Docstoc

Acknowledging Security Issues Improves Ethical Decisons

Document Sample
Acknowledging Security Issues Improves Ethical Decisons Powered By Docstoc
					                              Quit – I am working
                               to get into YOUR
                                   computer!




Acknowledging Security Issues
  Improves Ethical Decisons
        By: Michael Crain, MSIM
              Current Issues in Creating a
        Knowable and Safe Operating Environment
                                                              Business
                                                             Challenges
ØNot Trained in Computer Ethics
                                                      ØEnsure an Ethical Environment
ØNot informed about Computer Crimes                   ØDevelop Security Methods
ØNo Understanding of Vulnerabilities                  ØInvestment – Budget Acceptance

                                         People


ØNo Polices & Procedures in Place                             Security                  Business
ØNon Developed Culture                 Organization           Methods                   Solutions
ØNot Investing in Security
                                                                               ØDevelop Knowledge
                                                                               ØSafeguard Assets
                                       Technology
                                                        ØSchedule Risk Assessments
ØNo involvement within departments                      ØUpdate Security Software
ØMissing Security Updates                               ØImplement Better Controls
                                                        ØDisaster Recovery Plan
ØOperating with Legacy Systems
Training - Computer Ethics

                     Inform
                     • Virus/Worms
                     • Trojan Horse

                                       Acknowledge
                                      the Threats
                                      • Hackers
 Computer                             • Methodology
 Ethics
 • Build a Culture
 • Awareness          Safeguard
                       Assets
        The 10 Commandments of
             Computer Ethics


9. 6. Thou shall not use or copy
 2. Thou shallshall a computer in people’s
 3. Thou shall think aboutcomputerother
                        snoop social bear
                           other
 1. 7.Thou shall not useusethecomputer
10. 8.Thou shall not appropriatewith in
 4.      Thou use not interfere to that
                         a a around
 5.                               ways
         software for which you have write
         computer of the program you
    consequences resources without not
    show considerationcomputer work
      other other files output
      topeople’s intellectualrespect.
          steal
          harm
    or use people’s people
      false witness      and
         authorization
         paid




     Respect = Acknowledge
    INTERFERE = OBSTRUCT
  FALSE WITNESS==PERMISSION
  HARM = DAMAGE/DESTROY
   AUTHORIZATIONSECRETS
      COMPANY SPY
      AGAINST-THE-LAW
      STEAL = EMBEZZLE
         SNOOP IMPOSTOR
CONSEQUENCES ==COST/DAMAGE
        MALICIOUS ACT!
    Consideration = Concerns
                  KEY WORDS
              Security Requirements
            Vulnerabilities

      Consist
Damage/Destroy
Malicious Act ency
Snoop – Spy
                                                      Michael Crain
Steal – Embezzle
            The Data and
False Witness - Impostor
                                                      UTPB MIS

         Behavior we see
Illegal Software
           Today, will be
Authorization/ Authentication
              the SAME
Intellectual Output – Company Secrets     Intrusion Detection Device
                                        Security–Updates & Technology
                                          Are Anti-VirusSoftware
                                          BugsBuild aaPhone Call
                                           LevelsWorkstation Sweep
                                              you of Authentication
                                              SpywareSafe Website?
                                               Make Knowledge
                                                  Biometrics
                                                  on     Software
           TOMORROW
Consequences – Cost / Sacrifice            Monitor Traffic & Packets

Respect/Consideration =
Acknowledge/Concerns
Questions to ask yourself?

 If everyone acted the way I do
   Would society benefit as a whole
 If I was judged for my actions
   Would my actions be considered as being fair
   Would people believe I took “all” necessary steps to
   protect company assets!

 In making a ethical-decision
   Would my peers believe I did the “Right Thing”
 Computer Technology Advancements
     Changes Computer Ethics

 Some of the technology that leads in the
  changing of computer ethics include
 Computer Power
 Data Storage - Cost is declining
 Data Analysis – BI tools are decreasing in cost
 Network advances - Cell phones
         On October 28, 2011 – Daily Threats
            Recorded Computer Threats
                    Denver
                 1,243 Threats                             Philadelphia      New York
                                                           1,721 Threats   1,778 Threats
 Los Angeles
2,073 Threats
                                            Dallas
                                        1,427 Threats



                                                          Houston
                                                        2,023 Threats
                           332 Miles
                                                                               Miami
                                                                           1,281 Threats
   San Diego
 1,189 Threats
                         San Antonio
                        2,790 Threats

        In the past 30-days – Norton's revealed more than 278,000 THREATS
Corporate Hacker Attacks

           Sony – (April 24, 2011)
               24.6 million user accounts compromised
               Cost: $170 Million
               Debt and Credit Cards Captured
               Cause: Outdate Database

           CitiBank (June 27, 2011)
             200,000 new credit cards reissued
             Cost: $2.7 Million
             Cause: Breached Server linked to a
              message board, stealing customer
              information
 Creating an Ethical Environment
Requires Understanding the Threats

