Lecture 7-1 Computer and Network Security. Based on slides 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley

Similar documents
Chapter 6: Computer and Network Security

Chapter 7: Computer and Network Security

Overview. Common Internet Threats. Spear Phishing / Whaling. Phishing Sites. Virus: Pentagon Attack. Viruses & Worms

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

Spyware. Michael Glenn Technology Management 2004 Qwest Communications International Inc.

Information Security. Louis Morgan, CISSP Information Security Officer

BCS IT User Syllabus IT Security for Users Level 2. Version 1.0

Spam, Spyware, Malware and You! Don't give up just yet! Presented by: Mervin Istace Provincial Library Saskatchewan Learning

Lectures 9 Advanced Operating Systems Fundamental Security. Computer Systems Administration TE2003

The Hidden Dangers of Public WiFi

COB 302 Management Information System (Lesson 8)

Some Perspectives On Cybersecurity. Shernon Osepa Manager Regional Affairs Latin America & Caribbean

OCR LEVEL 3 CAMBRIDGE TECHNICAL

Software Engineering 4C03 Class Project. Computer Networks and Computer Security COMBATING HACKERS

INTERNET & COMPUTER SECURITY March 20, Scoville Library. ccayne@biblio.org

Protection for Mac and Linux computers: genuine need or nice to have?

Cybercrime in Canadian Criminal Law

Threats and Attacks. Modifications by Prof. Dong Xuan and Adam C. Champion. Principles of Information Security, 5th Edition 1

INFORMATION SECURITY FOR YOUR AGENCY

CSC Essay 5: Outline

Almost 400 million people 1 fall victim to cybercrime every year.

Network Security. Demo: Web browser

If you know the enemy and know yourself, you need not fear the result of a hundred battles.

Chapter 11 Manage Computing Securely, Safely and Ethically. Discovering Computers Your Interactive Guide to the Digital World

Don t Fall Victim to Cybercrime:

This guide will go through the common ways that a user can make their computer more secure.

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Data Security. So many businesses leave their data exposed, That doesn t mean you have to Computerbilities, Inc.

Armstrong State University Fall Staff Assembly. Chief Wayne Willcox, MSCJ, CLEE

Information Security. CS526 Topic 1

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Digital Citizenship Lesson

The Information Security Problem

Course Content: Session 1. Ethics & Hacking

BE SAFE ONLINE: Lesson Plan

How Your Current IT Security System Might Be Leaving You Exposed TAKEAWAYS CHALLENGES WHITE PAPER

Malware, Phishing, and Cybercrime Dangerous Threats Facing the SMB State of Cybercrime

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

CHAPTER 10: COMPUTER SECURITY AND RISKS

Computer Security Literacy

ITSC Training Courses Student IT Competence Programme SIIS1 Information Security

Ohio University Computer Services Center October, 2004 Spyware, Adware, and Virus Guide

9. Information Assurance and Security, Protecting Information Resources. Janeela Maraj. Tutorial 9 21/11/2014 INFO 1500

How are we keeping Hackers away from our UCD networks and computer systems?

When a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.

Spyware Linkages to Malware and its Affects A Multi-Layered Approach to Stopping Information Theft

EECS 588: Computer and Network Security. Introduction January 14, 2014

Achieving Truly Secure Cloud Communications. How to navigate evolving security threats

Cybercrimes NATIONAL CRIME PREVENTION COUNCIL

Introduction to Ethical Hacking and Network Defense. Objectives. Hackers

Module 5: Analytical Writing

Desktop and Laptop Security Policy

Internet threats: steps to security for your small business

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

Proactive Credential Monitoring as a Method of Fraud Prevention and Risk Mitigation. By Marc Ostryniec, vice president, CSID

Top tips for improved network security

Information Security Threat Trends

Introduction to Computer Security

Security A to Z the most important terms

Protecting Yourself from Identity Theft

TMCEC CYBER SECURITY TRAINING

Patrick Gray Principal Security Strategist DATA SECURITY CHALLENGES IN THE ALL TOO PUBLIC AND NOT SO PRIVATE SECTORS

Detailed Description about course module wise:

Cyber Security Awareness. Internet Safety Intro.

Learn to protect yourself from Identity Theft. First National Bank can help.

Retail/Consumer Client. Internet Banking Awareness and Education Program

HIPAA Training Part III. Health Insurance Portability and Accountability Act

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

PRIVATE WiFi TM Reviewer s Guide

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

SAFE ONLINE BANKING. Online Banking, Data Security You. Your Partnership for Safe Online Banking

1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.

Security aspects of e-tailing. Chapter 7

Section 12 MUST BE COMPLETED BY: 4/22

EECS 588: Computer and Network Security. Introduction

Certified Cyber Security Analyst VS-1160

Certified Cyber Security Analyst VS-1160

Legal & Ethical Considerations of Offensive Cyber-Operations?

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Online Security Awareness - UAE Exchange - Foreign Exchange Send Money UAE Exchange

1. Any requesting personal information, or asking you to verify an account, is usually a scam... even if it looks authentic.

