SlideShare a Scribd company logo

Hiroshima University Information Security & Compliance 2018

I
imc-isec-comp

The document outlines important information for improving information security, including recent threats like phishing scams and virus infections, important routine measures such as using antivirus software and strong passwords, and additional good behaviors like using password management tools and cloud services. It emphasizes practicing 5 countermeasures like keeping software updated and 5 behaviors like not clicking suspicious links to help protect against security breaches.

Education
1 of 47
Download to read offline
Information Security & Compliance Follow-up Course2018
Introduction 2 Aims of the Information Security & Compliance Course: • Revise your knowledge of information security • Enhance your knowledge with the latest in information security This lecture is divided into three sections: 1. Recent threats to information security 2. Important routine measures 3. Additional good behaviors Improving your knowledge of information security
Differences between the 2018 and 2017 version 3 • Why should we disconnect from the network? • The route of virus infection. • Damage from unauthorized apps. • Use a password management tool • Use the Cloud for data storage and sharing • This type of case is an incident. Newly added pages contain this mark Pages displaying updated content contain this mark. UPDATE
4 1 Recent threats to information security • Phishing scams • Virus infections • Unauthorized access
Risks of phishing scams 5 The damage caused by phishing scams that make unauthorized use of Internet banking and credit card information is increasing. 1. Deceptive emails 2. Entering ID, password, credit card, and account details Phishing site 3. Collecting information 4. Malicious use of obtained information Genuine site Check your transaction statements for signs of improper use.
How to identify suspicious emails: Point 6 This is a real email which we have received. http://sprechmanlaw.com/eng.html URL is suspicious. “http” instead of “https” Email address is suspicious. Strange domain UPDATE
Check the URL in the email before clicking. 7 Virus infections are increasing with clicking on the links within emails. Check whether the URL is safe before clicking. / Since it is possible that your account information has been hacked, click this link to change your password. / / / - /- / . ./ ./ / -
Example of clever phishing site 8 Many recent phishing sites look exactly like genuine sites. Never open links in suspicious emails. It’s difficult to tell if a site is fake!
Countermeasures and Behaviors against phishing scams 9 Check whether your devices are not used by unknown third party. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Countermeasures Behaviors Keep informed of the latest threats and attack methods. Don’t click inadvertently on file attachments or URLs.
Risks of virus infections 10 The damage caused by ransomware has grown markedly since 2015. What is “ransomware”? All the files on the infected PCs are encrypted to make them unusable. à The perpetrator requires a "ransom" to repair your files. Files are encrypted, so they cannot be used!
Examples of ransomware 11 Infection screen of “CryptoLocker” Infection screen of “CYBER POLICE” If your smartphone is infected, you will not be able to boot it. Online banking information was also stolen!
If your PC is infected by viruses 12 • Never pay a ransom. • Disconnect from the network. • Reinitialize the PC, then restore from a backup. • Report the incident to the University. restore Make regular backups in case this ever happens! UPDATE
Why should you disconnect the PC from the network? 13 If you leave a virus-infected PC connected to the network • The PC will download a backdoor tool. • The PC sends information in it to the perpetrator. • The PC is remotely controlled. • The infection may spread to all accessible surrounding PCs.
Virus infection routes 14 Phishing emails Browsing web sites and Clicking on banner ads USB flash drives Downloaded programs Forgetting updates • . . • . . UPDATE
Countermeasures and Behaviors against virus infections 15 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Install antivirus software and keep it updated. Keep your OS and applications updated. Make regular backups. Countermeasures Behaviors Keep informed of the latest threats and attack methods.
Official sites contain unauthorized apps 16 • Unauthorized apps may be registered on official sites. • Check for unnecessary features. • Confirm your rights to access the apps. , , Delete the apps that request inappropriate rights. , , ,
Check the app before installation. 17 Search the Web and read reviews before installing the app to verify its authenticity. Search the app by its name and look for blogs about it. . . . the name of app unlawful apps 2018 . .
Check whether the app is being used correctly 18 Spoofing user accounts are increasing. Check the service usage history and settings regularly. For example, in the case wherein Twitter is used, the Web browser settings can be checked.
Damage caused by unauthorized access to devices such as PCs, smartphones, and tablets. 19 Sending spam emails Hijacking of social media accounts Data leaksModifying web sites The perpetrator accesses the electronic devices unlawfully. Viewing, modifying, and deleting files Viewing, modifying, and deleting emails UPDATE
Things that increase the risk of unauthorized access 20 Continuing to use old versions of OS and applications Using easy- to-guess passwords Repeatedly using the same password Connecting to suspicious free public Wi-Fi networks Entering personal information on sites with URLs not beginning with “https” Leaving old accounts activeLetting someone else use your smartphone Not checking the usage status of your services UPDATE PCs containing unlawful apps are included to avoid a license check
Countermeasures and Behaviors against unauthorized access 21 Don’t click inadvertently on file attachments or URLs. Use only secure communications channels. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Keep informed of the latest threats and attack methods. Countermeasures Behaviors Take care not to lose your PC or smartphone, or have it stolen.
22 2. Important routine measures • Antivirus software • Updating software • Strong passwords • Regular backups • Knowing the latest threats and attack methods
Antivirus software 23 New computer viruses are discovered every day. Set your antivirus software to update automatically! It is not possible to protect against unknown viruses… The virus definition list of your antivirus software needs to be updated.
