Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Technology Computing Conference
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Technology Computing Conference

on

  • 714 views

Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Technology Computing Conference ...

Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Technology Computing Conference

Presenter: Andrew Pond, Palm Beach State College

“Just because you're paranoid doesn't mean they aren't after you”. Ever pause just a moment before clicking past that security warning about an unsafe email? What about installation instructions that explicitly state to turn off your firewall and virus protection? I think, well that can't be right… hmmm. Gain an understanding of which security essentials should be introduced to students. This session will cover best practices that keep your Windows 8 computer safe and survey some of the threats that are directed toward the corporate world. Be prepared for the next tech trivia challenge, when the category covers SSL, IPSEC, Spoofing, Encryption, and more. Between the pop-up alerts on your computer to paranoia from the news, each of us should be thankful that we get through the day without having our identity stolen and our computer destroyed. The TSA thinks we are all safer if we take or shoes off while traveling. Really? Let us not take a similar approach with our own computer security.

Statistics

Views

Total Views
714
Views on SlideShare
714
Embed Views
0

Actions

Likes
0
Downloads
7
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Compusecuraphobia – The Fear of HOPING Your Computer is Secure - Course Technology Computing Conference Presentation Transcript

  • 1. Compusecuraphobia the fear of HOPING your computer is secure
  • 2. Syllabus Objectives • Describe the broad spectrum of cyber threats and how they affect you and your students. • Define essential terminology used in discussing cyber security. • Through discussion, participants will share their experiences concerning data security. • Identify to students using lecture, lab or discussion, three or more data security risks they may encounter. • Describe 3 “best practices” you can use to limit risk from a cyber threat. • Create anti-matter (no… not really). Upon completing this presentation, you shall be able to:
  • 3. Spectrum of threat Personal Global  Virus on my PC  Tracking people  My data stolen Work National  Ineffective/slow computer  Resource usage  Corporate data  Intellectual Property  Infra-structure  Privacy (Personal & Corporate)  Economic impact, piracy, intelligence  Cyberwarfare  Hacktivisim  Financial
  • 4. Purpose of Cyberwarefare attacks • Disable websites and networks • Disrupt or disable essential services • Steal or alter classified data • Cripple financial systems (source: searchsecurity.techtarget.com) Cyberwarfare is Internet-based conflict involving politically motivated attacks on information and information systems.
  • 5. Global Cyberwarefare Examples • Iranian nuclear espionage Stuxnet (June 2010) – ruined appox. 1/5 of their centrifuge systems. (Wikipedia, n.d.); (globalresearch) • "GhostNet“, a spy network, accessed confidential information belonging to both governmental and private organizations in over 100 countries around the world. • In 2007, in Estonia, a botnet of over a million computers brought down government, business and media websites. (searchsecurity.techtarget.com)
  • 6. Hacktivism – “hack” & “activism” • Defacing websites who oppose their ideology. • Development of PGP was in response to bill permitting government to obtain plain text content. (Wikipedia, n.d.) … the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose. (source)
  • 7. Hacktivism examples • During the 2009 Iranian election protests, Anonymous played a role in disseminating information to and from Iran by setting up the website Anonymous Iran; they also released a video manifesto to the Iranian government. • Anonymous - Message to the American People https://www.youtube.com/watc h?v=HrXyLrTRXso • Google helped SayNow and Twitter to provide communications for the Egyptian people in response to the government sanctioned internet blackout during the 2011 protests. The result, Speak To Tweet, was a service in which voicemail left by phone was then tweeted via Twitter with a link to the voice message on Google's SayNow.
  • 8. Domestic Cyber threats • Intellectual Property theft from both government and businesses. (Source: The Dragon and the Computer: Why Intellectual Property Theft is Compatible with Chinese Cyber-Warfare Doctrine) • Infra-structure – electrical grid, water systems, communications, transportation.
  • 9. Malware stories • Target cyber attack – "memory-parsing" software known as a "RAM scraper," -- it steals the transaction data from a credit or debit card's magnetic strip during a brief unencrypted moment in the transaction process . (AP Photo/Steven Senne)
