Threat N Antivirus

THREAT AND ANTIVIRUSES VINEET JOSHI JOURNAL COLLECTION

Journal 1: The real reverberations from ID fraud: case study The case deals in how a simple non following of protocol and drill and carelessness of one lower employee can cause a loss of nearly 25 million records for the company. The case talks about how compact discs containing data was lost in the mailing system but according to the procedure the discs were not supposed to be sent by mailing service. The case gives another example when a laptop was taken out of the office premises against the procedures and was stolen from the employee leading to a loss of around 26 million records. The case tells us the importance of abiding by the security related regulations and protocol by employees to safeguard the data for the company. Journal 2: IDs sell for much more than credit card numbers in underground Ids which is nothing but name, address, date of birth and mother’s maiden name bank account

number and account password. 5 such complete ids are more expensive than 2000 Credit Card details which include the name , credit card number, CCV code and the expiration date. These Ids are sold freely over some of the underground websites. The journal also talks about how every website wants to identify its users and thus require them to make a id and password making it difficult for the users to remember it thus users duplicate the passwords to many websites which helps the hackers as they use the same name and password combination and try it out on many websites and thus help them hack easily. Journal 3: Computer forensics challenges in responding to incidents in real-life settings Event is an adverse event which risks the security in the computer system Newer Intrusion Detection Systems pinpoint the exact file or the area which is under intrusion at a given instance or is currently under intrusion attack. Over the years attacks have changed from virus and worms which affect the remote computer system to virus and worms that affect the network. The article tells about how the compromised system gives enough relevant information for forensic studies. It also gives the draw backs that have been seen over the past years in detecting the intrusion system as the hackers at times use spoof Internet protocol address and also about

the reliability of the intrusion information as many times the attacker changes his IP and other details. Journal 4: US Financial regulator warns banks to get in Shipshape The case is the various different authentication processes that the Banks in USA are prescribed to use for securing the Internet banking customers. It also tells of how the banks need to protect its customers by helping them deal with phishing websites attacks. These methods will surly help protect customers and will provide as a safer method for authentication. Journal 5: Hackers turn on security systems In this journal it talks about how hackers are targeting the security systems rather than the O.S (operating System. It shows the most vulnerable list of utilities over the internet and how they are easily prone to be hacked in by the attackers. Windows services top the list closely followed by internet explorer. Journal 6: CRYPTOGRAPHY This article focuses on how digital certificates and cryptography are being used in today`s modern technology implementations. The use of

these variables are mainly for transacting processes online in a secure way which may be a bank statement or E-Shopping. The problem which this article confesses is that the site certificate remains unchecked for its authenticity before confidential information such as credit card details are sent through the web. This problem takes place due to the poor design or development by the designer or sometimes due to the lack of knowledge by the users. There fact is that most of the users do not understand the benefits and need of cryptography. But surveys in 2005 suggest that almost 74% of the respondents are using cryptography. The risks may be reduced by making the users aware about the facts and also through education. Moreover it is an essential duty of the corporate to train their employees such as security training. These things will help the users to know more about the importance of certificates. Journal 7: SECURITY OUTSOURCING ISSUES

This article is about the security outsourcing issues. It focuses on some of the basic questions like the need for the organizations to outsource their security functions, benefits and drawbacks, what security functions should or should not be outsourced etc., Journal 8: TWO FACTOR AUTHENTICATION This article is about the introduction of two factor authentication by the Bank of Ireland in the year 2006. It is to provide security token system to all of its online banking customers. By this system, each customer will get a number after each of their transactions. Already the bank had issued more than 4000 tokens to their corporate customers.

