Fix This Presentation• This is presentation by Mr Tony Brett.• He knows a lot about computer security but not much about

how to present information in an electronic presentation.

You are to• Change the presentation to make it easier to read.• You need to reformat it. Don’t change the message of his

presentation – just how it appears on screen and ensure that it is appropriate. You can change the colours, fonts, images, backgrounds and the images.

• Show your teacher when you have finished and upload to Moodle

ICT Security Issues in Europe

Tony BrettOxford University Computing Services

http://users.ox.ac.uk/~tony

Agenda

1. Brief Security Update2. Identity Theft3. Standards and Governments4. The Future of Spam5. Vulnerabilities6. Biometrics7. Some Stories8. Questions & URLs

Are you serious?European Password Survey by NTA:67% of users rarely or never change their passwords22% admit that they would only ever change their password even if forced to by a Web site or system/IT department

Average number of passwords people have to know:Average: 21Maximum: 70

Users who write down their passwords:49% heavy computer users 31% average of all users

Source: Computing Technology Industry Assn., 2003

…of security breaches

are caused by human

error

63%

Identity Theft

Sources: Gartner, July 2003, based on U.S. stats; BBC News

Identity theft claimed 3.4% of U.S. citizens, or 7 million victims during the past year

The UK government estimates this crime has cost more than £1 billion over the same period

The typical identity-theft victim in the United States

spends 175 hours actively trying to resolve the

problems caused by identity thefts

Source: Congressional Press Release, Sep. 2000

…is Britain's fastest-growing white-collar crime, increasing at nearly 500% a year.

Identity theft

“The number of consumers who have fallen prey to identity thieves is severely underreported.” Moreover, arrests in identity theft cases are extremely rare, catching the perpetrator in only one out of every 700 cases.

Source: Unesco Observatory on the Information Society

“The current [Internet] identity-theft hot spots are Eastern Europe and Southeast Asia where the level of education and technical sophistication is high, and where tracking down and prosecuting criminals can be very tricky.” Bruce Townsend

Special Agent, Financial Crimes DivisionUS Secret Service

Identity Theft

A True Story

TriWest Healthcare Alliance in Arizona provided healthcare services for members of the U.S. military. Thieves stole computers containing confidential records.Losses were $2.7 million.Cost to victims: $30 million to repair damage to credit ratings

5th March 2003

AOL announced it had blocked one billion spam emails from reaching its

members in one day

Biometrics: Free lunch through eyes

• Problem: – Poor kids showed voucher while “rich” kids

used money• Solution:

– Uses retina scan to verify student– Pull money from account or redeem electronic

voucher

Western England High School

Young hacker!

• At lunch, went to classroom• Teacher hadn’t logged off• Changed his grades• Facing felony charges (doubtful he’ll see

any jail time)

11 year old boy in Florida