Unit 9 Computer Crime - PowerPoint PPT Presentation

1 / 26
About This Presentation
Title:

Unit 9 Computer Crime

Description:

Identify the risks and controls required when a systems is exposed to the Web ... Spoofing - A device pretends to be a 'trusted' device. ... – PowerPoint PPT presentation

Number of Views:28
Avg rating:3.0/5.0
Slides: 27
Provided by: lynnep
Category:

less

Transcript and Presenter's Notes

Title: Unit 9 Computer Crime


1
  • Unit 9 - Computer Crime Backup and Recovery
  • Identify the risks and controls required when a
    systems is exposed to the Web
  • Identify risks and controls required to minimize
    exposure to the organizations own staff
  • Describe techniques commonly used to perpetuate
    computer crime.
  • Identify the key elements in a comprehensive
    Backup/Recovery Plan

2
  • Who Commits Computer Crimes?
  • Disgruntled employees
  • Opportunistic employees
  • Hackers
  • Common criminals

3
Examples of Computer Crimes????
4
  • Examples of Computer Crimes
  • Theft Hardware, software, money, proprietary
    ideas, unauthorized use, and time are stolen from
    businesses.
  • Illegal Software All software must be properly
    licensed.
  • Viruses - Various programs that cause damage to
    data and/or steal computing resources.
  • Denial of Service (DoS) - Usually done by a
    worm that propagates itself then sends requests
    to a specific host that overloads the network
    causing legitimate traffic not to get through.

5
  • Examples of Computer Crimes
  • Network Eavesdropping gain access to
    proprietary information through wiretapping,
    internet scanning, wireless network scanning
    (data and voice)
  • Scanners - Programs that scan the internet
    looking for security weaknesses. Ports are tested
    for services available, users currently active,
    anonymous logins allowed, authentication
    loopholes.
  • Password Crackers - Usually simple programs that
    try common passwords or letter/number
    combinations until right one is found.

6
  • Examples of Computer Crimes
  • Sniffers - Devices (hardware/software) that
    capture all packets of information on a network.
    Normal devices on the network hear all the
    traffic but only capture packets intended for
    them (with their IP address).
  • Spoofing - A device pretends to be a trusted
    device. This is done by cracking the hosts
    configuration file of trusted devices. The
    Spoofing device then sends packets containing
    the sender address of a trusted device.
  • Backdoors - Sometimes intentionally and sometimes
    unintentionally hardware and software components
    have a security flaw that allows unauthorized
    access.

7
  • Examples of Computer Crimes
  • Internal (Usually a programmer) - Data Diddling
    (change input data) Trojan horse (add extra
    code) salami techniques (taking small assets
    from large volume like round up fraud) trap
    doors (code left in from debugging) logic bombs
    set to go off under certain conditions .

8
  • How do you prevent computer crime?
  • Risk Assessment
  • identify threats and vulnerabilities
  • implement policies and procedures
  • internet usage, software piracy, and proprietary
    information agreements signed by employees

9
  • Your Turn - How do you prevent computer crime?
    Small groups each gets one
  • Identify and Protect Physical Assets
  • Implement Appropriate Physical Security such as
    access, shredders, etc
  • User Securityaccount/passwords
  • User Securityneed to know, security background
    chk
  • Program Deterrents code review, file compares
  • Review Logsnetwork,security access violations
  • Review logs internet usage, FTP
  • Networkfirewalls
  • Network DNS
  • Network virus protection
  • Networkencryption, SSL
  • Network sniffers, isolate LAN from Internet

10
  • Your Turn - How do you prevent computer crime?
  • Small Groups Answer
  • Questions
  • Describe what the control is in your own words.
  • For each of the listed examples, explain how this
    control deters crime.

11
  • How do you prevent computer crime?
  • Identify Protect Assets
  • Tag Physical Assets
  • Inventory/Validate Assets
  • Security guards at entrances
  • Implement Appropriate Physical Security
  • Limited Access to Computer Server Rooms/Sign-in
    and Sign-out
  • Laptop Chains
  • Shredders for source code listings/sensitive data
  • Card access for buildings and secured rooms
    within buildings
  • Lockup policies facilities in place for
    sensitive information

12
  • How do you prevent computer crime?
  • Implement User Security
  • Group, Account, Password
  • Enforce Password Change
  • Enforce Password Length (at least 7 characters)
  • Disable accounts after 3 attempts
  • Restrict access on need to know/use basis,
    particularly unrestricted access
  • Perform security background checks on any
    employee with access to sensitive data
  • Password protected screen savers after period of
    inactivity on PCs

