Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
1
Foundations of Security
Simplifying Security.
Module 1
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
2
Scenario
Franklin, an employee working for an organization, downloads free software from a website. After installing the software, however, Franklin's system reboots and starts to malfunction.
What might have gone wrong with Franklin’s system?
What would you have done in Franklin’s place?
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
3
Home‐computer Users at Risk Due to Use of ‘Folk Model’ Security
EAST LANSING, Mich. —Most home computers are vulnerable to hacker attacks because the users either mistakenly think they have enough security in place or they don’t believe they have enough valuable information that would be of interest to a hacker.
That’s the point of a paper published this month by Michigan State University’s Rick Wash, who says that most home‐computer users rely on what are known as “folk models.” Those are beliefs about what hackers or viruses are that people use to make decisions about security – to keep their information safe.
Unfortunately, they don’t often work the way they should.
“Home security is hard because people are untrained in security,” said Wash, an assistant professor in the Department of Telecommunication, Information Studies and Media. “But it isn’t because people are idiots. Rather they try their best to make sense of what’s going on and frequently make choices that leave them vulnerable.”
May 23, 2011
http://news.msu.edu
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
4
'Fakefrag' Trojan Scares You into Paying Up
A devious new Trojan is putting the fear of hard drive failure into computer owners, and then rushing in to "save" the day —at your expense.
Once the "Fakefrag" Trojan finds its way onto your system via specially crafted malicious Web pages, it gets to work on the task of making you believe all your files have been erased from your hard drive, the security firm Symantec reported.
Scareware scams, which try to convince users they have a computer virus, and then trick them into purchasing fake antivirus software, are nothing new. However, Fakefrag takes the crime a step further: it actually moves your files from the "All Users" folder to a temporary location, and hides files in the "Current User" folder, Symantec said.
http://www.msnbc.msn.com
May 23, 2011 8:21:51 PM ET
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
5
Module ObjectivesSecurity Incidents
Essential Terminologies
Computer Security
Why Security?
Potential Losses Due to Security Attacks
Elements of Security
Fundamental Concepts of Security
Layers of Security
Security Risks to Home Users
What to Secure?
What Makes a Home Computer Vulnerable?
What Makes a System Secure?
Benefits of Computer Security Awareness
Basic Computer Security Mechanisms
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
6
Computer Security
Potential Losses Due to Security Attacks
Essential Terminologies
Elements of Security
What Makes a Home Computer Vulnerable?
Benefits of Computer Security
Awareness
Basic Computer Security
Mechanisms
What to Secure?
Module Flow
Layers of Security
Security Risks to
Home Users
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
7
0
100
200
300
400
500
600
700
2002 2003 2004 2005 2006 2007 2008 2009 2010
http://datalossdb.org
800
900
Security Incident Occurrences Over Time
2011
Report on January, 2011
Sec
urit
y In
cide
nt O
ccur
renc
es O
ver
Tim
e
Years
6 14 23
141
537511
787
604
409
10
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
8
Security Incidents by Breach Type - 2011
A security incident is “Any real or suspected adverse event in relation to the security of computer systems or computer networks.”
http://www.cert.org
10% 10% 10% 10% 10% 10%
40%
HackStolen Laptop
Stolen Document
Lost Laptop
Disposal Document
Web Unknown
http://datalossdb.org
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
9
Essential Terminologies
Threat Exploit Vulnerability
Cracker, Attacker, or Intruder Attack Data Theft
An action or event that has the potential to compromise and/or violate security
A defined way to breach the security of an IT system through vulnerability
Existence of a weakness, design, or implementation error that can lead to an unexpected, undesirable event compromising the security of the system
An individual who breaks into computer systems in order to steal, change, or destroy information
Any action derived from intelligent threats to violate the security of the system
Any action of stealing the information from the users’ system
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
10
21
Security is a state of well‐being of information and infrastructure
Computer security refers to the protection of computer systems and the information a user stores or processes
Users should focus on various security threats and countermeasures in order to protect their information assets
Computer Security
3
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
11
Why Security?
Computer security is important for protecting the confidentiality, integrity, and availability of computer systems and their resources
Computer administration and management have become more complex which produces more attack avenues
Network environments and network‐based applications provide more attack paths
Evolution of technology has focused on the ease of usewhile the skill level needed for exploits has decreased
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
12
Misuse of computer resources
Data loss/theft
Loss of trust
Financial loss
Unavailability of resources
Identity theft
Potential Losses Due to Security Attacks
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
13
Module Flow
Computer Security
Potential Losses Due to Security Attacks
Essential Terminologies
Elements of Security
What Makes a Home Computer Vulnerable?
Benefits of Computer Security
Awareness
Basic Computer Security
Mechanisms
What to Secure?
