1
00:00:00,970 --> 00:00:07,400
Walk into the module which will discuss computer attack methods we will try to get an overview of the

2
00:00:07,750 --> 00:00:15,310
process in situations where the target is a typical computer system the issues we will mention in this

3
00:00:15,310 --> 00:00:18,450
module will be discussed in more detail later on.

4
00:00:21,150 --> 00:00:28,430
Knowledge about attack methods is necessary to develop effective protective measures in order to create

5
00:00:28,430 --> 00:00:29,510
a security policy.

6
00:00:29,510 --> 00:00:32,130
We need more than just what we mentioned before.

7
00:00:33,620 --> 00:00:39,220
Which is an assessment of resources and consequences of their loss.

8
00:00:39,220 --> 00:00:46,420
We also need to know attack methods cyber attackers develop these methods years ago but they are constantly

9
00:00:46,420 --> 00:00:50,420
being updated and refined.

10
00:00:50,490 --> 00:00:58,040
What characterizes attack methods in general gathering information about a prospective target is the

11
00:00:58,040 --> 00:00:59,000
first phase.

12
00:01:00,350 --> 00:01:05,940
The information attackers are interested in making certain a certain system in general or users of that

13
00:01:05,940 --> 00:01:08,560
system.

14
00:01:08,610 --> 00:01:14,400
The more information they manage to gather the easier it is for them to conduct a successful attack.

15
00:01:16,800 --> 00:01:18,760
Why successful attack.

16
00:01:18,900 --> 00:01:24,120
We mean one that achieves its aims and remains undetected for a sufficiently long period of time.

17
00:01:26,590 --> 00:01:33,590
The next phase of the attack is looking for entry points entry points or elements of the system which

18
00:01:33,590 --> 00:01:38,620
allowed direct interaction with a user or the system.

19
00:01:38,660 --> 00:01:43,580
One of the most common forms of attack is gaining access to a computer system and tracking the data

20
00:01:43,580 --> 00:01:46,960
flow in local networks.

21
00:01:46,960 --> 00:01:51,690
Lots of data is sent as plain text and many resources are not sufficiently protected.

22
00:01:54,450 --> 00:02:01,320
Very often such resources and data could be classified as sensitive private or confidential and prove

23
00:02:01,320 --> 00:02:05,320
useful for an attacker.

24
00:02:05,460 --> 00:02:10,770
After gaining control over a system the attacker will try to ensure that they will be able to access

25
00:02:10,770 --> 00:02:11,620
it again.

26
00:02:14,240 --> 00:02:21,710
This means they'll try to get administrator privileges they will also try to hide traces of the attack

27
00:02:21,860 --> 00:02:26,350
because the longer it goes undetected the more beneficial it is for the attacker.

28
00:02:30,950 --> 00:02:37,660
First we will consider a very distinctive category of attacks that is local attacks.

29
00:02:37,750 --> 00:02:40,500
They are very successful for one simple reason.

30
00:02:41,710 --> 00:02:46,520
Most of the popular security solutions do not protect computers against local attacks.

31
00:02:47,980 --> 00:02:54,520
As we've mentioned before no computer program which includes operating systems can fulfill its function

32
00:02:54,790 --> 00:02:56,380
when it's switched off.

33
00:02:58,420 --> 00:03:04,030
If you run another operating system on the computer you will get access to all data stored on every

34
00:03:04,030 --> 00:03:06,660
hard drive unless the data is encrypted.

35
00:03:11,230 --> 00:03:14,020
How can we get protected against local attacks.

36
00:03:15,140 --> 00:03:18,490
Technological solutions prove ineffective.

37
00:03:18,630 --> 00:03:21,840
The only effective solution is a security policy.

38
00:03:22,840 --> 00:03:30,950
A successful security policy will include careful control over who gets access to the computers.

39
00:03:31,010 --> 00:03:36,110
One of the most basic security measures for companies is to prevent unauthorized people from entering

40
00:03:36,110 --> 00:03:37,150
the premises.

41
00:03:41,260 --> 00:03:47,110
Everyone on the premises must be required to authenticate their identity usually.

42
00:03:47,250 --> 00:03:51,950
Each employee is required to carry an ID badge that proves his or her identity.

43
00:03:53,510 --> 00:03:57,780
Moreover there are ID badges for visitors.

44
00:03:57,790 --> 00:04:01,730
The problem is that a typical visitor badge is all too easy to fake.

45
00:04:03,340 --> 00:04:07,320
It's just a white piece of plastic with the large word visiter written over it.

46
00:04:09,250 --> 00:04:16,400
Everyone can make one for themselves making a unique ID badge for every visitor would be inefficient.

47
00:04:16,870 --> 00:04:26,350
But even the guest ID badge must be made hard to fake a person wearing such a badge looks more trustworthy.

48
00:04:26,350 --> 00:04:32,760
You should also keep an eye on staff to work on the premises but are not your direct employees.

49
00:04:32,780 --> 00:04:39,410
This man could contract workers such as plumbers electricians or telecommunications specialists.

50
00:04:39,520 --> 00:04:44,400
Remember that a uniform is not necessarily proof of anything.

51
00:04:44,500 --> 00:04:52,220
Nowadays it's relatively easy to get almost any kind of uniform some dress themselves as a postman or

52
00:04:52,220 --> 00:04:55,480
a Chimney-Sweep in order to reinforce their fake identity.

53
00:04:57,770 --> 00:05:02,690
To counter this danger give your employees clear guidelines on how to act when they spot a stranger

54
00:05:02,690 --> 00:05:04,070
on the premises.

55
00:05:04,820 --> 00:05:09,710
An employee should approach the stranger and offer to help in looking for a specific person or department.

56
00:05:11,270 --> 00:05:14,780
Strangers should not be allowed to walk freely on the premises.

57
00:05:15,680 --> 00:05:20,660
The stranger who manages to gain physical access to a computer can give full control over it.

58
00:05:23,210 --> 00:05:27,370
There are some other basic mistakes we should always avoid.

59
00:05:27,390 --> 00:05:36,000
One of them is allowing access to BIOS settings BIOS settings allow you to control the computer's startup.

60
00:05:36,090 --> 00:05:40,990
Therefore access to BIOS should be restricted.

61
00:05:41,000 --> 00:05:45,840
This can be done by using a password other than the default.

62
00:05:45,870 --> 00:05:52,250
We will discuss the issue of default passwords later on so control who enters the premises and protect

63
00:05:52,250 --> 00:05:58,920
BIOS settings from unwanted changes.

64
00:05:58,930 --> 00:06:03,950
Also it's not advisable to boot up a computer from CD.

65
00:06:03,980 --> 00:06:06,320
Sometimes this may be a default option.

66
00:06:06,320 --> 00:06:11,500
What is possible that it was set by a potential attacker.

67
00:06:11,540 --> 00:06:17,860
Moreover it should not be easy to open up a system unit when someone gets access to the hard drive that

68
00:06:17,870 --> 00:06:19,130
can make a clone of it.

69
00:06:20,590 --> 00:06:25,780
It's hard to protect your computer against such manipulation.

70
00:06:25,820 --> 00:06:30,620
However a user or an administrator should be able to tell whether the computer was compromised in such

71
00:06:30,620 --> 00:06:31,310
a way.

72
00:06:33,600 --> 00:06:36,990
Normally you should not leave computer cases open.