2. E-safety: safer systems, safer users 20/11/2014 2
Speakers
» Nigel Ecclesfield, Head of change implementation support
programmes - Further Education and Skills, Jisc
» Lee Harrigan-Green, Senior CSIRT member, Jisc
» Katie McAllister, Student support and enrichment manager,
Peterborough Regional College
» Jackie Milne, Legal information specialist, Jisc
3. E-safety: safer systems, safer users 20/11/2014 3
Internet safety and security
E-safety is about safe and responsible practice
with technology and the sensible management of
risks presented by the digital world.
Jisc e-Safety infoKit
4. E-safety: safer systems, safer users 20/11/2014 4
Purpose of session
» Explore e-safety issues for providers
» Safety policies
› Setting objectives and priorities
» Safe systems
› External safeguards and support
› Internal systems
» Safe users
› Safe practices
› Increase awareness of e-safety
5. E-safety and social media - risky mix or recipe for success?
Jackie Milne, Legal information specialist, Jisc
6. E-safety: safer systems, safer users 20/11/2014 6
Social Media
“The most
influential and
powerful voice of
the people…
needs to be
regulated”
Chloe Madeley
“Ability to give a
voice to people
who would never
have been heard”
Bill Gates
“A catalyst for the
advancement of
everyone’s rights”
Queen Rania of
Jordan
“Just a buzz word
until you come up
with a plan”
Unknown
7. E-safety: safer systems, safer users 20/11/2014 7
Storm in a T cup?
FB comments result in sacking Think before you tweet or risk arrest
Sexting pressure on the rise
Social network is social nightmare
Internet trolls may face two years in jail
Teacher in FB meltdown
Half of child exploitation happens on We don’t need any new social media laws
social networks
8. E-safety: safer systems, safer users 20/11/2014 8
Which legal duties do you have?
Statutory Contractual Common law All of these
9. Janet Computer Security Incident Response Team (CSIRT)
and keeping yourself safe
Lee Harrigan-Green, Senior CSIRT member, Jisc
10. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 10
Overview
» About Janet CSIRT (Computer Security Incident Response Team) and our role
» An overview of the incidents we see
» Some examples of incidents
» What can you do to help yourself
» If you have any questions please just interrupt me
12. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 12
What do we do?
» Incident Response
» Proactive Monitoring
» Advice and Expertise
13. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 13
What we don’t do!
» We don’t hack systems
» We don’t probe systems looking for vulnerabilities to advise owners
» We are not the internet police
» We don’t pass information onto the Government / CIA... but we do work with them
14. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 14
How we detect security incidents
» Netflow data
» Emails or alerts from 3rd parties
» Website monitoring
» Telephone calls
» Keeping up to date with the security landscape / vulnerabilities
» Google searches
» Post incident analysis
15. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 15
Types of issues we deal with
» Compromise
› Data, usernames, passwords, personal information
› Systems
» Copyright notices
» Denial of service
» Queries
› Law enforcement agencies requests for information (RIPA)
› Legal / policy advice
› Networking / security advice
» Other issues: scanning, phishing, social engineering, unauthorised use, unsolicited
bulk email (SPAM)
16. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 16
Incident type 2012 2013 2014 to date
Compromise 1487 1329 363
Copyright 2000 91 (1293) 2815
Denial of Service 43 127 430
General query 59 82 154
LEA query 46 29 31
Legal / Policy query 7 9 4
Malware 3209 5148 4133
Misconfiguration 0 0 275
Net / Security query 115 89 162
Other 114 196 682
Phishing 243 427 307
Scanning 578 380 137
Social engineering 16 6 1
Unauthorised use 39 42 28
Unsolicited bulk email 238 256 144
Total 8194 8212 (9505) 9666
17. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 17
Regulation of Investigatory Powers notifications
» Regulation of Investigatory Powers Act
2000
» Graded 1 (critical), 2 or 3
» Must originate from a single point of
contact (SPoC)
» CSIRT can verify a SPoC exists in Home
Office database
18. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 18
Recent activities with the National Crime Agency
(NCA)
» Gameover Zeus (Zeus-p2p) and Cryptolocker
» Advanced warning of the botnet takedown
» Worked with the NCA and FBI to establish the best course of action from a UK
perspective
» Distributed the list of known domains associated with the malware
» Issued advice and guidance to affected customers on the global day of action
» Taken positive action within our resolver service so that our customers are protected
from this malware.
» More in the pipeline …
19. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 19
Example of a hacked website
» A small website was vulnerable to a SQLi attack
» Details of usernames, passwords, and email addresses were dumped
» Automated email received at 23:15
» By 9:30 the following morning we had sent notifications to 42 different sites about the
breach
» We also alerted the site that was hacked. They were not aware and took the site
offline and also notified all users in their database about the breach
20. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 20
Example of a Moodle system hack
» Content of usernames and hashed passwords were put on pastebin approximately
3500 unique hashes.
» Investigation started at 08:50 the following day
» A Janet connected organisation system was compromised due to running a old
version of administration software on a Moodle server
» 48% of the passwords were cracked
» Site advised of the very weak passwords
» They rebuilt system
» A student at the site was responsible
21. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 21
Policies are there when you need them
There are many different types of policies that you require to keep yourself safe.
