Internet Security

By: Kyle Lutz, Amber Kariker THE BEST, Greg Krutick, A.J. Nezamabadi, Sharon Kimemia

Presentation Over:

Internet Security Threats Current Issues Internet Statistics, did you know? Industry Response Available Tools Hackers: History, who they are, techniques Hackers: Top tools, most likely to be hacked, successful hackers Intrusion Prevention Intrusion Detection Conclusion

Internet Security Threats

Identity theft Phishing Viruses Spam

Current Issues

Case Study -TJX Computer breach Costs- 12 million (1st quarter)

Legal issues Credit Card Fraud

Timeline

Internet Statistics, did you know?

Top e-mail sites in 2006 for spam include.(according to Commtouch).

Hotmail

4.7 million Yahoo 4.2 million MSN 2.1 million Cisco 1.9 million G-mail 1.5 million

Internet Statistics, did you know?

Both viruses and spam have continued to increase over the years

Industry Response

Software analyst meet to discuss the latest technology Demand for security professionals Many companies have spent money on security and repairs Microsoft estimated two billion dollars in 2005
www.Getsafeonline.com http://www.homeoffice.gov.uk/

Available Tools

Anti-Virus- Norton 2007;Best known name in anti-virus and internet security Anti-Spy Ware Firewall Protection Anti-spam

History of Hackers

In December of 1947, the transistor was invented. Captain Crunch Steve Jobs Kevin Mitnick AT&T The Worm- Robert Tappan Morris Kevin Poulsen (a.k.a. Dark Dante) Tsumomu Shimomura David Smith Jon Johansen (a.k.a. DVD Jon)

Who are Hackers?

Definition The word Hacker Computer programming must be a hobby, something done for fun, not out of a sense of duty or for the money. A person who practices hacking is called a hacker. Hacking can be just to find out how it works without criminal intent. Hacking can be simply to crack a code A hacker can be breaking into a computer that's yours, often not wanted, and now prohibited by law.

Different Hacker Techniques

Information Sharing Information Disseminating The belief that system-cracking for fun and exploration is ethically OK as long as the cracker commits no theft, vandalism, or breach of confidentiality. Telecommunications Studying Redistributing money and credit information maintained in credit bureau computers. Obtaining money and property from companies by altering the computerized information used by the companies.

Top Tools Hackers Use

Spam Downloads Pop-ups Active X

Most Likely to be Hacked

Small businesses with 10 or fewer employees.

Most vulnerable Less resources Ignore or unaware of risks

Large businesses with 100 or more employees

Higher profile Larger network

Successful Hackers
Eric McCarty hacks into USC database Australian hacker attacks sewage control computers

Intrusion Prevention

To prevent virus infection

Disable Active X controls on IE Run anti-virus software with updates Do not open suspicous e-mails Run anti-spyware software Avoid using P2P/file-sharing software

Malware/Spyware infection

Intrusions

Run a firewall Be cautious towards ActiveX and Java Applet prompts

Intrusion Detection

Intrusion detection systems are the next generation of security beyond firewall protection Host Based IDS: For servers that contain sensitive information. Network Based IDS: Monitors certain network segments. Gives administrators a more proactive approach to stopping a potential threat.

Introduction to Detection

Conclusion

User awareness is key to a secure computer/network

Do not open suspicious files/emails Verify ActiveX/Java prompts Avoid using P2P programs Avoid downloading freeware If attacked, disconnect the network. Do not turn off the computer

Resources

Alex (2006). A Short History of Hacking. Retrieved May 23, 2007, from Neatorama Web site: http://www.neatorama.com/2006/08/28/a-short-history-of-hacking Breeding, M. (2007, January). Spam Wars: The Battle of the Formbots. Computers in Libraries, 27(1), 32-34. Retrieved May 22, 2007, from Computer Source database. Damman H. Whose problem is it?. Process & Control Engineering (PACE) [serial online]. November 2005;58(10):31-35. Available from: Business Source Premier, Ipswich, MA. Accessed May 24, 2007. Ending the age of the password. (2005, February 22). Computer Weekly, Retrieved May 23, 2007, from Business Source Premier database. Harvery, Brian (1985). What is a Hacker?. Retrieved May 23, 2007, from What is a Hacker? Web site: <http://www.cs.berkeley.edu/~bh/hacker.html>. (2006). Hacking and Hackers An Introduction. Retrieved May 23, 2007, from Hacking and Hackers Web site: http://www.thocp.net/reference/hacking/hacking.htm Lemos, R. TJX breach larger than previously thought. Retrieved from <http://www.securityfocus.com/brief/441>. Pasquariello A. THREAT REDUCTION. Fast Company [serial online]. May 2007;115:2223. Available from: Computer Source, Ipswich, MA. Accessed May 24, 2007. Spanbauer, S. (2007, March). Thwart the Three Biggest Internet Threats of 2007. PC World, 25(3), 120-122. Retrieved May 23, 2007, from Academic Search Premier database. Trigaux, Robert (2000). A History of Hacking. Retrieved May 23, 2007, from St. Petersburg Times Online Web site: http://www.sptimes.com/Hackers/history.hacking.html