Cybersecurity: Crash Course Computer Science #31
Summary
TLDREl guión de este episodio de CrashCourse en Ciencias de la Computación explora la importancia de la ciberseguridad, comparándola con el Orden Jedi que busca la paz en el cyber-espacio. Se discuten los tres objetivos principales: confidencialidad, integridad y disponibilidad, y cómo se enfrentan los ataques a estos. Se introducen conceptos como modelos de amenaza, autenticación y control de acceso, y se enfatiza la necesidad de múltiples factores de autenticación y el aislamiento de programas para minimizar daños en caso de compromiso. El guión invita a los espectadores a fortalecer sus contraseñas y a tener precaución con los enlaces en correos no solicitados.
Takeaways
- 🌐 La interconexión de las computadoras permite comunicaciones instantáneas a nivel mundial, pero también presenta riesgos de seguridad cibernética.
- 🔒 La ciberseguridad es esencial para proteger los sistemas y datos de amenazas, similar a cómo las medidas de seguridad físicas protegen el mundo real.
- 🤖 Las computadoras no tienen ética; requieren especificaciones formales para resolver problemas y pueden ser manipuladas para actos maliciosos o benignos.
- 🌟 La ciberseguridad se asemeja a la Orden Jedi, buscando mantener la paz y la justicia en el ciberespacio.
- 🔑 La ciberseguridad se enfoca en proteger la confidencialidad, integridad y disponibilidad de los sistemas y datos frente a amenazas.
- 🚨 Los ataques a la confidencialidad, como las filtraciones de datos, afectan la privacidad de la información de las personas.
- 🛡️ La integridad se ve comprometida cuando los atacantes modifican datos o sistemas sin autorización, como enviar correos electrónicos falsificados.
- 🚫 Los ataques a la disponibilidad, como los Denial of Service, impiden el acceso a los sistemas y datos a los usuarios autorizados.
- 🎯 Los expertos en seguridad utilizan modelos de amenaza para identificar y prepararse contra enemigos específicos y sus métodos de ataque.
- 🔑 La autenticación es el proceso por el cual las computadoras identifican a los usuarios, y se puede basar en lo que conoces, lo que tienes o lo que eres.
- 🔒 Los métodos de autenticación, como contraseñas, tokens o datos biométricos, tienen ventajas y desventajas y pueden ser comprometidos de diversas maneras.
- 🔐 La autenticación de múltiples factores aumenta la seguridad al requerir que el usuario demuestre más de una forma de identificación para acceder a un sistema.
- 📋 Los controles de acceso, como las listas de control de acceso (ACL), especifican qué permisos tienen los usuarios sobre archivos, carpetas y programas.
- 🛂 El modelo Bell-LaPadula es una técnica de control de acceso que evita la lectura de información clasificada más alta y la escritura de información clasificada más baja.
- 🛠️ La seguridad de un sistema también depende de la confiabilidad del hardware y software que ejecutan los programas de autenticación y control de acceso.
- 🔍 La verificación y validación independientes, a través de auditorías de código por expertos, ayuda a reducir la probabilidad de errores y vulnerabilidades.
- 🏰 El aislamiento de aplicaciones mediante 'sandboxing' o máquinas virtuales limita el daño en caso de que un programa sea comprometido.
Q & A
¿Qué es la ciberseguridad y por qué es importante?
-La ciberseguridad es un conjunto de técnicas para proteger la confidencialidad, integridad y disponibilidad de los sistemas informáticos y datos frente a amenazas. Es importante para minimizar el crimen y el daño en el mundo virtual, al igual que la seguridad física lo hace en el mundo real.
¿Cuáles son los tres objetivos principales de la ciberseguridad mencionados en el guion?
-Los tres objetivos principales de la ciberseguridad son la confidencialidad (accesibilidad solo para personas autorizadas), la integridad (modificación solo por personas autorizadas) y la disponibilidad (garantizar el acceso continuo a los sistemas y datos).
¿Qué es un modelo de amenaza y cómo ayuda a proteger los sistemas?
-Un modelo de amenaza es una especificación abstracta del 'enemigo', que perfila a los atacantes en términos de sus capacidades, objetivos y posibles medios de ataque. Ayuda a prepararse contra amenazas específicas en lugar de estar abrumados por todas las formas en que los hackers podrían acceder a los sistemas y datos.
¿Cómo se define la autenticación y cuáles son sus tres tipos principales?
-La autenticación es el proceso por el cual una computadora entiende con quién se está interactuando. Los tres tipos principales son: lo que sabes (como una contraseña), lo que tienes (un token secreto como una llave) y lo que eres (autenticación biométrica).
