Information Security Technologies. Types of threats. Login and password

The rapid development of the information era these days can hardly at least somehow compare with the upcoming innovations and shocks in the near future. However, with growing influence and wider prevalence, information has become a phenomenon that often requires constant protection at the most reliable level. Nowadays, cyber terrorism, which recently seemed something mythical and frivolous, poses a real threat, as it causes enormous harm and loss to both ordinary users and the corporate sector, and in many cases even to governments around the world.

And above all, the development of any information protection technology requires a complete understanding of the mechanisms of operation of modern cyber threats. Only with their detailed study will it become possible to develop effective methods of control.

Information Security Essence

Information security is a state of conservation of information, as well as the protection of the rights of individuals and society. The whole point of this protection is to ensure the confidentiality, integrity and availability of information.

• Confidentiality is the provision of access to information exclusively to those persons to whom it was intended (provided that any other persons have completely limited access to this information).
• Integrity is ensuring the reliability and completeness of any information, as well as the methods of its processing.
• Accessibility - ensuring unhindered access, as necessary, to any information, as well as to the assets associated with it, to those entities that have access rights to it.

The state of information security is determined by the degree of absence of risks of its leakage, as well as by protection from unauthorized access and exposure to data of automated information systems.

Foundations

The most important criterion for determining and applying measures to protect information is its value. And as it grows, not only the generally accepted concepts of confidentiality, integrity, accessibility, but also a number of additional criteria are often highlighted:

• Authenticity (authenticity) - the identity of the subject or resource of the declared parameters, characteristics, properties.
• Secrecy Level - a series of administrative or legislative measures that apply to persons responsible for the leakage or loss of classified information. Usually they also protect any non-secret information related to it.
• Accountability - the ability to seamlessly track the actions of logical objects.
• Reliability - full compliance with the intended behavior / result.

Modern threats to information. What should be prepared for?

There is no doubt that the methods and technologies of cybercriminals in the world information field are being developed, modified and improved with enviable regularity. However, most of them can still be defined in three voluminous categories:

1. Malicious software - those same virus and trojan programs, network packets and “worms” that have been used more than once against many ordinary users, as well as against entire states. Damage, respectively, can be done on a completely different scale, but the impact of virus software can be typed as follows:

• unauthorized access - destruction / alteration / distortion / transmission of information for malicious purposes;
• failures in the work of other programs or hardware;
• unauthorized use of computing resources for other people's mercenary purposes to the detriment of the interests of the owner of the resources (recall, for example, wired cryptocurrency miners in pirated repacks of various computer programs and games).

2. Spam. This definition usually refers to periodic newsletters of an advertising nature. However, in many cases, spam is another fraud method designed to receive payment data of users (credit card numbers, username and password from electronic payment systems accounts, etc.).

3. Network attacks - represent a continuous excessive flow of service requests on any servers. Such attacks are accompanied by a noticeable drop in the speed of local and global networks, and if the servers are physically unable to fully handle this damaging information impact, then the disastrous result will be a failure.

Quiet, profitable, bloodless

In addition to the mass dissemination of illegal information like slander, pornographic materials, as well as inciting hostility in the network space in a wide variety of aspects (interethnic, political, interreligious, etc.), the cybercrime environment primarily rests on fraudulent crimes.

Schemes aimed at stealing confidential data are complex, multifaceted and often known to a very limited circle of people (cybercriminals, government agencies and information protection specialists). Sometimes it’s not always possible to reveal fraudulent tricks as quickly as possible due to their complexity, veiledness and simply competent level of execution. So, there were frequent cases of artificially raising prices for various items in online auctions, when sellers themselves, through proxies, increased sales rates.

In the midst of the global economic crisis, scam trading in highly liquid securities gained wide popularity. The bottom line was that fraudsters bought shares of a company at a bargain price, spreading by hook or by crook misinformation about their allegedly high liquidity.

With the proper level of bloat of this artificial excitement, the scam owners of the shares have excellent opportunities to sell them at high prices, although in reality these securities can cost a mere penny. This is usually the case with shares of little-known small enterprises.

