Chapter 5function but that contains a hidden function that presents a security risk. Attaches itself to a seemingly legitimate program or file. Hoaxes : A computer virus hoax is a

Chapter 5

Risks of

Insecure Systems

9 /15 /2013 HANIMAZIS PE301

5.1 RISK AND THREAT

A threat is defined as:

Anyone or anything, internal or external, foreign or domestic, state-sponsored or acting independently, with the capability, technology, opportunity, and intent to do harm.


WHAT IS RISK ?

Risk is the possibility of :

Destruction

Use of Data or

Program

Generation of

Unwanted

Data

Loss of

Confidential

Data

That may harm :

Physical

Hardware

Mental Financial


https://www.google.com/imgres?imgurl&imgrefurl=http://careergirlnetwork.com/youre-already-losing-money-with-these-habits-end-them-today/&h=0&w=0&sz=1&tbnid=9gUaox0Q5vUWQM&tbnh=182&tbnw=277&zoom=1&docid=Y4qWp87AB2o9hM&ei=wlcxUuTVCY3OrQeEtIG4Bw&ved=0CAgQsCU

5.1.1 RISK ASSOCIATED WITH

INTERNET TRANSACTION

Open Systems

and

Personalization

Privacy

and

Security

THE PARADOX


A TYPICAL E-COMMERCE TRANSACTION


VULNERABLE POINTS IN AN E-COMMERCE

TRANSACTION


INTRANETS, EXTRANETS, AND THE INTERNET

ISP

ISP

Company A’s

Intranet

Company C’s

Intranet

Company B’s

Intranet

Campus

Intranet

Government

Agency Intranet

Individual

Network

Subscribers

INTERNET INTERNET

Extranet

Individual

Network

Subscribers


INTERNET RISK

Sniffers

Downloading of Data

Financial Fraud

E-mail Spoofing


INTERNET TRANSACTION


• A sniffer is a eavesdropping

program which captures and

analyses packets of data as it

passes across a network.

• The other use of sniffers is by

connecting to the Internet

then capturing data; such data

can include user names and

passwords.

• Crackers who deploy sniffers

usually target sniffers at a

strategic position e.g. at the

gateway between the target

system and another network;

through this gateway will pass all

the login names and passwords.

Sniffers


• Unauthorized access and copying of data.

• Can be reduced through user access control tables.

Downloading of Data

Financial Fraud E-mail Spoofing

• Situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage - Posing as another valid Intranet user. • creation of messages with a forged sender address emails, trying to mislead the recipient about the origin of the message


Threats from current & former employees

Unauthorized accesses

Internal control systems are easy on top managers

Negligent hiring is cause of most risk : do background checks and credit checks

Social Engineering

Posing as a valid Intranet IT staff person

Uses some con to trick users into revealing information or performing an action that compromises a computer or network


INTRANET TRANSACTION


Extranets are group networks that connect

business partners with the following traits:

Higher levels of data sharing

Cross corporate boundaries

Meshing different corporate cultures and

systems of controls.

Extranet’s weakest link: employees with

access and unencrypted data stored on Web

servers Source: Whatis.com


EXTRANET TRANSACTION


Extranet Business

Transaction Risk

Data interception

Untimely delivery of messages

Lack of proof of delivery

Lack of message origin

authentication

Lack of verification of

message integrity

Unauthorized viewing of messages

5.1.3 RISK

ASSOCIATED

WITH

EXTRANET

TRANSACTION/

BUSINESS

TRANSACTION

BETWEEN

TRADING

PARTNERS


Hacking

• Hackers and crackers

• Types of hackers:

White, black, grey

hats.

Data breach

• When organizations lose control over corporate information to outsiders

Phishing

• Deceptive online attempt to obtain confidential information

• E-mail scams

• Spoofing legitimate Web sites

• Use of information to commit fraudulent acts (access checking accounts), steal identity

Credit card fraud/theft

• Hackers target merchant servers;;

• Use data to establish credit under false identity

5.1.3 RISK ASSOCIATED WITH CONFIDENTIAL

MAINTAINED ARCHIVAL MASTER

FILE & REFERENCE DATA


OTHER RISKS ASSOCIATED WITH

ARCHIVAL MASTER AND REFERENCE FILE

DATA

oWeaknesses in firewall

architecture or functionality

oDestruction of data

oAlteration of data

oUnauthorized use of data

oAlteration of applications


Malicious

code

Viruses

Worms

Trojan horses

Adware

Spyware

Browser

parasites

5.1.3 VIRUS AND MACIOUS CODE

OVERFLOW

Unwanted

Program


• A Virus is a malicious programming . • A piece of software code that inserts itself

into a host, including the operating systems, in order to propagate;

• It requires its host program be run to activate and replicates itself

• An unauthorized parasite on program or macro code

• Performs unrequested and oftentimes destructive acts

WHAT IS A VIRUS?

Viruses can infect: : • Boot sectors • Executable files • Macro templates or macros • Viruses can act at once, act at a later time, or

act over a period of time.


Worm : A software program that runs independently, consuming the resources of its host in order to maintain itself, that is capable of propagating a complete working version of itself onto another machine

Macro virus (macro worm) : A virus or worm that executes when the application object that contains the macro is opened or a particular procedure is executed

Trojan horse : A program that appears to have a useful function but that contains a hidden function that presents a security risk. Attaches itself to a seemingly legitimate program or file.

Hoaxes : A computer virus hoax is a message warning

the recipient of a non-existent computer virus threat. The

message is usually a chain e-mail that tells the recipient to

forward it to everyone they know.


Cybervandalism:

• Intentionally disrupting, defacing, destroying Web site

Denial of service (DoS) attack

• Flooding site with useless traffic to overwhelm network.

• An attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources

Buffer overflows

• Exploit holes in the resource handling section of operating systems, e.g., by writing too many characters into a word buffer array

• Can crash your system

5.1.3 VIRUS AND MACIOUS CODE

OVERFLOW – UNWANTED PROGRAM


Documents

Chapter 5function but that contains a hidden function that presents a security risk. Attaches itself to a seemingly legitimate program or file. Hoaxes : A computer virus hoax is a