1.3. Threats to Security
There are three key words that come up in discussions of computer security issues: vulnerabilities, threats and countermeasures. A vulnerability is a point where a system is susceptible to attack. A threat is a possible danger to the system. The danger might be a person (a system cracker or a spy), a thing (a faulty piece of equipment), or an event (a fire or a flood) that might exploit a vulnerability of the system. The more vulnerability you see in your system, and the more threats you believe are out there, the more carefully you'll need to consider how to protect your system and its information. Techniques for protecting your system are called countermeasures.
Computer security is concerned with identifying vulnerabilities in systems and protecting against threats to those systems.
Every computer and network is vulnerable to attack. Security policies and products may reduce the likelihood that an attack will actually be able to penetrate your system's defenses, or they may require an intruder to invest so much time and so many resources that it's just not worth itbut there's no such thing as a completely secure system.
The following sections demonstrate the typical points of vulnerability in a computer system.
188.8.131.52. Physical vulnerabilities
Your buildings and equipment rooms are vulnerable. Intruders can break into your server room, just as they can break into your home. Once in, they can sabotage and vandalize your network equipment, and they can steal backup media and printouts, or obtain information that will allow them to more easily hack their way in at a later time.
Locks, guards, and biometric devices (devices that test a physical or behavioral traitfor example, a fingerprint, a voiceprint, or a signatureand compare it with the traits on file to determine whether you are who you claim to be) provide an important first defense against break-ins. Burglar alarms and other ordinary types of protection are also effective deterrents.
184.108.40.206. Natural vulnerabilities
Computers are very vulnerable to natural disasters and to environmental threats. Disasters such as fire, flood, earthquakes, lightning, and power loss can wreck your computer and destroy your data. Dust, humidity, and uneven temperature conditions can also do damage.
In areas where obtaining stable power is a problem, facilities employ back-up generators. These can also help during times of extreme weather. Localized protection can be obtained through installing an uninterruptible power supply (UPS). A properly sized UPS will keep a computer energized long enough to shut down properly and without data loss, and provide power conditioning as well. Dust and other hazards are usually controlled by proper filters on the air conditioning and heating systems. If the environment itself tends to be dusty, a simple cloth cover can protect the computer when not in use. Do not cover a computer while it is operating, however, to avoid blocking the internal cooling fans and let the case radiate excess heat. Even temperature will help eliminate some problems, as well. The components and cards in a computer may expand and contract at different rates; they can become loose in their sockets. Avoid dampness in areas where removable media, such as floppy disks, CDs, DVDs, and backup tapes, are stored; mold and fungus are lethal to some media.
220.127.116.11. Hardware and software vulnerabilities
Certain kinds of hardware failures can compromise the security of an entire computer system. If protection features fail, they wreak havoc with your system, and they open security holes. It is also possible to open some "locked" systems by introducing extra hardware, or to use external devices to make a copy of the contents of disks or memory.
Software failures of any kind may cause your system to fail, open your system to penetration, or simply make the system so unreliable that it can't be trusted to work properly and efficiently. Thriving exploration into vulnerabilities by the hacking community means that exploits will be published in online forums, paving the way for those who wish to write and publish viruses or other malicious software to do so. In particular, bugs in security features can open the floodgates to intrusion.
Even if individual hardware and software components are secure, an entire system can be compromised if the hardware components are connected improperly or if the software isn't installed correctly.
18.104.22.168. Media vulnerabilities
Backup media, such as disk packs, tape reels, cartridges, and printouts, can be stolen, or can be damaged by such mundane perils as dust and stray magnetic and electromagnetic fields. Most hard-drive erase operations involve rewriting header files, not actually erasing the entire disk, so sensitive data may be left on magnetic media, easily decoded after a computer is retired or discarded. Even the memory chips in some electronic devices can be scanned for remnants of data or files.
22.214.171.124. Emanation vulnerabilities
All electronic equipment emits electrical and electromagnetic radiation. Electronic eavesdroppers can intercept the signals emanating from computers, networks, and wireless systems, and decipher them. The information stored and transmitted by the systems and networks then becomes vulnerable.
126.96.36.199. Communications vulnerabilities
If your computer is attached to a network or if it can be accessed by a dial-in modem or over the Internet, you greatly increase the risk that someone will penetrate your system. Messages can be intercepted, misrouted, and forged. Communications lines connecting computers to each other, or connecting terminals to a central computer, can be tapped or physically damaged. Radio transmissions, the basis of wireless interconnections such as IEEE 802.11 (Wi-Fi) or IEEE 802.15 (Bluetooth), are particularly susceptible to surreptitious interception.
188.8.131.52. Human vulnerabilities
The people who administer and use your computer system represent the greatest vulnerability of all. If your administrator is poorly trained, or decides to take to a life of crime, your network is in grave peril. Ordinary computer users, operators, and other people on your staff can also be bribed or coerced into giving away passwords, opening doors, or otherwise jeopardizing security in your system.
