Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Chapter 5
Risks of
Insecure Systems
9 /15 /2013 HANIMAZIS PE301
5.1 RISK AND THREAT
A threat is defined as:
Anyone or anything, internal or external, foreign or domestic, state-sponsored or acting independently, with the capability, technology, opportunity, and intent to do harm.
9 /15 /2013 HANIMAZIS PE301
WHAT IS RISK ?
Risk is the possibility of :
Destruction
Use of Data or
Program
Generation of
Unwanted
Data
Loss of
Confidential
Data
That may harm :
Physical
Hardware
Mental Financial
9 /15 /2013 HANIMAZIS PE301
5.1.1 RISK ASSOCIATED WITH
INTERNET TRANSACTION
Open Systems
and
Personalization
Privacy
and
Security
THE PARADOX
9 /15 /2013 HANIMAZIS PE301
A TYPICAL E-COMMERCE TRANSACTION
9 /15 /2013 HANIMAZIS PE301
VULNERABLE POINTS IN AN E-COMMERCE
TRANSACTION
9 /15 /2013 HANIMAZIS PE301
INTRANETS, EXTRANETS, AND THE INTERNET
ISP
ISP
Company A’s
Intranet
Company C’s
Intranet
Company B’s
Intranet
Campus
Intranet
Government
Agency Intranet
Individual
Network
Subscribers
INTERNET INTERNET
Extranet
Individual
Network
Subscribers
9 /15 /2013 HANIMAZIS PE301
INTERNET RISK
Sniffers
Downloading of Data
Financial Fraud
E-mail Spoofing
5.1.1 RISK ASSOCIATED WITH
INTERNET TRANSACTION
9 /15 /2013 HANIMAZIS PE301
• A sniffer is a eavesdropping
program which captures and
analyses packets of data as it
passes across a network.
• The other use of sniffers is by
connecting to the Internet
then capturing data; such data
can include user names and
passwords.
• Crackers who deploy sniffers
usually target sniffers at a
strategic position e.g. at the
gateway between the target
system and another network;
through this gateway will pass all
the login names and passwords.
Sniffers
9 /15 /2013 HANIMAZIS PE301
• Unauthorized access and copying of data.
• Can be reduced through user access control tables.
Downloading of Data
Financial Fraud E-mail Spoofing
• Situation in which one person or program successfully masquerades as another by falsifying data and thereby gaining an illegitimate advantage - Posing as another valid Intranet user. • creation of messages with a forged sender address emails, trying to mislead the recipient about the origin of the message
9 /15 /2013 HANIMAZIS PE301
Threats from current & former employees
Unauthorized accesses
Internal control systems are easy on top managers
Negligent hiring is cause of most risk : do background checks and credit checks
Social Engineering
Posing as a valid Intranet IT staff person
Uses some con to trick users into revealing information or performing an action that compromises a computer or network
5.1.2 RISK ASSOCIATED WITH
INTRANET TRANSACTION
9 /15 /2013 HANIMAZIS PE301
Extranets are group networks that connect
business partners with the following traits:
Higher levels of data sharing
Cross corporate boundaries
Meshing different corporate cultures and
systems of controls.
Extranet’s weakest link: employees with
access and unencrypted data stored on Web
servers Source: Whatis.com
5.1.3 RISK ASSOCIATED WITH
EXTRANET TRANSACTION
9 /15 /2013 HANIMAZIS PE301
Extranet Business
Transaction Risk
Data interception
Untimely delivery of messages
Lack of proof of delivery
Lack of message origin
authentication
Lack of verification of
message integrity
Unauthorized viewing of messages
5.1.3 RISK
ASSOCIATED
WITH
EXTRANET
TRANSACTION/
BUSINESS
TRANSACTION
BETWEEN
TRADING
PARTNERS
9 /15 /2013 HANIMAZIS PE301
Hacking
• Hackers and crackers
• Types of hackers:
White, black, grey
hats.
Data breach
• When organizations lose control over corporate information to outsiders
Phishing
• Deceptive online attempt to obtain confidential information
• E-mail scams
• Spoofing legitimate Web sites
• Use of information to commit fraudulent acts (access checking accounts), steal identity
Credit card fraud/theft
• Hackers target merchant servers;;
• Use data to establish credit under false identity
5.1.3 RISK ASSOCIATED WITH CONFIDENTIAL
MAINTAINED ARCHIVAL MASTER
FILE & REFERENCE DATA
9 /15 /2013 HANIMAZIS PE301
OTHER RISKS ASSOCIATED WITH
ARCHIVAL MASTER AND REFERENCE FILE
DATA
oWeaknesses in firewall
architecture or functionality
oDestruction of data
oAlteration of data
oUnauthorized use of data
oAlteration of applications
9 /15 /2013 HANIMAZIS PE301
Malicious
code
Viruses
Worms
Trojan horses
Adware
Spyware
Browser
parasites
5.1.3 VIRUS AND MACIOUS CODE
OVERFLOW
Unwanted
Program
9 /15 /2013 HANIMAZIS PE301
• A Virus is a malicious programming . • A piece of software code that inserts itself
into a host, including the operating systems, in order to propagate;
• It requires its host program be run to activate and replicates itself
• An unauthorized parasite on program or macro code
• Performs unrequested and oftentimes destructive acts
WHAT IS A VIRUS?
Viruses can infect: : • Boot sectors • Executable files • Macro templates or macros • Viruses can act at once, act at a later time, or
act over a period of time.
9 /15 /2013 HANIMAZIS PE301
Worm : A software program that runs independently, consuming the resources of its host in order to maintain itself, that is capable of propagating a complete working version of itself onto another machine
Macro virus (macro worm) : A virus or worm that executes when the application object that contains the macro is opened or a particular procedure is executed
Trojan horse : A program that appears to have a useful function but that contains a hidden function that presents a security risk. Attaches itself to a seemingly legitimate program or file.
Hoaxes : A computer virus hoax is a message warning
the recipient of a non-existent computer virus threat. The
message is usually a chain e-mail that tells the recipient to
forward it to everyone they know.
9 /15 /2013 HANIMAZIS PE301
Cybervandalism:
• Intentionally disrupting, defacing, destroying Web site
Denial of service (DoS) attack
• Flooding site with useless traffic to overwhelm network.
• An attacker uses specialized software to send a flood of data packets to the target computer with the aim of overloading its resources
Buffer overflows
• Exploit holes in the resource handling section of operating systems, e.g., by writing too many characters into a word buffer array
• Can crash your system
5.1.3 VIRUS AND MACIOUS CODE
OVERFLOW – UNWANTED PROGRAM
9 /15 /2013 HANIMAZIS PE301