Cybersecurity: Crash Course Computer Science #31
Summary
TLDRIn this CrashCourse Computer Science episode, Carrie Anne explores the importance of cybersecurity, emphasizing the need to protect computer systems and data from threats. She explains the three main goals of cybersecurity: secrecy, integrity, and availability, and how they are compromised through data breaches, unauthorized modifications, and denial of service attacks. The video delves into threat modeling, authentication methods (what you know, what you have, and what you are), and the significance of access control through permissions and models like Bell-LaPadula. Carrie Anne also touches on the challenges of ensuring software security and the strategies to mitigate risks, including code auditing, isolation, and sandboxing.
Takeaways
- đ Cybersecurity is crucial for protecting computer systems and data from unauthorized access and malicious activities, just as physical security measures protect our real-world assets.
- đ The three main goals of cybersecurity are to ensure the secrecy (confidentiality), integrity, and availability of computer systems and data.
- đ€ Authentication is the process of verifying the identity of users, and it can be based on 'what you know' (like passwords), 'what you have' (like keys or tokens), or 'what you are' (biometrics).
- đ 'What you know' authentication is vulnerable to brute force attacks where hackers use automated systems to guess passwords or PINs.
- đĄïž Longer and more complex passwords, or using passphrases, significantly increase the difficulty for attackers to crack them through brute force.
- đ 'What you have' authentication relies on physical possession, which is harder for remote attackers to compromise but can be copied or stolen if the attacker is physically close.
- đïžâđšïž 'What you are' authentication uses biometrics, which can be very secure but also has issues with accuracy and the permanent nature of biometric data.
- đ Two-factor or multi-factor authentication combines multiple forms of authentication to provide stronger security by making it harder for attackers to compromise multiple factors.
- đ Access Control Lists (ACLs) define who can read, write, or execute files, folders, and programs, ensuring that users only have access appropriate to their clearance level.
- đ ïž The Bell-LaPadula model is an access control model that prevents 'read up' and 'write down' privileges to maintain secrecy and prevent accidental information leaks.
- đ Isolation techniques like sandboxing applications or using virtual machines limit the damage from a compromised program by containing it within a separate environment.
Q & A
What is the primary purpose of cybersecurity?
-The primary purpose of cybersecurity is to minimize crime and harm in the virtual world, similar to how physical security measures like locks, fences, and police officers minimize crime in the real world.
What are the three main goals of cybersecurity?
-The three main goals of cybersecurity are to protect the secrecy (confidentiality), integrity, and availability of computer systems and data against threats.
What is a threat model in the context of cybersecurity?
-A threat model is a specification that profiles potential attackers, including their capabilities, goals, and probable means of attack, known as an attack vector. It helps security experts prepare against specific threats rather than being overwhelmed by all possible attack methods.
Why is it important to differentiate between 'what you know', 'what you have', and 'what you are' authentication methods?
-Differentiating between these authentication methods is important because each has its own strengths and weaknesses. 'What you know' relies on knowledge of a secret, 'what you have' on possession of a token, and 'what you are' on biometric data. Understanding these differences helps in choosing the most appropriate method for a given security scenario.
How does a brute force attack work?
-A brute force attack works by systematically trying every possible combination of a password or PIN until the correct one is found. It is a trial-and-error method that relies on computational power rather than clever algorithms.
What is the significance of using complex passwords with a mix of characters?
-Using complex passwords with a mix of upper and lowercase letters, special symbols, and numbers significantly increases the number of possible combinations, making it much harder for attackers to guess or crack the password through methods like brute force attacks.
Why is two-factor or multi-factor authentication recommended for important accounts?
-Two-factor or multi-factor authentication is recommended because it adds an additional layer of security. Even if an attacker guesses your password or steals your authentication token, it is much harder for them to compromise both factors, providing stronger protection for important accounts.
What is the Bell-LaPadula model and how does it relate to access control?
-The Bell-LaPadula model is an access control model that enforces the principles of 'no read up' and 'no write down'. It ensures that users with lower clearance levels cannot access higher classified information and that users with higher clearance cannot inadvertently leak information by writing it to lower classified files.
