M7 internet security
1 like739 views
Internet security involves establishing rules and measures to protect against attacks over the Internet. It aims to secure confidentiality, integrity, and availability of information. Main cybersecurity threats include threats against information like identity theft and fraud, and threats against infrastructure like network and system attacks. Defenses include technologies like encryption, firewalls, antivirus software, and identity management systems.
M7 internet security
- 1. Introduction Master Class 7 Internet Security Josep Bardallo
- 2. 2 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security: Definitions Internet security is a branch of computer security specifically related to the Internet, involving Web Server security but also network security on a more general level as it applies to other applications or operating systems on a whole. Also called Cybersecurity. Its objective is to establish rules and measures to use against attacks over the Internet.
- 3. 3 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security: Definitions From Internet Security Glossary, Version 2 (rfc4949) Security is about protect resources
- 4. 4 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security: Definitions Secure Web Services is about secure CIA: From NIST: Guide to Secure Web Services (SP800-95)
- 5. 5 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security: Definitions Threat, attack and Vulnerability: From CISSP Guide to Security Essentials
- 6. 6 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security: Evolution • From Information Security to Information Assurance (process of continuous Analysis and Risk Management • Information assurance (IA) is the practice of assuring information and managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes. Information assurance includes protection of the integrity, availability, authenticity, non-repudiation and confidentiality of user data. It uses physical, technical and administrative controls to accomplish these tasks
- 7. 7 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security Threats Main Cybersecurity Threats •Threats against information • Spy • Information Theft • Identity Theft • Fraud • APT (advanced Persistent threats) •Threats against infrastructure • Critical Infrastructures attacks • Networks and systems attacks • Industrial systems attacks • Malware infection • Third party attacks
- 8. 8 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security Threats: 2012 Real data
- 9. 9 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Attack types From States From private entities Terrorism, political or ideological attacks Hacktivism: Professional Hacking Low profile attack Insiders attacks
- 10. 10 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo State promoted Attacks Estonia 2007 Russia to Georgia (2008) before terrestrial invasion Israel/USA to Iran with Stuxnet USA classified networks from Chinese hackers
- 11. 11 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Professional Hacking: DDoS, trojan DDoS http://www.youtube.com/watch?v=c9MuuW0HfS
- 12. 12 NetworkingServices&infr.//MasterinICTStrategicManagement Professional Hacking: Trojan 13 / 11 / 2012Josep Bardallo
- 13. 13 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Professional Hacking: Socks bot
- 14. 14 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Professional Hacking: Spam service
- 15. 15 NetworkingServices&infr.//MasterinICTStrategicManagement Professional Hacking: Botnet 13 / 11 / 2012Josep Bardallo
- 16. 16 NetworkingServices&infr.//MasterinICTStrategicManagement Professional Hacking: Zeus Botnet 13 / 11 / 2012Josep Bardallo
- 17. 17 NetworkingServices&infr.//MasterinICTStrategicManagement Professional Hacking: Any kind of hacking 13 / 11 / 2012Josep Bardallo
- 18. 18 NetworkingServices&infr.//MasterinICTStrategicManagement Professional Hacking: Value of Hacked PC 13 / 11 / 2012Josep Bardallo
- 19. 19 NetworkingServices&infr.//MasterinICTStrategicManagement Professional Hacking: Top attack method by vertical 13 / 11 / 2012Josep Bardallo
- 20. 20 NetworkingServices&infr.//MasterinICTStrategicManagement Low profile attacks: More easy 13 / 11 / 2012Josep Bardallo http://builtwith.com/ Easy to obtain info from any web
- 21. 21 NetworkingServices&infr.//MasterinICTStrategicManagement Low profile attacks: More easy. Steps 13 / 11 / 2012Josep Bardallo http://www.t1shopper.com/tools/port-scan// Easy to open ports
- 22. 22 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Data Breach's in 2012 Global Payments (1.5 million records) Yahoo! (450k passwords) Wyndham Hotels (600k credit cards) eHarmony (1.5 millions passwords) Linkedin (6.5 millions passwords) Zappos (24 millions records) Gamigo (3 millions records) Texas Attorney General’s Office (6.6 million recors) Average insurance cost per databreach: $3.7M
- 23. 23 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Malware 31,6 Worldwide PC infected by malware 24% infected by a Trojan (16% in Spain)
- 24. 24 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo New attacks
- 25. 25 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Today Threats
- 26. 26 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Defense technologies ?
- 27. 27 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security Defense Technologies
- 28. 28 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security Defense Technologies
- 29. 29 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security Defense Technologies
- 30. 30 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Internet Security Defense Technologies
- 31. 31 NetworkingServices&infr.//MasterinICTStrategicManagement 13 / 11 / 2012Josep Bardallo Bibliography http://www.ietf.org/rfc/rfc2828.txt http://tools.ietf.org/html/rfc4949 http://www.itu.int/rec/T-REC-X.800-199103-I/e http://csrc.nist.gov/publications/nistpubs/800-95/SP800-95.pdf http://www.ismsforum.es/ficheros/descargas/informe-scsi1348666221.pdf http://www.t1shopper.com/tools/port-scan/ http://builtwith.com/ http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-russian- underground-101.pdf http://www.businessinsurance.com/article/20121009/NEWS07/121009907?template=smartphoneart http://www.netdiligence.com/files/CyberClaimsStudy-2012sh.pdf http://pandalabs.pandasecurity.com/es/principales-amenazas-para-tu-ordenador-troyanos-infografia/ http://www.cloudtweaks.com/2012/10/cloud-infographic-safeguarding-the-internet/ http://www.akamai.com/html/technology/dataviz1.html https://www.bit9.com/cyber-security/graphic.php http://www.reg8.net/users/0012/expo2011/gartners_hype_cycle_special__215667.pdf