Cybercriminal wars: real cases of cyber attacks that have put information protection technologies on their knees

However, despite the big words and large-scale events for the introduction of constantly updated developments in the field of information security, everything is not so smooth. It is enough to recall the really significant cybercrime in world practice. Such six of the most prominent atrocities provides a lot of food for analysis and reflection not only to ordinary users, but also to the bosses of a large corporate sector, for whom concern for data security is one of the main priorities of their activities.

1. Hacking the Pentagon: from jokes in computer science lessons to real cybercrime. In 1983, an unknown student by that time, Kevin Mitnik managed to hack the global network ARPANet (the predecessor of the modern Internet network) from a TRS-80 computer through a hacked computer TRS-80 of one of Los Angeles universities. However, in spite of his rich previous experience in the field of hacking, this hack was recorded by the defense system, and soon the authorities were able to track down the cybercriminal and put him in a correctional center for youth for six months. And only in the mid-nineties, after a real four-year prison sentence for his activities in the field of cellular telephony, Kevin settled down and already helped the authorities to capture his own kind.
2. Adventures of a young enthusiast in the NASA system. In 1999, the fifteen-year-old Jonathan James became the "discoverer" of NASA's security system. Hacking a server password that belonged to another government agency, James stole a number of critical files from the US National Space Agency, including the source code of the international orbital station. The damage he inflicted was estimated at $ 1.7 billion. But, thanks to his young age, James managed to avoid imprisonment. In 2008, his actions no longer went unpunished: authorities interrogated him about the massive hacking of TJX's defense. Jonathan himself, denying his involvement, eventually shot himself, completely losing faith in justice.
3. Windows merged sources. One of the most notorious and unsolved cybercrimes of recent years is hacking at Microsoft. This led to the appearance of a huge number of files and lines of program code for the Windows 2000 and Windows NT 4 operating systems, to which public access was not absolutely limited. The development of these operating systems has officially been discontinued, so the damage was done solely to the company's reputation. The search for the FBI has not yet yielded any results: there is no information about the attackers.
4. Smilianets & Co vs. Western Corporate Sector. In June 2013, the U.S. authorities charged a group of hackers, consisting of five Russians and one Ukrainian, with hacking the security systems of the NASDAQ electronic exchange, major retail chains, as well as a number of major European and American banks. As a result of the attack, hackers obtained data from 160 million cards, and also withdrew funds from 800,000 bank accounts. The only one actually convicted was Dmitry Smilyanets, who was extradited from Norway at the request of the FBI. Although the names of the rest of the members of the cyber group are known to the American authorities, the guys were not caught.
5. How Stuxnet Breaks a Loophole in Iran's Nuclear Program. In the fall of 2010, the Stuxnet computer worm was able to successfully conduct a cyber attack on Iran’s nuclear program, partially disabling it. Iranian protection against unauthorized access was "euthanized" by copying recordings of video surveillance systems and their further re-scrolling during the entire time of hacking. This gave the worm the opportunity from the very beginning of its work to reduce the efficiency of five centrifuges to nothing. Undoubtedly, this has generated a lot of rumors and allegations that the virus was a joint development of Israeli and American intelligence services. According to experts from Kaspersky Lab, this worm was an innovative prototype of cyber weapons that, after its appearance, could lead to a new arms race.
6. Anonymous DDoS Attack Lessons. January 2012, which was marked by the closure of the MegaUpload website, is considered the largest cyber attack of this group of anonymous hackers (the names of figures are still a mystery to intelligence agencies around the world). This event was the starting point for a devastating DDoS attack on the websites of a number of American institutions (among which are also the FBI, the White House and the US Department of Justice). In April 2013, the same cyber group launched an attack on more than a hundred Israeli sites in response to the start of the Cloud Pillar military operation in the Gaza Strip. In total, the automated information technologies affected by that attack suffered approximately $ 3 billion in damage (according to Anonymous estimates).

It is also noteworthy that this list of the most destructive cyber attacks is just the tip of the iceberg against the background of what happens daily on the other side of the monitor in virtual space.

Not every attack leads to any results (not to mention even the above achievements). That is why hackers never rest on their laurels, increasingly organizing themselves in groups and steadily continuing to develop new threats to information security.

