Network Security Overview

Ali Shayan2008.08.06

Network Security Management’s Perspective

• Dangers:– Negligence– Dereliction of duty– Liable for damaged– Misconduct– Sabotage– Aiding and abetting crime

Network Security Management’s Perspective

• Issues– Training– Continuity and crisis planning– Assume information security is YOUR responsibility

Lack of awareness can lead to negligence and liability!

Understanding Components of an IT Security Audit

Modern Technology Roadmap

• Early 1990s: Virus scanners• Mid 1990s: Firewalls• Late 1990s: Over-reliance on encryption (PKI)• Early 2000s: Over-reliance on intrusion

detection systems (IDS)• Late 2000s: Over-reliance on intrusion

prevention systems/artificial intelligence

Vulnerabilities• There was a total of 7,247 vulnerabilities in 2006, 39.5% more than

2005.• June was the busiest month of the year with 696 vulnerabilities.• Week 46 (the week before Thanksgiving) was the busiest week of

2006 for new vulnerabilities.• The most popular day for vulnerability discloser was Tuesday.• The top three vulnerable vendor in 2006 were Microsoft, Oracle

and Apple.• 88.4 percent of all 2006 vulnerabilities could be exploited remotely.• Over half (50.6%) of 2006 vulnerabilities would allow an attacker to

gain access to the host after successful exploitation.

VulnerabilitiesPer Annum Vulnerabilities Count

VulnerabilitiesPer Month

Vulnerabilities by Day of Week

Vulnerabilitiesby Day of Week

VulnerabilitiesWeekdays vs. Weekends

VulnerabilitiesTop Ten Vulnerable Vendors

From which countries does spam originate?

Incident and Events by Sector

Quantifying by Losses

• 9 out of 10 businesses affected by cybercrime (FBI 2005)

• $67.2 billion per year is lost to cybercrime in the USA (FBI 2005)

• 61% of US computers are compromised (Cyber Security Alliance 2006)

• Estimated 14,000 – 17,000 Botnet C&Cs (Shadowserver.org)

Notable Trends in Cyber Criminality

• Motivation: Financial motives are making attackers more sophisticated.

• Targeted attacks: Attacks are much more targeted than before.

• Targets: The user and the user workstation (desktop or laptop) becomes the easiest path into the network.

References

• http://www.coresecurity.com• http://www.cert.com• http://www.iss.com• http://www.alexa.com

Thanks