Beruflich Dokumente
Kultur Dokumente
Vulnerabilities
Chapter 3
Objective
• Overview of Security threats
• Weak / Strong Passwords and Password
Cracking
• Insecure Network connections
• Malicious Code
• Programming Bugs
• Cyber crime and Cyber terrorism
• Information Warfare and Surveillance
Beware! India faces cyber threats
• India becoming the second-biggest victim of cyber-
attacks after the United States.
• Why India?
– Given the exponential growth of our IT networks and our
increasing reliance on these networks
– China and Pakistan hit Indian cyberspace, since it is
relatively cheaper and easier way to attack Indian
interests.
– Lack of law enforcement
– It needs considerable amount of time and resources to
detect, and counter these attacks.
• http://www.claws.in/index.php?action=master&task=7
18&u_id=42
Why YOU should study?
• Somewhere you (identity) or your device may
get used for Wrong doing, spreading malicious
code if not used carefully.
Overview of Security
Computer Security
• Now the world is all about Mobiles, laptops, internet.
• Using Internet
– Either we perform transactions
– Access network resources, data
• Sensitive data
• Business data
• Intellectual property
What all we need to protect?
• Our asset
– People:
• Employees or Customers
• Secure their personal data
– Property
• Computers, infrastructure
– Information
• Data, software product, critical company records
• Our ability to use our computers (denial of
service attacks)
• Our reputation with the general public
What are we securing?
Whom to protect from?
• Major sources of danger can be caused by
Humans
– By running malicious code
– Carrying infected media (laptops) in from off site
• Purpose
– Damage the data
– To disrupt the operation
– Unavailability of service
– Defame someone
Security Threats
Security terms - Vulnerability
• Refers to the security flaws in a system which can be
exploited to allow an attack
• These flaws can treated as gaps/ weakness in the
security program which can provide exposure to
attack.
• This weakness can be found in hardware, software or
process that exposes a system to compromise
• E.g. FB data
• Threat : misuse of uploaded photos
• Threat source: Enemy with motivation to defame
some one
• Vulnerability: availability of data online
Types of Threat
Unauthorized Access - Enter at
your own risk
• Accessing information or systems, without
permission or rights to do so.
• http://smallbusiness.chron.com/mean-
internet-access-unsecure-69147.html
Unsecure Wi - fi
• Case1: Leaving your home wireless network
unsecured
– Your neighbor will download contents
– They can also download illegal contents like
music, movies or child pornography, anything.
– They can also access your personal data like your
tax documents, financial records, online banking
information, credit card numbers, emails,
usernames and passwords,
Unsecure Wi - fi
• Case2: Using Public Unsecured Networks or
Hotspots e.f. wi-fi in coffee shop, MG Road
– Everyone know they are available for public use,
even criminal too
– Criminals will watch the online traffic looking for
valuable information such as credit card numbers,
usernames and passwords, or online banking
information
Unsecure Web contents
Malicious Code /
Software
Malicious code /Software
• Known as Malware i.e. malicious software
• Designed to break into the systems or
information for criminal, commercial or
destructive purposes.
• Internet Worms
– Nasty ones, will try to get network down
– Scan available network resources or internet for
vulnerable machines
– If found, try to connect and gain full access
– Send data packets or requests to install the worm or
worm downloader
How to stay safe from computer
worms?
• Because worms spread by exploiting
vulnerabilities in operating systems, apply
regular OS security updates.
• Install Anti-spyware, Firewall or Anti Virus
software.
• Keep virus information up-to-date .
• Be cautious while opening unexpected mail,
attachment, visiting web sites.
Trojan
Malicious Code
Trojan Horse
What is a Trojan?
• malicious, security-breaking program that is
disguised as something benign (genuine)
• Perform actions that have not been
authorized by the user.
• Trojans are not able to self-replicate.
Trojan
• It can come to your machine in form like
movie or music file
• Trojan will get activated on clicking the file
• Damage it can do
– Erases your disk,
– sends your credit card numbers and passwords to
a stranger
– Allows stranger hijack your computer to commit
illegal denial of service attacks
Trojan Types - Backdoor
• This program gives malicious user remote
access to the infected machine
• User can do any operation like
– Sending, receiving, launching and deleting files,
displaying data and rebooting the computer
• Backdoor Trojans are often used to unite a
group of victim computers, which can be used
for Criminal purposes.
Trojan Types - Rootkit
• Rootkits are designed to conceal certain
objects or activities in your system.
Trojan-DoS
• Conduct DoS (Denial of Service) attacks against a
targeted web address.
• Will send multiple requests – from your
computer and several other infected computers
How to protect yourself against
Trojans
• Install effective anti-malware software
• NEVER download blindly from people or sites
which you aren't 100% sure about
• Be sure what the file is before opening it
• Beware of hidden file extensions
• Don't download an executable program just
to "check it out"
Malware Distribution in 2011
Programming Bugs
Programming Bugs
These are programming related bugs – which open
system to vulnerabilities.
• During program execution, certain task needs
privileges of “administrator” account,
1. access should be grant only for that task
2. Remove access on task completion.
• Giving access to un-trusted user
1. Create temp user account
2. Give minimum access to perform necessary task
3. Ensure, program doesn’t give any kind of unwanted
access to the user, which he can exploit further.
