SlideShare a Scribd company logo

Drooger, jack cyber security

Hagerstown Chamber Business Expo
Hagerstown Chamber Business Expo

This document discusses self defense for cybersecurity and protecting personal and organizational assets from cyber threats. It provides examples of common cyber attacks like hacking and phishing. It also outlines traditional security fixes like firewalls, antivirus software, and password best practices. Throughout it provides scenarios of past security breaches at companies to illustrate the risks and impacts of attacks. The key messages are that social engineering, weak passwords, and lack of backups leave both personal and business systems vulnerable to cyber criminals. Regular security updates, strong unique passwords, and backing up important data are recommended for protection.

Technology
1 of 23
Download to read offline
Self Defense For Cybersecurity What's Happening Inside The Firewall Jack Drooger – Hagerstown Community College
Buzzword Bingo • Dumpster diving • Script Kiddie • Shoulder surfing • Whaling • Hacking • Vishing • DoS attack
Objectives • Examine how organizations are comprised – scenarios that put assets at risk • Identify traditional fixes for computer security risks that you can’t live without • Vulnerabilities that disrupt the best laid plans of mice and IT men • When in doubt, back it up • Home computing – what’s at risk?
Security Breach Scenarios • Company: RSA Security • Date: March, 2011 • Breach: Data theft • Estimated cost: $66 Million
Avenues of Attack • Specific targets – Chosen based on attacker’s motivation – Not reliant on target system’s hardware and software • Targets of opportunity – Systems with hardware or software vulnerable to a specific exploit – Often lacking current security patches
The Steps in an Attack 1. Conducting reconnaissance 2. Scanning 3. Researching vulnerabilities 4. Performing the attack 5. Creating a backdoor 6. Covering tracks
Traditional Fixes for Security Risks • Firewalls • Intrusion Detection/Prevention Systems • Anti-virus Software • Anti-Spyware and Malware Software • Email Scanning • Anti-phishing Protection
Security Breach Scenarios • Company: Stratfor Global Intelligence • Date: December, 2011 • Breach: website defacement and data theft
People A Security Problem?
Social Engineering • Technique in which the attacker uses deceptive practices – Convince someone to divulge information they normally would not divulge. – Convince someone to do something they normally wouldn’t do • Why social engineering is successful – People desire to be helpful – People desire to avoid confrontation
The Famous Nigerian Scam
Phishing • Type of social engineering – Attacker masquerades as a trusted entity – Typically sent to a large group of random users via e-mail or instant messenger • Typically used to obtain – Usernames, passwords, credit card numbers, and details of the user’s bank accounts • Preys on users – PayPal, eBay, major banks, and brokerage firms
Phishing Sample - Easy to Spot
Phishing Sample - Camouflaged
Phishing Sample - Revealed
Recognizing Phishing • Analyze any e-mails received asking for personal information carefully • Organizations need to educate their employees – Never send e-mails asking for personal information – Never request passwords • Watch for technical or grammatical errors • Strange URL address
Security Breach Scenarios • Company: Global Payments • Date: April 2012 • Breach: Theft of card information • Cost: Visa dropping company as provider
Importance of Passwords • Gateway externally and internally to resources • Major goal of cybercrime is to capture passwords
Use Passwords to Advantage • Choose strong passwords – At least 8 characters long – Mix letters and numbers – Add an uppercase letter – Use non-alpha characters Don’t share • Example 1 your passwords – Bad: flintstone with others!! – Better: Fl1nst0ne=
Use Passwords to Advantage • Example 2  Jack be nimble, Jack be quick  Jack jumped over the candlestick Becomes: Jbn,JbqJjotc • Need to write a password down? – Keep in a secure place – Use password encryption products
Life is Short Back it Up
Protecting Your Home Computer • Common target of cybercriminals • Personal data – Tax records, banking information, and lists of contacts – Family archive of photos, documents, and other sentimental items • Protect your family’s privacy and decrease your odds of a cyberattack
For more information about the Institute and Cybersecurity training at HCC, see us online at: www.hagerstowncc.edu/cyber