  • 10. Data Security – Surveillance? Privacy? • NSA wireless transmitter NSA’s malware program, codenamed QUANTUM. Uses a secretly installed radio transmitter. Affected computers do not need to be connected to the Internet.
  • 11. Data Security Examples • FBI could remotely and secretly activate video cameras on devices. (From a web article that cites a Washington Post report.) • Students at John Hopkins discovered how to disable the LED on a Mac so that the camera could take pictures without indicating it was on. • Student doctoral research details how he accessed network through a CISCO VoIP phone.
  • 12. Business attacks • Taking over web sites – To harm reputation – To redirect customers – To capture login credentials or financial information • Stealing Intellectual Property or Trade Secrets • Disruption operations both internally and externally, such as with a Distributed Denial of Service (DDoS)
  • 13. Schools & Colleges Data Security • Grade and transcripts modifications Blackboard - Dutch company Online24 reports vulnerability that student could alter grades. (http://www.utwente.nl/onderwijssystemen/nieuwsarchief/ni euwsberichten/blackboard_veiligheid_eng/) • Changes to financial records Unauthorized access to student records
  • 14. Targeting your Devices & Information Motivation for creating malware Outcome Computer action “bragging rights” / name recognition System access or proliferation of malware Obtaining personal data Identity theft / social engineering attacks / account access Using / Controlling computer E-mail SPAM campaigns; DDoS attacks; bot-nets Financial benefit Directs user to buy software to repair / recover Spying / Voyeurism Secretly listen or watch people
  • 15. Description Purposes to create another copy of itself as part of its function. It must be run or executed as code by exploiting a weakness in the OS, a program or trick the user. Analogy As implied by the name, a molecular virus attaches to a healthy cell and injects its viral nucleic acids so that the healthy cell regenerates the virus cell. Malware explained - Viruses
  • 16. Description Appearing as a legitimate program, a Trojan infection installs unwanted, often harmful additional program. Trojans are not self-replicating like viruses. Trojans drop a ‘payload’ – keyloggers, Remote Access Trojans (RATs), back- doors, Internet Relay Chats (IRC). Can be used to create bot-nets. Analogy The threat from the classical “Trojan Horse” was not the horse, but the armies that were inside and released. Malware explained - Trojans
  • 17. Description Worms, similar to viruses, make copies of themselves. However, worm infections do not attach to other programs, requiring you to “run” them. Often Worms will replicate through networks using e-mails. Analogy Tapeworm eggs eaten by flea larvae, in turn create a cyst in flea, ingested by dog during grooming, eggs excreted by dog and cycles again. Malware explained - Worms
  • 18. Spoofing Impersonating another person or web site in an effort to trick someone into giving up information or install some form of malware. Entire web sites have been duplicated and their domain redirected to the false site. Spoofing
  • 19. Phishing Here the sender is targeting a person to give up sensitive information. An e-mail that asks the user to click on a link and verify their login information, but the link is to a spoofed web site. A phone call where the support agent reports that he is with Microsoft and they have detected a problem with the computer and want you to allow them a remote support session to fix it. Phishing
  • 20. Aurora Botnet Fake Malware Alerts Virus repair utility is actually a dropper that creates a bot-net. Description of how the “Aurora Botnet” infected and used other systems. https://blog.damballa.com/archives/tag /aurora-botnet
  • 21. Literacy – learn about the threats; how to minimize exposure; and how to fix if infected. Protect three areas of vulnerabilities 1. Access to your devices – both physically and electronically. 2. Use of security software – Firewall, AV, encryption, backup, system updates, etc. 3. Realize the YOU can be the “weakest link” Register devices; use location apps like “find iPhone” Protection & Solutions
  • 22. Access to your devices • Keep device(s) with you; in a locked/secure area when you are not using them. • Know about the networks you are using – wired, wireless, or both. • Follow “good practices” with regard to passwords. And for sensitive/confidential data, consider multi-factor authentication.
  • 23. Security Software • Anti-Virus – Free ones are good; consider one for mobile devices; Mac and iPhone have low risk, but viruses are possible. • Anti-Spyware – spyware can slow down a computer; threats are not usually as severe.
