Deliberate Act of Trespass

Deliberate Act of Trespass.

Trespass means to enter into another’s land or property without his permission or without lawful justification
It is a wrongful interference with the possession of someone’s personal property
It is an unlawful interference with one's person, property or rights.
With reference to property, it is a wrongful invasion /attack on another's possession.

Halsbury's Laws of England explains what constitutes ‘trespass’ - Every unlawful entry by one person on land in the possession of another is a trespass for which an action lies, even though no actual damage is done.

Unauthorized access to information that an organization is trying to protect.

Computer security is a broad subject, covering among other things: security devices and the internal security of the machine and the operating system.

External security: referring to the facilities of the computer system and the access of people to the system and its information.

Contemplate these two areas:

  Physical security: Of the facilities. It includes measures for the prevention or recovery of accidents, and control of access to the system.

  Operational safety: Security policies and mechanisms: levels of authorization or responsibility, access methods, communication protocols ...

Internal security: the one that refers to the circuitry of the system, or security issues of the operating system.

Overview of Intrusion Detection & Prevention

What is Intrusion Detection?

Intrusion detection, is the attempt to monitor and possibly prevent attempts to intrude into or otherwise compromise your system and network resources. Simply put, it works like this: You have a computer system. It is attached to a network, and perhaps even to the internet. You are willing to allow access to that computer system from the network, by authorised people, for acceptable reasons. For example, you have a web server, attached to the internet, and you are willing to allow your clients, staff, and potential clients, to access the web pages stored on that web server.

You are not, however, willing to allow unauthorised access to that system by anyone, be that staff, customers, or unknown third parties. For example, you do not want people (other than the web designers that your company has employed) to be able to change the web pages on that computer. Typically, a firewall or authentication system of some kind will be employed to prevent unauthorised access.

Sometimes, however, simple firewalling or authentication systems can be broken. Intrusion detection is the set of mechanisms that you put in place to warn of attempted unauthorised access to the computer. Intrusion detection systems can also take some steps to deny access to would-be intruders.

Why use Intrusion Detection?

The underlying reasons why you might use intrusion detection systems are relatively straightforward: You want to protect your data and systems integrity. The fact that you cannot always protect that data integrity from outside intruders in today's internet environment using mechanisms such as ordinary password and file security, leads to a range of issues. Adequate system security is of course the first step in ensuring data protection. For example, it is pointless to attach a system directly to the internet and hope that nobody breaks into it, if it has no administrator password! Similarly, it is important that the system prevents access to critical files or authentication databases (such as the NT SAM or the Unix /etc/passwd or /etc/shadow files) except by authorised systems administrators.

Further measures beyond those normally expected of an intranet system should always be made on any system connected to the internet. Firewalling and other access prevention mechanisms should always be put in place. While it may be acceptable to allow NT logon, file sharing, or telnet access to a system that is entirely internal, an internet server should always use more secure mechanisms, such as firewalling off the NT file sharing (SMB protocol) ports such as TCP/UDP ports 137 - 139, and using secure shell (SSH) instead of telnet for access to Unix systems.


Intrusion detection takes that one step further. Placed between the firewall and the system being secured, a network based intrusion detection system can provide an extra layer of protection to that system. For example, monitoring access from the internet to the sensitive data ports of the secured system can determine whether the firewall has perhaps been compromised, or whether an unknown mechanism has been used to bypass the security mechanisms of the firewall to access the network being protected.

Some intrusion attempts

Based on: opportunism, search for useful information, programming, etc.

➤Theft or espionage of passwords

➤Take advantage of oversights

➤Garbage collection

➤Inspection of system information

➤Electronic listening

Trial and error: password analyzer programs, decryptors, etc.

  Decoy programs: Trojan horse; deception trick. Use of a "backdoor" (backdoor) Exploitation of system holes.

 ➧low-tech: shoulder surfing 

shoulder surfing is a type of social engineering technique used to obtain information such as personal identification numbers (PINs), passwords and other confidential data by looking over the victim's shoulder. This attack can be performed either at close range (by directly looking over the victim's shoulder) or from a longer range, for example by using a pair of binoculars or similar hardware. To implement this technique attackers do not require any technical skills; keen observation of victims' surroundings and the typing pattern is sufficient. Crowded places are the more likely areas for an attacker to shoulder surf the victim. In the early 1980s, shoulder surfing was practiced near public pay phones to steal calling card digits and make long distance calls or sell them in the market for the cheaper prices. However, the advent of modern-day technologies like hidden cameras and secret microphones makes shoulder surfing easier and gives more scope for the attacker to perform long range shoulder surfing. A hidden camera allows the attacker to capture whole login process and other confidential data of the victim, which ultimately could lead to financial loss or identity theft. Shoulder surfing is more likely to occur in crowded places because it is easier to observe the information without getting the victim's attention.

