System Security

Forms Of Attack
1. Malware
  1. Software written to infect, damage or gain unauthorized access to computer systems
  2. Used to commit crimes such as fraud and identity theft
  3. Exploits vulnerabilities and affects all components of the OS
  4. Types of Malware
    1. Viruses - Attaches itself to programs or files on a computer or server
    2. Worms - Replicates itself through a computer network to spread to other computers; it does not need to attach to a program
    3. Trojan Horses - Designed to access a computer by misleading users of its intent e.g. Fake message telling you to download something 'for the greater good'
2. Phishing
  1. A form of 'social' engineering' (Human interaction used on people to break normal security procedures) used to entice people to disclose personal information
  2. Used to try and steal personal information such as usernames, passwords credit card details etc.
  3. Usually done by email
  4. Can also be done by phone to trick people into entering bank detials
3. Brute Force
  1. A trial and error method used by programs to decode encrypted data such as passwords and pin numbers etc.
  2. Normally done through exhausted effort with a lot of generated guesses instead of employing forms of intellect
4. Denial of Service (DoS)
  1. Floods a sever (website) with useless traffic, overloading it via infected machines in a network so it cannot respond to legitimate requests by the user and would go offline
  2. Some forms of DoS attacks (Teardrop Attacks, Ping of Death) exploit limitations in the TCP/IP (Transmission Control Protocol/Internet Protocol)
  3. DDoS (Distributed DoS) is where multiple systems, already infected with 'Trojans', are used to infect a singular system; this causes a DDoS to occur
  4. Used as a 'botnet' (a number of Internet-connected devices, each of which is running one or more bots to do any purpose needed)
5. Data Interception and Theft
  1. The unauthorised act of stealing and obtaining confidential information and compromising privacy in computer systems
  2. Data streams and packets that travel can be intercepted into in order to obtain plain text passwords, configuration information or the data itself
  3. Data can also be intercepted physically a.k.a. stealing a hard drive or other external hardware
6. SQL Injection
  1. A code injection technique used to attack data-driven applications and access databases
  2. Insecure code in the database programs can be 'injected' (changed) with new coding that could do harmful things when executed by the server
  3. If successful in gaining access to the database, they can alter, expose or delete data at will; they can also impersonate specific users of the database
  4. SQL - Programming language
  5. Database using SQL is needed
Threats Posed to Networks
1. People as a 'weak point'
  1. Not installing OS (Operating System) updates & keeping anti-malware software up-to-date
  2. Not locking doors to computer rooms
  3. Leaving printouts on desk
  4. Writing down passwords and sharing them out in the open
  5. Losing memory stick/laptops
  6. Not applying security to wireless networks or encrypting data
2. Poor Network Policy
  1. Well managed networks will have procedures in place to be more secure
  2. What well-managed networks should have
    1. A Data Protection Act
    2. Acceptable Use Agreements
    3. Permissions set to access servers, files, systems and databases
    4. Network managers who understand, identify and actively protect against invulnerabilities
3. Files are deleted, become corrupt or encrypted, Computers crash, refresh spontaneously and slow down, Internet connections become slow
4. Accessing the victim's account to withdraw money or purchase items, Opens bank accounts, credit cars and illegitimate cheques, Can gain access to corporate data, Finacial services can blacklist the company, resulting in damage to brand reputation
5. Theft of data, Access to corporate systems
6. Loos of access to a server of customers, Lost revenue, Lower productivity, Damage to reputation
7. Usernames and passwords compromised, allowing unauthorised access to systems, Disclosure of corporate data
8. Contents of databases can be outputed, revealing private data, Data in the database can be amended or deleted,, New rogue records can be added into the database
9. AUP (Acceptable Use Policy) is a common policy which outlines rules for network access
Identifying and Preventing Vulnerabilities
1. Anti-Malware Software - Prevents malware from entering the system
2. Encryption - Where data is translated into code so mthat only authorised users, or users with the key can decrypt it; users must need the key inn order to decrypt the coded file
3. Network lockout policy: Locks account after 3 attempts, Using progressive delays, Staff Training (using effective passwords with numbers and symbols etc.), Using challenger response e.g. I am not a bot and reCAPTCHA
4. Firewall - Performs a barrier between a attacker and the computer system; has the ability to block access from certain computer users and diable processes etc.
5. Network Forensics - Examines data sent across a network via 'packet sniffing' (involves intercepting packets being sent around a network, allowing to see what is being sent at all times
6. Penetration Testing - Person checks current vulnerabilities and potential ones in order to avoid weaknesses which can be exploited by malicious people
7. Network Policies - Certain rules to secure computer systems
8. User Access Levels/System Access Rights - Selects a hierarchy of users: lower level users have limited information, higher level users have more sensitive data
9. Biometric Security - Alternates to password e.g. Retina Scan, Fingerprint, Voice, Facial Recognition

Next up

Description

Resource summary

Similar

	Created by 2402 2003 over 6 years ago