diytp 2009. what is cybercrime? using the internet to commit a crime. identity theft hacking ...
TRANSCRIPT
What is Cybercrime?
Using the Internet to commit a crime. Identity Theft Hacking Viruses
Facilitation of traditional criminal activity Stalking Stealing information Child Pornography
High-Profile Cybercrime-related Cases
TJ Maxx data breach 45 million credit and debit card numbers
stolen Kwame Kilpatrick
Cell phone text messages BTK Serial Killer Kevin Mitnick
Computer Security
Confidentiality Only those authorized to view information
Integrity Information is correct and hasn’t been
altered by unauthorized users or software
Availability Data is accessible to authorized users
Computer Security - Threats
Malware Software that has a malicious purpose
Viruses Trojan horse Spyware
Computer Security - Threats
Intrusions Any attempt to gain unauthorized access
to a system Cracking Hacking Social Engineering War-driving
Computer Security - Threats Denial-of-Service (DOS)
Prevention of legitimate access to systems
Also Distributed-Denial-of-Service (DDoS)
Different types: Ping-of-Death Teardrop Smurf SYN
Computer Security - Terminology People
Hackers White Hat – Good guys. Report
hacks/vulnerabilities to appropriate people.
Black Hat – Only interested in personal goals, regardless of impact.
Gray Hat – Somewhere in between.
Computer Security - Terminology Script Kiddies
Someone that calls themselves a ‘hacker’ but really isn’t
Ethical Hacker Someone hired to hack a system to find
vulnerabilities and report on them. Also called a ‘sneaker’
Computer Security - Terminology Security Devices
Firewall Barrier between network and the outside
world. Proxy server
Sits between users and server. Two main functions are to improve performance and filter requests.
Intrusion Detection Systems (IDS) Monitors network traffic for suspicious
activity.
Computer Security - Terminology Activities
Phreaking Breaking into telephone systems (used in
conjunction with war-dialing) Authentication
Determines whether credentials are authorized to access a resource
Auditing Reviewing logs, records, or procedures for
compliance with standards
Computer Security - Careers Information Security Analyst
US National Average Salary
Figure 1.2 – Median salary courtesy cbsalary.com
Computer Security - Certifications Entry-level
Security+ http://www.comptia.org/certifications/listed/security.aspx
CIW Security Analyst www.ciwcertified.com
Intermediate MSCE Security
http://www.microsoft.com/learning/en/us/certification/mcse.aspx#tab3
Professional CISSP www.isc2.org SANS www.sans.org
Computer Security - Education Community-college
Washtenaw Community College Computer Systems Security
http://www4.wccnet.edu/academicinfo/creditofferings/programs/degree.php?code=APCSS
Computer Forensics http://www4.wccnet.edu/academicinfo/creditofferings/programs/degree.php?code=APDRAD
Computer Security - Education 4-Year College
Eastern Michigan University Information Assurance
Applied Network Cryptography Management
http://www.emich.edu/ia/undergraduate.html