securityfaculty.winthrop.edu/whitneym/documents/05-security.pdf · 2015-11-10 · trojan horses...
TRANSCRIPT
SecurityCSCI 101
References
• Slides are heavily based on, and contain content
from:
Technology in Action Eleventh Edition by Evans, Martin,
and Poatsy
Cybercrime & Identity Theft
Cybercrime
• Any crime that is conducted through the
computer.
• In 2012 the internet crime complaint center
received 289,000 cybercrime complaints.
Common Cybercrimes
• FBI-Related Scams: People pretending to work
for official organizations to defraud
• Non-Delivery of Merchandise: Here people
receive your payment, and then never deliver the
goods.
• Advance Fee Fraud: Here people ask you for
money in good faith, with later receipt of interest
on the money, which is never paid.
Identity Theft
• Occurs when someone steals your personal
information, e.g. your social security number,
bank account number, credit card info…
• Basically someone tries to be you, steals form
you, and pollutes your reputation.
• People can use, and destroy your credit rating.
• It can take a long time to fix.
AN ENTRYWAY INTO YOUR COMPUTER
Computer Viruses
Computer Viruses
• Malicious Computer programs that are attached
to other programs.
• When they are downloaded they copy
themselves into other programs, and files.
• When files are exchanged with other computers,
the viruses will infect another computer.
What’s the harm of viruses?
• Viruses can simply be annoying, e.g. cause
popup windows to appear
• Or they can destroy files on your computer
• Even worse they can gather and report your
sensitive information to the viruses' creator.
How to get a virus
• You download malware, e.g. a contaminated
movie
• You open up an attachment on an email that is
infected
• You open a file on a usb drive that is infected.
Types of Viruses
Logic Bomb
Logic Bomb: When a set of conditions are true the
virus will begin, e.g. opening a file a certain
number of times.
Logic Bomb Example
• Whac-A-Mole Sabatage
• A man programmer planted a logic bomb in
Whac-A-Mole games, causing them to stop
working after they had been turned on and off a
number of times.
• He did this to achieve job security, as he was
responsible for fixing these machines.
Logic Bomb Example
• http://www.cbsnews.com/news/logic-bomb-
dropped-on-brokerage/
• Created a logic bomb which caused > $3 million
in damages by deleting / damaging files• He purchased put options (sell for fixed price) on the companies stock in anticipation,
assuming the stock value would plummet and he would benefit
Time Bomb
Time Bomb: A virus that will execute at a certain
time, or after a set of time passes. Hence, a large
number of computers could all go down at the
same time.
Time Bomb Example
• Michelangelo Virus
• In 1991 this virus was create that would fire on
March 6th, the famous artist Michelangelo’s
birthday.
• “the virus overwrites the first one hundred
sectors of the hard disk with nulls.”
Time Bomb Example
• http://www.wired.com/2013/03/logic-bomb-
south-korea-attack/
• The time bomb waited till March 20th 2013 and
then started erasing data from bank machines
• Wiped the machines of 3 banks and 2 media
companies
• Also, took down some ATMs
Worms
Worms: Spread through email or network connections.
The user doesn’t need to take any action to spread these,
they just travel through vulnerabilities in the operating
systems.
Worm Example
• ILove you Worm
• In May of 2000 a worm that effected Windows Personal computers got sent over emails.
• Users would get an email with the subject “ILoveyou” with a script attached.
• When users opened the attachment it ran a script that did damage to your computer and overwrote your images.
• Then the script sent out the same email to everyone on your Outlook contact list.
How do you know you have a
virus?
• Your homepage on your browser changes
• Popups start appearing
• Files start being corrupted
• …
How to protect my computer
• Install an antivirus. They can only stop viruses
they know about. Keep installing updates to
your antivirus to protect against new viruses.
• Keep your computer’s OS and other programs
up to date. Often OS’s are updated to protect
against viruses, so make sure you have these
updates.
Windows Defender
• This anti-virus is in newer versions of windows:
• http://windows.microsoft.com/en-
us/windows/security-essentials-download
• You can download Windows Security Essentials
on earlier versions of Windows too (Windows 7
and Vista)
WHAT DO THEY DO, AND HOW DO WE PROTECT OURSELVES
Hackers
Hackers
Someone who unlawfully breaks into a computer or a network.
Black-hat Hackers: Someone who hacks into computers with malicious intent.