Updating software 24 • Set the “automatic updates” option! • Update your OS as well as your applications! Always use the latest version!
Strong passwords 25 The common password for your HIRODAI ID and accounts should – Be at least 8 characters long – Include numerals, symbols, and both upper and lowercase letters – Not be an easy-to-guess character string It is dangerous to repeatedly use the same password!
Use the Cloud for data storage. 26 Cloud file storage services OneDrive for Business You can view and edit data anywhere.
Regular backups 27 Make sure to back up regularly in case your PC malfunctions or gets infected by a virus. You can use OneDrive for Business (1TB) free of charge for your data and OS backups. You can access OneDrive from the list of Office 365 applications.
Knowing the latest threats and attack methods 28 Make the effort to keep informed about the latest security threats. http://www.ipa.go.jp/security/kokokara/study/international.html
29 3. Additional good behaviors • Use a password management tool. • Use the Cloud to share data. • Use multi-factor authentication • Share information with people you know • Report problems immediately • Other precautions
Use a password management tool 30 • Password management tool (password manager) : Saving passwords to a management tool, you can use them from a PC or a smartphone. – passwords for Web servies – passwords for encrypting/dencrypting files, etc. • Important: – Create a backup of the management tool database. – Take care to avoid any information leaks! • A variety of management tools are available. – Free KeePass Password Safe (Win), Keychain access(Mac – Charged 1Password, LastPass, etc. Be sure to remember the master password
Use Cloud services for sharing data 31 Virus infections caused by opening a file attachment are increasingly. When exchanging files, you may place the file in the Cloud service and send the link to the file in the email. To: Taro Hirodai, From: Momiji Saijo I uploaded the created file to ownCloud. Please check it. Folder name: Work Folder File name: 20180401ver1.docx
Image of the sharing 32 Only send and share information via email do not attach files File temporary storage and sharing services ownCloud https://share.hiroshima-u.ac.jp/ Location of data View data Download
How to use the “ownCloud” 33 <For people without a university account> Check “Share with URL.” Share by sending the URL to the recipient. <For people with a university account> Share by specifying an account ownCloud can be used free of charge at Hiroshima University. http://www.media.hiroshima-u.ac.jp/services/fileshare Files are automatically deleted after one month, so the service is suited only for temporary file exchanges.
Use multi-factor authentication 34 To enhance security, multi-factor authentication can be used with Office 365 at Hiroshima University. When using a smartphone mobile app, Log in with account@hiroshima-u.ac.jp + password + smartphone * Authentication is also possible with an SMS or telephone call. I got hold of an ID and password! Let me try and log in now! What’s this…? It’s asking me for authentication to log in… I wonder why. I’ll refuse. What the hell? I can’t log in…
Share information with people you know 35 Actively exchange information with family and friends. Helping the people around you understand security will help protect you all from harm.
Take care to avoid information leaks when using SNS 36 • If you post pictures and messages including the location of your home or office, your private information may be leaked to all over the world. • Be careful of the environment when you post pictures! It may contain confidential information about your workplace or your part-time job employer When using social media, take care not to post inappropriate content or leak sensitive information! UPDATE
Take care to avoid loss or theft of PCs or smartphone 37 • Do not pass or lend the phone to others. – There are cases of it being stolen and a remote management tool being installed. • Back up and initialize old smartphones when changing model. Always encrypt sensitive information when you carry it around. Be careful not to lose or misplace your devices! Never leave your bag unattended ! Let's encrypt UPDATE
Use safe communication routes. 38 Using public Wi-Fi networks puts you at risk of unauthorized access! Do not exchange sensitive information on there. Free Wi-Fi When connecting from outside, use encryption such as a VPN. https://www.media.hiroshima- u.ac.jp/services/hinet/vpngw Image of VPN You can connect to a VPN using an app. UPDATE hotel Wi-Fi too!
The use of File Sharing Software is prohibited. 39 It is prohibited at Hiroshima University to use of file sharing software sharing files with many and unspecified people! . . l l l l l l l l . UPDATE
Sending SPAM mails from PC Unauthorized access Information leakage Virus infections Symptoms that indicate a security incident 40 I lost my USB memory device containing personal information. My smartphone was stolen. My PC was infected with a virus. There was unauthorized entry into the Server. UPDATE
Promptly reporting security incidents 41 This handy card lists emergency contacts and precautions. The cards are distributed by the Media Center. Carry one with you, together with your student/staff ID! Knowing emergency contacts at all times is a useful security measure .
Countermeasures and behaviors 42 Many things have been explained, but fundamentally, you can protect yourself against security breaches by practicing “5 countermeasures” and “5 behaviors”. 5 countermeasures 5 behaviors
5 countermeasures 43 Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods.
5 behaviors 44 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Check whether your devices are not used by unknown third party. Use only secure communications channels. Take care not to lose your PC or smartphone, or have it stolen.
Conclusion 45 We are at the end of this online workshop. After this, you must take an evaluation test. 16 correct answers out of 20 questions is a pass. If you pass the evaluation test make sure to • 1st year: Check that your account is working. • 2nd and later years: Update your account for the current year
Reference documents and materials 46 • “Top 10 Threats to Information Security 2018,” IPA https://www.ipa.go.jp/security/vuln/10threats2018.htm • Trendmicro http://www.trendmicro.co.jp/jp/security-intelligence/threat- solution/ransomware/ http://blog.trendmicro.co.jp/archives/13041 Materials • Human Pictogram2.0 http://pictogram2.com/ • FLAT ICON DESIGN http://flat-icon-design.com/ • ICOOON MONO http://icooon-mono.com/
47 Issued in April, 2018 Information Media Center, Hiroshima University Attribution 4.0 International