Recommended

Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
Infographic: Penetration Testing - A Look into a Full Pen Test CampaignInfographic: Penetration Testing - A Look into a Full Pen Test Campaign
Infographic: Penetration Testing - A Look into a Full Pen Test CampaignPratum
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineeringprimeteacher32
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.Pratum
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011Xavier Mertens
 
Introduction to Social engineering | Techniques of Social engineering
Introduction to Social engineering | Techniques of Social engineeringIntroduction to Social engineering | Techniques of Social engineering
Introduction to Social engineering | Techniques of Social engineeringPrem Lamsal
 
Social engineering
Social engineeringSocial engineering
Social engineeringMaulik Kotak
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering BasicsLuke Rusten
 
Social engineering
Social engineeringSocial engineering
Social engineeringankushmohanty
 

Recommended

Infographic: Penetration Testing - A Look into a Full Pen Test Campaign
Infographic: Penetration Testing - A Look into a Full Pen Test CampaignInfographic: Penetration Testing - A Look into a Full Pen Test Campaign
Infographic: Penetration Testing - A Look into a Full Pen Test CampaignPratum
 
Social Engineering
Social EngineeringSocial Engineering
Social Engineeringprimeteacher32
 
What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.What is Social Engineering? An illustrated presentation.
What is Social Engineering? An illustrated presentation.Pratum
 
ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011ISACA Ethical Hacking Presentation 10/2011
ISACA Ethical Hacking Presentation 10/2011Xavier Mertens
 
Introduction to Social engineering | Techniques of Social engineering
Introduction to Social engineering | Techniques of Social engineeringIntroduction to Social engineering | Techniques of Social engineering
Introduction to Social engineering | Techniques of Social engineeringPrem Lamsal
 
Social engineering
Social engineeringSocial engineering
Social engineeringMaulik Kotak
 
Social Engineering Basics
Social Engineering BasicsSocial Engineering Basics
Social Engineering BasicsLuke Rusten
 
Social engineering
Social engineeringSocial engineering
Social engineeringankushmohanty
 
Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Hovhannes Aghajanyan
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentationGeorgekutty Francis
 
Social Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansSocial Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansRob Ragan
 
Hacking
HackingHacking
HackingJay Janodia
 
The art of deceiving humans a.k.a social engineering
The art of deceiving humans a.k.a social engineeringThe art of deceiving humans a.k.a social engineering
The art of deceiving humans a.k.a social engineeringSuraj Khetani
 
Wireless and Internet Security Principles
Wireless and Internet Security PrinciplesWireless and Internet Security Principles
Wireless and Internet Security Principlespualoob
 
the best hacking ppt
the best hacking pptthe best hacking ppt
the best hacking pptfuckubitches
 
Social engineering tales
Social engineering tales Social engineering tales
Social engineering tales Ahmed Musaad
 
Etical hacking
Etical hackingEtical hacking
Etical hackingtalhaabid
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
ethical hacking
ethical hackingethical hacking
ethical hackingNeelima Bawa
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917Evan Francen
 
What is social engineering & why it is important
What is social engineering & why it is importantWhat is social engineering & why it is important
What is social engineering & why it is importantVikram Khanna
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is ImpossibleRichard Stiennon
 
social engineering
social engineering social engineering
social engineeringRavi Patel
 
Social engineering
Social engineering Social engineering
Social engineering Abdelhamid Limami
 
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Infosecurity2010
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attackPankaj Dubey
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...ABHAY PATHAK
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxreagan sapul
 
Leadership by Paul Kostreski
Leadership by Paul Kostreski Leadership by Paul Kostreski
Leadership by Paul Kostreski Hagerstown Chamber Business Expo
 
What is a thriller film 2 nicholas 12
What is a thriller film 2 nicholas 12What is a thriller film 2 nicholas 12
What is a thriller film 2 nicholas 12nm05i2
 

More Related Content

What's hot

Social Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansSocial Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansRob Ragan
 
