• Save

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Like this presentation? Why not share!

Digital Self Defense (RRLC version)

on

  • 1,789 views

Digital Self Defense workshop presented to Rochester Regional Library Conference on 10/25/10

Digital Self Defense workshop presented to Rochester Regional Library Conference on 10/25/10

Statistics

Views

Total Views
1,789
Views on SlideShare
1,726
Embed Views
63

Actions

Likes
2
Downloads
0
Comments
0

2 Embeds 63

http://benwoelk.wordpress.com 47
https://benwoelk.wordpress.com 16

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

CC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs LicenseCC Attribution-NonCommercial-NoDerivs License

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Digital Self Defense (RRLC version) Digital Self Defense (RRLC version) Presentation Transcript

  • RIT Information Security 585.475.4122 [email_address] digital self defense
  • Copyright and Reuse
    • The Digital Self Defense logo is the property of the Rochester Institute of Technology and is licensed under the Creative Commons Attribution-Non-Commercial-No Derivative Works 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-nd/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California 94105, USA. To request permission for other purposes, contact infosec@rit.edu.
    • The course materials are the property of the Rochester Institute of Technology and are licensed under the Creative Commons Attribution-Non-Commercial-Share Alike 3.0 United States License. To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/3.0/us/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California 94105, USA. To request permission for other purposes, contact infosec@rit.edu.
  • What we’ll talk about today
    • Basic information and computer security
    • Identity Theft, Phishing and Scams
    • Safe social networking
    • In 2009:
    • The education sector accounted for 20 percent of data breaches that could lead to identity theft during this period, more than any other sector
    • Financial was the top sector for identities exposed, accounting for 60 percent of the total
    • Theft or loss of computer or other data-storage medium was the cause of 20% of data breaches
    • Hacking was the cause of 60%
    • 2,895,802 new malicious code signatures, 51% of all-time total.
    4/10 Symantec Internet Threat Report How Bad is it?
  • General Trends
    • Malicious activity has become Web-based and is shifting to developing countries
      • Malicious PDFs 49% of web-based attacks
    • Attackers targeting end users instead of computers
    • Underground economy consolidates and matures
    • Lowered barriers to entry—crimeware kits
  • Everyone is a target
    • You have access to financial resources
      • Lines of credit
      • Bank accounts
    • You have access to information resources
      • Personal confidential information
      • Employer confidential information
    • You have access to network resources
      • High-bandwidth connections
      • Computing power
  • How Could I Become a Victim?
    • Attacks are complex
    • Software vulnerabilities/configuration errors
      • 4,392 “easily exploitable” vulnerabilities in 2008*
    • Malicious Software/Malware
      • Viruses, worms, spyware, etc.
    • Social Engineering Attacks
      • Phishing scams
      • Target sensitive private information
    *4/09 Symantec Internet Threat Report
  • Malware
    • Keyloggers
      • Steal usernames, passwords, etc.
    • Rootkits and bot software
      • Attackers can remotely control computers
      • Botnets used to send out spam and phishing
    • Spyware and adware
      • Monitor your web activity
    Copyright 2003 D. Seah Bigger than Cheese
  • Botnets & Zombie PCs
    • Large number of “zombie” computers infected with remote control software
    • Send out spam, phishing, malware, in extremely large volumes
    • 75,158 active bot-infected computers daily
    • High-volume attacks
    • Target insecure computers
    • “ Low-hanging fruit”
    Botnet illustration. Retrieved 18 July 2007. www.symantec.com *4/09 Symantec Internet Threat Report
  • Avert Labs Malware Research Retrieved July 24, 2009 from: http://www.avertlabs.com/research/blog/index.php/2009/07/22/malware-is-their-businessand-business-is-good /
  • Social Engineering
    • Aside from malware, people may also try to steal your private information using:
    • E-mails
    • Instant messages
    • Fake websites
    • Phone calls
    • Text messages
    • Face-to-face
  • A Layered Defense
    • Strong Passwords
    • Patching
    • Anti-Virus Protection
    • Firewall
    • Anti-Spyware Protection
    • Physical Security
    • Paranoia & Common sense
  • Passwords
    • Weak passwords can be guessed
      • Automated programs
      • Personal details
    • Use different passwords
      • How many accounts can be accessed with just one of your passwords?
      • Password vaults
  • Passphrases
    • Series of words or a sentence
    • Examples
      • MyT1gerIs0range
      • Ritch1eTh3Tiger
      • Advantages:
    • Easier to remember
    • More secure than short complex passwords
  • RIT Desktop Standard
    • Desktop and Portable Computer Standard requires:
    • Patching/Updating (automatic)
    • Anti-Virus (automatic)
    • Firewall
    • Anti-Spyware
    Lock on keyboard graphic. Retrieved 18 July 2007. http://images.jupiterimages.com/common/detail/43/73/22847343.jpg
  • But I own a Mac…
    • In 2008:
    • Mac OS X had more disclosed vulnerabilities than any other OS*
    • Apple Safari web browser had the longest wait for updates out of all major browsers**