Recommended

Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019
imc-isec-comp
 
Cyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalCyber security tips in Banking in Nepal
Cyber security tips in Banking in Nepal
Resham Acharya
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101
Travis Good
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02
ITNet
 
Sip 140208055023-phpapp02
Sip 140208055023-phpapp02Sip 140208055023-phpapp02
Sip 140208055023-phpapp02
mark scott
 
Understanding SaaS Concepts
Understanding SaaS ConceptsUnderstanding SaaS Concepts
Understanding SaaS Concepts
guest0e7119
 
War on Stealth Cyberattacks that Target Unknown Vulnerabilities
War on Stealth Cyberattacks that Target Unknown VulnerabilitiesWar on Stealth Cyberattacks that Target Unknown Vulnerabilities
War on Stealth Cyberattacks that Target Unknown Vulnerabilities
DataWorks Summit/Hadoop Summit
 

Recommended

Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019Information Security and Compliance Follow-up Cource 2019
Information Security and Compliance Follow-up Cource 2019
imc-isec-comp
 
Cyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalCyber security tips in Banking in Nepal
Cyber security tips in Banking in Nepal
Resham Acharya
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 
Cyber security 101
Cyber security 101Cyber security 101
Cyber security 101
Travis Good
 
Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02Ia 124 1621324160 ia_124_lecture_02
Ia 124 1621324160 ia_124_lecture_02
ITNet
 
Sip 140208055023-phpapp02
Sip 140208055023-phpapp02Sip 140208055023-phpapp02
Sip 140208055023-phpapp02
mark scott
 
Understanding SaaS Concepts
Understanding SaaS ConceptsUnderstanding SaaS Concepts
Understanding SaaS Concepts
guest0e7119
 
War on Stealth Cyberattacks that Target Unknown Vulnerabilities
War on Stealth Cyberattacks that Target Unknown VulnerabilitiesWar on Stealth Cyberattacks that Target Unknown Vulnerabilities
War on Stealth Cyberattacks that Target Unknown Vulnerabilities
DataWorks Summit/Hadoop Summit
 
Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
mateenzero
 
Technology Training - Security, Passwords & More
Technology Training - Security, Passwords & MoreTechnology Training - Security, Passwords & More
Technology Training - Security, Passwords & More
William Mann
 
Seminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackSeminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attack
rohit2495
 
Private Data and Prying Eyes
Private Data and Prying EyesPrivate Data and Prying Eyes
Private Data and Prying Eyes
Ellie Sherven
 
Cyber modified
Cyber modifiedCyber modified
Cyber modified
vjom
 
Top 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustryTop 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail Industry
Seqrite
 
Computer Security Guide to Pc Security
Computer Security Guide to Pc SecurityComputer Security Guide to Pc Security
Computer Security Guide to Pc Security
MallTake
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for Startups
Symosis Security (Previously C-Level Security)
 
Internet safety
Internet safetyInternet safety
Internet safety
jonathancallcott-efc
 
How to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, VirusHow to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, Virus
HabFg
 
Data breach
Data breachData breach
Data breach
Burhan Ahmed
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
Courion Corporation
 
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About RansomwareWhat Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
MavrickHost - Reliable Hosting Partner
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case Study
Pratham Jaiswal
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBC
apyn
 