The art of deceiving humans a.k.a social engineering
The art of deceiving humans a.k.a social engineeringThe art of deceiving humans a.k.a social engineering
The art of deceiving humans a.k.a social engineeringSuraj Khetani
 
Wireless and Internet Security Principles
Wireless and Internet Security PrinciplesWireless and Internet Security Principles
Wireless and Internet Security Principlespualoob
 
the best hacking ppt
the best hacking pptthe best hacking ppt
the best hacking pptfuckubitches
 
Social engineering tales
Social engineering tales Social engineering tales
Social engineering tales Ahmed Musaad
 
Etical hacking
Etical hackingEtical hacking
Etical hackingtalhaabid
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentationpooja_doshi
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917Evan Francen
 
What is social engineering & why it is important
What is social engineering & why it is importantWhat is social engineering & why it is important
What is social engineering & why it is importantVikram Khanna
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is ImpossibleRichard Stiennon
 
social engineering
social engineering social engineering
social engineeringRavi Patel
 
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Infosecurity2010
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attackPankaj Dubey
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...ABHAY PATHAK
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptxreagan sapul
 

What's hot (20)

Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015Social Engineering | #ARMSec2015
Social Engineering | #ARMSec2015
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Social Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response PlansSocial Engineering: the Bad, Better, and Best Incident Response Plans
Social Engineering: the Bad, Better, and Best Incident Response Plans
 
Hacking
HackingHacking
Hacking
 
The art of deceiving humans a.k.a social engineering
The art of deceiving humans a.k.a social engineeringThe art of deceiving humans a.k.a social engineering
The art of deceiving humans a.k.a social engineering
 
Wireless and Internet Security Principles
Wireless and Internet Security PrinciplesWireless and Internet Security Principles
Wireless and Internet Security Principles
 
the best hacking ppt
the best hacking pptthe best hacking ppt
the best hacking ppt
 
Social engineering tales
Social engineering tales Social engineering tales
Social engineering tales
 
Etical hacking
Etical hackingEtical hacking
Etical hacking
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
ethical hacking
ethical hackingethical hacking
ethical hacking
 
MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917MHTA Social Engineering Presentation - 050917
MHTA Social Engineering Presentation - 050917
 
What is social engineering & why it is important
What is social engineering & why it is importantWhat is social engineering & why it is important
What is social engineering & why it is important
 
Why Risk Management is Impossible
Why Risk Management is ImpossibleWhy Risk Management is Impossible
Why Risk Management is Impossible
 
social engineering
social engineering social engineering
social engineering
 
Social engineering
Social engineering Social engineering
Social engineering
 
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
Sharon Conheady - Social engineering & social networks (4 novmber Jaarbeurs U...
 
Social engineering hacking attack
Social engineering hacking attackSocial engineering hacking attack
Social engineering hacking attack
 
Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...Social Engineering,social engeineering techniques,social engineering protecti...
Social Engineering,social engeineering techniques,social engineering protecti...
 
securityawareness.pptx
securityawareness.pptxsecurityawareness.pptx
securityawareness.pptx
 

Viewers also liked

What is a thriller film 2 nicholas 12
What is a thriller film 2 nicholas 12What is a thriller film 2 nicholas 12
What is a thriller film 2 nicholas 12nm05i2
 
Presentation1
Presentation1Presentation1
Presentation1nm05i2
 

Viewers also liked (9)

Leadership by Paul Kostreski
Leadership by Paul Kostreski Leadership by Paul Kostreski
Leadership by Paul Kostreski
 
What is a thriller film 2 nicholas 12
What is a thriller film 2 nicholas 12What is a thriller film 2 nicholas 12
What is a thriller film 2 nicholas 12
 
Powers, stephanie social media marketing
Powers, stephanie social media marketingPowers, stephanie social media marketing
Powers, stephanie social media marketing
 
Presentation1
Presentation1Presentation1
Presentation1
 
Shank, theresa sales
Shank, theresa salesShank, theresa sales
Shank, theresa sales
 