How to handle?
• Design system carefully.
• Listing different users and their access rights
who will be accessing the system.
• In case of third party integration, ensure the
user gets only minimum access which is
enough to perform given tasks.
Cyber Crime in India
• MUMBAI: Easy money, lack of deterrents amid
slow job market lure Indians into hacking
services
– Rent botnets infrastructure to launch DOS attacks for
2$ (Rs 125) per hour
• NEW DELHI : Cybercrime cases in India rose by
61% in 2012:
• BANGALORE: Cyber lab to help nail hi-tech crooks
• VISAKHAPATNAM : 23-year-old man held for
sending lewd SMSs
• MANGALORE: Greed sets Mulki woman back by
Rs. 3 lakh
Cyber Crime - News
• WASHINGTON: Computer Glitch(fault) Opens
Prison Doors?
• WASHINGTON : Android bug tweaked tactics to
earn profits (for hackers) in Q2: McAfee
• WASHINGTON: Cybercrime costs upto $500
billion to world economy: Report
• Google Gives Researchers More In¢entive to
Report Its Vulnerabilities
– Cross site scripting vulnerabilities ($5000)
– Authentication bypasses ($7500)
Cyber Crime
• Computer crime or Cyber crime refers to any
crime that involves a computer and a network.
– The computer may have been used in the commission
of a crime, or it may be the target.
• “ These are offences that are committed against
individuals or groups of individuals
– with a criminal motive to intentionally harm the
reputation of the victim or
– cause physical or mental harm to the victim directly
or indirectly,
– using modern telecommunication networks such as
Internet (Chat rooms, emails, notice boards and
groups) and mobile phones (SMS/MMS)"
Cyber Crime
• Cybercrime ranges across a of activities.
– fundamental breaches of personal or corporate
privacy , identity theft.
– transaction-based crimes such as fraud, trafficking in
child pornography, digital piracy, money laundering,
and counterfeiting
– deliberately altering data for either profit or political
objectives.
– attempts to disrupt the actual workings of the
Internet - spam, hacking, and denial of service
attacks , cyber terrorism.
Cyber Crime
Targets Computer
Crimes include
- Computer viruses
- Denial-of-service attacks,
- Malware
Targets User
Crimes include: Cyber stalking, Fraud and identity theft,
Phishing scams, cyber terrorism, Information warfare
Cyber Crime: Spam
Cyber Crime: Spam
• Spam is the unwanted sending of
bulk email for commercial purpose, such as
products and services advertisement.
• It comprise roughly 50 percent of the e-mail.
• Spam is a crime since it wastes both the
storage and network capacities.
• Spam is nearly free for perpetrators
– Costs is same for sending 10 messages as well for
10 million.
Cyber Crime: Spam
How Does this work?
• Spammer gets secret control of numerous
infected machines connected to internet.
– Such machines are known as zombie computers.
• This network can be activated to flood the
Internet with spam or to institute DoS attacks.
• While Spam will be still ok but DoS can be used
to blackmail Web sites by threatening to shut
them down.
Cyber Crime: Spam
Zeus
Cyber Crime: Theft
• Theft is anything which is taken without permission.
• This crime occurs when a person violates copyrights and downloads
music, movies, games and software.
• There are even peer sharing websites which encourage software
piracy and many of these websites are now being targeted by the FBI.
• Today, the justice system is addressing this cyber crime and there are
laws that prevent people from illegal downloading..
Cyber Crime: Hacking
• This is a crime wherein a person’s computer is broken into so that his personal
or sensitive information can be accessed.
– In the US, hacking is classified as a felony and punishable as such.
• This is different from ethical hacking
• In hacking, the criminal uses a variety of software to enter a person’s computer
and the person may not be aware that his computer is being accessed from a
remote location.
Cyber Crime: Hacking
• Most hackers have not been criminals but young
people driven by intellectual curiosity .
• Hacking costs the world economy billions of dollars
annually.
• Hacking is not always an outside job.
• Hacking is old-fashioned industrial espionage by
other means.
• The largest known case of computer hacking was a
spyware called GostNet discovered in late March
2009 by University of Toronto.
– (Dalai Lama case)
– compromised systems embassies and foreign affairs
bureaus
Cyber Crime: Cyber Stalking
• Cyberstalking is the use of
the Internet or other
electronic means
to stalk or harass an
individual, a group of
individuals, or an
organization.
• It may include the making
of false accusations or
statements of fact (as
in defamation), monitoring,
making threats, identity
theft, damage to data or
equipment, the solicitation
of minors for sex, or
gathering information that
may be used to harass.
Cyber Crime: Cyber Stalking
• False accusations
• Attempts to gather information about the victim.
• Monitoring their target's online activities and
attempting to trace their IP address in an effort to
gather more information about their victims.
• Encouraging others to harass the victim.
• False victimization.
• Attacks on data and equipment.
• Ordering goods and services.
• Arranging to meet.
• Cyberstalking is a form of cyberbullying
Cyber Crime: Cyberbullying