2. Who are the enemies?
Hackers
Unaware Staff
Disgruntled Staff
Snoops
3. Hackers
Computer
enthusiasts who
breaks in and leave
their footprints
Crackers-more
malicious, crashing
entire computer
system, stealing,
damaging,
confidential data,
defacing web pages
and disrupting
business
4. Some amateur hackers merely locate
hacking tools online and deploy them
without much understanding of how
they work or their effects.
5. Unaware employees
Employees can unconsciously cause
other security breaches including the
accidental contraction and spreading
of computer viruses.
6. Unaware employees
Employees who transport data via
floppy disks can unwittingly infect their
corporate networks with viruses they
picked up from computers in copy
centers or libraries.
7. According to survey,
“Ninety-one percent of respondents
detected employee abuse of
Internet access privileges.”
—Annual Computer Security
Institute and FBI Survey, 2001
8. Disgruntled Staff
Angry employees, often those who
have been reprimanded, fired, or laid
off, might vindictively infect their
corporate networks with viruses or
intentionally delete crucial files.
9. Snoops
Employees known as “snoops”
partake in corporate espionage,
gaining unauthorized access to
confidential data in order to provide
competitors with otherwise
inaccessible information.
10. Others are simply satisfying their
personal curiosities by accessing
private information, such as financial
data, a romantic e-mail
correspondence between coworkers,
or the salary of a colleague.
11. Some of these activities might be
relatively harmless, but others, such
as previewing private financial,
patient, or human resources data, are
far more serious, can be damaging to
reputations, and can cause financial
liability for a company.
12. Computer Security
Attributes
Attack Methods Technology for
Internet Security
Confidentiality Eavesdropping,
Hacking, Phishing,
DoS and IP Spoofing
IDS, Firewalling,
Cryptographic
Systems, IP Sec and
SSL
Integrity Viruses, Worms,
Trojans,
Eavesdropping, DoS,
IP Spoofing
IDS, Firewall, Anti-
Malware, Software,
IPSec and SSL
Privacy Email bombing,
Spamming, Hacking,
DoS and Cookies
IDS, Firewall, Anti-
Malware, Software,
IPSec and SSL
Availability DoS, Email, bombing,
Spamming and
system boot record
infectors
IDS, Anti Malware
Software and Firewall
14. Eavesdropping
Interception of communications by an
unauthorized party
Passive eavesdropping is when the
person only secretly listens to the
networked messages.
Active eavesdropping is when the
intruder listens and inserts something
into the communication stream.
15.
16. Viruses
Viruses are self‐replication programs
that use files to infect and propagate
17. Worms
A worm is similar to a virus because
they both are self‐replicating, but the
worm does not require a file to allow it
to propagate.
18. Trojans
Trojans appear to be benign programs
to the user, but will actually have some
malicious purpose.
19. Phishing
Phishing is an attempt to obtain
confidential information from an
individual, group, or organization
Phishers trick users into disclosing
personal data, such as credit card
numbers, online banking credentials,
and other sensitive information.
20. IP Spoofing
Spoofing means to have the address
of the computer mirror the address of
a trusted computer in order to gain
access to other computers.
With the current IP protocol
technology, Ipspoofed packets cannot
be eliminated
21.
22. Denial of Service (DoS)
Denial of Service is an attack when
the system receiving too many
requests cannot return communication
with the requestors