Guide to pc_security
Guide to pc_securityGuide to pc_security
Guide to pc_security
Flora Runyenje
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017
CheapSSLsecurity
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
Jeremy Quadri
 
Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017
imc-isec-comp
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?
Symptai Consulting Limited
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutions
Cyberhunter Cyber Security
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 

More Related Content

What's hot

Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
mateenzero
 
Technology Training - Security, Passwords & More
Technology Training - Security, Passwords & MoreTechnology Training - Security, Passwords & More
Technology Training - Security, Passwords & More
William Mann
 
Seminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackSeminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attack
rohit2495
 
Private Data and Prying Eyes
Private Data and Prying EyesPrivate Data and Prying Eyes
Private Data and Prying Eyes
Ellie Sherven
 
Cyber modified
Cyber modifiedCyber modified
Cyber modified
vjom
 
Top 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustryTop 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail Industry
Seqrite
 
Computer Security Guide to Pc Security
Computer Security Guide to Pc SecurityComputer Security Guide to Pc Security
Computer Security Guide to Pc Security
MallTake
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for Startups
Symosis Security (Previously C-Level Security)
 
Internet safety
Internet safetyInternet safety
Internet safety
jonathancallcott-efc
 
How to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, VirusHow to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, Virus
HabFg
 
Data breach
Data breachData breach
Data breach
Burhan Ahmed
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
Courion Corporation
 
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About RansomwareWhat Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
MavrickHost - Reliable Hosting Partner
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case Study
Pratham Jaiswal
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBC
apyn
 
Guide to pc_security
Guide to pc_securityGuide to pc_security
Guide to pc_security
Flora Runyenje
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017
CheapSSLsecurity
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
Jeremy Quadri
 

What's hot (18)

Information security awareness - 101
Information security awareness - 101Information security awareness - 101
Information security awareness - 101
 
Technology Training - Security, Passwords & More
Technology Training - Security, Passwords & MoreTechnology Training - Security, Passwords & More
Technology Training - Security, Passwords & More
 
Seminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attackSeminar on yahoo mail cyber attack
Seminar on yahoo mail cyber attack
 
Private Data and Prying Eyes
Private Data and Prying EyesPrivate Data and Prying Eyes
Private Data and Prying Eyes
 
Cyber modified
Cyber modifiedCyber modified
Cyber modified
 
Top 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail IndustryTop 5 Cybersecurity Threats in Retail Industry
Top 5 Cybersecurity Threats in Retail Industry
 
Computer Security Guide to Pc Security
Computer Security Guide to Pc SecurityComputer Security Guide to Pc Security
Computer Security Guide to Pc Security
 
Security & Compliance for Startups
Security & Compliance for StartupsSecurity & Compliance for Startups
Security & Compliance for Startups
 
Internet safety
Internet safetyInternet safety
Internet safety
 
How to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, VirusHow to Protect Your PC from Malware, Ransomware, Virus
How to Protect Your PC from Malware, Ransomware, Virus
 
Data breach
Data breachData breach
Data breach
 
Building a culture of security
Building a culture of securityBuilding a culture of security
Building a culture of security
 
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About RansomwareWhat Businesses Entrepreneurs Are Imperative To Know About Ransomware
What Businesses Entrepreneurs Are Imperative To Know About Ransomware
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case Study
 
csa2014 IBC
csa2014 IBCcsa2014 IBC
csa2014 IBC
 
Guide to pc_security
Guide to pc_securityGuide to pc_security
Guide to pc_security
 
Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017Norton Cyber Security Insights Report 2017
Norton Cyber Security Insights Report 2017
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 

Similar to Hiroshima University Information Security & Compliance 2018

Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017
imc-isec-comp
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?
Symptai Consulting Limited
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutions
Cyberhunter Cyber Security
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
Computer Security and safety
Computer Security and safety Computer Security and safety
Computer Security and safety
Sadaf Walliyani
 
Masterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy BasicsMasterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy Basics
Excellence Foundation for South Sudan
 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businesses
B2BPlanner Ltd.
 
Back to school - CYBER SAFETY
Back to school - CYBER SAFETYBack to school - CYBER SAFETY
Back to school - CYBER SAFETY
Sairam
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptx
CharithraaAR
 
cyber safety.pdf
cyber safety.pdfcyber safety.pdf
cyber safety.pdf
MILANOP1
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
Adeel Younas
 
Why is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital WorldWhy is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital World
Expeed Software
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
Michael O'Phelan
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Salma Zafar
 
Class 11 ca chapter 17 computer ethics and cyber crime
Class 11 ca chapter 17 computer ethics and cyber crimeClass 11 ca chapter 17 computer ethics and cyber crime
Class 11 ca chapter 17 computer ethics and cyber crime
Nithilan1
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
Fred Beck MBA, CPA
 
Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2
NetLockSmith
 
ACESnWS cyber security tips
ACESnWS cyber security tipsACESnWS cyber security tips
ACESnWS cyber security tips
ACE Software n Web Solutions
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
santosh26kumar2003
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
Hokme
 

Similar to Hiroshima University Information Security & Compliance 2018 (20)

Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017Hiroshima University Information Security & Compliance 2017
Hiroshima University Information Security & Compliance 2017
 
Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?Can your company survive a modern day cyber attack?
Can your company survive a modern day cyber attack?
 
