Itsa end user 2013


Published on

Security Awareness for End-User

  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • Anda tidak boleh memegang firewall dan sistem pengesanan pencerobohan bertanggungjawab. Anda hanya boleh memegang RAKYAT bertanggungjawab
  • One of the most common causes is physical failure of the media the data is stored on. You probably have everything saved on your PCs hard drive. That hard drive will not live forever. Hard drives, where all of your files are stored on your computer, contain moving parts. Over time, those moving parts wear out and fail. If it is a catastrophic physical failure, it may be impossible for any files to be recovered from the hard drive.Another bad storage media are floppy disks. They are good for temporary storage and maybe transporting information, but not for permanent data storage. When they needed to access it that the floppy was bad and the data inaccessible. Another possible cause for data loss is power failure or spikes. It can result in loss of the document you are currently working on because you did not save it before the power failed and your PC shut down, or in loss of your entire hard drive .Data loss through virus attacks. There are plenty of nasty computer viruses out there that will delete files on an infected machine.
  • Itsa end user 2013

    2. 2. COURSE MODULES Module 1 •Information Security Basics Module 2 •General Security Threats and Its Counter Measures AM Module 3 •Online Security Threats and Its Counter measures Module 4 •Incident Handling and Reporting PM
    3. 3. OTHER EXPECTATIONS There will be “NO” practical session through out the Information Security Awareness Training – End Users
    5. 5. WHY ARE YOU HERE?! RECOGNIZE • What types of security issues and incidents KNOW • Which actions to take in the event of security breach IDENTIFY • The major sources of security vulnerabilities LEARN • Security precautions BECOME • A reliable source for security information BE PREPARED • To Protect, Detect, React when incident occur
    6. 6. COURSE MODULES • Information Security BasicsModule 1 • General Security Threats and Its Counter MeasuresModule 2 • Online Security Threats and Its Counter measuresModule 3 • Incident Handling and ReportingModule 4
    7. 7. INFORMATION SECURITY BASICS COVERS… Module 1 + Real World Security Threats + What Is Information Security? + Security Policy + Brunei‟s Law: The Computer Misuse Act
    8. 8. REAL SECURITY THREATS Module 1 2 Brunei Govt Agencies Likely Victims of Cyber Espionage March 31st 2009 ( Two Brunei government agencies could be among the victims of the latest international cyber-espionage network which has managed to hack into the computer systems of governments and private organizations around the world, gaining access to classified documents and other information, according to a report by Canadian researchers released yesterday. RTB News Site: Hacked by Kosova Hackers Group October 17th 2009 ( RTB News site was hacked by hackers claiming themselves as Albanian Cyber Warriors. As of 5:50 am the “BSP launched virtual Office – KACALIMA” headline was changed to “Hacked By Kosova Hackers Group”. Be Wary of New Telephone Scam February 25, 2010 (Borneo Bulletin) Bandar Seri Begawan - A new telephone scam has emerged in the country and this time the crooks are using name of financial institutions to try to make a quick buck.