¿Qué es un ataque de fuerza bruta y cómo pueden protegerse las contraseñas contra este tipo de ataques?
-Un ataque de fuerza bruta es cuando un computadora intenta todas las combinaciones posibles de una contraseña o PIN hasta encontrar la correcta. Las contraseñas se pueden proteger haciendolas más largas y complejas, utilizando una mezcla de mayúsculas, minúsculas, números y símbolos.
¿Por qué es recomendable el uso de dos o más formas de autenticación para cuentas importantes?
-El uso de dos o más formas de autenticación, conocido como autenticación de dos factores o multi-factor, hace que sea mucho más difícil para los atacantes obtener acceso a una cuenta, ya que tendrían que comprometer múltiples factores en lugar de solo uno.
¿Qué son los permisos o listas de control de acceso (ACL) y cómo funcionan?
-Los permisos o ACL describen qué acceso cada usuario tiene a cada archivo, carpeta y programa en una computadora. Definen si un usuario puede leer, escribir o ejecutar un archivo, y son esenciales para garantizar la confidencialidad, integridad y disponibilidad de la información.
¿Qué es el modelo Bell-LaPadula y cómo ayuda a proteger la información clasificada?
-El modelo Bell-LaPadula es un enfoque de control de acceso que evita que las personas lean archivos de mayor clasificación de la que están autorizadas (no leer hacia arriba) y que las personas con la clasificación más alta no modifiquen archivos de menor clasificación (no escribir hacia abajo).
¿Qué es un 'núcleo de seguridad' y cómo contribuye a la seguridad del sistema?
-Un 'núcleo de seguridad' o 'base de cómputo confiable' es un conjunto mínimo de software del sistema operativo que se acerca a ser probablemente seguro. Ayuda a reducir la cantidad de código y, por lo tanto, las posibilidades de errores de implementación que podrían resultar en vulnerabilidades.
¿Qué es la verificación y validación independientes y cómo ayudan a mejorar la seguridad del software?
-La verificación y validación independientes es un proceso en el que el código es auditado por un grupo de desarrolladores con enfoque en la seguridad. Esto ayuda a encontrar y solucionar problemas de seguridad que podrían no haber sido identificados por los creadores originales del código.
¿Qué es la técnica de aislamiento y cómo se utiliza para proteger los sistemas informáticos?
-El aislamiento es un principio que consiste en limitar y contener el daño en caso de que un programa sea comprometido. Se puede lograr el aislamiento 'sandboxeando' aplicaciones, corriendo múltiples máquinas virtuales o asignando bloques de memoria separados para cada aplicación en un sistema operativo.
Outlines
🌐 Seguridad Cibernética Básica
El primer párrafo presenta la introducción a la seguridad cibernética, destacando la importancia de proteger los sistemas de computación contra actividades maliciosas. Se compara con la seguridad física y se enfatiza que, al igual que en el mundo real, es necesario proteger la confidencialidad, integridad y disponibilidad de los datos y sistemas. Se menciona la necesidad de un modelo de amenaza para prepararse contra ataques específicos y se describen los tres objetivos principales de la seguridad cibernética: la confidencialidad, la integridad y la disponibilidad.
🔑 Métodos de Autenticación
El segundo párrafo se centra en los métodos de autenticación, que son esenciales para diferenciar a los usuarios autorizados de los no autorizados. Se discuten tres tipos principales de autenticación: lo que conoces (como contraseñas), lo que tienes (como tokens o llaves) y lo que eres (autenticación biométrica). Cada método tiene sus ventajas y desventajas, y se sugiere el uso de múltiples factores de autenticación para mayor seguridad. También se explora el concepto de control de acceso a través de permisos y listas de control de acceso (ACL), que definen qué usuario tiene acceso a qué recursos.
🛡 Modelos de Control de Acceso y Seguridad del Software
El tercer párrafo profundiza en los modelos de control de acceso, como el modelo Bell-LaPadula, y cómo estos garantizan la integridad y confidencialidad de la información. Se discute la importancia de la reducción de errores de implementación mediante la reducción de código y la verificación formal de la seguridad del código. Se menciona la validación y verificación independientes, el uso de núcleos de seguridad y la sandboxing de aplicaciones para limitar el daño en caso de compromiso de seguridad. Finalmente, se advierte sobre los riesgos de hacer clic en enlaces de correos no solicitados y se invita a fortalecer las contraseñas y habilitar la autenticación de dos factores.