The top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutionsThe top 5 basics fundamentals of network security cyberhunter solutions
The top 5 basics fundamentals of network security cyberhunter solutions
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Computer Security and safety
Computer Security and safety Computer Security and safety
Computer Security and safety
 
Masterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy BasicsMasterclass_ Cybersecurity and Data Privacy Basics
Masterclass_ Cybersecurity and Data Privacy Basics
 
Cyber security for small businesses
Cyber security for small businessesCyber security for small businesses
Cyber security for small businesses
 
Back to school - CYBER SAFETY
Back to school - CYBER SAFETYBack to school - CYBER SAFETY
Back to school - CYBER SAFETY
 
Cyber security-1.pptx
Cyber security-1.pptxCyber security-1.pptx
Cyber security-1.pptx
 
cyber safety.pdf
cyber safety.pdfcyber safety.pdf
cyber safety.pdf
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Why is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital WorldWhy is Cybersecurity Important in the Digital World
Why is Cybersecurity Important in the Digital World
 
Cyber Security for Financial Planners
Cyber Security for Financial PlannersCyber Security for Financial Planners
Cyber Security for Financial Planners
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Class 11 ca chapter 17 computer ethics and cyber crime
Class 11 ca chapter 17 computer ethics and cyber crimeClass 11 ca chapter 17 computer ethics and cyber crime
Class 11 ca chapter 17 computer ethics and cyber crime
 
Information Security Awareness Training Open
Information Security Awareness Training OpenInformation Security Awareness Training Open
Information Security Awareness Training Open
 
Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2Cybersecurity Awareness Posters - Set #2
Cybersecurity Awareness Posters - Set #2
 
ACESnWS cyber security tips
ACESnWS cyber security tipsACESnWS cyber security tips
ACESnWS cyber security tips
 
COMPUTER ETHICS.pptx
COMPUTER ETHICS.pptxCOMPUTER ETHICS.pptx
COMPUTER ETHICS.pptx
 
Securing Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP LeaksSecuring Your Intellectual Property: Preventing Business IP Leaks
Securing Your Intellectual Property: Preventing Business IP Leaks
 

More from imc-isec-comp

広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019
imc-isec-comp
 
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
imc-isec-comp
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
imc-isec-comp
 
広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018
imc-isec-comp
 
広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018
imc-isec-comp
 
広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017
imc-isec-comp
 
広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017
imc-isec-comp
 

More from imc-isec-comp (8)

広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019広島大学信息安全・法令遵守跟踪讲习2019
広島大学信息安全・法令遵守跟踪讲习2019
 
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
広島大学情報セキュリティ・コンプライアンスFollowUp講習_2019
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
 
Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018Hiroshima University Information Security & Compliance 2018
Hiroshima University Information Security & Compliance 2018
 
広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018広島大学信息安全政策・规则讲习2018
広島大学信息安全政策・规则讲习2018
 
広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018広島大学情報セキュリティ・コンプライアンス講習2018
広島大学情報セキュリティ・コンプライアンス講習2018
 
広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017広島大学信息安全政策・规则讲习2017
広島大学信息安全政策・规则讲习2017
 
広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017広島大学情報セキュリティ・コンプライアンス2017
広島大学情報セキュリティ・コンプライアンス2017
 

Recently uploaded

BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
Nguyen Thanh Tu Collection
 
Constructing Your Course Container for Effective Communication
Constructing Your Course Container for Effective CommunicationConstructing Your Course Container for Effective Communication
Constructing Your Course Container for Effective Communication
Chevonnese Chevers Whyte, MBA, B.Sc.
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
Priyankaranawat4
 
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptxPrésentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
siemaillard
 
B. Ed Syllabus for babasaheb ambedkar education university.pdf
B. Ed Syllabus for babasaheb ambedkar education university.pdfB. Ed Syllabus for babasaheb ambedkar education university.pdf
B. Ed Syllabus for babasaheb ambedkar education university.pdf
BoudhayanBhattachari
 
BBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview TrainingBBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview Training
Katrina Pritchard
 
How to deliver Powerpoint Presentations.pptx
How to deliver Powerpoint Presentations.pptxHow to deliver Powerpoint Presentations.pptx
How to deliver Powerpoint Presentations.pptx
HajraNaeem15
 
math operations ued in python and all used
math operations ued in python and all usedmath operations ued in python and all used
math operations ued in python and all used
ssuser13ffe4
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
eBook.com.bd (প্রয়োজনীয় বাংলা বই)
 