How can the principle of isolation help in computer security?
-The principle of isolation in computer security helps by containing the damage caused by a compromised program. By sandboxing applications or running them in separate virtual machines, if one program is compromised, it is less likely to affect other programs or the overall system.
What is the role of independent verification and validation in ensuring software security?
-Independent verification and validation play a crucial role in software security by having code audited by a crowd of security-minded developers. This process helps identify and fix vulnerabilities that the original developers might have missed, thus enhancing the security of the software.
Outlines
đ Introduction to Cybersecurity
Carrie Anne introduces the topic of cybersecurity, emphasizing the importance of protecting computer systems and data from threats, similar to how physical security is maintained in the real world. Cybersecurity aims to ensure the confidentiality, integrity, and availability of information. The paragraph discusses the three main goals of cybersecurity: secrecy (confidentiality), integrity, and availability. It also introduces the concept of a threat model, which is a framework for understanding potential attackers and their capabilities, helping to prepare defenses against specific threats. The analogy of securing a laptop against different threat models, such as a nosy roommate versus a mischievous sibling, illustrates how security measures are tailored to the perceived threat.
đ Authentication Methods in Cybersecurity
This section delves into the various methods of authentication used to verify the identity of users. The three primary types are 'What you know' (e.g., passwords), 'What you have' (e.g., security tokens), and 'What you are' (e.g., biometrics). Each method has its pros and cons. For instance, passwords are susceptible to guessing or brute force attacks, while physical tokens can be stolen or lost. Biometric authentication, although seemingly secure, faces challenges like the inability to reset compromised data and the potential for false positives or negatives. The paragraph highlights the importance of using complex passwords and the concept of two-factor or multi-factor authentication to enhance security. It also touches on access control, which involves defining permissions and access control lists to regulate what authenticated users can do within a system.
đĄ Advanced Security Measures and Future Topics
The final paragraph discusses advanced security measures such as minimizing code to reduce the chance of implementation errors, the concept of a 'security kernel' or 'trusted computing base', and the practice of Independent Verification and Validation (IV&V) to audit code for security. It also mentions the DEF CON conference as a place where security experts share knowledge. The principle of isolation is introduced to limit the damage when a system is compromised, with techniques like sandboxing applications or running virtual machines. The paragraph concludes with a teaser for upcoming episodes, which will cover network security, hacker methods, and encryption, and ends with practical advice for viewers on password strength, two-factor authentication, and email safety.
Mindmap
Keywords
đĄCybersecurity
đĄThreat Model
đĄAuthentication
đĄAccess Control
đĄConfidentiality
đĄIntegrity
đĄAvailability
đĄBrute Force Attack
đĄMalware
đĄIsolation
đĄVirtual Machines
Highlights
Cybersecurity is crucial for minimizing crime and harm in the virtual world, similar to physical security measures in the real world.
Computers lack ethics and can be used for both beneficial and malicious purposes.
Cybersecurity aims to protect the secrecy, integrity, and availability of computer systems and data.
Secrecy ensures only authorized access to systems and data, like preventing data breaches.
Integrity ensures only authorized users can modify systems and data, preventing impersonation attacks.
Availability ensures continuous access to systems and data, countering Denial of Service Attacks.
A threat model profiles potential attackers to prepare against specific threats.
Physical security measures can be adapted to digital contexts, like hiding a laptop in a dirty laundry hamper.
Authentication methods include 'what you know', 'what you have', and 'what you are', each with pros and cons.
Brute force attacks attempt all possible combinations to gain unauthorized access.
Longer and more complex passwords significantly increase the difficulty for attackers.
Biometric authentication, like fingerprint readers, offers high security but has its own set of challenges.
Two-factor or multi-factor authentication combines multiple forms of authentication for increased security.
Access Control Lists (ACL) define permissions for users to ensure they only access appropriate resources.
The Bell-LaPadula model prevents 'read up' and 'write down' to maintain information secrecy and integrity.