Powers, stephanie personal branding
Powers, stephanie personal brandingPowers, stephanie personal branding
Powers, stephanie personal branding
 
Shank, theresa disc
Shank, theresa discShank, theresa disc
Shank, theresa disc
 
It's Not Just Who You Know by Jeannette Fitzwater
It's Not Just Who You Know by Jeannette FitzwaterIt's Not Just Who You Know by Jeannette Fitzwater
It's Not Just Who You Know by Jeannette Fitzwater
 
Corporate Culture by Tonya Leary
Corporate Culture by Tonya LearyCorporate Culture by Tonya Leary
Corporate Culture by Tonya Leary
 

Similar to Drooger, jack cyber security

Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcareNicholas Davis
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureLourdes Paloma Gimenez
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptOoXair
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfMansoorAhmed57263
 
Recommending information security measures
Recommending information security measuresRecommending information security measures
Recommending information security measuresManish Singh
 
Corporate Intelligence: Bridging the security and intelligence community
Corporate Intelligence: Bridging the security and intelligence communityCorporate Intelligence: Bridging the security and intelligence community
Corporate Intelligence: Bridging the security and intelligence communityantitree
 
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...nexxtep
 
Keeping you and your library safe and secure
Keeping you and your library safe and secureKeeping you and your library safe and secure
Keeping you and your library safe and secureLYRASIS
 
Introduction to hackers
Introduction to hackersIntroduction to hackers
Introduction to hackersHarsh Sharma
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self DefenseBarry Caplin
 
Blitzing with your defense bea con
Blitzing with your defense bea conBlitzing with your defense bea con
Blitzing with your defense bea conInnismir
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorJames Krusic
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An IntroductionJayaseelan Vejayon
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBCapyn
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterJose L. Quiñones-Borrero
 

Similar to Drooger, jack cyber security (20)

Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
It security in healthcare
It security in healthcareIt security in healthcare
It security in healthcare
 
Unveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity postureUnveiling the dark web. The importance of your cybersecurity posture
Unveiling the dark web. The importance of your cybersecurity posture
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdfitsecurityawareness-v1-230413174238-5e7cba3c.pdf
itsecurityawareness-v1-230413174238-5e7cba3c.pdf
 
Recommending information security measures
Recommending information security measuresRecommending information security measures
Recommending information security measures
 
Corporate Intelligence: Bridging the security and intelligence community
Corporate Intelligence: Bridging the security and intelligence communityCorporate Intelligence: Bridging the security and intelligence community
Corporate Intelligence: Bridging the security and intelligence community
 
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
What You Can Do to Keep Your Email, Bank Accounts and Business Safe from Cybe...
 
Keeping you and your library safe and secure
Keeping you and your library safe and secureKeeping you and your library safe and secure
Keeping you and your library safe and secure
 
Threats
ThreatsThreats
Threats
 
Computer Security
Computer SecurityComputer Security
Computer Security
 
Hackers
HackersHackers
Hackers
 
Introduction to hackers
Introduction to hackersIntroduction to hackers
Introduction to hackers
 
Online Self Defense
Online Self DefenseOnline Self Defense
Online Self Defense
 
Blitzing with your defense bea con
Blitzing with your defense bea conBlitzing with your defense bea con
Blitzing with your defense bea con
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
 
Janitor vs cleaner
Janitor vs cleanerJanitor vs cleaner
Janitor vs cleaner
 
Computer Hacking - An Introduction
Computer Hacking - An IntroductionComputer Hacking - An Introduction
Computer Hacking - An Introduction
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBC
 
Hacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR ChapterHacker risks presentation to ACFE PR Chapter
Hacker risks presentation to ACFE PR Chapter
 

Recently uploaded

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutesconfluent
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...Product School
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀DianaGray10
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyJohn Staveley
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...Product School
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoTAnalytics
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsPaul Groth
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupCatarinaPereira64715
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsExpeed Software
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Product School
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
 

Recently uploaded (20)

