Graduate School
Program MTM
Introduction
A system can be said to be secured only if its security has not been breached or
compromised. In the case of web security, the web is considered secured and protected
against malicious attacks only and only when there is no successful malicious attack.
The term “web” was coined to symbolize the topological structure of networked
computers on any large network, like the internet. When the physical topology is
projected and mapped on a sheet of paper it would be a complex mesh of network of
computers, taking the semblance of a spider’s web. Hence, the term web.
In this age of inter-net-worked computers, (internet), attaining a considerable web
security depends on combinations of policies, processes, and technologies aimed at
reducing their exposure to harmful acts by individuals within, and outside, and its
perimeter to an acceptable level.
All organizations are subject to risks, which are the potential for negative consequences
to their mission, resulting from vulnerabilities that are present in their operational
environment.
To mitigate the threat risk, the organization should employ a risk management process
that explicitly identifies these risks (e.g., risk assessment), evaluates cost-benefit tradeoffs
in selecting controls which mitigate the risk to an acceptable level (e.g., risk mitigation),
and periodically reviews to assure that any changes within the organization which
significantly change the organization's risk profile are accounted for in a timely and
efficient manner (e.g., evaluation and assessment). Risk management enables
organizations to implement control measures, within operational and organization
constraints, to mitigate the risks to an acceptable level usually through a combination of
prevention, deterrence, detection and response.
Malware
This is the most general name for any malicious software designed for example to
infiltrate, spy on or damage a computer or other programmable device or system of
sufficient complexity, such as a home or office computer system, network, mobile phone,
PDA, automated device or robot.
Viruses
These are programs which are able to replicate their structure or effect by integrating
themselves or references to themselves, etc into existing files or structures on a
penetrated computer. They usually also have a malicious or humorous payload designed
to threaten or modify the actions or data of the host device or system without consent. For
example by deleting, corrupting or otherwise hiding information from its owner.
Trojans
(Trojan Horses) are programs which may pretend to do one thing, but in reality steal
information, alter it or cause other problems on a such as a computer or programmable
device / system.
Spyware
This includes programs that surreptitiously monitor keystrokes, or other activity on a
computer system and report that information to others without consent.
Worms
These are programs which are able to replicate themselves over a (possibly extensive)
computer network, and also perform malicious acts that may ultimately affect a whole
society / economy.
Bots
They are programs that take over and use the resources of a computer system over a
network without consent, and communicate those results to others who may control the
Bots.
Countermeasures
Anti Virus
One way to protect against viruses is to use antivirus software, which is readily available
on the market from companies that specialize in developing this kind of software, such as
Symantec and McAfee. Subscribers can regularly update their software with code that
identifies and deletes or quarantines new viruses, or choose automatic updates, in which
virus definitions are updated.
If a new virus is designed in such a way that it mode of operation is not yet known, then
there a chance that, the antivirus software would not detect it.
Again software designers distribute security patches against viruses and worms. For
example Microsoft distribute patches to fix vulnerabilities that worms, spyware and
malware exploit. So it up to the security professionals and network administrators to
implement those patches as they become available.
Anti Phishing
A popular approach to fighting phishing is to maintain a list of known phishing sites and
to check websites against the list. Microsoft's IE7 browser, Mozilla Firefox 2.0, Safari
3.2, and Opera all contain this type of anti-phishing measure Firefox 2 used Google anti-
phishing software. Opera 9.1 uses live blacklists from Phish Tank and GeoTrust, as well
as live whitelists from GeoTrust. Some implementations of this approach send the visited
URLs to a central service to be checked, which has raised concerns about privacy.
According to a report by Mozilla in late 2006, Firefox 2 was found to be more effective
than Internet Explorer7 at detecting fraudulent sites in a study by an independent
software testing company.
So the choice of browser is also paramount in ensuring that phishing activities are
minimized.
Conclusion
Software-dominated solutions to today's increasingly pervasive computer assaults have
been woefully inadequate. Computer infractions continue to increase, even as new
software applications, web-services, e-commerce transactions, and computer users
become part of cyberspace. The failure to act decisively is costing corporations,
governments and their citizens billions of dollars. The IT industry must be open to and
actively search for creative solutions that can effectively impede the myriad forms of
computer attacks and crime.
Reference:
Management Information Systems, Fifth edition by Effy Oz
Ch. 14
Cyber Security and Global Information Assurance: Threat Analysis and Response
Solutions, (Kenneth J. Knapp)
http://en.wikipedia.org/wiki/Phishing
http://en.wikipedia.org/wiki/Internet_security
http://www.serverintellect.com/support/windowsserversecurity/brute-force-attempt.aspx
http://www.knowledgeleader.com/KnowledgeLeader