                        Providing knowledge
                          Possible Threats
                           ▪   Phishing – Fake Website
                           ▪   Spam - Emails
                           ▪   Viruses – Damage Software
                           ▪   Trojan Horses – Damage Hardware
                          Acknowledge Vulnerabilities
                           ▪   Spyware – Monitoring Web Surfing
                           ▪   Spoofing – Redirect Application
                           ▪   Sniffer - Eavesdropping
                           ▪   Keyloggers – Recording Key Stokes
                           ▪   Denial-of-Services (DoS)
                           ▪   Evil Twins
                           ▪   Hackers – Want your information
Pharming - Redirects

                                    Received as an Email
  Someone sends you and email         Requesting Information
   Asking you for confidential        Request you to click on a
          information                  link
  Redirects you to a look-a-like      Sends you to a fake website
   website for you to log into.        duplicating a website that
                                       you are familiar!
                                      Request usually ask for you
                                       to update your records
                                      Social Security number
                                      Bank Account information
                                      Credit card information
Is Spam in your email?

                                                   Spam
                   Blocks 2.4 Billion               Unsolicited email
                   Each day!                        Easy to create
                                                    8 out of 10 spam emails
                                                     contain tracking codes
                                                     ▪ Record/Log your recipients
                     adf                               email address
    could really lose up to 82% 2 Billion
                       Blocks
YouWhat if we tell you that you could really
                      Spam of your unwanted         They are consider as a
      Do you like to cook? Are you missing
  body fat and82% of your unwanted months,
                           in just a few
    lose up to keep it off per Subscriber
                       88homecertainlybody so!       transporter
          your mother’s
        Accounts off 45% cookin? hope
   fat you be interested? Wea the 10.9
 wouldand keep it for in justof few months,
                                                    Zombie–controls emails
      Check visit messages southern
      Please out these good-oldsent
   would you be our web site - Click here!
            trillion
                   interested? We certainly
     recipes from my Grandma! Click here!           Use your computer to
           around the WORLD – a
hope so! Please visit our web sitein Click Here
                   single Day!                       send Spam
Malicious Software

                  Viruses
                      A program that attaches
                       itself to other software
                      RAM illustrates spikes
                      Destroy programs or data
                      Reformat hard drive
                      Improper operation
                      Spreads from computer to
                       computer – send an email
                      Found in unknown
                       attachments
                      Often linked to chain
                       letters
Trojan Horse
                The most Serious threats
                Executable program –
                 triggers an event
                Can attack others
                Appears as a movie
                   Free game
                   A Song
                   Check your system for viruses
                Eases your disk
                Extensions include
                   exe – vbs – com – bat
                Beware of hidden
                 extensions – susie.jpg
                Simply
                   Don’t except candy from
                    strangers!
Spyware

           Self installs
           Tracking software
             Gathering information
              about you!
             Records your passwords
             Follows you on the internet
             Gather any personal
              information
           Notice
             Computer running slow!
Spoofing

Redirect to a Fake Website     Spoofing
                                 Is used to gain access by
        Work from Home            tricking computer system
     Earn $15,000 per Month
                                 It allows the Hacker to hide
     Must have a computer!
           Click Here!            their identity while using
                                  your IP
                                 Allows the Hacker to send
                                  message from a bogus
                                  email address
                                 Sends you to a fake
     Click Here for Recipes       Website
                                 Identity Theft
Sniffer

           Works on Networks
             Used for diagnostic
              testing
           Filters packets
           Copies to analyze
           ISP use a sniffer
               Which sites you visit
               What you look at on a site
               What’s in a email you sent
               What you download
Keylogger

             Records each key stroke

             Records voice messages

             Provides screen shots

             Used by both
              Organizations and
              Hackers to record what
              you do on the computer!
Denial-of-Services (DoS)

                  Big money
                   People are paid to
                    increase traffic
                   Your computer
                    becomes a zombie
                   Corporate Mainframe is
                    shut down from
                    overload
The Evil Twin

                 Hot Spots Wi-Fi
                  Airports
                  Hotels
                  Coffee Shops

                 Someone is watching you
                  screen-by-screen

                 Capturing your passwords
                 Banking information
                 Work files
             Be knowable of
            Your Surroundings

 Be proactive – Be informed
 Understand the need for security
 Protect your environment
 Implement the “What If” analysis
 Safeguard your information and that of
  others in developing ethical decisions
 If you know your vulnerabilities & threats
  you can develop a better defense to minimize
   your risk!
Risk Management Plan

 Remember This!
 If you have a “VULNERABILITY”
 Think about the “THREAT”
 Plan to eliminate the “RISK”

 (VULNERABILITY + THREAT) = RISK

 It will be “YOUE CHOICE” how to handle the
  RISK in developing an Ethical Decision!
Computer Crime is near YOU!
Have a Safe Computer Night

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:0
posted:12/11/2013
language:Latin
pages:24
chenmeixiu chenmeixiu http://
About Those docs come from internet,if you have the copyrights of one of them,tell me by mail 307260483@163.com ,I just want more peo learn more knowledge.Thank you!