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

EC-Council. Certified Ethical Hacker. Program Brochure

A Systems Engineering Approach to Developing Cyber Security Professionals

WHITE PAPER WHAT HAPPENED?

Innovations in Network Security

7 Cs of WEB design - Customer Interface

Corporate Account Takeover & Information Security Awareness

Internet Security Protecting Your Business. Hayden Johnston & Rik Perry WYSCOM

Chapter 12 Objectives. Chapter 12 Computers and Society: Security and Privacy

Technology in Action. Alan Evans Kendall Martin Mary Anne Poatsy. Eleventh Edition. Copyright 2015 Pearson Education, Inc.

Exploring the Landscape of Philippine Cybersecurity

The SMB Cyber Security Survival Guide

Chapter 15: Computer and Network Security

Website Privacy Policy Statement

National Cyber Security Month 2015: Daily Security Awareness Tips

Managed Security Services

FORBIDDEN - Ethical Hacking Workshop Duration

How Do People Use Security in the Home

Transcription:

Lecture 7-1 Computer and Network Security

Participation Quiz You are the conductor of a train. It is headed down on one track where you see 5 workers fixing the track. They cannot hear, see, or feel the train coming. You know for a fact that the train is going fast enough to kill them if a collision occurs. However, you notice there is an alternate track ahead that you can switch the train onto. It has 1 worker and again, she cannot hear, see, or feel the train coming. Do you make the switch to the alternate track? A: Make the switch, 5 live and 1 dies B: Do not make the switch, 5 die and 1 lives

Participation Quiz You are a doctor working at a hospital. You have 5 patients. They are in dire need of an organ; a different one for each patient. They need a new organ immediately or they will die. Thinking fast, you remember that there is a patient of yours next door who just came for a check-up. He is asleep. You know that if you do not take his organs for transplant your 5 patients will die. If you do take the organs, they will survive (and for the sake of argument, assume they will have a normal life after transplant). There are no other options. Do you take the organs? A: Take the organs, 5 live and 1 dies B: Leave the patient alone, 5 die and 1 lives

Hackers Hacker (original meaning): Explorer, risk-taker, technical virtuoso Values free exchange of information; mistrusts authority; values technical skill; holds an optimistic view of technology Hacker (ultimate meaning): Teenagers accessing corporate or government computers Stealing and/or destroying confidential information What hasn t changed: hackers public image

Phreaks Phone phreak: person who manipulates phone system Stealing or guessing long-distance telephone access codes Use a blue box to get free access to long-distance lines: 2600 Hz (anyone remember 2600 Magazine?) Parallels between hackers/phreaks & MP3 downloaders Establishment overvalues intellectual property Use of technology as a joy ride Breaking certain laws considered not that big a deal (Guess what the police, RIAA thinks about these arguments?) Have you ever hacked anything? Which, if any, forms of hacking do you consider ethical? Is it wrong to learn hacking or phreaking skills, if these skills are never put to use?

Open Wifi, Sidejacking and Firesheep Open wifi: unencrypted radio broadcast If the connection itself is not encrypted, anyone connected to the same access point can see all packets Often login is encrypted, rest of session is not Sidejacking: capturing cookie used to maintain a session If you re logged in to a site that uses such an open cookie, I get all of your access rights Firesheep free Firefox plugin, makes sidejacking easy for average users author s intention was to encourage websites to adopt better security practices What do you think of the ethics of his action?

Computer and Network Security Canadians should have the right to vote online in federal, provincial and municipal elections.

Online Voting Motivation: More people would vote Votes would be counted more quickly Cost less money Avoid disputed elections like Florida 2000 Eliminate ballot box tampering Software can prevent accidental over-, under-voting Risks: Gives unfair advantage to those with home computers More difficult to preserve voter privacy More opportunities for vote selling Obvious target for a DDoS attack Security of election depends on security of home computers Susceptible to phony vote servers No paper copies of ballots for auditing or recounts

Malware: Evil Code that can Run on Your Computer Viruses What is a virus? Have you ever (knowingly) gotten one? Worms What is a worm? How is it different from a virus? Is it wrong to distribute a virus or worm that doesn t harm anyone? Trojan Horses What is a Trojan horse? How is it different from the first two? Do the victims of a virus/worm/trojan horse share responsibility for being attacked if their system is not up to date?

Malware II: More Evil Code Spyware/Adware What is spyware? What is adware? Is it ever moral to install spyware/adware on a user s computer without their consent? Drive-by Downloads What is a drive-by download? What do you think the best defenses are against them? General-purpose Defensive Measures security patches anti-malware tools firewalls Anything else?

Attacks: how mean computers hurt nice computers How: Phishing Have you been targeted? Has an attack been successful? [Distributed] Denial of Service Why: Cybercrime: professionalization of malware renting botnets (DDoS; spam) stealing credit card numbers, passwords Cyberwarfare: states as actors or targets North Korea vs USA gov, corporate sites (2009) Russia vs Georgia during and after South Ossetia war (2008) Stuxnet (2009-) A variety of government, activist sites during Arab Spring (2011) Anonymous

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information