Security kernels or trusted computing bases aim to minimize code and reduce implementation errors.
Independent Verification and Validation involves auditing code by external developers to find and fix bugs.
Isolation techniques, like sandboxing, limit the damage when a program is compromised.
Virtual Machines provide isolated environments to contain potential security breaches.
Cybersecurity is an ongoing challenge that requires constant vigilance and adaptation to new threats.
Transcripts
Hi, Iâm Carrie Anne, and welcome to CrashCourse Computer Science!
Over the last three episodes, weâve talked about how computers have become interconnected,
allowing us to communicate near-instantly across the globe.
But, not everyone who uses these networks is going to play by the rules, or have our
best interests at heart.
Just as how we have physical security like locks, fences and police officers to minimize
crime in the real world, we need cybersecurity to minimize crime and harm in the virtual
world.
Computers donât have ethics.
Give them a formally specified problem and theyâll happily pump out an answer at lightning
speed.
Running code that takes down a hospitalâs computer systems until a ransom is paid is
no different to a computer than code that keeps a patient's heart beating.
Like the Force, computers can be pulled to the light side or the dark side.
Cybersecurity is like the Jedi Order, trying to bring peace and justice to the cyber-verse.
INTRO
The scope of cybersecurity evolves as fast as the capabilities of computing, but we can
think of it as a set of techniques to protect the secrecy, integrity and availability of
computer systems and data against threats.
Letâs unpack those three goals:
Secrecy, or confidentiality, means that only authorized people should be able to access
or read specific computer systems and data.
Data breaches, where hackers reveal peopleâs credit card information, is an attack on secrecy.
Integrity means that only authorized people should have the ability to use or modify systems
and data.
Hackers who learn your password and send e-mails masquerading as you, is an integrity attack.
And availability means that authorized people should always have access to their systems
and data.
Think of Denial of Service Attacks, where hackers overload a website with fake requests
to make it slow or unreachable for others.
Thatâs attacking the serviceâs availability.
To achieve these three general goals, security experts start with a specification of who
your âenemyâ is, at an abstract level, called a threat model.
This profiles attackers: their capabilities, goals, and probable means of attack â whatâs
called, awesomely enough, an attack vector.
Threat models let you prepare against specific threats, rather than being overwhelmed by
all the ways hackers could get to your systems and data.
And there are many, many ways.
Letâs say you want to âsecureâ physical access to your laptop.
Your threat model is a nosy roommate.
To preserve the secrecy, integrity and availability of your laptop, you could keep it hidden in
your dirty laundry hamper.
But, if your threat model is a mischievous younger sibling who knows your hiding spots,
then youâll need to do more: maybe lock it in a safe.
In other words, how a system is secured depends heavily on who itâs being secured against.
Of course, threat models are typically a bit more formally defined than just ânosy roommateâ.
Often youâll see threat models specified in terms of technical capabilities.
For example, âsomeone who has physical access to your laptop along with unlimited timeâ.
With a given threat model, security architects need to come up with a solution that keeps
a system secure â as long as certain assumptions are met, like no one reveals their password
to the attacker.
There are many methods for protecting computer systems, networks and data.
A lot of security boils down to two questions: who are you, and what should you have access to?
Clearly, access should be given to the right people, but refused to the wrong people.
Like, bank employees should be able to open ATMs to restock them, but not me⊠because
Iâd take it all... all of it!
That ceramic cat collection doesnât buy itself!
So, to differentiate between right and wrong people, we use authentication - the process
by which a computer understands who itâs interacting with.
Generally, there are three types, each with their own pros and cons:
What you know.
What you have.
And what you are.
What you know authentication is based on knowledge of a secret that should be known only by the
real user and the computer, for example, a username and password.
This is the most widely used today because itâs the easiest to implement.
But, it can be compromised if hackers guess or otherwise come to know your secret.
Some passwords are easy for humans to figure out, like 12356 or q-w-e-r-t-y.
But, there are also ones that are easy for computers.