  • 24. What is a Firewall and why do I need it? Simplify the function of your firewall to be that of a security guard at the entrance to a community. Your cars get a sticker which tells the guard it is OK to let you by. And perhaps there is the local pizza guy or a friend can come in, but you need to let the guard know and provide him a name or number. The security would not work if you agreed to mail out access stickers to someone who sent you an email saying they wanted to drop off a package. Data traffic uses TCP/IP communication protocols with port numbers to communicate with software services. The firewall uses rules and, at times, behaviors to determine which connections should be allowed.
  • 25. Backup (Most ignored advice) • Malware attacks quite often result in a loss of data. Either the files are deleted or infected or the drive needs to be erased to fully clean the system. • Backup strategies that work best involve: – Automated scheduled backups… local or in the cloud. – Periodic full backups to an alternate location (to protect against corrupt backups being unusable). – Password protect and for sensitive data; encrypt.
  • 26. Encrypting Data • Making data unreadable except by the encryptor • Used for data “in transit” (being transferred) or “at rest” (stored) • cryptographic algorithms (you may see these along the way – only a sampling) – AES (Advanced Encryption Standard) – SHA (Secure Hash Algorithm) – DSS (Digital Signature Standard)
  • 27. Encryption basics • A cipher is used in an algorithm to code the message. As a simple example, shift three letters down the alphabet. • “Hello” becomes “Khoor” • The cipher is the key.
  • 28. Using encryption keys • Send your lock to me open; I put my stuff in, lock it, and send it back to you. You use your key to open and access. • The process: – Two “keys” are made, one public; one private. – Files can be encrypted with the public one. – Only the holder of the private key can decrypt.
  • 29. Public Key - aka Asymmetric cryptography  It is "impossible" (computationally unfeasible) for a properly generated private key to be determined from its corresponding public key.  Keys are used to encrypt files or validate digital signatures.
  • 30. Digital signatures • Validates the originator or the sender – ensures three aspects of data security: – Authentication Verifies the identity of the sender. – Non-repudiation One cannot claim the data has changed. – Integrity Message was not altered in transit.
  • 31. Internet Protocol Security (IPSec ) • IPSec is a general-purpose security technology (protocol) that can be used to help secure network traffic in many scenarios. • Operates below the “application” layer in the protocol stack at the Internet Layer. Secure Sockets Layer (SSL), Transport Layer Security (TLS) and Secure Shell (SSH) operate in the “Application” layer. • Handles authenticating and encryptingeach IP packet of a communication session. • Establishes mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. • IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).[1] • Applications do not need to be specifically designed to use Ipsec because they sit “a top”. (Source: Wikipedia.org)
  • 32. System Updates • Windows Updates. • Virus Database updates. • Application updates and patches.
  • 33. Protecting you from… you • Getting tricked by phishing scams. • Opening malware in e- mails. • Downloading & installing “free” software or utilities. • Poor passwords management. • Securely disposing of old equipment. • Not aware of or ensuring use of secure protocols (e.g. https, SSL, SSH) • Backup strategy missing or weak.
  • 34. Social Engineering • social engineering hacker— someone who tries to gain unauthorized access to your computer systems • Tailgates past security door. • Distracts user away from computer so that malware can be installed. • Collects organizational information to engage in credible discussions about getting access.
  • 35. How to remove threats • Turn-off or disconnect to prevent further loss (consider backing up data before repairs) • Using another device, “Google” symptoms • Boot off a Rescue CD or USB (free downloads) • Safest is to recover, restore image or reinstall.
  • 36. Approaches to secure environments • Use of UAC on a PC and other security settings. • Browser security settings. • Use of a “sandbox” and/or virtual machines. • Programs that reboot to stored image – Deep Freeze. (Mac & PC) • Boot from IDP or utility CD/DVD, Linux OS; does not mount C: drive; support Internet. • Monitor updates of virus protection and system. • Periodically scan from rescue CD. • Regularly create a System Images along with any needed support files. • Test your “Restore” process – many backup programs create proprietary files and incremental files.