Journal 9: TRUSTED COMPUTING This article focuses on Trusted Computing (TC), its benefits and the controversies that took place

due to this. TC is a new technology and it is designed such that it acts as a security. The benefits such as the protection of input and output, curtained memory (secured running of programs) and attestations along with the controversies such as the controversy due to the name “trust” were discussed in this article. Journal 10: BIOMETRIC ID CARDS This article deals about the UK government`s plan of issuing Biometric ID cards to the public which constitutes their finger prints. The government believes that it would be the best solution for national security. It has planned for about 50 million cards at the initial stage. There are lots of opinions from the public which is for and against this issue. The main purpose of issuing this card is to prevent terrorists and terrorism entering into the country. But experts suggests that this method is not cost worthy to the public.

Journal 11: Summary on Computer security and fraud: Spyware- the spy in the computer: This article is about the spyware that is installed without the user’s knowledge in order to gather the user’s information from their computer. Spyware can be a Trojan worm or a Trojan horse that enables the hackers to steal data from the user’s computer. Computers that are hacked this way are called as “zombies”. This also deals with the actions taken by the U.S govt. to curb the menace of hacking. This article also focuses on the protections that are used by certain organization and their awareness regarding the hacking activity. Some organizations also ended up using two computers, one for the internet purpose and the other for the office data purpose. As a whole this focuses the internet hacking and their consequences and the action that is being taken for such hacking activity. Journal 12: Transferring business and support functions the information security risks of outsourcing This article mainly focuses on the outsourcing and the security risks involved in it with examples. This article discusses about the increased outsourcing that is taking place in the

banking sector as well and the possible risks associated with the outsourcing. Outsourcing happens only when that organization thinks that it cannot deploy staffs to do a particular job by them. This gives a deep insight about the security issues with the outsourcing that are being done. Journal 13: Qualified to help: in search of skills to ensure security. This article deals about the persons who formulate the IT policies of a company. It also discusses about the role of CISOs in every organization. How much he can be relied upon by the organization. This also discusses about the practical difficulties in getting real people for the formulation of security issues in an organization. The qualifications, those are mandatory for such people. This article also brings to light that people who frame IT policies and involved in security issues of an organization are not actually aware of the issues that they are handling. Journal 14: Electronic funds transfer fraud. This article deals with the frauds that happen in the online fund transfer. It also discusses about the security problems that are caused to an organization because of the unblocked ids that their ex-employees used. It also explains the

whole concept of the fund transfer in a simple language with a practical example. It discusses the fraud that happened and how did they track it down. This article projects some graphs regarding how the normal transactions and the fraudulent transactions occur. It also suggest some of the security measures to prevent EFT frauds such as supervising the contracted staffs, blocking of ex-employee’s id, monitoring the event logs, being vigilant during the holiday period etc. its main focus is on the EFT and the frauds that happen in the banks during such transfers. Journal 15: Applying forensic techniques to information system risk management. This article discusses about applying the techniques to the information security and risk management. It also focuses on the incident post mortems which means projecting an incident which has not occurred actually and reading the consequences, if it happens in the future. This can be achieved through the EEDI technique. This helps the organization analyze the vulnerabilities, nature of threats, counter measures etc. This projected its view on the alternative approach to the risk management through the forensic science.

Journal 16:Website Security Leaves half of US companies Cold This article speaks about Jupiter Media Metrix Analyst which concentrates on Enterprise Security which involves managing services for maximum coverage . There are 50% of US companies with are concerned with the security of online data and this survey also indicates that 29% of website managers and CIO s rate their risk of attack as low. This article mentions about the impact that an online security invasion has on consumer trust and confidence rather than financial loss. The author after discussing about the problems finally recommends that security service providers should provide 24- hour site for monitoring and emergency response. Jupiter makes a survey with 471 customers. Journal 17:Hacking This article is about Hacking. There are three issues covered in this article which includes how students can beat ATM Security and how piracy has become popular and how XP was cracked within hours of release. This article includes the problems that have increased due to Pirated Software Websites. There are around 5400 piracy related sites on the net. Andy Meyer tells that the Organisations

need to take some tolerance with respect to employees visiting pirated software sites at work. It also explains How XP was cracked immediately after the launch. The chief Technology officer says that crackers develop illegal installation files which can now be downloaded from websites. This is done by Chinese hackers. And this article includes the students who have the defeated the encryption system used by banks to protect ATM Machines. This includes Crypto processors which are designed to destroy encryption keys. This includes the applications developed by Application Programming Interface or Common Cryptographic Architecture.