Consider the PIN: 2580.
This seems pretty difficult to guess â and it is â for a human.
But there are only ten thousand possible combinations of 4-digit PINs.
A computer can try entering 0000, then try 0001, and then 0002, all the way up to 9999...
in a fraction of a second.
This is called a brute force attack, because it just tries everything.
Thereâs nothing clever to the algorithm.
Some computer systems lock you out, or have you wait a little, after say three wrong attempts.
Thatâs a common and reasonable strategy, and it does make it harder for less sophisticated
attackers.
But think about what happens if hackers have already taken over tens of thousands of computers,
forming a botnet.
Using all these computers, the same pin â 2580 â can be tried on many tens of thousands
of bank accounts simultaneously.
Even with just a single attempt per account, theyâll very likely get into one or more
that just happen to use that PIN.
In fact, weâve probably guessed the pin of someone watching this video!
Increasing the length of PINs and passwords can help, but even 8 digit PINs are pretty
easily cracked.
This is why so many websites now require you to use a mix of upper and lowercase letters,
special symbols, and so on â it explodes the number of possible password combinations.
An 8-digit numerical PIN only has a hundred million combinations â computers eat that
for breakfast!
But an 8-character password with all those funky things mixed in has more than 600 trillion
combinations.
Of course, these passwords are hard for us mere humans to remember, so a better approach
is for websites to let us pick something more memorable, like three words joined together:
âgreen brothers rockâ or âpizza tasty yumâ.
English has around 100,000 words in use, so putting three together would give you roughly
1 quadrillion possible passwords. Good luck trying to guess that!
I should also note here that using non-dictionary words is even better against more sophisticated
kinds of attacks, but we donât have time to get into that here.
Computerphile has a great video on choosing a password - link in the dooblydoo.
What you have authentication, on the other hand, is based on possession of a secret token
that only the real user has.
An example is a physical key and lock.
You can only unlock the door if you have the key.
This escapes this problem of being âguessableâ.
And they typically require physical presence, so itâs much harder for remote attackers
to gain access.
Someone in another country canât gain access to your front door in Florida without getting
to Florida first.
But, what you have authentication can be compromised if an attacker is physically close.
Keys can be copied, smartphones stolen, and locks picked.
Finally, what you are authentication is based on... you!
You authenticate by presenting yourself to the computer.
Biometric authenticators, like fingerprint readers and iris scanners are classic examples.
These can be very secure, but the best technologies are still quite expensive.
Furthermore, data from sensors varies over time.
What you know and what you have authentication have the nice property of being deterministic
â either correct or incorrect.
If you know the secret, or have the key, youâre granted access 100% of the time.
If you donât, you get access zero percent of the time.
Biometric authentication, however, is probabilistic.Thereâs some chance the system wonât recognize youâŠ
maybe youâre wearing a hat or the lighting is bad.
Worse, thereâs some chance the system will recognize the wrong person as you â like
your evil twin!
Of course, in production systems, these chances are low, but not zero.
Another issue with biometric authentication is it canât be reset.
You only have so many fingers, so what happens if an attacker compromises your fingerprint data?
This could be a big problem for life.
And, recently, researchers showed itâs possible to forge your iris just by capturing a photo
of you, so thatâs not promising either.
Basically, all forms of authentication have strengths and weaknesses, and all can be compromised
in one way or another.
So, security experts suggest using two or more forms of authentication for important
accounts.
This is known as two-factor or multi-factor authentication.
An attacker may be able to guess your password or steal your phone: but itâs much harder
to do both.
After authentication comes Access Control.
Once a system knows who you are, it needs to know what you should be able to access,
and for that thereâs a specification of who should be able to see, modify and use what.
This is done through Permissions or Access Control Lists (ACL), which describe what access
each user has for every file, folder and program on a computer.
âReadâ permission allows a user to see the contents of a file, âwriteâ permission
allows a user to modify the contents, and âexecuteâ permission allows a user to
run a file, like a program.
