SECTION 6 © National Institutes and IT Security Organizations SANS (System Administration, Networking, and Security) Institute ECRC - Electronic Commerce Resource Center  National Government Security Agencies Federal Bureau of Investigation Carnivore National Infrastructure Protection Center (NIPC) National Security Agency Echelon Royal Canadian Mounted Police Canadian Security Intelligence Service National Government Scams Nigeria Leading Companies in IT Security KPMG Investigation and Security Inc.

As taught by Prof. Tim Richardson School of Marketing & e-Business, Faculty of Business, Seneca College, Canada

last updated 2002 Dec 28
 

In SAN's web page, which includes the listing "How To Eliminate The Ten Most Critical Internet Security Threats" their introduction serves to provide some important points we should consider in beginning this section of the IEC 719 course, namely:

The majority of successful attacks on computer systems via the Internet can be traced to exploitation of one of a small number of security flaws.  Recent compromises of Windows NT-based web servers are typically traced to entry via a well-known vulnerability.  A few software vulnerabilities account for the majority of successful attacks because attackers are  opportunistic – taking the easiest and most convenient  route. They exploit the best-known flaws with the  most effective and widely available attack tools. They  count on organizations not fixing the problems, and  they often attack indiscriminately, by scanning the  Internet for vulnerable systems. System administrators report that they have not corrected these flaws because they simply do not know which of over 500 potential problems are the ones that are most dangerous, and they are too busy to correct them all

.
 

The SANS Institute http://www.sans.org Bethesda, Maryland, USA in their own words "The SANS (System Administration, Networking, and Security) Institute is a cooperative research and education organization through which more than 96,000 system administrators, security professionals, and network administrators share the lessons they are learning and find solutions for challenges they face. SANS was founded in 1989."

What products does SANS offer people interested in the most contemporary and reliable internet security information? SANS offers three different free electronic subscriptions:  Security Alert Consensus (SAC) - weekly One definitive weekly summary of new alerts and countermeasures week with announcements from: SANS, CERT, the Global Incident Analysis Center, the National Infrastructure Protection Center, the U.S.  Department of Defense, Security Portal, Sun, and several other vendors. SANS NewsBites - weekly  NewsBites keep up with everything going on in the computer security world. A dozen or two articles, each just one, two, or three sentences in length, elaborate a URL that points to the source of the  detailed information SANS Windows Security Newsletter - monthly  provides updates to NT Security: Step-by-Step and guidance on new Hotfixes and Service Packs that should and should not be implemented. It also summarizes new threats and bugs found in Windows and its services.

.

The ECRC Program is sponsored by the U.S. Department of Defense Joint Electronic Commerce Program Office (JECPO). The Bremerton ECRC is operated by Concurrent Technologies Corporation, EDC of Kitsap County and Olympic College for JECPO	Electronic Commerce Resource Center 'ECRC' Bremerton, WA  USA  The ECRC describes itself as a "clearinghouse and jumpstation for electronic commerce information and resources"
"The Security Resources page includes resources on a variety of security issues, including document transfers, financial transactions, firewalls, and virus information. The ECRC also offers a free Internet Security Issues seminar"	http://www.becrc.org/security.htm

. .
.

 

National Government Involvement in internet crime and e-business Security                                 National Government Involvement in internet crime and e-business Security

. In this section, which we may not have time to discuss in class, there will be provided some links to web sites from various security and police agencies of national governments. It is hoped that you will be able to read a couple of these articles to get some idea of the degree to which the FBI, CIA, RCMP, CSIS etc. may or may not, be understanding of, and contributing to, a more safe environment for business on the Web. WTGR .  It was announced in August 2000 that The Federal Bureau of Investigation (FBI) will head up this year's World E-Commerce  Forum, at which global Internet security will be an issue for the first time. The full story announcing this event, written by Jennifer Hampton, was in the E-commerce Times in August.  www.ecommercetimes.com/news/articles2000/000804-7.shtml The reason why you would read this article is because it mentions that Michael Vatis, director of the FBI's  computer crime investigation unit "the goal of the summit ... is to identify how a global Internet security agency can be established, and how international law can be utilized to develop and enforce penalties against hackers and virus-mongers" "The National Infrastructure Protection Center (NIPC) serves as a national critical infrastructure threat assessment, warning, vulnerability, and law enforcement investigation and response entity." Recommended by Mr. Sean Rooney  http://www.nipc.gov/warnings/advisories/2000/00-060.htm in this particular document "... the NIPC has observed that there has recently been an increase [December 2000]  in hacker activity specifically targeting U.S. systems associated with e-commerce and other internet-hosted sites. The majority of the intrusions have occurred on Microsoft Windows NT systems, although Unix based operating systems have been victimized as well. The hackers are exploiting at least three known system vulnerabilities to gain unauthorized access and download propriety information. Although these vulnerabilities are not new, this recent activity warrants additional attention by system administrators. In most cases, the hacker activity had been ongoing for several months before the victim became aware of the intrusion."