Apart from threats to password or PIN entry, shoulder surfing also occurs in daily situations to uncover private content on handheld mobile devices; shoulder surfing visual content was found to leak sensitive information and even private information about third-parties

 

➧ high-tech: hacking


While there’s been a fear of hackers on the web since the “You’ve got mail” days, recent front-page attacks point to an increase in the volume and precision of cyberattacks, which should alarm enterprises of all sizes.

This is especially true because more businesses have begun to digitize sensitive information, such as financial records.

As BizTech highlighted back in March, an increasingly paperless world has changed the way business treats data:

The benefits of a move to digital documents from physical paper include reduced costs, improved efficiency and instant access to documents. But the path to paper’s dematerialization is not without its twists and turns. If we are to achieve a paperless future, then we need secure and scalable methods of data authentication.

http://www.whitehelm.com/intru-det.html

https://en.wikipedia.org/wiki/Shoulder_surfing_(computer_security)

https://biztechmagazine.com/article/2013/06/hacker-profiles-meet-new-kids-block-infographic

REFLEXION

¿que opinas sobre los hackers, y el robo de información?

Deliberate Act of Sabotage or Vandalism

Deliberate Act of Sabotage or Vandalism.

acts aimed to destroy an information asset and, ultimately, damage the image of an organization.

It is considered as sabotage to the totally intentional destruction of utensils that an employee needs in his area of work such as: machinery, raw material, structure, among other elements that were financed by the company; the destruction of these elements was promoted by the hands of the workers and it became a decision making about a controversy or conflict of professional type between the personnel and their employees, this type of acts are directed in the search of a collective for all those that we want is working in the same place. The term sabotage has an etymological origin in French "sabots" which means "Swedish", since they raise conflicts with each other and retaliate against business assets.

¿Are they computer vandals?

In the dawn of malware development, most computer viruses and Trojans were created for students and other young developers, in addition to some more experienced programs. Currently, there are still four main types of computer vandals:

➧Skilled students who like to brag:
In many cases, students (who have just mastered the use of a programming language) want to test their skills, knowledge or demonstrate what a child is. Fortunately, many of these malware creators do not actually distribute their malware and can send viruses or worms to an antivirus company.

➧Young people without experience helped by Internet:
Young people who do not master the whole art of programming can also become computer hooligans, sometimes to demonstrate their "value". In the past, this group viruses primitive viruses. However, there are several websites that explain how to write and distribute computer viruses, and how they can order antivirus software. Therefore, the Internet has greatly facilitated the creation of viruses for people without experience.

➧Professional developers:
As young virus developers mature, their experience can translate into much more dangerous activities. The most experienced and talented programmers can create very "professional" computer viruses. These can be sophisticated programs that use innovative methods to infiltrate data system domains or that can take advantage of security vulnerabilities within operating environments, take advantage of social engineering, or use a wide range of other tricks.

➧Researchers

These are very intelligent programmers who are able to invent new methods to infect computers, without the infection being noticed and avoiding the actions of antivirus software. The objective of the program is to investigate the potential of "human computing". The program can choose not to spread their creations, but to promote their ideas through innumerable Internet resources dedicated to the creation of computer viruses. Then, those ideas and "research viruses" can be used by people or malicious criminals.

Computer threats associated with today's vandalism.

Although all these groups continue to create computer viruses, there has been a reduction in the number of new "traditional" types of computer threats. There are several possible reasons:

New laws
In many countries, changes in legislation have resulted in the arrest of creators of computer viruses. With extensive media coverage, these arrests have probably discouraged many young people from developing malicious code.

Games
Network games have offered another way for young people to demonstrate their skills and expertise. Nowadays, many young people versed in computers are more likely to become players than creators of malware.

Complexity
In the 1990s, it was much easier to create computer viruses aimed at Microsoft's DOS operating system, as opposed to the effort needed to attack the most complex Windows operating system of today.


Although the fall of computer vandalism is welcome news, the risks associated with other types of malicious programs represent a much more dangerous threat to your computer, your data, your digital identity and your finances.

Example:

 hackers accessing a system and damaging  or destroying critical data.

https://www.kaspersky.com/resource-center/threats/computer-vandalism

Deliberate act of extortion / informational blackmail

Deliberate act of extortion / informational blackmail.

➤ hacker or trusted insider steals information and demands compensation for its return.

It is not the potential threat of the computer over the individual that causes sleeplessness, but the
real use by man of information systems for espionage purposes; they are not
large information systems that affect private life, but manipulation or
Consent of this on the part of unconscious and irresponsible individuals of the data that
such systems contain.

