ISO 27002:2005 defines Information

Security as the preservation of:

Ensuring that information is

accessible only to those
– Confidentiality authorized to have access

Safeguarding the accuracy and

completeness of information
and processing methods
– Integrity

Ensuring that authorized

users have access to
information and associated
– Availability assets when required
 DID YOU KNOW?
In 1980 a computer cracked a 3-character
password within one minute.

In 1999 a team of computers cracked a 56-

character password within one day.

In 2004 a computer virus infected 1

million computers within one hour.
 High User Theft, Virus Attacks
Knowledge of IT Sabotage,
Systems Misuse

Systems & Lack Of Lapse in Natural

Network Documentation Physical Calamities &
Failure Security Fire
Types of Computer Security Threats
IT’S A JUNGLE OUT THERE
Computer Viruses Network Worms

Trojan Horses Logic Bombs

Address Book theft Hijacked Home Pages

Spywares Denial of Service Attacks

Salami Slicing Key Loggers

Password Grabbers Password Crackers

 Threats:
Illicit Activities

Hackers: enjoy intellectual challenges of

overcoming software limitations and how to
increase capabilities of systems
Crackers: illegally break into other people’s
secure systems and networks
Cyber Terrorists: threaten and attack other
people’s computers to further a social or
political agenda
 Threats:
Illicit Activities

Malware Writers: responsible for the creation

of malicious software
Samurai: hackers hired to legally enter secure
computer/network environments
‘Phreakers’: Focus on defeating telephone
systems and associated communication
technologies
Threats: MALWARE
Malware is Malicious Software -
deliberately created and
specifically designed to damage,
disrupt or destroy network
services, computer data and
software.
There are several types...
Malware Types
Viruses:
J Conceal themselves
J Infect computer systems
J Replicate themselves
J Deliver a ‘payload’
 System Security
 Viruses (General)
 A virus is a piece of code that attaches itself to other
programs or files.
 A virus becomes completely dependent on that program
or file.
 Each time you run the program or open the file, the virus
code is executed.
 With each execution the virus code has a chance to
propagate.
 Viruses spread from system to system when the code/files
are shared between the systems.
 System Security
 Viruses
 There are two general types of virus programs; malicious,
and non-malicious.
 A non-malicious virus does not intend to cause any
lasting damage to the computer system.
 It propagates.
 It may print messages on the screen.
 It may utter noises from the speaker.
 It does not include any code to intentionally do damage to the
computer system.
 System Security
 Viruses
 A malicious virus makes a concentrated attempt to do damage to
the computer system.
 It may format your disk drive.

 It may scramble the FAT table.

 It may remove random files.

 It may encrypt the data on the disk.

 System Security
 Viruses
 A virus is not a worm, nor is it a Trojan horse.
 A Virus is a parasitic piece of code. It attaches itself to
other code/files on the system. It relies on that piece of
code in order to propagate/operate. When that code is
executed so is the virus code. This gives the virus code the
opportunity to propagate, and to perform other actions.
 A worm is a piece of code that propagates itself to other
systems, but the code does not attach itself to programs
or files on the infected systems. Worms are stand-alone
programs that do not rely on a “host” piece of code to
propagate/operate.
 System Security
 Viruses
 A Trojan horse is a program that appears to do one thing,
but in reality does something else. It does not attach
itself to other code/files, and does not rely upon other
code/files to propagate/operate. For instance a game
program that removes all of your files (on purpose) would
be a Trojan horse.
 System Security
 PC Viruses
 PC viruses usually infect files with .exe, .com, and .ovr extensions.
These files usually contain executable code.
 The virus code sometimes infects the command.com file, the hard
disk boot sector, the hard disk partition tables, or floppy disk boot
sectors.
 Some virus code is memory resident code. It goes memory resident
then sits and waits for other programs to be pulled into memory.
When these programs are in memory the virus infects them.
 Some virus code goes to great lengths to hide itself...for instance the
strings in the code are variably encrypted to keep virus scanners
from finding the virus.
 System Security
 PC Viruses
 How is a file infected?
 A user runs a program that is already infected.
 The virus code is executed, and hunts other files to infect.
 When an uninfected file is found, the running virus will
append a code segment to the uninfected file (in many
cases it inserts virus code at the end of the main code
section).
 Once the code is in place the virus (still running from
another program at this point) will do one of the
following to make the new code segment executable:
TYPICAL SYMPTOMS
 File deletion

 File corruption

 Visual effects

 Pop-Ups

 Erratic (and unwanted) behavior

 Computer crashes
Malware Types
Worms:
Programs that are capable of
independently propagating
throughout a computer network.
They replicate fast and consume large
amounts of the host computers
memory.
Malware Types
Trojan Horses:
Programs that contain hidden
functionality that can harm the host
computer and the data it contains.
These are not automatic replicators.
vertently set them off.
Malware Types
Software Bombs:
Time Bombs - triggered by a specific
time/date
Logic Bombs - triggered by a specific
event
Both are introduced some time before
and will damage the host system
 Threats:
Illicit Activities

‘Phishing’: sending out ‘scam’ e-mails with the

criminal intent of deceit and extortion
Spam: unsolicited and/or undesired bulk e-
mail messages, often ‘selling’ a product (See
also SPIM – targeting of instant messaging
services)
 Spyware: Small programs install themselves surreptitiously on
computer to monitor user web surfing.

 Spoofing: Hackers hiding their true identities using face e-mail

address/ web link.

 Sniffer: It is a type of eavesdropping program that monitors

information travelling over a network.

 DOS: Hackers flood a network/web server with many thousands

of false communication requests for services to crash the network.

 Key Loggers: Records every keystroke made on a keyboard.

 Phishing
Phishing is a technique used by strangers to
"fish" for information about you, information that
you would not normally disclose to a stranger,
such as your bank account number, PIN, and
other personal identifiers such as your National
Insurance number. These messages often contain
company/bank logos that look legitimate and use
flowery or legalistic language about improving
security by confirming your identity details.
Phishing example
A final word:

Treat your password like you treat

your toothbrush.
Never give it to anyone else to use,
and change it every few months.