White-hat Hackers (Ethical Hackers): Someone who hacks into a system to expose it’s weaknesses to the company or the general public.
Regardless of the type of hacking, it’s considered a crime, and can result in serious penalties.
Famous Hackers
Jonathan James
• At age 15 he was convicted of breaking into BellSouth, the United States Department of Defense, and NASA
• He intercepted over 3 thousand messages going to the USDD using a packet sniffer
• He cost NASA $41,000 to check and fix systems
Famous Hackers
Albert Gonzalez
• Collected over 170 million
credit and ATM card numbers in
2 years (2005 – 2007). - sql• He would sell these for profit
• He also hacked into databases
to get credit card numbers.
• In 2010 went to prison for 20
years
Famous Hackers
Kevin Poulsen
• Took over all of the phone lines for LA’s KISS-FM radio station making himself be the 102 caller and win a Porsche
• Hacked into federal systems and stole wiretap information. (http://www.makeuseof.com/tag/5-of-the-worlds-most-famous-hackers-what-happened-to-them/)
• When to prison for 5 years and banned from his computer for 3 years after
• He now works for WIRED, and he helped take down 744 sex offenders on MySpace.
Types of Hacking
Packet Sniffing
• Hackers use programs to listen in on the packets
you are sending over the internet.
• Here they can put together the data you are
sending, and gather your sensitive information.
• Be careful when you are using free public wifi like
at coffee shops as they are particularly
vulnerable.
• Firewalls will help you prevent these attacks.
Packet SniffingCidney is buying items online with her credit card, and a hacker is listening in,
getting her credit card number.
Cidney
234283252290234
32522
90234
23428
Packet Sniffing …
• More information about packet sniffing can be
found here:
• http://www.veracode.com/security/wireless-
sniffer
• You should use secure protocols (http) for all
important communication so that your data is all
encrypted when sent over the line and can’t be
sniffed.
Trojan Horses
Trojan Horse Naming
• In Greek mythology at the end of the War of Troy they had a plan where they created a giant hollow horse and filled it with soldiers, pretending it to be a piece offering.
• At night the soldiers came out.
• Trojan Horse Malware programs are named after this historical horse because they disguise themselves as good programs so people install them, but they turn out to be malware.
Trojan Horses
• Trojan horses are when hackers get into your
computer through a back door and can take
control.
• They can access/delete files/send emails…
• They can also use your computers processing for
larger attacks. Particularly, if hackers take over
lots of computers they can launch Denial of
Service Attacks.
Example
Beast Trojan Horse (2002)
• Infected Windows 95 and XP
• The hacker could control the infected computer
• Could use password tools to get at your
passwords
• Could get screenshots and use your webcam
Denial-of-Service Attacks (DoS)
• In DoS attacks, hackers keep sending out so much
requests on a server, that the server doesn’t have enough
capacity to address the legitimate requests.
• To achieve this, hackers often take over many other
computers, and program them all to continuously make
requests.
• The computers they take over are called Zombies
Denial of Service Attacks
Denial of Service Example
Project Rivolta
• In 2000 MafiaBoy (Michael Demon Calce) a
Canadia High School student launched a Denial
of Service attack
• He took down Yahoo for an hour, which was the
most popular search engine at the time
• He also continued to bring down Ebay, CNN,
Amazon and Dell
Live Denial of Service Attacks
• This map shows a live view of the current denial
of service attacks that are being executed across
the globe
• http://www.digitalattackmap.com/#anim=1&col
or=0&country=ALL&time=16341&view=map
Key Loggers
• Key Loggers are a form of spyware.
• These program track each of your keystrokes
• They can put this information together to gather
your secure information
Key Logger Example
2 million Facebook, Twitter, AND Gmail passwords
stolen (Dec 4th, 2013) - cyberAttacks vid • Keylogging software was maliciously installed on
users computers
• This malware recorded users passwords
HOW CAN I PROTECT MYSELF?
Protecting Yourself
Firewalls
• Can block access to your ports, & filter the packets that
are trying to enter. They will deny malicious packets
entry into your computer.
• They use a process called network address translation to
hide your IP address from intruders, so they can’t find
your computer.
Weak Passwords
• Many people use very week passwords for
internet sites, such as 12345 or password!