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Speed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in MinutesSpeed Wins: From Kafka to APIs in Minutes
Speed Wins: From Kafka to APIs in Minutes
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMsTo Graph or Not to Graph Knowledge Graph Architectures and LLMs
To Graph or Not to Graph Knowledge Graph Architectures and LLMs
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*Neuro-symbolic is not enough, we need neuro-*semantic*
Neuro-symbolic is not enough, we need neuro-*semantic*
 
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualitySoftware Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality
 

Drooger, jack cyber security

  • 1. Self Defense For Cybersecurity What's Happening Inside The Firewall Jack Drooger – Hagerstown Community College
  • 2. Buzzword Bingo • Dumpster diving • Script Kiddie • Shoulder surfing • Whaling • Hacking • Vishing • DoS attack
  • 3. Objectives • Examine how organizations are comprised – scenarios that put assets at risk • Identify traditional fixes for computer security risks that you can’t live without • Vulnerabilities that disrupt the best laid plans of mice and IT men • When in doubt, back it up • Home computing – what’s at risk?
  • 4. Security Breach Scenarios • Company: RSA Security • Date: March, 2011 • Breach: Data theft • Estimated cost: $66 Million
  • 5. Avenues of Attack • Specific targets – Chosen based on attacker’s motivation – Not reliant on target system’s hardware and software • Targets of opportunity – Systems with hardware or software vulnerable to a specific exploit – Often lacking current security patches
  • 6. The Steps in an Attack 1. Conducting reconnaissance 2. Scanning 3. Researching vulnerabilities 4. Performing the attack 5. Creating a backdoor 6. Covering tracks
  • 7. Traditional Fixes for Security Risks • Firewalls • Intrusion Detection/Prevention Systems • Anti-virus Software • Anti-Spyware and Malware Software • Email Scanning • Anti-phishing Protection
  • 8. Security Breach Scenarios • Company: Stratfor Global Intelligence • Date: December, 2011 • Breach: website defacement and data theft
  • 10. Social Engineering • Technique in which the attacker uses deceptive practices – Convince someone to divulge information they normally would not divulge. – Convince someone to do something they normally wouldn’t do • Why social engineering is successful – People desire to be helpful – People desire to avoid confrontation
  • 12. Phishing • Type of social engineering – Attacker masquerades as a trusted entity – Typically sent to a large group of random users via e-mail or instant messenger • Typically used to obtain – Usernames, passwords, credit card numbers, and details of the user’s bank accounts • Preys on users – PayPal, eBay, major banks, and brokerage firms
  • 13. Phishing Sample - Easy to Spot
  • 14. Phishing Sample - Camouflaged
  • 15. Phishing Sample - Revealed
  • 16. Recognizing Phishing • Analyze any e-mails received asking for personal information carefully • Organizations need to educate their employees – Never send e-mails asking for personal information – Never request passwords • Watch for technical or grammatical errors • Strange URL address
  • 17. Security Breach Scenarios • Company: Global Payments • Date: April 2012 • Breach: Theft of card information • Cost: Visa dropping company as provider
  • 18. Importance of Passwords • Gateway externally and internally to resources • Major goal of cybercrime is to capture passwords
  • 19. Use Passwords to Advantage • Choose strong passwords – At least 8 characters long – Mix letters and numbers – Add an uppercase letter – Use non-alpha characters Don’t share • Example 1 your passwords – Bad: flintstone with others!! – Better: Fl1nst0ne=
  • 20. Use Passwords to Advantage • Example 2  Jack be nimble, Jack be quick  Jack jumped over the candlestick Becomes: Jbn,JbqJjotc • Need to write a password down? – Keep in a secure place – Use password encryption products
  • 21. Life is Short Back it Up
  • 22. Protecting Your Home Computer • Common target of cybercriminals • Personal data – Tax records, banking information, and lists of contacts – Family archive of photos, documents, and other sentimental items • Protect your family’s privacy and decrease your odds of a cyberattack
  • 23. For more information about the Institute and Cybersecurity training at HCC, see us online at: www.hagerstowncc.edu/cyber