For organizations with users at different levels of access privilege â like a spy
agency â itâs especially important for Access Control Lists to be configured correctly
to ensure secrecy, integrity and availability.
Letâs say we have three levels of access: public, secret and top secret.
The first general rule of thumb is that people shouldnât be able to âread upâ.
If a user is only cleared to read secret files, they shouldnât be able to read top secret
files, but should be able to access secret and public ones.
The second general rule of thumb is that people shouldnât be able to âwrite downâ.
If a member has top secret clearance, then they should be able to write or modify top
secret files, but not secret or public files.
It may seem weird that even with the highest clearance, you canât modify less secret files.
But, it guarantees that thereâs no accidental leakage of top secret information into secret
or public files.
This âno read up, no write downâ approach is called the Bell-LaPadula model.
It was formulated for the U.S. Department of Defenseâs Multi-Level Security policy.
There are many other models for access control â like the Chinese Wall model and Biba model.
Which model is best depends on your use-case.
Authentication and access control help a computer determine who you are and what you should
access, but depend on being able to trust the hardware and software that run the authentication
and access control programs.
Thatâs a big dependence.
If an attacker installs malicious software â called malware â compromising the host
computerâs operating system, how can we be sure security programs donât have a backdoor
that let attackers in?
The short answer is⊠we canât.
We still have no way to guarantee the security of a program or computing system.
Thatâs because even while security software might be âsecureâ in theory, implementation
bugs can still result in vulnerabilities.
But, we do have techniques to reduce the likelihood of bugs, quickly find and patch bugs when
they do occur, and mitigate damage when a program is compromised.
Most security errors come from implementation error.
To reduce implementation error, reduce implementation.
One of the holy grails of system level security is a âsecurity kernelâ or a âtrusted
computing baseâ: a minimal set of operating system software thatâs close to provably secure.
A challenge in constructing these security kernels is deciding what should go into it.
Remember, the less code, the better!
Even after minimizing code bloat, it would be great to âguaranteeâ that code as written
is secure.
Formally verifying the security of code is an active area of research.
The best we have right now is a process called Independent Verification and Validation.
This works by having code audited by a crowd of security-minded developers.
This is why security code is almost always open-sourced.
Itâs often difficult for people who wrote the original code to find bugs, but external
developers, with fresh eyes and different expertise, can spot problems.
There are also conferences where like-minded hackers and security experts can mingle and
share ideas, the biggest of which is DEF CON, held annually in Las Vegas.
Finally, even after reducing code and auditing it, clever attackers are bound to find tricks
that let them in.
With this in mind, good developers should take the approach that, not if, but when their
programs are compromised, the damage should be limited and contained, and not let it compromise
other things running on the computer.
This principle is called isolation.
To achieve isolation, we can âsandboxâ applications.
This is like placing an angry kid in a sandbox; when the kid goes ballistic, they only destroy
the sandcastle in their own box, but other kids in the playground continue having fun.
Operating Systems attempt to sandbox applications by giving each their own block of memory that
others programs canât touch.
Itâs also possible for a single computer to run multiple Virtual Machines, essentially
simulated computers, that each live in their own sandbox.
If a program goes awry, worst case is that it crashes or compromises only the virtual
machine on which itâs running.
All other Virtual Machines running on the computer are isolated and unaffected.
Ok, thatâs a broad overview of some key computer security topics.
And I didnât even get to network security, like firewalls.
Next episode, weâll discuss some specific example methods hackers use to get into computer
systems.
After that, weâll touch on encryption.
Until then, make your passwords stronger, turn on 2-factor authentication, and NEVER
click links in unsolicited emails!
Iâll see you next week.
Weitere Àhnliche Videos ansehen
CIA Triad
What is a Computer Security Incident Response Team (CSIRT)? | Noname Security
Computer Security | Types of Computer Security | Cybersecurity Course | Edureka
Cybersecurity Awareness Training
Threat to Infomation system- passive & active attack, accidental & intentional threats | MCA b.tech
Introduction to Cybersecurity
5.0 / 5 (0 votes)