.

Chpt 5 Regulatory Environment	Regulatory Environment 2nd ed. page 157 Carnivore "Carnivore, as the general public has learned, is a software program that can monitor and track packets of data passing through an ISP's network. Government officials claim that the software will only be used in those instances in which a court order has been obtained to monitor a specific, alleged criminal act. Privacy advocates do not trust the intent or use of the software, and worry that widespread monitoring of e-mail contents will occur."
	"Carnivore attaches a combination of hardware and software  applications to the network of an Internet Service Provider (ISP) and scans all of the e-mail and other transmissions to  locate a "target" piece of e-mail or communication from a specific person or suspect. Carnivore can analyze millions of messages per second while it searches for the specific messages that it wants.   The FBI is developing Carnivore to help the agency police cyberspace. Law enforcement officials have expressed increasing concern over how the Internet is used illegally for those who would anonymously distribute child pornography, steal confidential proprietary information or wreak havoc on e-commerce giants by hacking into their systems".  by Dan Gebler  E-Commerce Times  August 3, 2000  full online article at  www.ecommercetimes.com/news/articles2000/000803-2.shtml
	The FBI's own statement on their web site about using "Carnivore" at  http://www.fbi.gov/hq/lab/carnivore/carnivore.htm  "In recent years, the FBI has encountered an increasing number of criminal investigations in  which the criminal subjects use the Internet to communicate with each other or to communicate with their victims. Because many Internet Service Providers (ISP) lacked the ability to discriminate communications to identify a particular subject's messages to the exclusion of all others, the FBI designed and developed a diagnostic tool, called Carnivore.  The Carnivore device provides the FBI with a "surgical" ability to intercept and collect the  communications which are the subject of the lawful order while ignoring those  communications which they are not authorized to intercept. This type of tool is necessary to meet the stringent requirements of the federal wiretapping statutes. The Carnivore device works much like commercial "sniffers" and other network diagnostic  tools used by ISPs every day, except that it provides the FBI with a unique ability to  distinguish between communications which may be lawfully intercepted and those which  may not. For example, if a court order provides for the lawful interception of one type of  communication (e.g., e-mail), but excludes all other communications (e.g., online shopping)   the Carnivore tool can be configured to intercept only those e-mails being transmitted either  to or from the named subject."  www.fbi.gov/hq/lab/carnivore/carnivore2.htm

 

National Government Involvement in internet crime and e-business Security             National Government Involvement in internet crime and e-business Security

The RCMP's  Computer Crime Prevention webpage with sections on Steps to establish and maintain an adequate computer security program Common Methods to Commit Computer Related Crime Computer Virus  www.rcmp-grc.gc.ca/html/ccprev.htm This section of the RCMP web site is not very extensive but it does include a small section on the basics of PKI - Public Key Infrastructure "Emerging Internet-related crimes include piracy, copyright infringement, currency and document counterfeiting, smuggling, hate- and sex-related offences, stalking, extortion, mischief, conspiracy, theft, fraud, and gambling." from an article on the RCMP web site titled "Business in Internet-related crime is booming"  www.rcmp-grc.gc.ca/html/online000128a.htm Maclean's online magazine had a story June 12th, 2000,  "Canada's police are only starting to catch up with hackers and other criminals who target online computer users" The article mentions a number of well known internet security situations that have happened and says that "Canada's response has been relatively low-key" written by Chris Wood with Brenda Ranswell in Montreal and Robert Scott in  Toronto RCMP involvement with e-businesses that have been hit by cyber crime. A recent example (Feb 2000) is what happened to the HMV website. Basically, it was a denial of service attack.  HMV's site went offline for an hour Feb. 7 after being flooded with bogus information.  Full story was available on the Toronto Star's web site

National Government Involvement in internet security

Echelon "Designed and coordinated by NSA, [America's National Security Agency] the ECHELON system is used to intercept ordinary e-mail, fax, telex, and telephone communications carried over the world's  telecommunications networks. Unlike many of the electronic spy systems developed during the Cold War, ECHELON is designed primarily for non-military targets:  governments, organizations, businesses, and individuals in virtually every country. It potentially affects every person communicating between (and sometimes within) countries anywhere in the world. "

click on the screen capture to access this section

Professional Security Service Companies

KPMG Investigation and Security Inc. part of the large KMPG accounting and consulting group of companies  http://www.kpmg.ca/english/services Norman Inkster is the President of KPMG ISI and is best known for being the former Commissioner for the RCMP Many of the large professional service firms such as KPMG, Price Waterhouse Coopers, Ernst & Young have publications on their web sites re: e-commerce KPMG has e.fr@ud.survey.2000   http://www.kpmg.ca/english/services/fas/publications/efraudsurvey2000.html