INTERNET & E-COMMERCESECURITY

S1 Teknik Informatika Fakultas Ilmu Komputer

UPN “Veteran” Jakarta

Lecturer : Bambang Warsuta, S.Kom, M.T.I

bambangwarsuta@gmail.com

Profile Potential Cyber User in IndonesiaSumber : Kompas, Triennal Review, Comscore

Pengguna Twitter di Indonesia

sebesar 9.9 juta (per 2011) merupakan penggunaterbesar keempat di

dunia setelah Belanda, Jepang, & Brasil

Penduduk Indonesiamerupakan penduduk

terbesar keempatdi dunia (250 juta)

setelah China, India danUSA

Pengguna Facebook diIndonesia sebesar 35 juta

per 2011 merupakanpengguna terbesar

kedua di dunia setelahAS (152 juta)

Threats Unauthorized Access = Akses oleh pihak

yg tidak berhak

Mobile Device Attack = Serangan keamanan pada perangkat handphone, tablet computer

System Compromise = Kelemahan internal dari sistem/ bolong keamanan aplikasi

Cyber Espionage = Mata-mata sistem informasi

Social Engineering = Pencurian data penting melalui jejaring sosial

SPAM = Email yg tidak diperlukan

Malware = Virus program

Insider = Kegiatan orang dalam

Denial of Service = Kegagalan sistem akibat kesengajaan

Data Leakage = Kebocoran data

Phishing = Pencurian informasi melalui email

Identity Theft = Pencurian informasi identitas seseorang

Web Deface = sistem eksploitasi dengan tujuan mengganti tampilan halaman muka suatu situs.

Sumber : id-CERT(Cyber Emergency Response Team)

4 Besar Threat Abuse

Laporan Abuse dari ID-CERT

Posisi keempat tertinggi adalah MALWARE.Posisi ini turun dibandingkan tahun sebelumnya kecuali pada bulan April.

Bila dibandingkan dengan bulan Desember 2010, jumlah laporan juga turun (Posisi pada bulan Des 2010 adalah: 9.417 laporan)

Sedangkan bila dibandingkan dengan bulan yang sama ditahun 2010, maka tren yang terjadi adalahterjadi kemiripan dibanding periode yang sama tahun lalu.

Berdasarkan data Messagelabs, malware secara global memiliki kecenderungan menurun.

Malware

Malware = Malicious Software (perangkat lunak jahat) Kawin silang antara virus, worm, trojan horse, backdoor, keylogger, screen logger, dll

Fungsi-fungsi yang digunakan Packer (is a program that has

been packed/protected with a protection system typically designed by malware authors to bypass anti-virus protection and to hide malware contents.)

Polymorphic (memilik banyak bentuk) Trojan, Worm, spyware.

Enkripsi Exploit (fungsi menyerang

kelemahan komputer) Instant Messenger (chatting) Mematikan Anti Virus yang

terpasang dll

Laporan Abuse dari ID-CERT (1)

Posisi ketiga tertinggi pada tahun ini adalah dengan kategori LAIN-LAIN. Dimana yang masuk dalam kategori ini adalah semuanya terkait dengan pelanggaran HaKI (Hak Atas Kekayaan Intelektual) baik itu untuk Piranti Lunak maupun Film.

Laporan Abuse dari ID-CERT (2)

SPAM, Dari total laporan yang masuk, SPAM menduduki peringkat kedua dari total laporan yang diterima diawal tahun 2011 ini, namun pada bulan Maret hingga Juni terdapat kecenderungan menurun.

Laporan Abuse dari ID-CERT (3)

Insiden jaringan (Network Incident) yang mencakup: DoS Attack, Open Relay, Open Proxy, Hacking, Port Scanning, Port Probe (HTTP/HTTPS, FTP, TELNET, TCP, SSH Brute, CGI, RPC, Netbios, VNC Portscan), TCP Sweep dan SQL Injection pada tahun ini menduduki peringkat pertama dalam riset Abuse kali ini. Hal ini merupakan rekor tertinggi semenjak awal tahun ini.

0

10,000

20,000

30,000

40,000

50,000

60,000

70,000

80,000

90,000

JAN FEB MAR APR MEI JUN

RISET ABUSE ID-CERT 2011

NETWORK INCIDENTSEMESTER I 2010 & 2011

2011

2010

Secure eCommerce environment A secure e-commerce environment

requires: Access control, usually managed by a

firewall, which regulates the data flow Authentication, which binds the identity of

an individual to a specific message or transaction

Data privacy and integrity, which ensures that communications and transactions remain confidential, accurate and have not been modified.

First line Defense

This is the first line of defense for any website. Some methods for accomplishing this are: Firewalls.

PORT User account security.

User Credential, Password, Access Rules Software security.

Antivirus, AntiMalware, AntiSpam, etc. Additional protection for sensitive data.

Secure password management, Data Encryption, etc.

Successful people ask better questions, and as a result, they get better answers. Tony Robbins 

Silakan Bertanya???

COMMON WEBSITE SECURITY MEASURES (1)

Routers Be sure that your router is appropriately

configured. A router is designed to route packets efficiently

and reliably, but not securely, thus although it is a layer in your security package, a router should not be used alone as a method for implementing a security policy.

One of the most common types of security attack is what is called a “denial-of-service” attack, i.e. an attacker or attackers use various means to prevent legitimate website users from accessing a site.

Denial Of Services

FIREWALLS

COMMON WEBSITE SECURITY MEASURES (2)

Firewalls A firewall is a device that controls the flow of

communication between internal networks and external networks, such as the Internet.

It controls “port-level” access to a network and a website. A “port” is like a doorway into a server.

Here are some examples of firewall configurations you might want to implement. Close off the possibility of unnecessary or unauthorized traffic

accessing your servers. Configure the firewall so that only wanted traffic gets through. Encrypt most or all traffic between servers. Limit the points of access.

COMMON WEBSITE SECURITY MEASURES (3)

Disable Nonessential Services Some of the services you should disable on your

website’s servers include, but are not limited to: Mail (SMTP). Finger Network Protocol Netstat, systat. Chargen, echo. Character generator Protocol FTP. Telnet. Berkeley UNIX”r” commands such as rlogin,rsh, rdist

etc. SNMP. Simple Network Management Protocol

COMMON WEBSITE SECURITY MEASURES (4)

User Account Security A common method hackers use to gain access to a

web server is to steal an authorized user’s account.

Restricting a user’s access to only the needed resources limits the amount of damage hackers can do to your website. Authentication and authorization are the two best general ways to restrict access. Authentication. This verifies that you are who you claim

to be. Authorization. This defines what a user is allowed to do.

COMMON WEBSITE SECURITY MEASURES (5)

Data Confidentiality Confidentiality ensures that only authorized

people can view data transferred in networks or stored in databases.

Protecting sensitive data like credit card numbers, inventory, etc. is a difficult problem for web-based businesses

COMMON WEBSITE SECURITY MEASURES (6)

Monitoring Your Website Finally, monitor your website’s usage and take a

proactive stance on security holes. To ensure a high level of security, you should: Monitor for break-ins. Institute a user account change report

or install a sophisticated network monitoring system. Monitor your logs after an attack, they can tell you how the

attack occurred and might even provide a clue as to the identity of the attacker.

Run a security analysis program that can take a snapshot of your site and then analyze for potential weaknesses in your site.

Perform security audits with outside auditors to check for potential security holes that you might have missed.

Back up your website on a scheduled basis so that, if needed, you can recover damaged data and programs.

Silakan bertanya???

The only source of knowledge is experience.Albert Einstein 

Thank You… Have a nice weekend…