Watching Information Security

An uncountable number of world-class programmers are not in vain eating their bread with multimillion-dollar investments in antivirus developments. Each product that is developed to combat the widest possible range of malware has its own corporate features and features.It is they who basically determine the competitiveness of antiviruses in practice against numerous virtual threats. Unfortunately, not even all employees of anti-virus companies are entrusted with knowing such information, however, the general principle of operation of data protection software technologies remains unchanged to this day:

1. Reactive security approach. The essence of the method is to classify and prohibit any malicious activity only if one is detected. This technology has one significant drawback - the first moments of the start of the virus before it can be detected can cause some damage. Worst case scenario - malicious activity will not be noticed as quickly as possible with a similar protection technology. A vivid example of this is the Stuxnet worm, which caused serious damage to the Iranian nuclear program. It was discovered solely due to a successful combination of circumstances in the event of a malfunction in the computer that was completely unrelated to the purpose of that attack.
2. Proactive information security technologies. Such technology prohibits any action in computer systems, except for a certain list of permitted. The process of introducing such protection requires a lot of attention and effort, however, professional configuration allows you to get rid of the need for constant updates. In addition, a higher level of data security is provided - the technology is inherently capable of protecting information even from unknown threats.

Cybercrime and Punishment: International Information Security Practices

Of course, hackers of this world could feel much more confident and bolder if the "Law on the Protection of Information" was only an empty phrase at the state level.

• USA: It was this country that issued the first ever bill to protect the field of information technology (1977). Already on its basis in 1984, a law was developed on fraud and abuse using computers. Punishment for committed cybercrime - from a fine to a very long prison term. First of all, this is affected by the severity of the crime itself, the assessment of the damage caused, as well as the criminal past of the offender. Today, the US Congress intends to introduce tougher amendments to this normative act, in fact, equating cybercrimes with real ones.
• Russia: actions of hackers on the territory of the Russian Federation may involve both criminal, administrative, or civil liability. Disclosure of information for a limited circle of persons, as well as violation of the established rules for storage / use / dissemination of personal data entails a fine in the amount of from 20 to 300 thousand rubles (depends on the amount of damage caused). Criminal liability (according to article 273 of the Criminal Code of the Russian Federation) is provided for the creation / distribution of malware and entails a penalty of imprisonment of up to seven years (depending on the severity of the consequences of the act) and a fine of up to two hundred thousand rubles.
• Great Britain: in this country, since 1990, the Computer Abuse Act has been in force, which provides for criminal liability for unlawfully gaining access to any programs or data using a computer; access to a computer, through which programs and / or data are destroyed; unauthorized movement or copying of information; as well as corny for illegal possession and use of data. British information protection does not stop there. In 2000, the Law on Terrorism was adopted, which also affects the area of ​​cyberspace. According to him, terrorist acts are unauthorized interference and / or disruption of any electronic system, which provides, depending on the damage, a fine or imprisonment of up to six months.
• Germany: data protection, according to German policy, is defined by the term Daten in article 202 of the Criminal Code - data stored and transmitted electronically / magnetic / otherwise not directly perceived visually. Violators convicted of unlawful destruction, alteration or corruption of data may face both a fine and a prison term of up to two years - it depends solely on the nature and extent of the damage caused. Those who illegally obtained data that have protection against unauthorized access, in order to benefit for themselves or for a third party, are punished by the authorities with imprisonment for up to three years.

Yo-ho-ho and stolen copies: pirate robbery of information resources

The frontline of the struggle between hackers and the corporate system closest to the vast majority of users is piracy. Illegal copying and distribution of intellectual property, the rights to which is protected by the letter of the law of any civilized (and not so) country, results in certain losses for IT companies. In some cases, we are talking only about tiny losses, and in others, billions of US dollars are being spent (Microsft has been confirming disappointing statistics of loss for a year already).

Such concerns are absolutely not interesting to ordinary people, and many private offices, because computer piracy offers everyone who wants it licensed copies of the same product, but at a much lower cost. And in many cases, even without requiring any payment (how often at least one of us has come across paid torrent tracker ?!).

However, let's not forget that those same hacker clans and associations on the Internet are not holy messengers who arrived to free ordinary people from the evil tyranny of the corporate system. They are the same people as all of us, with specific skills. And not so often they work only on enthusiasm, because for the most part they work for their own benefit. And sometimes "pirates" with an unquenchable thirst for profit are able to bring much more trouble and costs to the end user than the IT companies, so often criticized for their imperfect information protection technologies.