    9. 9. REAL SECURITY THREATS Module 1
    10. 10. REAL SECURITY THREATS Module 1 Real Security Threats
    11. 11. REAL SECURITY THREATS Module 1
    12. 12. The Attacks (Airlines) REAL SECURITY THREATS Module 1
    13. 13. The Attacks (ATM Machines) REAL SECURITY THREATS Module 1
    14. 14. The Attacks (Websites) REAL SECURITY THREATS Module 1
    15. 15. The Attacks (Password) REAL SECURITY THREATS Module 1
    16. 16. REAL SECURITY THREATS Module 1 + Increasing number of attacks + Security exploits spread in minutes and hours rather than days or weeks + “Script Kiddies” have access to sophisticated tools + Serious hackers have even better tools + Falling prey to scam and phishing
    17. 17. CLASSIFICATION OF THREATS Module 1 INTENTIONAL + Destruction + Sabotage + Vandalism + Fraud + Espionage + Malware + Vengeful Acts UNINTENTIONAL + Negligence + Ignorance + Accidents, Errors + Technical Failures + Acts of God/ Nature
    18. 18. WHAT IS INFORMATION SECURITY? Module 1 “ Information security is all about protecting the Confidentiality, Integrity, and Availability of information “
    19. 19. WHAT IS INFORMATION SECURITY? Module 1 Communications + Conversations − Telephone − Cell phone − Face to face + Messages - Email - Fax - Video - Instant - Physical Electronic Files + Software files + Data files Paper Documents + Printed materials + Hand written notes + Photographs Recordings + Video recordings + Audio recordings
    20. 20. INFORMATION CLASSIFICATION Module 1 PUBLIC INTERNAL USE CONFIDENTIAL RESTRICTED RISK LEVEL NONE ROUTINE MODERATE GREATEST SENSITIVITY LEVEL OPEN OR UNCLASSIFIED LOW-MEDIUM HIGH HIGH-CRITICAL EXAMPLES + Marketing brochures + Published annual + Interviews with news + Press releases + Employee Handbook + Telephone Directory + Organization Charts + Policies and Standards + Personnel records + Customer records + Unit business plans + Budget information + Strategic Plans + Online access codes such as passwords or pins + Credit card listings
    21. 21. INFORMATION SECURITY ASSURANCE Module 1 + Information is an important strategic and operation asset. + Damages and misuse of information may have disastrous consequences to the entire organization + The advent of internet and networking capabilities has made access to information much easier.
    22. 22. A LAYERED APPROACH TO SECURITY Module 1 SECURITY PEOPLE POLICIESTECHNOLOGY + Culture of Security + Nurturing Security Responsibility + Rewarding reform and participation + Experience + Training an education + Encryption + Authentication + Firewall + Security Camera + Processes of Security + Rewards and penalties + Acceptable use
    23. 23. SECURITY POLICY Module 1 The set of laws, rules, and practices that regulate how an organization manages, protects, and distributes sensitive Information.
    24. 24. COMPLIANCE TO SECURITY POLICY Module 1 + To protect information assets + To provide a framework and set the information security goals for an organization to work towards success + Help to reduce risks + Help to keep your job
    25. 25. The Consequences POOR SECURITY Module 1 + Kills your productivity + Damage files + Expose computer‟s contents + Lose control over your computer + Lose Reputation and Trust + Your personal information and privacy may be compromised
    26. 26. BRUNEI’S LAW Module 1 His Majesty the Sultan and Yang Di-Pertuan hereby declares Computer Misuse Order 2000 conferred by subsection (3) of section 83 of the Constitution of Brunei Darussalam. Subjected Offenses + Unauthorized access to computer material + Access with intent to commit or facilitate commission of offence + Unauthorized modification of computer material + Unauthorized use or interception of computer service + Unauthorized obstruction of use of computer + Unauthorized disclosure of access code
    27. 27. FINE QUOTE Module 1 You can't hold firewalls and intrusion detection systems accountable. You can only hold PEOPLE accountable. Daryl White, DOI CIO
    28. 28. ANY QUESTION? Module 1
    29. 29. COURSE MODULES • Information Security BasicsModule 1 • General Security Threats and Its Counter MeasuresModule 2 • Online Security Threats and Its Counter measuresModule 3 • Incident Handling and ReportingModule 4
    30. 30. GENERAL SECURITY THREATS & ITS COUNTERMEASURES COVERS Module 2 + Physical Security – Workplace Security and Personnel Risk + Social Engineering & Identity Theft + Securing Classified Information + Protecting Portable Data & Devices + Data Backup & Media Sanitization + Software Piracy and Copyright Infringement
    31. 31. Unauthorized Entry WORKPLACE SECURITY ACCESS CONTROL Module 2 + Tailgating When an unauthorized person enters a secure area by following closely behind an authorized cardholder. + Piggybacking When an authorized person gains access to a secure area and allows others to follow e.g. by holding open a secured door.