» Disaster Recovery
» Acceptable Use
» Incident Response
» Backup
» And more
We recommend:
» Testing your policies to make sure they work in practice
» Review your policies regularly - trigger points might be a yearly review, change in
legislation or a security incident
22. Our Computer Security Incident Response Team (CSIRT) and keeping yourself safe20/11/2014 22
What can you do to keep yourself safe?
» By following best practices you can keep yourself safe
» Logging is the most important of these – Firewall, proxy, DHCP, email and web server
» Use a system log (syslog) to keep them in one easy location
» Keep systems up to date with latest patches and security updates
» Maintain up to date security contacts with CSIRT
» Contact us at CSIRT if you have any security related questions or queries, including
advice on policies and practice to keep your systems and users safe
23. E-safety: safer systems, safer users 20/11/2014 23
Lee Harrigan-Green, Senior CSIRT Member
irt@csirt.ja.net
Lumen house, Library Avenue, Harwell, Didcot
Oxfordshire OX11 0SG
T 0300 999 2340
info@jisc.ac.uk jisc.ac.uk
Except where otherwise noted, this work is licensed under CC-BY-NC-ND
24. Safeguarding & E-Safety
Katie McAllister,
Student Support and Enrichment Manager,
Peterborough Regional College
Equipping learners to be safe
25. The starting point
• The college, in light of the growing child sexual
exploitation issues, potential extremism and increasing e-safety
concerns, was determined to ensure both staff and
learners participated in a constructive dialogue relating to
their safety.
26. The Challenge
• Addressing the (potential) increase in cyberbullying,
extremism, child sexual exploitation etc
• Meeting our legal and statutory duties relating to ICT
whilst reducing any risks
• Identifying all of the across college areas we would need
to consider such as our hosting liability and data
protection
• Educating employers, contractors, parents/carers
27. Review tools
• A rigorous evaluation of our current practices including
Jisc guidance & the use of the 360 degree safe self
review tool
It’s free to access!
Provides subject areas (top line and in detail)
Provides action plan as you go
Identifies AFIs and best practices
Is online so a whole college approach is possible
Compares your own responses to others who have completed it
28. Areas for review
Each
element has
strands.
Each strand
has aspects.
29. The Safeguarding Toolkit
• Resources and documentation to support a tailored
recruitment and enrolment process for learners.
• An enhanced induction for Looked After Care (LAC)
learners.
• Designated mentors and progress support meetings for
LAC learners.
• Online and magazine based hints, tips and guidance
(staff and students).
30. The Safeguarding Toolkit
• HE debates.
• Tutorials and across college calendar of events covering
personal safety and resilience for a range of
levels/abilities (sexual health, alcohol, mental health, e-safety,
being street wise).
• Development of activities and resources to embed within
teaching and learning sessions.
31. Multi Agency work
• Multi agency partnership with housing, city youth
workers, council, police, schools and Local Safeguarding
Children Boards (LSCB)
– members shared expertise and resources which resulted in a
proactive approach to child sexual exploitation, monitoring of
city wide tensions and action cohesion work.
• Approach is being adopted by other police forces and
was recorded for a Panorama documentary.
32. Training
• The College Welfare Advisor and a College Youth
Worker were specifically trained to support Looked After
Care leavers - more vulnerable to child sexual
exploitation and radicalisation.
• Staff training incorporating extremism awareness and
reporting (WRAP, Prevent).
33. Training
• Prevent training to over 1000 students by the local
Prevent officer.
• The college completed a business continuity plan and
staff training with the National Counter Terrorism Security
Office (NaCTSO).
• E-Safety handbook/toolkit.
• Updated induction staff training.
34. Impact in 2013/14
• 98% of learners felt safe whilst at college.
• 92% retention for LAC learners (9% increase on 12/13).
• 88% retention for unaccompanied minors (5% increase on 2012/13).
• Safeguarding embedded into teaching and learning -
differentiated across the levels/abilities.
• Significant, collaborative partnerships with quicker
identification of and action to issues.
35. Impact in 2013/14
• Ongoing, robust self-assessment
• The safeguarding toolkit has successfully contributed to
the College receiving:
– the BIG award (Bullying Intervention)
– Gold ROSPA
– the Buttle Quality Mark (Exemplary)
– Customer Service Excellence & Matrix
– The South West Grid for Learning Trust 360 degree safe award
(first FE college).
36. Information
• Freshers Fayre Event (1 Oct)
• Anti-bullying & Resilience Stand (17 Nov)
• Wellbeing Team Stand (E-safety: 1 Dec)
• Safer Internet Day Stand (10 Feb)
• Be Healthy, Stay Safe, Be Green Event (19 Mar)
37. Summary
• The College has taken a proactive and passionate stance
against these contemporary issues that are affecting our
learner’s wellbeing, and our ongoing actions are
positively removing barriers and ensuring the learners are
able to fully engage with their studies.
• For more information contact:
katie.mcallister@peterborough.ac.uk
39. Find out more…
39
Find out more
communications@jisc.ac.uk
www.jisc.ac.uk/internet-safety
Except where otherwise noted, this
work is licensed under CC-BY-NC-ND