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
Nguyen Thanh Tu Collection
 
MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .
Colégio Santa Teresinha
 
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptxC1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
mulvey2
 
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UPLAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
RAHUL
 
Leveraging Generative AI to Drive Nonprofit Innovation
Leveraging Generative AI to Drive Nonprofit InnovationLeveraging Generative AI to Drive Nonprofit Innovation
Leveraging Generative AI to Drive Nonprofit Innovation
TechSoup
 
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skillsspot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
haiqairshad
 
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptxPengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Fajar Baskoro
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
Nicholas Montgomery
 
IGCSE Biology Chapter 14- Reproduction in Plants.pdf
IGCSE Biology Chapter 14- Reproduction in Plants.pdfIGCSE Biology Chapter 14- Reproduction in Plants.pdf
IGCSE Biology Chapter 14- Reproduction in Plants.pdf
Amin Marwan
 
Temple of Asclepius in Thrace. Excavation results
Temple of Asclepius in Thrace. Excavation resultsTemple of Asclepius in Thrace. Excavation results
Temple of Asclepius in Thrace. Excavation results
Krassimira Luka
 
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
imrankhan141184
 

Recently uploaded (20)

BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
BÀI TẬP BỔ TRỢ TIẾNG ANH 8 CẢ NĂM - GLOBAL SUCCESS - NĂM HỌC 2023-2024 (CÓ FI...
 
Constructing Your Course Container for Effective Communication
Constructing Your Course Container for Effective CommunicationConstructing Your Course Container for Effective Communication
Constructing Your Course Container for Effective Communication
 
clinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdfclinical examination of hip joint (1).pdf
clinical examination of hip joint (1).pdf
 
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptxPrésentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
Présentationvvvvvvvvvvvvvvvvvvvvvvvvvvvv2.pptx
 
B. Ed Syllabus for babasaheb ambedkar education university.pdf
B. Ed Syllabus for babasaheb ambedkar education university.pdfB. Ed Syllabus for babasaheb ambedkar education university.pdf
B. Ed Syllabus for babasaheb ambedkar education university.pdf
 
BBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview TrainingBBR 2024 Summer Sessions Interview Training
BBR 2024 Summer Sessions Interview Training
 
How to deliver Powerpoint Presentations.pptx
How to deliver Powerpoint Presentations.pptxHow to deliver Powerpoint Presentations.pptx
How to deliver Powerpoint Presentations.pptx
 
math operations ued in python and all used
math operations ued in python and all usedmath operations ued in python and all used
math operations ued in python and all used
 
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdfবাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
বাংলাদেশ অর্থনৈতিক সমীক্ষা (Economic Review) ২০২৪ UJS App.pdf
 
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
BÀI TẬP DẠY THÊM TIẾNG ANH LỚP 7 CẢ NĂM FRIENDS PLUS SÁCH CHÂN TRỜI SÁNG TẠO ...
 
MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .MARY JANE WILSON, A “BOA MÃE” .
MARY JANE WILSON, A “BOA MÃE” .
 
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptxC1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
C1 Rubenstein AP HuG xxxxxxxxxxxxxx.pptx
 
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UPLAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
LAND USE LAND COVER AND NDVI OF MIRZAPUR DISTRICT, UP
 
Leveraging Generative AI to Drive Nonprofit Innovation
Leveraging Generative AI to Drive Nonprofit InnovationLeveraging Generative AI to Drive Nonprofit Innovation
Leveraging Generative AI to Drive Nonprofit Innovation
 
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skillsspot a liar (Haiqa 146).pptx Technical writhing and presentation skills
spot a liar (Haiqa 146).pptx Technical writhing and presentation skills
 
Pengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptxPengantar Penggunaan Flutter - Dart programming language1.pptx
Pengantar Penggunaan Flutter - Dart programming language1.pptx
 
Film vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movieFilm vocab for eal 3 students: Australia the movie
Film vocab for eal 3 students: Australia the movie
 
IGCSE Biology Chapter 14- Reproduction in Plants.pdf
IGCSE Biology Chapter 14- Reproduction in Plants.pdfIGCSE Biology Chapter 14- Reproduction in Plants.pdf
IGCSE Biology Chapter 14- Reproduction in Plants.pdf
 
Temple of Asclepius in Thrace. Excavation results
Temple of Asclepius in Thrace. Excavation resultsTemple of Asclepius in Thrace. Excavation results
Temple of Asclepius in Thrace. Excavation results
 
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
Traditional Musical Instruments of Arunachal Pradesh and Uttar Pradesh - RAYH...
 