Mindmap
Keywords
💡Ciberseguridad
💡Confidencialidad
💡Integridad
💡Disponibilidad
💡Modelo de amenaza
💡Autenticación
💡Contraseña
💡Autenticación de dos factores
💡Control de acceso
💡Modelo Bell-LaPadula
💡Aislamiento
Highlights
Cybersecurity is essential to protect computer systems and data against threats, similar to physical security measures in the real world.
Computers lack ethics and can be used for both beneficial and malicious purposes, highlighting the importance of cybersecurity.
The three main goals of cybersecurity are to ensure the secrecy, integrity, and availability of computer systems and data.
Secrecy, or confidentiality, is violated in data breaches where sensitive information like credit card details are exposed.
Integrity refers to the protection against unauthorized modification of systems and data, such as when hackers impersonate users to send emails.
Availability ensures that authorized users have consistent access to their systems and data, which is threatened by Denial of Service Attacks.
A threat model is a conceptual framework that profiles potential attackers and their capabilities, helping to prepare against specific threats.
The security of a system depends on the threat model it is designed to protect against, such as a nosy roommate or a mischievous sibling.
Authentication is the process of verifying the identity of a user, which is crucial for determining access rights to systems and data.
There are three types of authentication: what you know, what you have, and what you are, each with its own advantages and disadvantages.
What you know authentication, such as passwords, is vulnerable to brute force attacks where computers systematically guess combinations.
Increasing the complexity of passwords and PINs can significantly increase the difficulty of brute force attacks.
What you have authentication involves the use of a physical token, like a key, which is less susceptible to remote attacks but can be compromised physically.
Biometric authentication, or what you are, uses unique physical characteristics for verification but has issues with reliability and irreversibility.
Two-factor or multi-factor authentication combines multiple forms of authentication to enhance security by making it harder for attackers to compromise multiple factors.
Access Control involves specifying permissions for users to determine what they can access, modify, or execute on a computer system.
The Bell-LaPadula model is an access control model that prevents 'read up' and 'write down' to ensure information security within hierarchical systems.
Security kernels or trusted computing bases aim to minimize code to reduce the likelihood of implementation errors and vulnerabilities.
Independent Verification and Validation involves auditing code by external developers to identify and rectify potential security flaws.
Isolation is a principle in computer security that involves containing the damage of a compromised program to prevent it from affecting other systems.
Sandboxing applications is a method of isolation that prevents a compromised application from affecting the entire system by confining it to a restricted environment.
Virtual Machines provide a form of isolation by running programs in simulated environments, limiting the impact of any single program's compromise.
The video concludes with practical cybersecurity advice, emphasizing the importance of strong passwords, two-factor authentication, and caution with unsolicited emails.
Transcripts
Hi, I’m Carrie Anne, and welcome to CrashCourse Computer Science!
Over the last three episodes, we’ve talked about how computers have become interconnected,
allowing us to communicate near-instantly across the globe.
But, not everyone who uses these networks is going to play by the rules, or have our
best interests at heart.
Just as how we have physical security like locks, fences and police officers to minimize
crime in the real world, we need cybersecurity to minimize crime and harm in the virtual
world.
Computers don’t have ethics.
Give them a formally specified problem and they’ll happily pump out an answer at lightning
speed.
Running code that takes down a hospital’s computer systems until a ransom is paid is
no different to a computer than code that keeps a patient's heart beating.
Like the Force, computers can be pulled to the light side or the dark side.
Cybersecurity is like the Jedi Order, trying to bring peace and justice to the cyber-verse.
INTRO
The scope of cybersecurity evolves as fast as the capabilities of computing, but we can
think of it as a set of techniques to protect the secrecy, integrity and availability of
computer systems and data against threats.
Let’s unpack those three goals:
Secrecy, or confidentiality, means that only authorized people should be able to access
or read specific computer systems and data.
Data breaches, where hackers reveal people’s credit card information, is an attack on secrecy.
Integrity means that only authorized people should have the ability to use or modify systems
and data.
Hackers who learn your password and send e-mails masquerading as you, is an integrity attack.
And availability means that authorized people should always have access to their systems
and data.
Think of Denial of Service Attacks, where hackers overload a website with fake requests
to make it slow or unreachable for others.
That’s attacking the service’s availability.
To achieve these three general goals, security experts start with a specification of who
your “enemy” is, at an abstract level, called a threat model.
This profiles attackers: their capabilities, goals, and probable means of attack – what’s
called, awesomely enough, an attack vector.
Threat models let you prepare against specific threats, rather than being overwhelmed by
all the ways hackers could get to your systems and data.
And there are many, many ways.