    32. 32. WORKPLACE SECURITY BEST PRACTICES Module 2 + Post a security guard at the main building entrance or at entrances to specific offices. + Install a metal detector or CCTV (closed-circuit television) camera or other device to monitor people coming in all building entrances. + Ensure the office area to be secured against unauthorized person, e.g. by digital lock door, swipe card access, security cameras, alarm system, etc. + Have staff follow strict access control procedures, don' t allow exceptions.
    33. 33. WATCH WHO’S COMING Module 2 + GUESTS must be checked in/out and escorted through the proper procedures. + Politely ask anyone suspicious “May I help you?” + REPORT any suspicious unescorted person or stranger at once. + DO NOT LEND the keys to your office or your access card to anyone. + ID Badges worn at all times in visible location.. + PREVENT access of unauthorized visitors (tailgating and piggybacking). + REVOKE access immediately when an employee or contractor is terminated or leaves for any reason
    34. 34. PERSONNEL RISK: THE INSIDER Module 2 + Insider Attacks are More Likely to be Successful + Insider is indispensable because knowledge of critical system + Preparing for an Insider Attack is “Uncomfortable” + The Insider Threat the Greatest Challenge
    35. 35. WHO ARE THE INSIDER?? Module 2 + Employees (Disgruntled, Paid informants, Coerced, Former) + Contractors + Business Partner + Subcontractor + Consultants
    36. 36. WHAT THEY CAN DO?? Module 2 + Attack the network + Attack the information + Export the information + Allow others to have access
    37. 37. WHAT YOU CAN DO? Module 2 ASK…. + for identification + for a number where you can return their call + them why they need this information + them who has authorized the request and let them know that you will verify the authorization
    38. 38. WATCH FOR THESE BAD GUYS Module 2 + Shoulder Surfing Looking over someone‟s shoulder when the enter password or PIN Code + Dumpster Diving The active search for interesting stuff that others have thrown away
    39. 39. DEALING WITH THREATS Module 2 + Lock or shut down your workstation when you‟re away. + No sensitive information is kept visible on the desk. + Never share or lend password. + Gossip is often considered harmless, be conscious of what you are talking about. + If happen to be visited by clients, the computer display must not be visible to them.
    40. 40. SOCIAL ENGINEER: GET TO KNOW HIM… Module 2 + A SOCIAL ENGINEER is a person who will deceive or con others into divulging information that they wouldn‟t normally share. The goal of social engineering is to trick someone into providing valuable information.
    41. 41. TYPES OF SOCIAL ENGINEER Module 2 Computer Based + Spyware + Spam + Spoof Websites + Hoaxes Human Based + By Phone + Impersonation - Important user - Techs support - Important person
    42. 42. IDENTITY THEFT Module 2 + Identity theft is when criminal obtains and uses a consumer‟s personal information for his/her fraudulent usage.
    43. 43. HOW DO THEY DO IT? Module 2 Using LOW and HIGH tech methods : + Shoulder surfing at ATMs + Steal your mail + Dumpster diving + Checking credit card mail
    44. 44. SIMPLE WAYS TO PROTECT YOURSELF Module 2 + Destroy private records and statements + Secure your mail + Safeguard your smart ID number + Do not leave a paper trail + Know who you are dealing with + Be more defensive with personal information + Monitor your credit transaction/ review the statement carefully
    45. 45. SECURING CONFIDENTIAL INFORMATION Module 2 + Make sure NOT to save it to default location. + ENCRYPT all confidential information (with the help of your IT support). + Arrange professionally administered and regular backups. + Store printed/media containing CONFIDENTIAL information in locked file cabinets or drawers. + LIMIT access to the file cabinets or drawers if possible even to the storage area. + Computer SHOULDN‟T be left logged on when unattended, please enable your screen-password or lock your account.
    46. 46. PROTECTING PAPER DOCUMENTS Module 2 + Don't leave sensitive documents in clear sight in work areas. + When printed, should be cleared from printers immediately. + Shred sensitive documents when they are no longer needed. + Don’t make unnecessary copy of the documents + Don't leave the originals after using photocopier, fax machines, etc.
