This document discusses trends in computer security such as cyberwar, consumerization of IT, and advanced persistent threats (APT). It notes that while security specialists have long been in an arms race with cyber criminals, criminals now have the upper hand. The goal of the course is to understand why we are losing this war. It also discusses the evolution of threats from unknown viruses in the 1990s to today's profit-driven cyber crimes and evolution of attacks rather than revolution. Most security solutions only protect from a fraction of threats.
This document discusses trends in computer security such as cyberwar, consumerization of IT, and advanced persistent threats (APT). It notes that while security specialists have long been in an arms race with cyber criminals, criminals now have the upper hand. The goal of the course is to understand why we are losing this war. It also discusses the evolution of threats from unknown viruses in the 1990s to today's profit-driven cyber crimes and evolution of attacks rather than revolution. Most security solutions only protect from a fraction of threats.
This document discusses trends in computer security such as cyberwar, consumerization of IT, and advanced persistent threats (APT). It notes that while security specialists have long been in an arms race with cyber criminals, criminals now have the upper hand. The goal of the course is to understand why we are losing this war. It also discusses the evolution of threats from unknown viruses in the 1990s to today's profit-driven cyber crimes and evolution of attacks rather than revolution. Most security solutions only protect from a fraction of threats.
This document discusses trends in computer security such as cyberwar, consumerization of IT, and advanced persistent threats (APT). It notes that while security specialists have long been in an arms race with cyber criminals, criminals now have the upper hand. The goal of the course is to understand why we are losing this war. It also discusses the evolution of threats from unknown viruses in the 1990s to today's profit-driven cyber crimes and evolution of attacks rather than revolution. Most security solutions only protect from a fraction of threats.
Some key takeaways are that computer security is an ongoing arms race between experts and criminals, with criminals currently having the upper hand. Sticking to security rules may not provide immediate benefits while bypassing rules is often easy. Consumerization of IT has also reshaped computer security.
Some popular myths about computer security include that following security best practices guarantees protection and that lack of media coverage means systems have become more secure. In reality, computer security is an evolving challenge and most solutions only protect from a fraction of threats.
Organised crime taking interest in computer systems has changed the landscape by making attackers increasingly profit-driven rather than fame-seeking. This has professionalized cyber attacks and increased their frequency and sophistication.
Cyberwar, consumerisation
of IT and APT, or new trends
in computer security
It follows its own rules Sticking to the rules doesnt bring immediate benefits and may turn into a tedious routine, while bypassing or even flouting rules is often easy and not considered risky Computer experts have a vastly wider knowledge and interest in security than the average user For the longest time, theres been an arms race between security specialists and cyber criminals The criminals have the upper hand now
The goal of this course is to understand why we are losing this war The world of computer system connected to the Internet may prove dangerous for users if you downplay its perils: Even if each user is only attacked once a month, statistically 20 million attacks monthly reach their targets and compromise the systems, meaning 240 million machines become infected yearly The 1990s: Fear of the Unknown
The 1990s: Fear of the Unknown
There's a new virus on the loose that's worse than anything I've seen before! It gets in through the power line, riding on the powerline 60 Hz subcarrier. It works by changing the serial port pinouts, and by reversing the direction one's disks spin. Over 300,000 systems have been hit by it here in Murphy, West Dakota, alone! And that's just in the last 12 minutes. Read messages. No, not even this one! Use serial ports, modems, or phone lines. Use batteries either. Upload or delete or download files. Use the powerline.
(there are rumours that this virus has invaded most major battery plants, and is infecting the positive poles of the batteries.) Use keyboards, screens, or printers.
Use electric lights, electric or gas heat, or airconditioning, running, water, fire, clothing, or the wheel. The world of computer system connected to the Internet may prove dangerous for users if you downplay its perils: Exploited an IIS server vulnerability to deface affected websites
Infections doubled every 27 minutes
Every 20 or 27 days, it run denial of service attacks against selected web servers Propagated in 12 different ways
Infected more than 2 million computers in three days
Spread over the entire web in just 2.5 hours The Cyber Crime Era
Fame-seeking is no longer a motivator for attackers. They are now profit-driven
The lack of mass media coverage on viruses doesnt mean computer systems have become more secure lately: quite the opposite The Cyber Crime Era G
Its an Evolution, not Revolution
Its an Evolution, not Revolution
Its an Evolution, not Revolution
Most security solutions only protect you from a fraction of threats What popular beliefs about computer systems security are in fact just myths?
Does organised crime taking an interest in computer systems security change its landscape?
What is a cyberwar?
How has the consumerisation of IT reshaped our security?
What types of attacks threaten every computer system?