“I do it for the pleasure of creating something,

seeing that it works, and making something that

could really survive, spread, and hold its own in
the wild. A virus is something that lives. In real
life you can’t make a kind of animal. You can in
the computer. It’s like playing God.”
— Blue Owl, member of the Ready Rangers Liberation Front.
 Presented by :
D. Chandrika (B.Tech. III year , IT)

Sri Gnaneswari Research and Technological

Threats to Computer Security

Firewall and System Probing

Network File Systems (NFS) Application Attacks
Electronic Mail Attacks
Vendor Default Password Attacks
Spoofing, Sniffing, Fragmentation and Splicing
Attacks
Social Engineering Attacks
Easy-To-Guess Password Compromise
Destructive Computer Viruses
Prefix Scanning
Trojan Horses
 Firewall and System Probing
Hackers are using sophisticated, automated
tools to scan for vulnerabilities of a company's
corporate firewall and systems behind the firewall.

These hacker tools have proved to be quite

effective, with the average computer scan taking
less than three minutes to identify and compromise
security.

Companies can prevent this by ensuring that

their systems sit behind a network firewall and any
services available through this firewall are carefully
monitored for potential security exposures.
 Network File Systems (NFS) Application Attacks

Hackers attempt to exploit well-known

vulnerabilities in the Network File System
application, which is used to share files between
systems.

These attacks, usually through network

firewalls, can result in compromised
administrator access.
 Electronic Mail Attacks
Hackers can compromise network systems by
simply sending an e-mail to it.

Companies who accept e-mail from the Internet

and who have exposed versions of the send mail
program are potential targets from this attack. Last
year more than 20,000 systems were compromised due
to this exposure.

To prevent this from occurring, check with

vendors to ensure systems are running a correct
version of send mail or some more secure mail
product.
 Vendor Default Password Attacks
Systems of all types come with vendor-
installed user names and passwords.

Hackers are well educated on these default

user names and passwords and use these accounts
to gain unauthorized administrative access to
systems.

Protect systems by ensuring that all vendor

passwords have been changed
 Spoofing, Sniffing, Fragmentation and Splicing
Attacks

Recently computer hackers have been using

sophisticated techniques and tools at their disposal to
identify and expose vulnerabilities on Internet
networks.

These tools and techniques can be used to

capture names and passwords, as well as
compromise-trusted systems through the firewall.

To protect systems from this type of attack,

check with computer and firewall vendors to identify
possible security precautions.
 Social Engineering Attacks

Hackers will attempt to gain sensitive or

confidential information from companies by
placing calls to employees and pretending to be
another employee.

These types of attacks can be effective in

gaining user names and passwords as well as other
sensitive information.

Train employees to use a "call-back"

procedure to verify the distribution of any
sensitive information over the telephone.
 Easy-To-Guess Password Compromise
 Most passwords that are easy to remember are
also easy to guess.

 These include words in the dictionary,

common names, slang words, song titles, etc.
Computer hackers will attempt to gain access to
systems using these easy-to-guess passwords
usually via automated attacks.

 Protect systems by ensuring that passwords are

not easy to guess, that they are at least eight
characters long, contain special characters and
utilize both uppercase and lowercase characters.
 Destructive Computer Viruses

Computer viruses can infect

systems on a widespread basis in a very
short period.

These viruses can be responsible for

erasing system data.

Protect systems from computer

viruses by using anti-virus software to
detect and remove computer viruses.
 Prefix Scanning
Computer hackers will be scanning company
telephone numbers looking for modem lines, which
they can use to gain access to internal systems.

These modem lines bypass network firewalls and

usually bypass most security policies. These
"backdoors" can easily be used to compromise
internal systems.

Protect against this intrusion by ensuring modems

are protected from brute force attacks. Place these
modems behind firewalls; make use of one-time
passwords; or have these modems disabled
 Trojan Horses

Hackers will install "backdoor" or "Trojan

Horse" programs on businesses computer systems,
allowing for unrestricted access into internal
systems, which will bypass security monitoring and
auditing policies.