    47. 47. PROTECTING PORTABLE DEVICES Module 2 + Laptop or portable devices are largest security threat. + The characteristics of these devices contribute to be the target of thieves. + Exposure of critical information. + Sensitive data is also often carried on portable devices. + Theft or stolen devices +Subject to theft or loss of data. Account Numbers? Password of your ATM?
    48. 48. PORTABLE DEVICES: PHYSICAL SECURITY Module 2 + NEVER leave any media unattended. + PUT all media contain important data in a safe place. + If you must leave it in a car - put it in the TRUNK. + Use a CARRYING CASE + LOCK it in a desk or in an office that can be locked. + Buy a CABLE LOCKING device for laptop and use it!
    49. 49. PORTABLE DEVICES: DATA SECURITY Module 2 + CONSIDER to store important data to a different location. + ENABLE screen-saver password control. + Multi Factor Identification access measures i.e. Fingerprint, face Recognition and etc. + Regularly BACK UP data.
    50. 50. DATA BACKUP Module 2 + Use other RELIABLE media such as external H/D, CD/DVD Rom, USB drive. + Another way is to back up to your ANOTHER hard drive. + It is NOT advisable to put your data to an “online” backup storage. + It‟s a BAD idea to back up to your floppy disks. + MUST TEST for restoration after backup. + Backup your data REGULARLY!
    51. 51. WHY SHOULD I ?? Module 2 + User error (deliberately or not). + Hardware failure and software failure. “There are only two types of hard drives - the ones that have failed and the ones that will fail.“ + Never keep your data to a temporary storage for too long E.g. Floppy disks is good temporary storage media but not for permanent data storage. + Possible cause for data loss is power failure or spikes. + Data loss through virus attacks.
    52. 52. MEDIA SANITIZATION & INFORMATION DISPOSITION Module 2 + It is the process for removing confidential data from storage media, with reasonable assurance that the data cannot be retrieved and reconstructed. Why? + Eliminating the risk of data falling into the wrong hands + Protecting confidential information + Re-usable Media
    53. 53. MEDIA SANITIZATION METHODS Module 2 + Overwriting Using a program to write onto the media where it is common practice to overwrite the media three times. + Degaussing Magnetically erasing data from magnetic media + Destruction Shredding or burning media.
    54. 54. SOFTWARE PIRACY AND COPYRIGHT INFRINGEMENT Module 2 + Copyright Infringement The unauthorized duplication of copyrighted material, such as books, music, movies, artwork, photographs, and other types of intellectual property, as such materials are known. + Software Piracy Unauthorized copying, distributing or downloading of copyrighted software.
    55. 55. WHAT YOU SHOULD KNOW Module 2 + 3 categories of software licenses i.e., Freeware, Shareware and Commercial. + Software piracy contributes to lost sales, jobs, wages. + Unlicensed software is one of the prime sources of computer viruses. + No warranties or support for unlicensed software. + Can put yourself and company at risk by pirating a product protected by copyright law. + When software is copyright-protected, and the copyright is enforceable for 95 years. + SOFTWARE PIRACY IS ILLEGAL AND THEFT!
    56. 56. PENALTIES Module 2 In most countries, organizations can be held liable when employees copy or download unauthorized software. + Penalties include damages, fines and even criminal sentences + In the United States, infringers face civil damages up to $150,000 for each program copied
    57. 57. WHAT YOU SHOULD DO?? Module 2 + OBEY to policy! + ENSURE that you only obtain software through APPROVED methods and install it in accordance with LICENSING of the specific software. + If you are NOT the copyright owner, you MAY NOT copy, distribute, modify, or display it. + DO NOT share any copyrighted materials unless you have permission to do so!