• With week passwords, hackers can get into these
sites and steal your information
• Even with common words hackers can easily
determine your passwords, as they run scripts
which can check tons of passwords in matters of
seconds.
Reusing your Passwords
• People often use the same passwords from many
different sites.
• Hackers sometimes get access into less secure
sites, find your passwords, and then try the same
passwords on your bank’s site.
• Hence, make sure you have a unique password
for more secure sites.
Creating Strong Passwords
• Your book has a good set of rules on P.362
• Here’s a helpful article:
https://support.mozilla.org/en-US/kb/create-
secure-passwords-keep-your-identity-safe
Backup Your Data
• Always have backups of your data.
• If you get attacked you could lose all of your
information.
Spam
• When you login to forms on the internet, and signup for
things your email will inevitably end up in lists of emails
to be spammed.
• Often people have two emails, one for signing up for
things on the internet, and the other for common use.
• You can also, use spam filters. Make sure to check the
items that have been filtered every so often to make sure
you haven’t missed important messages.
Cookies
• Cookies are little files kept on your computer which
inform websites of your preferences. E.g. what do you
want to see when you enter a page, what data did you
enter in a form, or what type of adds should we show
someone.
• Sites can use this information to provide you with target
advertising, but they do not pose you harm.
• The only risk is they likely contain password and credit
card info that could cause issues if a hacker got a hold of.
DON’T GIVE PEOPLE YOUR PERSONAL DATA!
Scams
Phishing
• Here scammers lure you into providing them with personal information.
• For example, – you get an email form your Bank asking you to verify your
account information.
– you click on the link to your bank site, this isn’t actually your bank’s site, it’s a site the scammer made to look just like your bank
– When you enter your personal information in, the scammer now has it.
• You can avoid this by not clicking on the links, and going directly to your banks site
Phishing Example
Phishing Scams
• This article discusses what an individual learnt
from talking with scammers.
• http://www.motherjones.com/politics/2014/03/w
hat-i-learned-from-nigerian-scammers
Pharming
• Here, you have a malicious virus or code that
when you try to go to certain websites, you are
redirected to fake versions.
• e.g. you try to go to bankofamerica.com and you
get something like bnkfamerica.com
Pharming Example
50 Banks in Pharming Attack
• The attackers made fake sites that looked like the
banks
• Users were lured to install a Trojan virus, which
would redirect them to the fake bank site when
they typed in the url of their bank
• After the uses entered in their credentials it
would successfully redirect them to their banks
site, and log them in.
Scareware
• Here, you download malicious programs that pretend to be viruses.
• Tons of adds, and such keep popping up.
• Then you will get a message saying you need to download antivirus.
• Then they get you to pay for and download a fake antivirus because you’re scared.
• A 2010 study by Google found 11,000 domains hosting fake anti-virus software (en.wikipedia.org/wiki/Scareware)
Scareware Example
• LizaMoon (2010)
• Thousands of infected sites
• Users had to actively install this virus
• The rogue Anti Virus was called Windows
Stability Center and removed non-existent
viruses
MAKE SURE PEOPLE CAN’T UNDERSTAND YOUR MESSAGES
WHEN YOU GET THEM
Encryption
Packet SniffingCidney is buying items online with her credit card, and a hacker is listening in,
getting her credit card number. We need to encrypt this info so we can’t figure
out what it is!
Cidney
234283252290234
32522
90234
23428
Simple Encryption
By creating a mapping, we can encrypt our message.
original message:
I like you
encrypted message:
J mjlf zpv
Someone needs the mapping table to decrypt your message.
Mapping
A = B
B = C
C = D
E = F
…
Private Key Encryption
• Here both the sender and the receiver have the key… e.g.
the mapping table in the example above.
• The problem is, how do you send over the key? What if
the hacker gets it?
I like you
J mj
zpv
lf
I like you
J mjlf zpv
Using the decryptionkey it becomes
Public Key Encryption
In public key encryption there are two keys which are
generated through mathematical formulas.
Public Key: The encryption key is public. Meaning anyone
can send you a message with it.
Private Key: The decryption key is private. Meaning only
you can decode the message.
Public Key Encryption
I like you
Encrypts using public key
klaejrkljlkjlew
Generates public and private key, Then Broadcasts public key to everyone
Sends encrypted message in packets
klaejrkljlkjlew
klaejrkljlkjlew
Decrypts using private key.
I like you
Next Week