Hiroshima University Information Security & Compliance 2018

  • 1. Information Security & Compliance Follow-up Course2018
  • 2. Introduction 2 Aims of the Information Security & Compliance Course: • Revise your knowledge of information security • Enhance your knowledge with the latest in information security This lecture is divided into three sections: 1. Recent threats to information security 2. Important routine measures 3. Additional good behaviors Improving your knowledge of information security
  • 3. Differences between the 2018 and 2017 version 3 • Why should we disconnect from the network? • The route of virus infection. • Damage from unauthorized apps. • Use a password management tool • Use the Cloud for data storage and sharing • This type of case is an incident. Newly added pages contain this mark Pages displaying updated content contain this mark. UPDATE
  • 4. 4 1 Recent threats to information security • Phishing scams • Virus infections • Unauthorized access
  • 5. Risks of phishing scams 5 The damage caused by phishing scams that make unauthorized use of Internet banking and credit card information is increasing. 1. Deceptive emails 2. Entering ID, password, credit card, and account details Phishing site 3. Collecting information 4. Malicious use of obtained information Genuine site Check your transaction statements for signs of improper use.
  • 6. How to identify suspicious emails: Point 6 This is a real email which we have received. http://sprechmanlaw.com/eng.html URL is suspicious. “http” instead of “https” Email address is suspicious. Strange domain UPDATE
  • 7. Check the URL in the email before clicking. 7 Virus infections are increasing with clicking on the links within emails. Check whether the URL is safe before clicking. / Since it is possible that your account information has been hacked, click this link to change your password. / / / - /- / . ./ ./ / -
  • 8. Example of clever phishing site 8 Many recent phishing sites look exactly like genuine sites. Never open links in suspicious emails. It’s difficult to tell if a site is fake!
  • 9. Countermeasures and Behaviors against phishing scams 9 Check whether your devices are not used by unknown third party. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Countermeasures Behaviors Keep informed of the latest threats and attack methods. Don’t click inadvertently on file attachments or URLs.
  • 10. Risks of virus infections 10 The damage caused by ransomware has grown markedly since 2015. What is “ransomware”? All the files on the infected PCs are encrypted to make them unusable. à The perpetrator requires a "ransom" to repair your files. Files are encrypted, so they cannot be used!
  • 11. Examples of ransomware 11 Infection screen of “CryptoLocker” Infection screen of “CYBER POLICE” If your smartphone is infected, you will not be able to boot it. Online banking information was also stolen!
  • 12. If your PC is infected by viruses 12 • Never pay a ransom. • Disconnect from the network. • Reinitialize the PC, then restore from a backup. • Report the incident to the University. restore Make regular backups in case this ever happens! UPDATE
  • 13. Why should you disconnect the PC from the network? 13 If you leave a virus-infected PC connected to the network • The PC will download a backdoor tool. • The PC sends information in it to the perpetrator. • The PC is remotely controlled. • The infection may spread to all accessible surrounding PCs.
  • 14. Virus infection routes 14 Phishing emails Browsing web sites and Clicking on banner ads USB flash drives Downloaded programs Forgetting updates • . . • . . UPDATE
  • 15. Countermeasures and Behaviors against virus infections 15 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Install antivirus software and keep it updated. Keep your OS and applications updated. Make regular backups. Countermeasures Behaviors Keep informed of the latest threats and attack methods.
  • 16. Official sites contain unauthorized apps 16 • Unauthorized apps may be registered on official sites. • Check for unnecessary features. • Confirm your rights to access the apps. , , Delete the apps that request inappropriate rights. , , ,
  • 17. Check the app before installation. 17 Search the Web and read reviews before installing the app to verify its authenticity. Search the app by its name and look for blogs about it. . . . the name of app unlawful apps 2018 . .
  • 18. Check whether the app is being used correctly 18 Spoofing user accounts are increasing. Check the service usage history and settings regularly. For example, in the case wherein Twitter is used, the Web browser settings can be checked.
  • 19. Damage caused by unauthorized access to devices such as PCs, smartphones, and tablets. 19 Sending spam emails Hijacking of social media accounts Data leaksModifying web sites The perpetrator accesses the electronic devices unlawfully. Viewing, modifying, and deleting files Viewing, modifying, and deleting emails UPDATE
  • 20. Things that increase the risk of unauthorized access 20 Continuing to use old versions of OS and applications Using easy- to-guess passwords Repeatedly using the same password Connecting to suspicious free public Wi-Fi networks Entering personal information on sites with URLs not beginning with “https” Leaving old accounts activeLetting someone else use your smartphone Not checking the usage status of your services UPDATE PCs containing unlawful apps are included to avoid a license check
  • 21. Countermeasures and Behaviors against unauthorized access 21 Don’t click inadvertently on file attachments or URLs. Use only secure communications channels. Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Keep informed of the latest threats and attack methods. Countermeasures Behaviors Take care not to lose your PC or smartphone, or have it stolen.
