotspot

• Use security software, only view secure webpages, use VPN and file encryption

• Turn off filesharing

• Disable WIFI and Bluetooth if not needed

• Use firewall to block incoming connections

• Turn off automatic and adhoc conenctions

Sensible Employee Precaution

These are precautions for employees

• Screen potential new hires carefully

• Watch for disgruntled employees and ex-employees

• Develop policies and controls

• Use data-leakage prevention and enterprise rights-management software

• Ask business partners to review their security to avoid attacks coming from someone located at that organization

Computer Sabotage

• Acts of malicious destruction to a computer or computer resource

Botnet

• A group of bots (computers that are compromised and controlled by a cybercriminal) used to send spam, launch internet attacks and malware, etc.

Malware

• Any type of malicious software

• Ex: Trojans, ransomware, cryptojackers, keyloggers, spyware, etc.

Computer Virus

(Types of Malware)

• A software program installed without the user’s knowledge and designed to alter the way a computer operates or to cause harm to the computer system

• Often embedded in downloaded programs (from dubious sources) and email messages

Computer Worm

(Types of Malware)

• Malicious program designed to spread rapidly by sending copies of itself to other computers

• Typically sent via email

Trojan Horse

(Types of Malware)

• A malicious program that masquerades as something else

• Usually appears as a legitimate program or game

• Cannot replicate themselves; must be downloaded an installed

• A common type of trojans are antivirus programs that pretend to be antiviruses but are malicious

Denial of Service Attack (DoS)

• Act of sabotage that attempts to flood a network server or webserver with so much activity that it is unable to function

• Uses multiple bots or computers

Data or Program Alteration

• When a person breachers a computer system in order to delete or change data

• Students changing grades

• Employees performing vengeful acts, such as deleting or changing corporate data

Website Alteration

• Changing content of a website

• Websites can be defaced to make political statements

• Hacking info and changing social networking account contents (FB, Twitter, etc.)

• Altering legitimate sites to perform malware attacks

Antivirus Software

• Used to detect and eliminate computer viruses and other types of malware

• Should be set up to run continuously to check incoming e-mail messages, instant messages, Web page content, and downloaded files

• Quarantines any suspicious content as it arrives

• Regular system scans should be performed

• New malware is introduced at all times, best to  automatically download new virus definitions on a regular basis

Identity Theft

• Using someone else’s identity to purchase goods or services, obtain new credit cards or bank loans, or illegally masquerade as that individual

• Information obtained via documents, phishing schemes, stolen information, etc.

• Expensive and time consuming to recover from

Phishing

• Use of spoofed e-mail messages to gain credit card numbers and other personal data

• Typically contains a link to a spoofed Web site

• After victim clicks a link in the message and supplies sensitive data, that data is sent to the thief

• Phishing e-mails and Web sites often look legitimate

Spear Phishing

• A personalized phishing scheme targeted to specific individuals

• Often include personalized information to seem more legitimate

• May impersonate someone in your organization, such as from human resources or the IT dept.

Pharming

• The use of spoofed domain names to obtain personal information

• DNS servers are hacked to route requests for legitimate Web pages to spoofed Web pages (DNS poisoning)

• Often take place via company DNS servers

Drive-By Pharming

• Hacker changes the DNS server used by a victim’s router to use the hacker’s DNS server

Online Auction Fraud

• When an item purchased through an online auction is never delivered, or the item is not as specified by the seller

Internet Offer Scams

• A wide range of scams offered through Web sites or unsolicited e-mails

• Loan or pyramid scams, work-at-home cons, nigerian letter fraud scheme, soliciting of donations after disasters, fake job postings

Digital Certificate

• A group of electronic data that can be used to verify the identity of a person or organization

• Obtained from a Certificate Authority

• Typically contains identity information about the person or organization, an expiration date, and a pair of keys to be used with encryption and digital signatures

• Are also used with secure Web sites to guarantee that the site is secure and actually belongs to the stated individual or organization

Digital Signature

• A unique digital code that can be attacked to an email message or document

• Can be used to verify the identity of the sender

• Can be used to guarantee the message or file has not been changed

• Uses public key encryption

Cyberbullying

• Children or teenagers bullying other children or teenagers via the Internet

• Common today, estimate 50% of all US teenagers

Cyberstalking

• Repeated threats or harassing behavior between adults carried out via e-mail or another Internet communication method