Upload
eileen-jennings
View
214
Download
1
Tags:
Embed Size (px)
Citation preview
After completing this chapter, you should be able to do the following:Describe the different types of software and hardware attacksList types of desktop defensesExplain how to recover from an attack
Security Awareness, 3rd Edition2
Most attacks fall into two categories Malicious software attacks Attacks on hardware
Security Awareness, 3rd Edition3
Malware Wide variety of damaging or annoying
attack software Enters a computer system without the
owner’s knowledge or consent Primary objectives of malware
Infect a computer system with destructive software
Conceal a malicious action
Security Awareness, 3rd Edition4
Viruses Malicious program that needs a
‘‘carrier’’ to survive Two carriers
Program or document User
Security Awareness, 3rd Edition5
Viruses have performed the following functions: Caused a computer to crash repeatedly Erased files from a hard drive Installed hidden programs, such as stolen software,
which is then secretly distributed from the computer
Made multiple copies of itself and consumed all of the free space in a hard drive
Reduced security settings and allowed intruders to remotely access the computer
Reformatted the hard disk drive
Security Awareness, 3rd Edition6
Types of computer viruses File infector Resident Boot Companion Macro Polymorphic
Security Awareness, 3rd Edition7
Worms Take advantage of a vulnerability in an
application or an operating system Enter a system Deposit its payload Immediately searches for another
computer that has the same vulnerabiliy
Security Awareness, 3rd Edition8
Different from a virus Does not require program or user
Actions that worms have performed include Deleting files on the computer Allowing the computer to be remote-
controlled by an attacker
Security Awareness, 3rd Edition9
Trojan horse (or just Trojan) Program advertised as performing one
activity but actually does something else
Typically executable programs that contain hidden code that attacks the computer system
Security Awareness, 3rd Edition10
Rootkit Set of software tools Used to break into a computer, obtain special
privileges to perform unauthorized functions Goal is not to damage a computer directly Go to great lengths to ensure that they are
not detected and removed Replace operating system commands with
modified versions that are specifically designed to ignore malicious activity
Detecting a rootkit can be difficult
Security Awareness, 3rd Edition11
Logic bomb Computer program or a part of a
program that lies dormant until it is triggered by a specific logical event
Once triggered, performs malicious activities
Extremely difficult to detect before they are triggered
Security Awareness, 3rd Edition12
Zombie Infected ‘‘robot’’ computer
Botnet Hundreds, thousands, or tens of
thousands of zombies Internet Relay Chat (IRC)
Used to remotely control the zombies Number of zombies and botnets is
staggeringSecurity Awareness, 3rd Edition14
Types of hardware that is targeted includes BIOS USB devices Cell phones Physical theft of laptop computers and
information
Security Awareness, 3rd Edition16
Basic Input/Output System (BIOS) Coded program embedded on the
processor chip Recognizes and controls different devices
on the computer system Read Only Memory (ROM) chip
Older systems PROM (Programmable Read Only
Memory) chip Newer computers Flashing the BIOS
Reprogramming
Security Awareness, 3rd Edition17
USB (universal serial bus) Small, lightweight, removable, and
contain rewritable storage Common types
USB flash memory MP3 players
Primary targets of attacks to spread malware
Allow spies or disgruntled employees to copy and steal sensitive corporate data
Security Awareness, 3rd Edition18
Reduce the risk introduced by USB devices Prohibit by written policy Disable with technology
Disable the USB in hardware Disable the USB through the operating
system Use third-party software
Security Awareness, 3rd Edition19
Portable communication devices Rapidly replacing wired telephones Types of attacks
Lure users to malicious Web sites Infect a cell phone Launch attacks on other cell phones Access account information Abuse the cell phone service
Security Awareness, 3rd Edition20
Portable laptop computers are particularly vulnerable to theft
Data can be retrieved from a hard drive by an attacker even after its file has been deleted
Security Awareness, 3rd Edition21
Defenses include: Managing patches Installing antivirus software Using buffer overflow protection Protecting against theft Creating data backups
Security Awareness, 3rd Edition22
Patch Software security update intended to
cover vulnerabilities that have been discovered after the program was released
Security Awareness, 3rd Edition23
Automatic update configuration options for most operating systems Install updates automatically Download updates but let me choose
when to install them Check for updates but let me choose
whether to download and install them Never check for updates
Security Awareness, 3rd Edition24
Scan a computer’s hard drive for infections
Monitor computer activity Examine all new documents that might
contain a virus Drawback of AV software
Must be continuously updated to recognize new viruses
Should be configured to constantly monitor for viruses and automatically check for updated signature files
Security Awareness, 3rd Edition25
Buffer overflow Occurs when a computer process
attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer
May cause computer to stop functioning Windows-based system protection
Data Execution Prevention (DEP) Address Space Layout Randomization
(ASLR)Security Awareness, 3rd Edition26
Figure 2-4 Buffer overflow attack
Security Awareness, 3rd Edition27
Course Technology/Cengage Learning
Applies to laptops especially Device lock
Steel cable and a lock Software tracking system
Security Awareness, 3rd Edition28
Copying data from a computer’s hard drive onto other digital media Then storing it in a secure location
Sophisticated hardware and software can back up data on a regular schedule
Personal computer users Operating system functions Third-party software
Security Awareness, 3rd Edition29
What information to back up Back up only user files Back up all files
Frequency of backups Regular schedule
RAID (Redundant Array of Independent Drives) Uses multiple hard disk drives for increased
reliability Several RAID configurations
Called levels
Security Awareness, 3rd Edition30
Table 2-3 Types of data backups
Security Awareness, 3rd Edition31
Course Technology/Cengage Learning
Backup storage media Temporary media should not be used Alternatives
Portable USB hard drives Network Attached Storage (NAS) Internet services Disc storage
Security Awareness, 3rd Edition32
Location of backup storage Protect against not only virus attacks
but also against hardware malfunctions, user error, software corruption, and natural disasters
Backups ideally should be stored in a location away from the device that contains the information
Security Awareness, 3rd Edition33
Basic steps to perform Disconnect Identify Disinfect Recheck Reinstall Analyze
Security Awareness, 3rd Edition34
Malicious software (malware) Enters a computer system without the
owner’s knowledge or consent Includes a wide variety of damaging or
annoying software Infecting malware Concealing malware
Hardware is also the target of attackers Tactics for defending desktop systems Basic steps to disinfect and restore a
computerSecurity Awareness, 3rd Edition35