Layers of Security
Security Risks to
Home Users
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
14
Elements of Security
Authenticity is “the identification and assurance of the origin of information”
Confidentiality is “ensuring that information is accessible only to those authorized to have access” (ISO‐17799)
Availability is “ensuring that the information is accessible to authorized persons when required without delay”
Integrity is “ensuring that the information is accurate, complete, reliable, and is in its original form”
Non‐repudiation is “ensuring that a party to a contract or a communication cannot deny the authenticity of their signature on a document”
Non‐RepudiationAvailabilityIntegrityAuthenticityConfidentiality
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
15
The Security, Functionality, and Ease of Use Triangle
Functionality(Features)
Ease of Use
Security(Restrictions)
Moving the ball toward security means moving away from the functionality and ease of use
Applications/software products by default are preconfigured for ease of use, which makes the user vulnerable to various security flaws
Similarly, increased functionality (features) in an application make it difficult to use in addition to being less secure
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
16
Precaution
Maintenance
Reaction
Adhering to the preventative measures while using computer system and applications
Managing all the changes in the computer applications and keeping them up to date
Acting timely when security incidents occur
Fundamental Concepts of Security
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
17
Layers of Security
Layer 1
Layer 2
Layer 3
Layer 4
Layer 5
Physical Security
Safeguards the personnel, hardware, programs, networks, and data from physical threats
Network Security
Protects the networks and their services from unauthorized modification, destruction, or disclosure
System Security
Protects the system and its information from theft, corruption, unauthorized access, or misuse
Application Security
Covers the use of software, hardware, and procedural methods to protect applications from external threats
User Security
Ensures that a valid user is logged in and that the logged‐in user is allowed to use an application/ program
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
18
Security Risks to Home UsersHome computers are prone to various cyber attacks as they provide attackers easy targets due to a low level of security awareness
Security risk to home users arise from various computer attacks and accidentscausing physical damage to computer systems
Computer AttacksMalware attacks
Email attacks
Mobile code (Java/JavaScript/ActiveX) attacks
Denial of service and cross‐site scripting attacks
Identity theft and computer frauds
Packet sniffing
Being an intermediary for another attack (zombies)
Computer AccidentsHard disk or other component failures
Power failure and surges
Theft of a computing device
Note: These threats and their countermeasures will be discussed in detail in the later modules
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
19
What to Secure?Hardware Software
Information Communications
Laptops, Desktop PCs, CPU, hard disk, storage devices, cables, etc.
Operating system and software applications
Personal identification such as Social Security Number (SSN), passwords, credit card numbers, etc.
Emails, instant messengers, and browsing activites
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
20
Module Flow
Computer Security
Potential Losses Due to Security Attacks
Essential Terminologies
Elements of Security
What Makes a Home Computer Vulnerable?
Benefits of Computer Security
Awareness
Basic Computer Security
Mechanisms
What to Secure?
Layers of Security
Security Risks to
Home Users
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
21
What Makes a Home Computer Vulnerable?
Low level of security awareness
Default computer and application settings
Increasing online activities
None or very little investment in security systems
Not following any standard security policies or guidelines
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
22
System Access Controls Data Access Controls
System and Security Administration
System Design
What Makes a System Secure?System security measures help protect computers and information stored in the systems from accidental loss, malicious threats, unauthorized access, etc.
Ensure that unauthorized users do not get into the system
Force legal users to be conscious about security
Monitor system activities such as who is accessing the data and for what purpose
Define access rules based on the system security levels
Perform regular system and security administration tasks such as configuring system settings, implementing security policies, monitoring system state, etc.
Deploy various security characteristics in system hardware and software design such as memory segmentation, privilege isolation, etc.
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
23
Benefits of Computer Security Awareness
Computer security awareness helps minimize the chances of computer attacks
It helps prevent the loss of information stored on the systems
It helps users to prevent cybercriminals from using their systems in order to launch attacks on the other computer systems
It helps users minimize losses in case of an accident that causes physical damage to computer systems
It enables users to protect sensitive information and computing resources from unauthorized access
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
24
Module Summary
Security is a state of well‐being of information and infrastructures
Computer security is the protection of computing systems and the data that they store or access
Confidentiality, integrity, non‐repudiation, authenticity, and availability are the elements of security
Security risk to home users arise from various computer attacks and accidents causing physical damage to computer systems
Computer security awareness helps minimize the chances of computer attacks and prevent the loss of information stored on the systems
Copyright © by EC-CouncilAll Rights Reserved. Reproduction is Strictly Prohibited.
25
Basic Computer Security Checklist
Regular backup of important files
Use of strong passwords
Use of firewall and intrusion detection systems
Use of anti‐virus systems
Use of encryption techniques and digital signatures
Regular update of operating system and other installed applications
Following standard guidelines for Internet activities
Physical security of computing infrastructure
Awareness of current security scenario and attack techniques