    58. 58. Module 2 If commercial software is not an option, Go for OPENSOURCE Opensource = Freebies
    59. 59. CASE STUDY Module 2 The left one is genuine
    60. 60. ANY QUESTION? Module 2
    61. 61. COURSE MODULES • Information Security BasicsModule 1 • General Security Threats and Its Counter MeasuresModule 2 • Online Security Threats and Its Counter measuresModule 3 • Incident Handling and ReportingModule 4
    62. 62. USE OF COMPUTER & INTERNET COVERS Module 3 + Securing your Computer + Email Safety Practices + Internet Security Threats & Its Countermeasure
    63. 63. SECURING YOUR COMPUTER Module 3 From What and Who? + Hackers + Malware : - Viruses and worms - Trojan horse - Spyware - Botnet/Zombies - Rootkit - Phishing + Digital download and file sharing
    64. 64. WHO ARE THEY? Module 3 + HACKER : Intruder and Criminal + HACKER : Script Kiddies + HACKER : Brilliant Programmer + HACKER : Security Expert
    65. 65. MALWARE Module 3 + Short for MALicious softWARE, software designed specifically to damage or disrupt a system, malware includes computer Viruses, Worms, Trojan horses, Spyware, Rootkit, etc.
    66. 66. VIRUSES Module 3 + Old “traditional” viruses usually require human interaction. - E.g. by clicking the attachment + Typically just attach themselves to programs & documents, and then depend on humans to propagate. + It exhibit many different symptoms + This is changing…
    67. 67. WORMS Module 3 + Slow down networks and Internet + Sasser, Blaster are examples + Scary part – often autonomously without human intervention + Replicated Automatically without human help + Spread because of vulnerability or „holes‟ in software
    68. 68. TROJAN HORSE Module 3 + Program that appears to be a “good” program, but isn‟t. + Might do what it is supposed to, plus more! + They are not self-replicating but if infected it allow to download other malware.
    69. 69. WELL KNOWN TROJAN HORSES Module 3 + Back Orifice 2000 (BO2K) + SubSeven + NetBus + Ghost Rat (used in GhostNet “cyber spying” operation)
    70. 70. BEHIND GHOSTNET MALWARE Module 3
    71. 71. SPYWARE Module 3 + Software that collects information about you. + Related to ADWARE = „Advertising Software‟ + Example: Toolbar programs - Once the toolbar program is installed, it can collect anything it wants to. - Record websites, names & passwords + Even if you remove them, they leave “bread crumbs” so that they re-install themselves.
    72. 72. HOW DO YOU GET INFECTED?? Module 3 + Downloading unknown file attachment + Illegal copies of software + Freeware/shareware and bulletin board programs + Infected disks from shops + Introduction of viruses to shared systems (networked)
    73. 73. COMMON GIVEAWAYS Module 3 + Strange behavior on computer system which was previously OK. + Can cause system unstable; - Blue Screen of Death - Error when attempt to shutdown or reboot your computer + Bad network traffic is detected.
    74. 74. HOW TO PREVENT Module 3 + Don’t open/answer or forward unexpected email attachments Delete Immediately. + Click “CANCEL" (instead of "ok") or close unexpected dialogue boxes when using the web. + Run antivirus & antispyware software which is automatically updated*. + Don't copy or run software from non-trusted sources. + Choose secure passwords and change them regularly. + Keep your operating system and software UP-TO-DATE * + Protect your system by firewall* + Keep backups of your important stuff*
    75. 75. SCAM & PHISHING Module 3 + Phishing is a fraudulent attempt, usually made through email, to steal your personal information. + Phishing emails usually appear to come from a well-known organization and ask for your personal information such as: - Credit Card Number - Account Number & Password + Often times phishing attempts appear to come from sites, services and companies with which you do not even have an account.
