Unit 10 malicious code attacks

FLAWS IN SOFTWARE

Read and memorize the following words:

software quality – качество программного обеспечения

to settle – решать, принимать решение

to install patches –устанавливать «заплаты»

out-of-the-box settings – установки вне блока(корпуса)

lack of discipline – отсутствие порядка

to seek alternative products-искать альтернативные изделия

to take advantage – воспользоваться преимуществом

software flaws –недостатки программного обеспечения

to prevent–предотвращать

up to date – своевременно

There is considerable debate about software quality and the responsibility of software producers to develop and sell more secure software. There are also numerous perspectives on developer responsibility. Some developers believe that security is the responsibility of the organizations that deploy their prod­ucts. Many users, however, believe that software products should be secure right out of the box. It is not likely that this debate will end any time soon.

One thing that is certain is that organizations cannot wait for the debate to be settled. More than 3,000 vulnerabilities have been discovered during the last three years. Every month, about 200 new software vulnerabilities are discov­ered. This means that organizations need to keep up to date about vulnerabilities in the products they use. Once vulnerabilities are announced, steps must be taken to install patches or seek alternative products for high-risk applications.

Some malicious code attacks did not have to happen. In early 2003 when the Oracle SQL Slammer worm struck, a patch had been available for six months that would have prevented the worm from attacking a system. Many people cast blame for Slammer on system managers for not having patched their systems. There is some validity to that position, but keep in mind that Slammer or a similar worm could have been written to take advantage of vulnerabilities that the patch did not address. With 200 new vulnerabilities being discovered every month, there is always something for an attacker to take advantage of that can cause your organization pain and discomfort.

The main thing to keep in mind is that software flaws and vulnerabilities are chronic. They will never go away. This is one of the conditions that make computer security an ongoing and never-ending process. This point should be constantly reiterated to managers and computer users.

Another one of the major causes of vulnerable systems is how computers and networking devices are configured when they are installed. Several years ago, it was determined that the out-of-the-box settings for many operating systems introduced an unnecessary weakness into a computing environment. Although the out-of-the-box settings allowed the system to function adequately, the set­tings were not optimized for security.

Ongoing configuration is generally weak in most organizations. There is often a lack of documentation regarding how many computers and network devices are configured once they have been installed. Far too many organiza­tions do a poor job of maintaining documentation about their technology. This is caused, in part, by a lack of discipline in IT departments. Another cause of poor documentation is a common trend of understaffing IT departments. Far too many of the problems caused by weak configurations and slowness in patching software products to reduce vulnerabilities can be tied back to inade­quate IT staffing.

Information on security-focused configurations is not difficult to find, and there are several sources of information. Manufacturers can provide advice through their help desks or system documentation.

Questions:

What are organizations debating about?

What do some developers believe about security?

How many vulnerabilities have been discovered during the last three years?

Name all major causes of vulnerable systems.

COMPUTER AND NETWORK ATTACKS

Read and memorize the following words:

malicious attack –злонамеренная атака

unauthorized individual – неправомочный индивидуум

to gain access – получить доступ

ultimate goal – окончательная цель

without the appropriate authorization–без соответствующего разрешения

rough attempt –грубая попытка

software patch –«заплата» программного обеспечения

bug – ошибка, сбой в программе

to prevent further spreading of the virus –предотвратить дальнейшее распространение вируса

to be error prone – быть склонным к ошибке

temporary file – временный файл

to fill –заполнять

fake bank website – поддельный банковский сайт

to make any fraudulent transactions– cовершать любые мошеннические сделки.

Computer or network attacks are a rather broad definition but its main concept of a computer or network attack is a malicious attack directed against services the computer system or network providers. Examples of computer/network attacks are viruses, worms, DoS attacks, use of a system by an unauthorized individual, probing of a system to gather information, or a physical attack against computer hardware. The ultimate goal for an attacker is to gain access to a computer system or network without the appropriate authorization. To get a filling how many different kinds of attack techniques there are and the complexity of some attacks to exploit a computer system or network a rough attempt to categories some of the computer/network attacks are listed down below. Remark, this is NOT all kind of attacks that are possible to use to compromise a computer system/network. There are a finite number of more types of attack techniques that could be used for compromising a computer or network.

Social engineering:

An attacker use deception to gain access to a computer system trough social contacts or technologies. The attacker fools authorized/unauthorized user/users to gain information (passwords, file names, configurations, security policies, etcetera) who he/she dose not have the right to have. For example, a social engineer can call an individual on the telephone impersonating that he/she is from the IT-department and explains for the user that a virus has attack the Local Area Network (LAN) and that the user must install a software patch provided by the attacker to prevent further spreading of the virus. The user thinks he/she helps the "network administrator" but instead he/she provides the social engineer an attack opportunity. The provided software patch is a Trojan horse who the attacker can exploit.