What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cyberattack

558 views

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
558
On SlideShare
0
From Embeds
0
Number of Embeds
22
Actions
Shares
0
Downloads
3
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cyberattack

  1. 1. What  you  can  do  to  keep  your   email,  bank  accounts  and  business   safe  from  cybera7ack.   Richard  Baker   Nexxtep  Technology  Services   h7p://nexxtep.com   229-­‐671-­‐1513  
  2. 2. SMB  Security  Concerns   •  Small  Businesses  are  the  path  of  least  resistance  for   a7ackers.   •  Generally  have  weaker  security  seOngs  and  are   easier  to  penetrate.   •  Last  year,  31%  of  all  targeted  a7acks  hit  businesses   with  less  than  250  employees.   •  On  average,  there  is  a  156  day  lapse  between  when  a   system  is  compromised  and  when  it  is  detected.    
  3. 3. Top  5  ways  SMB  are  targeted   •  P2P  applicaUons   •  Drive-­‐by  downloads   •  AcUve  content  inside  a7achments   •  Phishing  a7acks   •  Social  networking  
  4. 4. Malware?   •  Short  for  malicious  soYware   •  SoYware  that  is  designed  to  gain  access  or   damage  a  computer  without  the  knowledge  of   the  owner.   •  Forced  adverUsing  (adware)   •  Stealing  sensiUve  informaUon  (spyware)   •  Spreading  email  (spam)   •  Extort  money  (ransomware)   •  Viruses  
  5. 5. How  to  prevent  theY  of  your  data   •  MulU  layered  approach   •  At  a  minimum:   – Firewall  at  each  site.   – Virus  protecUon  on  every  computer.   – Employee  training.   – Timely  Windows  patching.   – Update  3rd  party  soYware.  
  6. 6. How  to  prevent  theY  of  your  data   AddiUonal  steps  that  can  be  taken:   – AcUve  scanning  at  the  firewall.   – Content  filtering  at  the  firewall.   – Malware  protecUon  on  the  endpoints.   – UUlize  encrypUon.   – Employee  training.  
  7. 7. How  to  prevent  theY  of  your  data   •  Use  a  VPN  service   hotspotshield.com   -­‐  Offers  a  free  (ad  supported)  version  and  a  paid   version.   •  Check  your  links  before  you  click   – h7p://longurl.org   – h7p://virustotal.com  
  8. 8. Phishing  Quiz   •  h7p://www.opendns.com/phishing-­‐quiz/   •  h7p://www.sonicwall.com/furl/phishing/  
  9. 9. Phishing  Quiz    
  10. 10. Phishing  Quiz    
  11. 11. Phishing  Quiz    
  12. 12. Phishing  Quiz    
  13. 13. Password  RecommendaUons   -­‐  Use  2  factor  authenUcaUon.   -­‐  Use  a  password  manager.  (lastpass,   1password,  keepass  to  name  a  few)   -­‐  If  absolutely  can’t  use  an  automated  tool,   choose  4  or  5  passwords.   -­‐  Social  media,  throwaway,  email  and   finance.  
  14. 14. Password  RecommendaUons   -­‐  Use  a  password  with  at  least  12  characters.   -­‐  Use  words.  (i.e.  I  Love  KoolAid!)   -­‐  Be7er  yet:  I@Love@KoolAid2!!   -­‐  Use  capital,  lowercase,  numbers  and  special   characters.   -­‐  Don’t  tell  anyone.  
  15. 15. 2  Factor  AuthenUcaUon   -­‐  Makes  it  much  more  difficult  for  the  a7acker   to  impersonate  you  and  access  your  accounts.   -­‐  Can  be  in  the  form  of:  smartcard,  USB  drive,   app  on  your  phone,  text  message,  biometrics.   -­‐  Sites  that  uUlize  2  factor:  Google,  MicrosoY,   Yahoo,  Apple,  Twi7er,  Evernote,  LinkedIn,   Dropbox  
  16. 16. Use  a  password  manager   -­‐  Firefox  bu7on    OpUons    Security    Saved   Passwords    Show  Passwords  
  17. 17. Use  a  password  manager   -­‐  Chrome  seOngs    Show  Advanced  SeOngs     Passwords  and  forms  -­‐>  Managed  saved  passwords  
  18. 18. 2012  Hacking  Milestones   •  Jan  1  –  24  million  idenUUes  stolen  from  Zappos.com   •  March  3  -­‐  A  payment  processor  for  Visa  &  Mastercard  was  compromised;  exposing   1.5  million  accounts.   •  April  4  –  Over  600,000  Mac  computers  are  infected  by  a  java  exploit.   •  June  6  –  LinkedIn  suffers  data  breach.  6.5  million  accounts  were  stolen  by  Russian   cybercriminals.   •  July  7  –  Japanese  finance  ministry  discovers  their  network  has  been  infected  for  2   years.   •  August  8  –  Reuters  news  service  is  hacked  resulUng  in  fake  news  stories  posted  on   twi7er  and  it’s  website.   •  October  10  –  63  Barnes  &  Noble  stores  had  their  credit  card  machines   compromised.   •  November  11  –  Burglars  discovered  using  a  known  exploit  in  hotel  locks  that   effects  4  million  locks.   •  Facebook  reports  that  .06%  of  log-­‐ons  each  day  are  compromised.  That  amounts   to  600,000  Umes  daily.    
  19. 19. What  can  you  do  to  protect  yourself?   -­‐  Go  to  www.annualcreditreport.com   -­‐  You  can  check  for  free  up  to  3  Umes  a  year.   -­‐  Credit  score  is  $8.   -­‐  Freeze  your  credit  for  $9.   -­‐  h7p://consumer.georgia.gov/consumer-­‐topics/credit-­‐freeze  
  20. 20. QuesUons?     Richard  Baker   Nexxtep  Technology  Services   h7p://nexxtep.com   229-­‐671-­‐1513    

×