Let’s say you want to “secure” physical access to your laptop.
Your threat model is a nosy roommate.
To preserve the secrecy, integrity and availability of your laptop, you could keep it hidden in
your dirty laundry hamper.
But, if your threat model is a mischievous younger sibling who knows your hiding spots,
then you’ll need to do more: maybe lock it in a safe.
In other words, how a system is secured depends heavily on who it’s being secured against.
Of course, threat models are typically a bit more formally defined than just “nosy roommate”.
Often you’ll see threat models specified in terms of technical capabilities.
For example, “someone who has physical access to your laptop along with unlimited time”.
With a given threat model, security architects need to come up with a solution that keeps
a system secure – as long as certain assumptions are met, like no one reveals their password
to the attacker.
There are many methods for protecting computer systems, networks and data.
A lot of security boils down to two questions: who are you, and what should you have access to?
Clearly, access should be given to the right people, but refused to the wrong people.
Like, bank employees should be able to open ATMs to restock them, but not me… because
I’d take it all... all of it!
That ceramic cat collection doesn’t buy itself!
So, to differentiate between right and wrong people, we use authentication - the process
by which a computer understands who it’s interacting with.
Generally, there are three types, each with their own pros and cons:
What you know.
What you have.
And what you are.
What you know authentication is based on knowledge of a secret that should be known only by the
real user and the computer, for example, a username and password.
This is the most widely used today because it’s the easiest to implement.
But, it can be compromised if hackers guess or otherwise come to know your secret.
Some passwords are easy for humans to figure out, like 12356 or q-w-e-r-t-y.
But, there are also ones that are easy for computers.
Consider the PIN: 2580.
This seems pretty difficult to guess – and it is – for a human.
But there are only ten thousand possible combinations of 4-digit PINs.
A computer can try entering 0000, then try 0001, and then 0002, all the way up to 9999...
in a fraction of a second.
This is called a brute force attack, because it just tries everything.
There’s nothing clever to the algorithm.
Some computer systems lock you out, or have you wait a little, after say three wrong attempts.
That’s a common and reasonable strategy, and it does make it harder for less sophisticated
attackers.
But think about what happens if hackers have already taken over tens of thousands of computers,
forming a botnet.
Using all these computers, the same pin – 2580 – can be tried on many tens of thousands
of bank accounts simultaneously.
Even with just a single attempt per account, they’ll very likely get into one or more
that just happen to use that PIN.
In fact, we’ve probably guessed the pin of someone watching this video!
Increasing the length of PINs and passwords can help, but even 8 digit PINs are pretty
easily cracked.
This is why so many websites now require you to use a mix of upper and lowercase letters,
special symbols, and so on – it explodes the number of possible password combinations.
An 8-digit numerical PIN only has a hundred million combinations – computers eat that
for breakfast!
But an 8-character password with all those funky things mixed in has more than 600 trillion
combinations.
Of course, these passwords are hard for us mere humans to remember, so a better approach
is for websites to let us pick something more memorable, like three words joined together:
“green brothers rock” or “pizza tasty yum”.
English has around 100,000 words in use, so putting three together would give you roughly
1 quadrillion possible passwords. Good luck trying to guess that!
I should also note here that using non-dictionary words is even better against more sophisticated
kinds of attacks, but we don’t have time to get into that here.
Computerphile has a great video on choosing a password - link in the dooblydoo.
What you have authentication, on the other hand, is based on possession of a secret token
that only the real user has.
An example is a physical key and lock.
You can only unlock the door if you have the key.
This escapes this problem of being “guessable”.
And they typically require physical presence, so it’s much harder for remote attackers
to gain access.
Someone in another country can’t gain access to your front door in Florida without getting
to Florida first.
But, what you have authentication can be compromised if an attacker is physically close.
Keys can be copied, smartphones stolen, and locks picked.
Finally, what you are authentication is based on... you!
You authenticate by presenting yourself to the computer.
Biometric authenticators, like fingerprint readers and iris scanners are classic examples.
These can be very secure, but the best technologies are still quite expensive.
Furthermore, data from sensors varies over time.
What you know and what you have authentication have the nice property of being deterministic
– either correct or incorrect.
If you know the secret, or have the key, you’re granted access 100% of the time.
If you don’t, you get access zero percent of the time.
Biometric authentication, however, is probabilistic.There’s some chance the system won’t recognize you…
maybe you’re wearing a hat or the lighting is bad.
Worse, there’s some chance the system will recognize the wrong person as you – like
your evil twin!
Of course, in production systems, these chances are low, but not zero.