184.108.40.206. Exploiting vulnerabilities
There's a lot of variation in how easy it is to exploit different types of vulnerabilities. For example, tapping a wireless network can require nothing more than special software installed on a laptop. Logging into a system that has no password protection, minimal controls, or inadequate password policies (e.g., allowing users to leave passwords on sticky notes at their workstations) is almost as easy. Tapping an encrypted fiber-optic communications link, on the other hand, or intercepting emanations from TEMPEST-shielded equipment is much more difficult, even for a dedicated intelligence operation. (See Appendix B for more information on TEMPEST.)
Threats fall into three main categories: natural, unintentional, and intentional.
220.127.116.11. Natural and physical threats
These threats imperil every physical plant and piece of equipment: fires, floods, power failures, and other disasters. You can't always prevent such disasters, but you can find out quickly when one occurs (with fire alarms, temperature gauges, and surge protectors). You can minimize the chance that the damage will be severe (e.g., with certain types of sprinkler systems). You can institute policies that guard against hazards posing special dangers to computers (such as smoking or soda spills). You can also plan for a disaster by backing up critical data off-site and by arranging for the use of a backup system that can be used if an emergency does occur.
18.104.22.168. Unintentional threats
Ignorance creates dangers: for example, a user or a system administrator who hasn't been trained properly, who hasn't read the documentation, and who doesn't understand the importance of following proper security procedures. A user might inadvertently delete a file, or a system administrator might change the protection on the password file or on critical system software, locking out programs and applications that need to access that data. Generally, more information is compromised, corrupted, or lost through ignorance than through malice.
22.214.171.124. Intentional threats
These villains come in two varieties: outsiders and insiders. Some types of attacks are feasible only for certain types of attackers. For example, a casual "browser" isn't likely to intercept and decipher electromagnetic emanations, or to perform a determined cryptographic analysis. Attacks of those kinds can typically be mounted only by sophisticated attackers who have substantial skill and resources (in computing power, money, time, and personnel) behind them.
Outsiders include a number of different categories:
126.96.36.199. Insiders and outsiders
Outsiders may penetrate systems in a variety of ways: simple break-ins of buildings and computer rooms; disguised entry as maintenance personnel; anonymous, electronic entry through modems and network connections; and bribery or coercion of inside personnel.
Although most security mechanisms protect best against outside intruders, survey after survey indicates that most attacks are by insiders. Estimates are that as many as 80 percent of system penetrations are by fully authorized users who abuse their access privileges to perform unauthorized functions. As Robert H. Courtney Jr. put it, "The enemy is already inwe hired them."
There are a number of different types of insiders. The fired or disgruntled employee might be trying to steal; more likely, he's just trying to wreak revenge by disrupting office operations. The coerced employee might have been blackmailed or bribed by foreign or corporate enemy agents. The greedy employee might use her inside knowledge to divert corporate or customer funds for personal benefit. The insider might be an operator, a systems programmer, or even a casual user who is willing to share a password.
Don't forget, one of the most dangerous insiders may simply be lazy or untrained. He doesn't bother changing passwords, doesn't learn how to encrypt email messages and other files, leaves sensitive printouts in piles on desks and floors, and ignores the paper shredder when disposing of documents. More energetic types may take advantage of this laziness and do serious damage.
Often, the most effective system attacks are those that combine a strong outside strategy (for example, breaking into competitors' files to steal their marketing plans) with access by an insider (for example, a marketing assistant who's been bribed to give away a password or steal reports).
There are many different types of countermeasuresmethods of protecting computers and information. This book provides a survey of these methods in several basic categories.
188.8.131.52. Computer security
Earlier in this chapter, the term "computer security" was used in a broad sense to cover the protection of computers and everything associated with them. It's more precise to say that computer security is the protection of the information stored in a computer system, as opposed to protecting information that's being transmitted (which is network security), or protecting the equipment and the facility itself (physical security). Computer security focuses on operating system features that control who can access a system and the data stored in it.
Part II of this book discusses computer security controlsincluding passwords, auditing of security actions, and administrative procedures such as backups that protect stored data. That part also draws distinctions between the various types of security policies available in multiuser computer systems: discretionary access control (DAC), mandatory access control (MAC), and role-based access control (RBAC). Part II also briefly discusses how the government sets standards for computer security and certifies products that meet those standards. Additional coverage is included in Appendix C.
184.108.40.206. Communications security
Communications security is the protection of information while it's being transmitted by telephone, cabling, microwave, satellite, or any other means. This branch of security focuses on network access to computer systems, and the technologies that increase the security of systems allowing such connections to the outside world.
Part III of this book describes encryption, a highly effective method of protecting data either in storage or during transmission. Encryption takes many forms and is applied in several different ways. Part III also discusses a number of other ways to increase network security.
220.127.116.11. Physical security
Physical security is the protection of physical computer equipment from damage by natural disasters and intruders. Physical security methods include old-fashioned locks and keys, as well as more advanced technologies such as smart cards and biometric devices. Part IV of this book discusses physical security and wireless security (steps that can be taken to protect information during wireless transmission).