13
  • How do you prevent computer crime?
  • Programmer Deterrents
  • Code reviews
  • Production control separate from programming
  • Automated tools such as file compares to pinpoint
    changes
  • Team programming (eXtreme Programming)
  • Review Logs
  • Daily review security access logs for violations
  • Daily review network access logs for access
    attempts
  • Daily review internet usage logs
  • Daily review system usage logs

14
  • How do you prevent computer crime?
  • Protect Your Network Communications
  • Locked services panels and server access
  • Use firewalls, virus scanners, etc
  • Use non-public internet addresses internally
  • Install software security releases
  • Used leased line communications for sensitive
    information transfer
  • Encrypt email
  • Internet use SSL (socket level security
    encryption) for secure transactions
  • Secure dial-up modems
  • Implement LANs not connected to the Internet for
    particularly sensitive data (e.g., finance)
  • Use network sniffers to identify network traffic

15
  • How do you prevent computer crime?
  • Prosecute Criminals!
  • Resource
  • www.cerias.purdue.edu/hotlist/
  • www.cert.org
  • www.sans.org

16
  • Your Turn - Backup and Recovery
  • What factors will influence a companys backup
    policy and procedures?
  • 2. Backup schedules and methods will vary based
    on the different categories of software and files
    to be backed up.
  • a) What might some of these categories be?
  • b) What factors will influence how often backup
    is performed?
  • 3. What type of situations would require a
    recovery from backup?

17
  • Backup and Recovery
  • What is backup and recovery? 
  • The ability to fully recover lost or damaged data
    and return operations to normal as quickly as
    possible.
  • What is backed up?
  • databases
  • application software
  • system software
  • user personal data
  • client workstations

18
  • Backup and Recovery
  • When is recovery necessary?
  • corruption of production databases or application
    software libraries
  • fallback from poorly tested implementations
  • problems with application software
  • disasters that make systems inoperable and
  • inquiries against archived data.

19
  • Backup and Recovery
  • Justification
  • How much will it cost for your system to be down?
  • What does management considers an acceptable
    amount of time to recover if the system is
    totally destroyed?
  • What does management consider an acceptable
    amount of lost data that will have to be
    re-entered?
  • The lower the exposure the higher the cost.

20
  • Backup and Recovery
  • Strategy
  • Focus on what data, applications and
    configurations are required to conduct
    operations
  • Recommend alternate solutions to management for
    backup methods with acceptable risk
  • Prepare a management plan to keep the solution up
    to date and
  • Test all backup and recovery procedures to ensure
    they work.

21
  • Backup and Recovery
  • Guidelines
  • Store backups off-site.
  • Copy to a separate medium e.g. to tape.
  • View the recovery from a business area point of
    view.
  • Consider the many levels of recovery, from a lost
    file to full-scale disaster recovery.
  • Copy data files after the online processing prior
    to any batch updating takes place and after batch
    processing.
  • Copy application software weekly and as major
    changes are made to the application software.

22
  • Backup and Recovery
  • Guidelines (cont.)
  • Define the number of backup files to be kept. The
    recommendation is
  • Daily - 10 generations
  • Weekly - 4 generations
  • Monthly - 18 generations
  • Annual - 7 generations and
  • Paycycle - 24 generations

23
  • Backup and Recovery
  • Guidelines (cont.)
  • Implement procedures for creating reliable
    backups including
  • Ensuring files are not in use by the
    applications
  • Verifying successful backup process and
  • Logging backup media appropriately.

24
  • Backup and Recovery
  • Guidelines (cont.)
  • Implement appropriate procedures for restoring
    files including
  • Selecting the proper data to be restored
  • Ensuring files are not in use by the
    applications and
  • Verifying successful restore process.

25
  • Backup and Recovery
  • Guidelines (cont.)
  • Implement appropriate procedures, technology, and
    automation for high availability critical
    applications/databases
  • Database disk mirroring
  • Redundant fail-safe servers
  • Dual electrical power supply a/c heating
  • Redundant ISPs, alternate route
    telecommunications paths equipment

26
  • Backup and Recovery
  • Guidelines (cont.)
  • Implement appropriate procedures, technology, and
    automation for high availability critical
    applications/databases
  • Online backups of software and data (such as
    checkpoint/ restart from logs)
  • Hardware spares
  • Spread application load over multiple servers and
    use load balancing hardware/software
Write a Comment
User Comments (0)
About PowerShow.com