    76. 76. SCAM & PHISHING Module 3
    77. 77. PASSWORD MANAGEMENT Module 3
    78. 78. WHY NEED A STRONG PASSWORD?? Module 3 Problem/Dilemma: + User need to remember + It‟s transferable + Easy to guess + Not secure + Employing identical password
    79. 79. HOW TO CREATE A STRONG PASSWORD?? Module 3 + Be 6 to 10 characters in length + Combination of - capital letters (A…Z) - lower case letters (a…z) - numbers (0-9) - special characters (!, *, &, %, $, #,@) + Not based on a dictionary word, a proper name, or dates + Be a short phrase (such as Up&AtM@7!) + Make an easy to remember password + Don‟t make it so obvious for - e.g. car plate no., your nickname, your daughter / son‟s names
    80. 80. METHODS OF PASSWORD CONSTRUCTION Module 3 THE VANITY PLATE I feel great If33lg8! Indomee are # 1 1nd0m33R#1 COMPOUND WORDS Belacan Hitam B3l@c@nH!+@M Cacah Tempuyak C@c@h+3mpuy@k PHRASES Mun paham bisai M&P4mB5@! Jack and Jill went up the hill to fetch a pail of water J&Jwu+h2f@p0W
    81. 81. WAYS TO STEAL YOUR PASSWORD Module 3
    82. 82. MANAGING YOUR PASSWORD Module 3 + DO NOT SHARE your password with anyone, anytime! + NEVER TO WRITE your password on any papers. + If you ever receive a telephone call from someone claiming to need your password, REPORT it immediately. + When you receive technical assistance, ENTER YOUR PASSWORD YOURSELF. Do not reveal it. + BE CAREFUL about typing your password into a strange computer, a strange program, web site, or server. + DO NOT USE the same password & REPLACE Your Strong Password When It Wears Out + If you have to keep it somewhere, make sure to keep it in a SECURE LOCATION.
    83. 83. EMAIL THREAT Module 3 + Email can be forged + Attachment with malicious contents + Email viruses + Hidden file extensions + Spam + Scam and Phishing + Hoaxes or urban legend
    84. 84. SPAM MAIL Module 3
    85. 85. EMAIL HOAX Module 3
    86. 86. ESSENTIAL EMAIL ETIQUETTE Module 3 + Use an appropriate subject. + Address recipients properly. + To protect their privacy, enter their address in the “BCC”. + Use an appropriate tone. + Avoid irony and sarcasm. + Re-read your message before sending. + Keep message brief and to the point.
    87. 87. SAFE EMAIL PRACTICES Module 3 + NEVER forward chain and unsolicited mail. + NEVER use personal email for corporate use. + WATCH OUT for internet hoaxes and computer virus myths. + DON’T forge messages. + DON’T forward emails unless with authorization. + DO NOT click on a suspicious link. In some cases, doing so may cause malicious software to be downloaded to your computer. + DELETE the suspicious email message.
    88. 88. DEALING WITH ATTACHMENTS Module 3 + KNOW your sender! + WATCH OUT for these kinds of extensions : .bat , .com , .exe , .vbs, .Zip, .Pif and .Scr. + BEWARE of the double extension for e.g. mypic.jpg.vbs + Scan with UPDATED anti-virus before you open any attachments. + AVOID sending attachment if the information can be typed in. + Best to send as TEXT rather than .doc + Apparently safe file types include .GIF, .JPG,.TIF,.BMP,.MPG,.AVI, .TXT, .PDF,.RTF
    89. 89. INTERNET SECURITY THREATS & ITS COUNTERMEASURES Module 3 Popular Features: + World Wide Web + Email + Online Shopping + Social Network Service + Video-Conferencing
    90. 90. WEB BROWSING Module 3 + Pop-ups When browsing to certain sites, another browser window appears as a pop- up (sometimes without a frame or controls). + Cookies Keep information about your sessions with websites. They are little files placed on your computer by the website host. + The Cache (Temporary Internet Files) When browsing, copies of pictures and web pages are copied to your local machine in the cache, a folder for temporary Internet files
    91. 91. CLEAN YOUR BROWSER Module 3 + Use a pop-up blocker in conjunction with your browser. + Clear cookies from the browser regularly. + The cache may be purged (emptied) regularly, if you wish.
    92. 92. CLEAN YOUR BROWSER Module 3 Online Shopping benefits + You don‟t need to go anywhere + The Internet is always open - 24 x 7 + Bargains can be numerous online GOOD deals + Convenient
    93. 93. SPOT THE DIFFERENCE Module 3
    94. 94. HHMMMM…. Module 3 ?