    • Macs are not immune to online threats
    *IBM Internet Security Systems X-Force 2008 Trend & Risk Report **Symantec Internet Security Threat Report
  • Patching
    • 2,134 vulnerabilities in the second half of 2007.*
      • 73% were “easily exploitable”
    • Patches close these vulnerabilities,
    *4/08 Symantec Internet Threat Report
  • Patching/Updating
    • Patching:
    • Fixes “vulnerabilities” in software
    • You need to:
    • Turn on auto-updating (Windows, Mac OS X)
    • Check regularly for application updates (Adobe, Microsoft Office, etc.)
  • Anti-Virus Software
    • Use an anti-virus software such as McAfee, Norton, Avast, AVG, etc.
    • Check with your ISP. They may provide security software, including anti-virus.
  • What Anti-Virus Protects Against
    • Viruses
      • Self-replicating software that attaches itself to other programs and files
      • Moves from program to program, replacing each one with an infected version
    • Worms
      • Self-replicating software that does not need to attach itself to other programs and files
      • Moves from computer to computer over a network, searching for vulnerable hosts
    • Trojans
      • Software that appears to be something harmless (like a game or screen saver), but actually contains malicious code
  • Firewalls
    • Firewalls
    • Monitor and protect network ports
    • Prevent unauthorized connections
    • You must use a firewall
    • Windows XP and Mac OS built-in firewalls
    • Third-party products
    Graphic of fire. Retrieved 18 July 2007. http://www.adrenalin.bc.ca/lazer/pix/firewall_2.jpg
  • Choosing a Firewall
    • Windows XP Firewall
      • Default with SP2
      • Does not block outgoing connections
    • ZoneAlarm Personal Firewall
      • A little more sophisticated
      • Free license for personal use only
    • Router/Wireless Router
      • Does not block outgoing connections
      • Must change wireless router settings to make it secure
  • Anti-Spyware
    • Spyware is:
      • “ tracking software deployed without adequate notice, consent or control for the user.”
    • You need to :
    • Update and scan weekly
      • Automatic-updating and scheduling
    • Use multiple programs
      • http://security.rit.edu/students.html
    Computer ‘Spy’. Retrieved 18 July 2007. http://www.afcea.org/signal/articles/articlefiles/248-HSK_Spyware_computer-spy.jpg
  • How do You Get Spyware?
    • Browser Vulnerabilities
      • Links to malicious sites
      • Following common search terms
    • Bundled with software
    • Malware
      • Disguised as anti-spyware programs or other popular freeware
    Stressed woman photo. Retrieved 18 July 2007. http://www.computermediconcall.com/images/computer-frustration.jpg
  • Limited User Accounts
    • Administrative/root user accounts
    • Unnecessary level of access
    • Limited user accounts can prevent:
    • Many types of malware and spyware/adware
    • Configuration changes
      • Malicious or accidental
    Recommended
  • Physical Protection
    • Never leave your computer or mobile device unattended
    • Lock or log out
      • Set a screensaver password
    • Don’t let others use without supervision
      • Know what devices are registered to your name
    Computer protection image. Retrieved 18 July 2007. http://www.allsquareinc.com/downloads/Love%20My%20Computer.jpg
  • Know Your Computer!
    • Has your computer been acting different than usual?
    • Run anti-virus and antispyware
    • Ask for help
  • Paranoia and Common Sense
  • Identity Theft
    • What’s the problem with this picture?
  • Phishing
    • Purpose
      • “ verify/confirm/authorize” account or personal information
    • Source
      • Appear to come from PayPal, banks, ISPs, IT departments, other official or authoritative sources
    • Tone
      • Appeals to fear, greed, urgency, sympathy
  • Targeted Phishing
    • Sent to a specific community
    • May include personal details
    • Appears official
      • Identical logos, graphics, layout, content, etc.
  • How to Spot and Avoid Phishing
    • Does it seem credible?
      • Misspellings, bad grammar, formatting errors
    • File attachments
      • Is it expected? If not, ignore it!
    • Never respond directly to e-mail requests for private information
      • Verify with company
      • Don’t click on links
        • Type in the web address as you normally would
  • Phishing
  • Phishing Samples (APWG)
  • Phishing Website Tricks
    • Similar names
      • www.eday.com, www.ebay-secure.com, www.paipall.com, www.yafoo.com
    • Use of @ in URLs
      • www.ebay.com/upd @aw-confirm.us/upd
    • Masked URLs
      • http://www.myspace.com/
  • Solutions
    • Education and awareness
      • Because social engineering such as phishing relies on tricking consumers, awareness education is a key component in reducing consumer losses to phishing.
      • A number of government and private entities have created web sites designed to educate consumers about the threats of phishing. These sites include
        • FTC OnGuard Online.
        • Anti-Phishing Working Group
        • MillerSmiles
  • Solutions
    • Safe computing practices provide a strong defense against phishing:
      • Never click on links directly from an email.
      • Use File/Properties to find out which website you are really on.
      • Look for the proper symbol to indicate you’re on a secure web site.
        • Secure web sites use a technique called SSL (Secure Socket Layer) that ensures the connection between you and the web site is private.