Humanity is not facing danger of information technology, but in the face of the real possibility that
individuals or groups without scruples, with aspirations to obtain the power that information can confer them, use it to satisfy their own interests, at the expense of individual liberties iduals and to the detriment of people. In addition, the future threat will be directly proportional to the
advances in computer technologies.

The protection of computer systems can be addressed both from a criminal perspective and
of a p erspective civil or commercial perspective, and even administrative law. These different measures of protection do not have to be mutually exclusive, but, on the contrary, they must be
be closely linked. Therefore, given the characteristics of this problem, only to through global protection, from the different sectors of the legal system, it is possible achieve some effectiveness in defending attacks on computer systems.

➤ Theft of data files containg customer credit car information 


What is identity theft?
Identity theft is a serious and potentially very destructive crime. Identity theft is about someone who commits or attempts to commit fraud with the victim's personal information, for example, date of birth, social security number, driver's license number, etc. The thief could use this information to obtain new credit cards and other accounts on behalf of the victim.

How thieves steal identity.

Thieves have a variety of methods to obtain someone's identity, which include:

•  Theft: traditional ways of obtaining information, for example by stealing wallets, purses and mail (such as bank account statements or credit cards), previously approved credit offers, orders for new checks or tax information.
  
•     Change of address: they carry out the deviation of the invoice summaries to another location, for which they complete a change of address form or convince the companies that serve the victim to change the address in an account.
  
•     They look for garbage cans: they look for documents that contain personal or confidential information in the garbage.
  
•     Electronic scam or Smishing: a technique in which an expert scammer sends an email or text message that seems from a legitimate source to convince the victim to provide personal or financial information (for example: credit card number).
  
•     Computer hacking: obtaining illegal access to email accounts or other Internet accounts of a person.
  
•     Forgery: stealing information from a credit card.

https://www.greghillassociates.com/what-is-extortion-or-blackmail-the-defenses-punishment.html

IMFORMATION SEGURITY

Security Threat 

Any action/ inaction that could cause disclosure, alteration, loss, damage or unavailability of a company's/ individual's assets.
Is discipline that is responsible for protecting the integrity and privacy of information stored in a computer system. In any case, there is no technique tu ensure the inviolability of a system.
Evry day more and more malicious people try to acces data from our computers. 

The unauthorized top acces computer  network or to th equipment that is in it can cause serious problems in the great majority of case.

There are three  components of threat:

Targets : Organization's asset that that might be attacked 
Information (its confidentiality, integrity, availability), software, harware, network
 service, system resource, etc. 

Agents :  people organizations originating th threat employees, ex-employees, hackers, commercial rivals, terrorists, criminals, general public, customers.

Events: type of action that poses the threat misuse of authorized information, malicious / accidental alteration of information, malicious / accidental destruction of information,
etc.

The most important issues:

• Intentional, if deliberately trying to produce damage, the spread of malicious code and social engineering techniques.
• Unintentional, where there are actions or omissions of actions that while not seeking to exploit a vulnerability, put information assets at risk and may cause harm.

Each organization must prioritize its threats based on:

its business priorities e.g. what are the company’s main assets:

(a) web servers (e-commerce company), performs a specific task or set of tasks, and is described by a sevice description in a standard XML notation called WSDL (Web Services Description Language). The service description provides all the details necessary to interact with the service, including the message formats ( wich detail the operations), the transport protocols and the location.
or
(b) data (software company)?
Web services can be used individually or together with other web services, to carry out a complete aggregation or a business transaction.

Conditions under its web assets operate e.g are there any wireless links/access points?
Organizational strategy regarding risk e.g cost/time of encrypting every file/email us. Worker productivity.

Example: Companies and their threats.

 Wich of the three threats is most critical dor which of the three companies?

       Amazon                                                Hospital                                  

 

TD Bank

Threat Events

Hardware and Software Failures and Errors

1. Cannot be controlled or prevented by the organization.
2. Best defense: keep up-to- date about latest hardware / software vulnerabilities.

Main Hardware and Software Faults:

The main harware failures are the following:

• Memory failures.
• Processpr Heating.
• Hard drive failure.
  
  The main Software flaws are the sollowing:
• Operating System failures.
• Presence of viruses.
• Conflict between programs.