Conduct regular security analysis audits to

identify potential security vulnerabilities and to
identify security exposures.
Why’s all this going on!……………
Errors and Omissions

Fraud and Theft

Employee Sabotage

Loss of Physical and Infrastructure Support

Malicious Hackers

Industrial Espionage

Malicious Code

Threats to Personal Privacy

 Errors and Omissions

Errors and omissions are an important threat to

data and system integrity.

These errors are caused not only by data entry

clerks processing hundreds of transactions per day, but
also by all types of users who create and edit data.

A sound awareness and training program can help

an organization reduce the number and severity of
errors and omissions.
 Fraud and Theft

Computer systems can be exploited for both fraud and

theft both by "automating" traditional methods of fraud and
by using new methods.

Computer fraud and theft can be committed by insiders or

outsiders. Insiders (i.e., authorized users of a system) are
responsible for the majority of fraud.
 Employee Sabotage

Employees are most familiar with their employer's

computers and applications, including knowing what
actions might cause the most damage, mischief, or
sabotage.

The downsizing of organizations in both the public

and private sectors has created a group of individuals
with organizational knowledge, who may retain potential
system access (e.g., if system accounts are not deleted in
a timely manner).
Common examples of computer-related employee sabotage include:

· destroying hardware or facilities,

· planting logic bombs that destroy

· programs or data,

· entering data incorrectly,

· "crashing" systems,

· deleting data,

· holding data hostage, and

· changing data.
 Loss of Physical and Infrastructure Support

The loss of supporting infrastructure

includes power failures (outages, spikes, and
brownouts), loss of communications, water
outages and leaks, sewer problems, lack of
transportation services, fire, flood, civil unrest,
and strikes.
 Malicious Hackers

The term malicious hackers, sometimes called

crackers, refers to those who break into computers
without authorization. They can include both outsiders
and insiders.

Much of the rise of hacker activity is often attributed

to increases in connectivity in both government and
industry.
 Industrial Espionage

Industrial espionage is the act of gathering proprietary

data from private companies or the government for the
purpose of aiding another company(ies).

Industrial espionage can be perpetrated either by

companies seeking to improve their competitive advantage
or by governments seeking to aid their domestic industries.

Foreign industrial espionage carried out by a

government is often referred to as economic espionage.
 Malicious Code

Malicious code refers to viruses, worms,

Trojan horses, logic bombs, and other "uninvited"
software.

Sometimes mistakenly associated only with

personal computers, malicious code can attack
other platforms.

staff time involved in repairing the systems.

Nonetheless, these costs can be significant.
 Malicious Software: A Few Key Terms

Virus: A code segment that replicates by attaching copies of itself to

existing executables. The new copy of the virus is executed when a user
executes the new host program. The virus may include an additional
"payload" that triggers when specific conditions are met. For example,
some viruses display a text string on a particular date. There are many
types of viruses, including variants, overwriting, resident, stealth, and
polymorphic.

Trojan Horse: A program that performs a desired task, but that also
includes unexpected (and undesirable) functions. Consider as an
example an editing program for a multiuser system. This program could
be modified to randomly delete one of the users' files each time they
perform a useful function (editing), but the deletions are unexpected and
definitely undesired!

Worm: A self-replicating program that is self-contained and does not

require a host program. The program creates a copy of itself and causes
it to execute; no user intervention is required. Worms commonly use
network services to propagate to other host systems.
 Threats to Personal Privacy

The accumulation of vast amounts of electronic

information about individuals by governments, credit
bureaus, and private companies, combined with the
ability of computers to monitor, process, and
aggregate large amounts of information about
individuals have created a threat to individual privacy.

The possibility that all of this information and

technology may be able to be linked together has
arisen as a specter of the modern information age.
 Prediction for 2010`

In the coming year, Symantec expects to see

threat activity emerge around Microsoft
Windows Vista.

Symantec predicts that the new security

features in Windows Vista will result in fewer
instances of widespread worms that target core
Windows operating system vulnerabilities.

“In 2007, we have begun seeing a continuation

of the trend of targeted Trojan attacks against
high profile offices and the individuals who
occupy them.
An Introduction to Computer Security: The NIST Handbook
National Institute of Standards and Technology
Technology Administration
U.S. Department of Commerce
28