Journal 18:Foreign police working in US Internet Fraud Centre This article is about the establishment of The Internet Fraud Complaint Centre (IFCC) which is been established by the FBI and the National White Collar Crime Centre (NWC3). According to the FBI, international cyber policing of the Internet now exits. This FBI has internet Fraud detection training seminars and technical surveillance centre for police officers. The stated mission of the IFCC is to address fraud committee over the internet, this will provides a web based

reporting mechanism that alerts authorities of a suspected criminal or violation. It also provides law enforcement with a central repository for complaints related to Internet Fraud, works to quantify fraud patterns and provides timely statistical data of current fraud trends. Now comes the credit card frauds, Visa International launched a Global Data Security website to assist merchants meet tougher standards for protecting and storing data on their own sites. The primary purpose is to support for merchants’ efforts to establish appropriate card holder information security and privacy controls and measures. Merchants can also evaluate the level of security. This practice will mostly benefit consumers in reduced identity theft from fewer credit card numbers being stolen from merchant web sites. The network has potential to do what no other fraud prevention group is doing: prioritize merchant concerns and identify specific solutions for resolving the issues. Journal 19:The Worst of Awakening Continuity planning has evolved and developed from the mundane ‘IT disaster recovery plan to the more comprehensive evaluation of business risk to minimize the impact of disaster on a business to full Business Continuity Management. This disaster recovery

was not deserving of a prime time television debate. To all these technologies even the terrorist got impressed and got attracted towards it. They were using all important modes of communication like e mail and mobiles. No aspect of computer security changed more dramatically and tangibly. It is impossible to over estimate how the events of September 11 terrorist attack have transformed the people sense of vulnerability and unfortunately disaster recovery as a component of a computer security has come to the fore front for this tragic reasons. It is not only the corporate which suffers but mostly all of them who are highly dependable on networks and in turn telecommunication. Being prepared seems somewhat of an under statement in any uncertain climate. For many organisations this will mean coming to grips with the concepts and logistics of disaster recovery. And then about ‘threat’ it is what we all protect eourselves from. A direct threat could mean that a company has a particular feature that could attract potential enemies. A location threat could ensue if a company is in an area that would attract maximum publicity. If any company is located near any potential terrorist targets then it is classed as a threat from proximity. Finally a threat from associated activity might be a concern for a company if a staff or any voard

members are involved. Then is the E Bombs whose attacks are becoming feasible as the days go by and then about worms which may contain sleep phase in which the worm will infect as many host as possible. Another potential problem involves routing vulnerabilities. Finally Cyber or Physical disaster recovery plans are equally required for any kind of threats. Journal 20: Compsec 2001: Watching The Threat From Without Cyberspace is the new one which is building trust and confidence in many of the IT sectors. This article is all about the premier conference called Conpsec 2001. In this conference, the most entertaining and memorable presentations were both given by Alan Brill on risk consultancy firm Kroll. Brill also gave a talk on the Infosec aftermath of the World Trade Centre disaster. He highlighted the program associated with hiring staff without doing rigorous background checking. Particularly difficult to account for are the “invisible people”. He described the events of september11 as a catalogue failure. In the immediate aftermath of disaster, security budgets are likely to be bolstered. In this conference Brill also gave a talk entitled, 2001: A Hacking Odyssey, he made a point that the threat is greater now than ever. He predicted that

the next great threat trend will be site denial attacks (SDA). The main key points of this conference is there is no need for us to be an expert to launch a cyber attack because of the availability of point and click hacking tools on the internet. It says that corporate standardisation of infrastructure increases risk. Management lack commitment to security because they run systems they know are flawed yet do not budget for time to patch and do security maintenance.