HOW TO PROVIDE SOFTWARE FAILURES: When you install a program on your computer, make sure it comes from a secure and reliable site, whether you download it from the Web or purchase it by other means. Do not download files or programs from strangers and even friends who come by email, are the largest virus spreaders. NEVER run files with. EXE extensions that come in any email, distrust everyone, except that you are really waiting for it.
HOW TO PROVIDE HARDWARE FAILURES: When you want to update or replace any internal component of the equipment (cards, chips, processor, etc.), do it if you are fully sure of how to do it, otherwise, leave this wirk in the hands of an experienced technician.
Never open the computer, because with just touching a component you can damage it due to the static electricity that we always have in our body. If you need more memory, another hard drive or some other component for your equipment, always make sure to acquire the one that is the one indicated for your equipment and do not create conflicts with another element.

Forces of nature.

• Fire, food, earthquake, hurricane, tsunami, electrostatic discharge, dust contamination.
• Organization must implement controls to limit damage as well as develop incident response plans and business continuity plans.
•        
• 
  
• 
  
•  Who is the biggest threat to your organization?
 
• 
  
• 
  
• 
 
• 
  
• Computer security in the company is no longer a specific issue, which refers to serving common contingents, but strategic, since it allows the sustained maintenance of the business and its continuity in the medium and long term, and is an important added value to guarantee the quality in production systems and the development of services. In addition, suffice it to recall that in Spain during 2014 have been managed 18,000 incidents related to attacks on computer security, to understand that the threat is real and understand why, according to Gartner, spending on computer security was 70,000 million dollars last year and it is expected that for sectors such as banking, energy and defense reach 109,000 million dollars by 2020.
 

• 
  
• More recently, Computing referred to a report by Atos that identified, in turn, several areas in which computer security will be critical:
 

• 
  
• The human threat: lack of knowledge, carelessness, or failure of the human performance are the first risk and therefore, the priority. Training on the one hand, and awareness, on the other, are key to reducing the risk in the daily use of tools and devices.
  The industrial threat: they had never converged like today's industrial processes and information technology, with so many objects and machines connected to each other, or through the Internet; for this reason, and since it is crucial to maintain continuous communication between machines, systems and devices, it is essential to shield their security and avoid possible sabotage or theft of information through any of them.
  The organized threat: although computer attacks perpetrated by individuals abound, often with no greater interest than the breaking down of security barriers, there is also an organized attack, with a harmful, destructive or profit motive, by taking advantage of information theft, example. This is the nature of the Zero Day, technology marketed by bands organized to detect software vulnerabilities in companies, unknown by the manufacturers or distributors themselves; or the cession of networks of botnets (zoombie computers) for massive attacks that generate errors of denial of service in the servers (DoS) of the companies; and, in a more global context, the so-called Advanced Persistent Threats (APTs), attacks planned carefully and in advance to achieve very specific objectives and, often, imperceptibly, to go unnoticed.
  The mobile threat: with its proliferation and massive use, mobile devices have become another target of cyber attacks; In addition, they tend to be more vulnerable because they have fewer security systems, and were not considered, until now, a gateway for viruses or malware. However, they are, and allow massive theft of data, phishing and other types of criminal practices.
• The phantom threat: in parallel to the generation of software, hardware, and the development of systems or networks, every day new vulnerabilities arise in infrastructures, supports and tools; is the threat to future security, which is being born today, and which should be anticipated, as far as possible, with flexible, scalable and multi-site security systems, both locally and in the cloud, both internal and external; this will also allow us to anticipate current attacks and further protect the computer security of our organization.
• 
  
• 
  
• Act of Human Error or Failure.
  Organizaton's own employee's are one of its areatest threats.
  
  
   examples:
• Entry of erroneous data.
• Accidental deletion or modification of data 
• Failure to protect data 
• Storing data in unprotected areas.
  
  Much of human or error failure can be prevented
  Preventive misure:
• training and ongoing awareness  activities 
• Enhances control techniques.
• require users to type a critical comand twice 
• ask for vertification of commands by a second party.

                             


Compromise to Intellectual Property (IP)

IP= ideas or any tangible o virtual representation of those ideas

Any unathorized use of IP constitutes a segurity threat , defense measures:

* Use of digital watermarks and embedded code 

Example : Peter Morch Story Compromise to IP.

In 2000, will stile 

employed at Cisco Systems, Morch logged into a

computer belonging to another Cisco software engineer, and obtained

(burned onto a CD) proprietary information about an ongoing project.

Shortly after, Morch started working for Calix Networks – a potential

competitor with Cisco. He offered them Cisco’s information.

Morch was sentenced to 3 years’ probation.

• 
  
  
  
  
  
  
  
  
  INFORMATION SECURITY IN 80 SECONDS 
  
  
  
  
  
  
  
  
  
  
  
  
  IT SECURITY
  
  
  
  
  
  
  https://en.wikipedia.org/wiki/Threat_(computer)
  https://www.cisco.com/c/m/en_in/solutions/en/information-security.html