  • 37. Security Essentials for Students • Cloud apps and storage – Their data is outside their control, on another device – Typically not encrypted • Being connected is a MUST - trying to get Internet access often leads one to compromise good practices. • Using public wi-fi. It can be easily monitored, “sniffed”. • Use trusted software and utilities. Avoid temptation to download “free” – programs, utilities, movies, music, etc.
  • 38. Students continued • College security and use policies can be restrictive – students may get frustrated or inadvertently violate. • Class requirements, downloads. Are the class downloads virus free? • Practice safe sex computing – a practical comparison. • USB passed around or left in the classroom – was it left on purpose for someone to think they got a free USB? • Phones can make an unsecured ‘hotspot’.
  • 39. Can a Mac get a Virus? • Good article on Macs and viruses. (Jan 5, 2013) http://www.speedupmypcfree.com/blog/should-you- install-antivirus-on-your-mac/ • Do I need virus protection on a Mac? Most users do not need antivirus software on their Mac.
  • 40. Past Apple Troubles • Apple admits to infections http://www.speedupmypcfree.com/blog/apple-finally-admits- defeat-acknowledges-that-pc-viruses-can-infect-macs/ • Flashback virus – The Flashback virus was able to steal the personal data of many of these Mac users by redirecting them to malicious websites on search engine results pages.
  • 41. Smartphone malware • The malware targeting mobile devices mirrors the malware commonly found on infected desktops and laptops – backdoors, Trojans and Trojan- Spies. The one exception is SMS-Trojan programs – a category exclusive to smartphones. • The threat isn’t just growing in volume. We’re seeing increased complexity too. In June we analyzed the most sophisticated mobile malware Trojan we’ve seen to-date, a Trojan named Obad. This threat is multi-functional: it sends messages to premium rate numbers, downloads and installs other malware, uses Bluetooth to send itself to other devices and remotely performs commands at the console. This Trojan is also very complex. The code is heavily obfuscated and it exploits three previously unpublished vulnerabilities. Not least among these is one that enables the Trojan to gain extended Device Administrator privileges – but without it being listed on the device as one of the programs that has these rights. This makes it impossible for the victim to simply remove the malware from the device. It also allows the Trojan to block the screen. It does this for no more than 10 seconds, but that’s enough for the Trojan to send itself (and other malware) to nearby devices – a trick designed to prevent the victim from seeing the Trojan’s activities. • Obad also uses multiple methods to spread. We’ve already mentioned the use of Bluetooth. In addition, it spreads through a fake Google Play store, by means of spam text messages and through redirection from cracked sites. On top of this, it’s also dropped by another mobile Trojan – Opfake. • The cybercriminals behind Obad are able to control the Trojan using pre-defined strings in text messages. The Trojan can perform several actions. including sending text messages, pinging a specified resource, operating as a proxy server, connecting to a specified address, downloading and installing a specified file, sending a list of apps installed on the device, sending information on a specific app, sending the victim’s contacts to the server and performing commands specified by the server. • The Trojan harvests data from the device and sends it to the command-and-control server – including the MAC address of the device, the operating name, the IMEI number, the account balance, local time and whether or not the Trojan has been able to successfully obtain Device Administrator rights. All of this data is uploaded to the Obad control-and-command server: the Trojan first tries to use the active Internet connection and, if no connection is available, searches for a nearby Wi-Fi connection that doesn’t require authentication.
  • 42. Smartphone & Tablets • Android – 98.05% of mobile malware found this year targets this platform. (Source) • Only download from a trusted store.
  • 43. Protecting windows 8 • Microsoft link to protecting your PC • PCWorld article on anti-virus for Windows 8 • Bitdefender Antivirus comparison list http://share.inpwrd.com/r9jo Generally much of the same topics already presented. (I wanted to include the links in the presentation stack.)
  • 44. Did we meet the objectives?  Survey of cyber threats.  Essential terminology.  Discussion of experiences.  Advice to give students for data security.  “best practices” to reduce risk and resolve issues.
  • 45. Contact Information for Andrew Pond COLLEGE: PALM BEACH STATE COLLEGE PONDA@PALMBEACHSTATE.EDU BUSINESS: PRECEPTS EDUCATION CORP. & PRECEPTS COMPUTING APOND@PRECEPTSCOMPUTING.COM