    95. 95. TIPS FOR SAFE SHOPPING Module 3 + USE a secure browser + Shop companies you KNOW + Keep password PRIVATE + Pay by CREDIT or CHARGE card + Print a COPY of your order + Review the RETURN policy + Watch out for HIDDEN cost + Be SKEPTICAL
    96. 96. THE DANGER OF ONLINE COMMUNICATION Module 3 + Identity can be mysterious + You don‟t know who else might be seeing the conversation + Vulnerable to certain attacks + Software contain vulnerabilities + Inappropriate security settings
    97. 97. SOCIAL NETWORK SERVICES Module 3 A social network service focuses on building online communities of people who share interests and/or activities, or who are interested in exploring the interests and activities of others. Most social network services are web based and provide a variety of ways for users to interact, such as e-mail and instant messaging services.
    98. 98. PROS OF SOCIAL NETWORKING SERVICE Module 3 + Encourage new ways to communicate and share information. + Business decision makers are now preferring communication channels that are two-way dialogs, channels that resemble social networking applications. This is a great way for businesses to advertise their products. + Social networking allow us to identify and connect to friends and strangers.
    99. 99. CONS OF SOCIAL NETWORKING SERVICE Module 3 + Invasion of Privacy + Potential for misuse + Risk for child safety + Vulnerable to any attacks
    100. 100. CYBER CRIME Module 3 Even more dangerous: + Cyberstalking + Cyberbullying + Cyberharrassment
    101. 101. COMMUNICATE SAFELY Module 3 + Be conscious of what information to reveal, never give out personal information about yourself. + Verify identity of the person you talking to. + Never believe everything you read. + Don’t respond to flaming, if situation become hostile, log off or surf elsewhere. + Use genderless screen name. + Posting makes your email public.. + If someone makes threat, report to moderator or website operator. + Never confront stalker/harasser.
    102. 102. IF IT GETS WORSEN… Module 3 + Save evidence + Try to identify the culprit + Contact police if there are threats of violence, extortion or sexual exploitation.
    103. 103. CASE STUDY Module 3 You have logon to a terminal with your own password but then your colleague need to use the pc urgently. Will you let him use the terminal without logging off? What should you do?
    104. 104. ANY QUESTION? Module 3
    105. 105. COURSE MODULES • Information Security BasicsModule 1 • General Security Threats and Its Counter MeasuresModule 2 • Online Security Threats and Its Counter measuresModule 3 • Incident Handling and ReportingModule 4
    106. 106. EMERGENCY! WHAT TO DO? Module 4 + Don‟t Panic + Never pull the plug or shutdown the computer. + Start taking notes. + Notify upper management/IT department. + Call in the CERT team. + Someone in the company should be the point person in case the public becomes aware of the situation. + Give support to your CERT. + Conduct briefings and meetings after the clean-up.
    107. 107. TYPES OF INCIDENT BASED ON SEVERITY Module 4 + LOW Loss of passwords, unauthorized sharing of passwords, successful/unsuccessful scans/probes, hardware misuse. + MEDIUM Property destruction, illegal download of music/files or unauthorized software, unauthorized use of system for personal data, acts by disgruntled employees, illegal hardware access/trespass, theft (minor). + HIGH Child pornography, pornography, personal theft, property destruction, break- in, illegal software download, malicious code ( viruses, worms, Trojan horses, malicious scripts,…), changes to system hardware, software, or firmware, violation of law.
    108. 108. Depends on the party REPORT PROCEDURES Module 4 + Users: In their interest to report the incident, usually to the “help desk”(IT department). + System administrators: Report to CSIRT (Computer Security Incident Response Team) in the organization or CERT Team.
    109. 109. WHAT TO REPORT? Module 4 + Date and Time of incident + Location of the incident + Type of computer + Application that were running at that time + What did you do before incident happen? + What do you see?
    110. 110. POINT OF CONTACTS Module 4
    111. 111. ANY QUESTION? Module 3
    112. 112. REMEMBER!