Introduction & Framework,Chapter 1 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall Revised by Huei Lee,2,Critical Infrastructure,3,Figure 1-1: CSI/FBI Computer Crime and Security Survey,Survey conducted by the Computer Security Institute (http:/www.gocsi.com). Based on replies from 503 U.S. Computer Security Professionals.,4,Figure 1-1: CSI/FBI Computer Crime and Security Survey,5,Figure 1-1: CSI/FBI Computer Crime and Security Survey,6,Figure 1-1: CSI/FBI Computer Crime and Security Survey,7,Figure 1-1: CSI/FBI Computer Crime and Security Survey,8,What is new in CSI Survey 2007?,Some of the preliminary key findings from the 2007 Survey include: The average annual loss reported more than doubled, from $168,000 in last years report to $350,424 in this years survey. Reported losses have not been this high in the last five years. Financial fraud overtook virus attacks as the source of the greatest financial loss. Virus losses, which had been the leading cause of loss for seven straight years, fell to second place. Almost one-fifth of those respondents who suffered one or more kinds of security incident said theyd suffered a “targeted attack,“ i.e. a malware attack aimed exclusively at a specific organization or at a small group of organizations.,9,Identity Theft,The stealing of another persons information for financial gain. See the video http:/abcnews.go.com/Video/playerIndex?id=5523911,10,Software that covertly gathers information about a user is called _.,Adware Malware Spyware Shareware Freeware,Spyware is sometimes hidden within freeware or shareware programs. In other instances, it is embedded within a Web site and is downloaded to the users computer, without the users knowledge, in order to track data about the user for marketing and advertisement purposes,11,When receiving warnings of viruses, or requests to donate money to victims of some disaster, you should always check if it is a _ before reacting to it.,Trick Hoax Prank Joke Spam,Some spam e-mails are hoaxes, asking you to donate money to nonexistent causes or warning you of viruses and other Internet dangers that do not exist. You should always check before forwarding such messages to your friends,12,Figure 1-2: Other Empirical Attack Data,Riptech Analyzed 5.5 billion firewall log entries in 300 firms in five-month period Detected 128,678 attacksan annual rate of 1,000 per firm Only 39% of attacks after viruses were removed were directed at individual firms,13,Figure 1-2: Other Empirical Attack Data,SecurityFocus Data from 10,000 firms in 2001 Attack Frequency 129 million network scanning probes (13,000 per firm) 29 million website attacks (3,000 per firm) 6 million denial-of-service attacks (600 per firm),14,Figure 1-2: Other Empirical Attack Data,SecurityFocus Attack Targets 31 million Windows-specific attacks 22 million UNIX/LINUX attacks 7 million Cisco IOS attacks All operating systems are attacked!,15,Figure 1-3: Attack Trends,Growing Incident Frequency Incidents reported to the Computer Emergency Response Team/Coordination Center 1997: 2,134 1998: 3,474 (75% growth from previous year) 1999: 9,859 (164% growth) 2000: 21,756 (121% growth) 2001: 52,658 (142% growth) Tomorrow?,16,Attack Trends,17,Figure 1-3: Attack Trends,Growing Randomness in Victim Selection In the past, large firms were targeted Now, targeting is increasingly random No more security through obscurity for small firms and individuals,18,Figure 1-3: Attack Trends,Growing Malevolence Most early attacks were not malicious Malicious attacks are becoming the norm,19,Figure 1-3: Attack Trends,Growing Attack Automation Attacks are automated, rather than humanly-directed Essentially, viruses and worms are attack robots that travel among computers Attack many computers in minutes or hours,20,Why You need to take this course?,Most network software is designed for security. This course teaches you fundamental concepts of security and infrastructure. Some governmental IT jobs requires that you have security training.,21,Figure 1-4: Framework for Attackers,Elite Hackers Hacking: intentional access without authorization or in excess of authorization Some call this cracking, not hacking, which they equate to any skilled computer use Characterized by technical expertise and dogged persistence, not just a bag of tools Use attack scripts to automate actions, but this is not the essence of what they do Deviants and often part of hacker groups that reinforce deviant behavior,22,Figure 1-4: Framework for Attackers,You may hear the terms “white hat” (good guys) and “black hat” bad guys Black hat hackers break in for their own purposes “White hat” can mean multiple things Strictest: Hack only by invitation as part of vulnerability testing Some who hack without permission but report vulnerabilities (not for pay) also call themselves white hat hackers,23,Figure 1-4: Framework for Attackers,You will also hear the term “ethical hacker” Some hack only by i