Another issue with biometric authentication is it can’t be reset.
You only have so many fingers, so what happens if an attacker compromises your fingerprint data?
This could be a big problem for life.
And, recently, researchers showed it’s possible to forge your iris just by capturing a photo
of you, so that’s not promising either.
Basically, all forms of authentication have strengths and weaknesses, and all can be compromised
in one way or another.
So, security experts suggest using two or more forms of authentication for important
accounts.
This is known as two-factor or multi-factor authentication.
An attacker may be able to guess your password or steal your phone: but it’s much harder
to do both.
After authentication comes Access Control.
Once a system knows who you are, it needs to know what you should be able to access,
and for that there’s a specification of who should be able to see, modify and use what.
This is done through Permissions or Access Control Lists (ACL), which describe what access
each user has for every file, folder and program on a computer.
“Read” permission allows a user to see the contents of a file, “write” permission
allows a user to modify the contents, and “execute” permission allows a user to
run a file, like a program.
For organizations with users at different levels of access privilege – like a spy
agency – it’s especially important for Access Control Lists to be configured correctly
to ensure secrecy, integrity and availability.
Let’s say we have three levels of access: public, secret and top secret.
The first general rule of thumb is that people shouldn’t be able to “read up”.
If a user is only cleared to read secret files, they shouldn’t be able to read top secret
files, but should be able to access secret and public ones.
The second general rule of thumb is that people shouldn’t be able to “write down”.
If a member has top secret clearance, then they should be able to write or modify top
secret files, but not secret or public files.
It may seem weird that even with the highest clearance, you can’t modify less secret files.
But, it guarantees that there’s no accidental leakage of top secret information into secret
or public files.
This “no read up, no write down” approach is called the Bell-LaPadula model.
It was formulated for the U.S. Department of Defense’s Multi-Level Security policy.
There are many other models for access control – like the Chinese Wall model and Biba model.
Which model is best depends on your use-case.
Authentication and access control help a computer determine who you are and what you should
access, but depend on being able to trust the hardware and software that run the authentication
and access control programs.
That’s a big dependence.
If an attacker installs malicious software – called malware – compromising the host
computer’s operating system, how can we be sure security programs don’t have a backdoor
that let attackers in?
The short answer is… we can’t.
We still have no way to guarantee the security of a program or computing system.
That’s because even while security software might be “secure” in theory, implementation
bugs can still result in vulnerabilities.
But, we do have techniques to reduce the likelihood of bugs, quickly find and patch bugs when
they do occur, and mitigate damage when a program is compromised.
Most security errors come from implementation error.
To reduce implementation error, reduce implementation.
One of the holy grails of system level security is a “security kernel” or a “trusted
computing base”: a minimal set of operating system software that’s close to provably secure.
A challenge in constructing these security kernels is deciding what should go into it.
Remember, the less code, the better!
Even after minimizing code bloat, it would be great to “guarantee” that code as written
is secure.
Formally verifying the security of code is an active area of research.
The best we have right now is a process called Independent Verification and Validation.
This works by having code audited by a crowd of security-minded developers.
This is why security code is almost always open-sourced.
It’s often difficult for people who wrote the original code to find bugs, but external
developers, with fresh eyes and different expertise, can spot problems.
There are also conferences where like-minded hackers and security experts can mingle and
share ideas, the biggest of which is DEF CON, held annually in Las Vegas.
Finally, even after reducing code and auditing it, clever attackers are bound to find tricks
that let them in.
With this in mind, good developers should take the approach that, not if, but when their
programs are compromised, the damage should be limited and contained, and not let it compromise
other things running on the computer.
This principle is called isolation.
To achieve isolation, we can “sandbox” applications.
This is like placing an angry kid in a sandbox; when the kid goes ballistic, they only destroy
the sandcastle in their own box, but other kids in the playground continue having fun.
Operating Systems attempt to sandbox applications by giving each their own block of memory that
others programs can’t touch.
It’s also possible for a single computer to run multiple Virtual Machines, essentially
simulated computers, that each live in their own sandbox.
If a program goes awry, worst case is that it crashes or compromises only the virtual
machine on which it’s running.
All other Virtual Machines running on the computer are isolated and unaffected.
Ok, that’s a broad overview of some key computer security topics.
And I didn’t even get to network security, like firewalls.
Next episode, we’ll discuss some specific example methods hackers use to get into computer
systems.
After that, we’ll touch on encryption.
Until then, make your passwords stronger, turn on 2-factor authentication, and NEVER
click links in unsolicited emails!
I’ll see you next week.
5.0 / 5 (0 votes)