• There are frequent cases when the installation of pirated software resulted in the theft of confidential data, hacked mail and loss of accounts on various network resources.
• A significant drop in computer performance. An incredible amount of pirated content entails the installation of virus software that generates revenue for the distributor of an unlicensed product due to the system’s operability and, of course, the comfort of the user himself. Cases of secretly introducing so-called “miners” into a number of pirated programs and computer games — programs that enriched virtual wallets of a cryptocurrency distributor based on the computing resources of a user's computer — do not go unnoticed.
• And this is the best case when using pirated content there is only a decrease in performance. The most deplorable result is a complete failure of the system.

Although the largest torrent trackers with a well-known name and strong reputation are unlikely to let content go to the masses without first checking it for performance and security for users, nevertheless, none of the owners of "pirate bays" never takes responsibility for the contents of the tracker.

In any case, you should remember: a pirated product will never receive technical support from an official developer in case of failures and malfunctions. Updates can sometimes be also unavailable, and the law on information protection threatens legal liability and loss of reputation.

User Data Protection Basics

Most of the users in everyday life will also find some key methods that will help secure any data on the Internet.This primarily applies to your accounts on various resources, in social networks, personal accounts in electronic payment systems, etc.

And even if for a moment it may seem that hackers of any stripe are absolutely uninteresting in the data of individual persons, this is not entirely true. After all, they often need data not so much hundreds as thousands of ordinary users like you, and how they can illegally dispose of the hacked good for their own mercenary purposes - they will think for sure, rest assured.

That is why everyone who uses the Internet is strongly recommended to observe the simplest rules for protecting their information, which will increase the chances of its safety and integrity:

• Pay attention to your username and password. It is the data to enter the site that is a priority goal for a wide range of hackers. The analogy with door locks will be best understood here: the more complex the mechanism, the more time, experience and effort the attacker will need for a successful hack. Therefore, be sure to make sure that the passwords of accounts registered on various sites are unique (i.e. non-repeating). Moreover, each of them should consist of at least 8 characters, including both letters and numbers. It is also advisable to activate the function "Double Authentication", if any, in the security settings on the site. Careful adherence to all of these techniques is the best data protection against intruders!
• The only one who knows the important information is only I.. Never, under any circumstances, give anyone key information such as passwords or various PIN codes (primarily for bank cards). In no legal structure can this information be needed in any way (sites store user passwords on their own servers). The only thought that should visit you with any such requests is “scammers trying to gain access rights”.
• Do not neglect network control software. Antivirus software, proven over the years, is an excellent protection for user comfort and safety. Timely updated anti-virus packages from well-known developers (Dr. Web, Eset, Kaspersky) will protect your computer from any malicious spyware, worms and viruses.

Wi-Fi Network Security

Often, attackers not only resort to direct hacking of users' computers in search of valuable information, but also do not disdain using wireless Wi-Fi networks to carry out their activities. For example, to distribute and transmit extremist or other illegal materials. The ability to actually do something similar with impunity, hiding, in fact, by someone else's "mask", quite often pushes hackers to crack the protection of user wireless access points. At the same time, they will ask for the violation of the law from the user himself.

It is quite possible to avoid such unauthorized access, the main thing is to have all access rights to the settings of your own router (for this you need to know its IP and login with a password) and take a number of simple steps:

• Create strong and unique passwords for your router and Wi-Fi network. This is the very first point on which you should pay attention: do not give the router and the access point created by it the same passwords (otherwise user identification will lose all meaning). Use in both cases different sets of characters and numbers, and longer combinations will significantly increase the protection from almost any means of selecting passwords for Wi-Fi devices.
• Hiding the access point itself will also reduce the likelihood of an attack on your network.
• By lowering the signal strength of the router to reasonable limits (so that wireless access to the network is exclusively within the boundaries of the desired room), you not only reduce the interference of nearby Wi-Fi devices, but also make it less noticeable to prying eyes.
• Enable encryption. The most common methods are WEP (outdated and least reliable), WPA and WPA2 (modern and providing excellent protection).
• Do not forget to update the firmware of the router.

An unprotected wireless network and a router can turn out to be a lot of problems for the owner at any time, however, even such simple protection methods can fully protect the user from any attempts by cybercriminals.