        • This is indicated by “https://” instead of “http://” at the beginning of the address AND by a padlock icon which must be found either at the right end of the address bar or in the bottom right-hand corner of your browser window.
        • A padlock appearing anywhere else on the page does not represent a secure site.
  • Solutions
    • Software
      • Although avoiding phishing attempts is typically a matter of following safe practices, there are a number of browser helpers available to help warn you of suspicious web sites.
      • Browser helpers normally work as another toolbar in your browser. Use one or more for your protection.
      • Internet Explorer 8 and Firefox 3 also provide limited protection by denying access to many known phishing sites.
      • Spam filters may also intercept many phishing attempts.
  • Browser extensions
    • Netcraft Anti-Phishing toolbar (for IE & FF)
    • Firefox extensions
      • Adblock
      • Noscript (only trusted domains)
  • Netcraft http://toolbar.netcraft.com/
    • Giant neighborhood watch scheme
      • Blocks reported URLs, it is blocked for community members as they subsequently access the URL.
      • Widely disseminated attacks (people constructing phishing attacks send literally millions of electronic mails in the expectation that some will reach customers of the bank) simply mean that the phishing attack will be reported and blocked sooner.
    • The toolbar also:
      • Traps suspicious URLs containing characters which have no common purpose other than to deceive.
      • Enforces display of browser navigational controls (toolbar & address bar) in all windows, to defend against pop up windows which attempt to hide the navigational controls.
      • Clearly displays sites' hosting location, including country, helping you to evaluate fraudulent URLs (e.g. the real citibank.com or barclays.co.uk sites are unlikely to be hosted in the former Soviet Union).
  • Other Phish/Scams
    • Disaster events
      • Hurricane Katrina
      • Va. Tech shootings
    • Celebrity/popular events
      • Michael Jackson funeral
    • Nigerian 419 Schemes (Advance Fee Fraud)
      • Mutually beneficial business transactions
      • Unclaimed funds
      • Craigslist
      • Lottery schemes
  • Student Identity Theft
    • The 18-29 age group reports more identity theft than any other
    • Shred sensitive documents
    • Thieves want credit, not cash
    • Check your credit rating
      • www.ftc.gov/freereports
      • www.annualcreditreport.com
    • www.ed.gov/misused
  • If You Think You’re a Victim…
    • Reporting identity theft:
    • Law enforcement
    • Your financial institutions
    • Credit bureaus
    • FTC Web site
      • www.idtheft.gov
  • Safer Social Networking
    • Do you use any social networking or blogging websites such as Facebook or MySpace?
  • It’s Harmless, Right?
    • What kinds of things do people typically post?
    • Class schedule
    • New cell phone number
    • Details of upcoming vacation
    • Complaints about a co-worker or manager
    • Story about last weekend’s party
  • Who Else Uses Social Networking?
    • Employers
      • Estimated that up to 75% of employers regularly “google” or “facebook” applicants
    • Identity Thieves
      • Names, birthdays, phone #’s, addresses, etc.
    • Online Predators
      • Schedules, whereabouts, weekend/vacation plans, etc.
    • Facebook Stalker
    • (http://www.youtube.com/watch?v=wCh9bmg0zGg )
  • What You Post Can Be Used To…
    • Make judgments about your character
    • Impersonate you to financial institutions
    • Monitor what you do and where you go
      • Theft
      • Harassment
      • Assault
  • Not YourSpace
    • Would I be comfortable if this were posted on a billboard?
    • The Internet is public space !
    • Search results
    • Photo “tagging”
  • Use Social Networks Safely
    • Do:
    • Make friends
    • Use privacy settings
    • Be conscious of the image you project
    • Don’t:
    • Post personal information
    • Post schedules or whereabouts
    • Post inappropriate photos
  • Paranoia or Common Sense?
    • Guard your personal information!
      • Even less sensitive information can be exploited by an attacker!
      • Don’t post it in public places
      • Know to whom you’re giving it
    • Watch out for Facebook Applications!!
      • A 2008 study found that 90.7% of apps had access to private user data (only 9.3% actually used the data)
    Macbook. Retrieved 18 July 2007. http://s7v1.scene7.com/is/image/JohnLewis/230407880?$product$
  • Phishing on Social Network Sites
    • http://www.markmonitor.com/download/bji/BrandjackingIndex-Spring2009.pdf
  • Is this really your friend?
    • When “friends” ask for money online
    • Do they speak/write like your friend?
    • Do they know any details about you or themselves that do NOT appear on Facebook profile pages?
    • Do they refuse other forms of help, phone call requests, etc.?
    • Just because it is your friend’s account does not mean that it’s your friend!
  • The First Line of Defense
    • Stay alert—you will be the first to know if something goes wrong
      • Are you receiving odd communications from someone?
      • Is your computer sounding strange or slower than normal?
      • Has there been some kind of incident or warning in the news?
    • Do something about it!
      • Run a scan
      • Ask for help
  • For more information
    • Information Security web page http://security.rit.edu
    • RIT Information Security Facebook page
    • Staysafeonline.info
  • Online Phishing Quiz
    • http://www.sonicwall.com/phishing/
  • Questions & Comments
    • [email_address]
    • http://security.rit.edu