  • 22. 22 2. Important routine measures • Antivirus software • Updating software • Strong passwords • Regular backups • Knowing the latest threats and attack methods
  • 23. Antivirus software 23 New computer viruses are discovered every day. Set your antivirus software to update automatically! It is not possible to protect against unknown viruses… The virus definition list of your antivirus software needs to be updated.
  • 24. Updating software 24 • Set the “automatic updates” option! • Update your OS as well as your applications! Always use the latest version!
  • 25. Strong passwords 25 The common password for your HIRODAI ID and accounts should – Be at least 8 characters long – Include numerals, symbols, and both upper and lowercase letters – Not be an easy-to-guess character string It is dangerous to repeatedly use the same password!
  • 26. Use the Cloud for data storage. 26 Cloud file storage services OneDrive for Business You can view and edit data anywhere.
  • 27. Regular backups 27 Make sure to back up regularly in case your PC malfunctions or gets infected by a virus. You can use OneDrive for Business (1TB) free of charge for your data and OS backups. You can access OneDrive from the list of Office 365 applications.
  • 28. Knowing the latest threats and attack methods 28 Make the effort to keep informed about the latest security threats. http://www.ipa.go.jp/security/kokokara/study/international.html
  • 29. 29 3. Additional good behaviors • Use a password management tool. • Use the Cloud to share data. • Use multi-factor authentication • Share information with people you know • Report problems immediately • Other precautions
  • 30. Use a password management tool 30 • Password management tool (password manager) : Saving passwords to a management tool, you can use them from a PC or a smartphone. – passwords for Web servies – passwords for encrypting/dencrypting files, etc. • Important: – Create a backup of the management tool database. – Take care to avoid any information leaks! • A variety of management tools are available. – Free KeePass Password Safe (Win), Keychain access(Mac – Charged 1Password, LastPass, etc. Be sure to remember the master password
  • 31. Use Cloud services for sharing data 31 Virus infections caused by opening a file attachment are increasingly. When exchanging files, you may place the file in the Cloud service and send the link to the file in the email. To: Taro Hirodai, From: Momiji Saijo I uploaded the created file to ownCloud. Please check it. Folder name: Work Folder File name: 20180401ver1.docx
  • 32. Image of the sharing 32 Only send and share information via email do not attach files File temporary storage and sharing services ownCloud https://share.hiroshima-u.ac.jp/ Location of data View data Download
  • 33. How to use the “ownCloud” 33 <For people without a university account> Check “Share with URL.” Share by sending the URL to the recipient. <For people with a university account> Share by specifying an account ownCloud can be used free of charge at Hiroshima University. http://www.media.hiroshima-u.ac.jp/services/fileshare Files are automatically deleted after one month, so the service is suited only for temporary file exchanges.
  • 34. Use multi-factor authentication 34 To enhance security, multi-factor authentication can be used with Office 365 at Hiroshima University. When using a smartphone mobile app, Log in with account@hiroshima-u.ac.jp + password + smartphone * Authentication is also possible with an SMS or telephone call. I got hold of an ID and password! Let me try and log in now! What’s this…? It’s asking me for authentication to log in… I wonder why. I’ll refuse. What the hell? I can’t log in…
  • 35. Share information with people you know 35 Actively exchange information with family and friends. Helping the people around you understand security will help protect you all from harm.
  • 36. Take care to avoid information leaks when using SNS 36 • If you post pictures and messages including the location of your home or office, your private information may be leaked to all over the world. • Be careful of the environment when you post pictures! It may contain confidential information about your workplace or your part-time job employer When using social media, take care not to post inappropriate content or leak sensitive information! UPDATE
  • 37. Take care to avoid loss or theft of PCs or smartphone 37 • Do not pass or lend the phone to others. – There are cases of it being stolen and a remote management tool being installed. • Back up and initialize old smartphones when changing model. Always encrypt sensitive information when you carry it around. Be careful not to lose or misplace your devices! Never leave your bag unattended ! Let's encrypt UPDATE
  • 38. Use safe communication routes. 38 Using public Wi-Fi networks puts you at risk of unauthorized access! Do not exchange sensitive information on there. Free Wi-Fi When connecting from outside, use encryption such as a VPN. https://www.media.hiroshima- u.ac.jp/services/hinet/vpngw Image of VPN You can connect to a VPN using an app. UPDATE hotel Wi-Fi too!
  • 39. The use of File Sharing Software is prohibited. 39 It is prohibited at Hiroshima University to use of file sharing software sharing files with many and unspecified people! . . l l l l l l l l . UPDATE
  • 40. Sending SPAM mails from PC Unauthorized access Information leakage Virus infections Symptoms that indicate a security incident 40 I lost my USB memory device containing personal information. My smartphone was stolen. My PC was infected with a virus. There was unauthorized entry into the Server. UPDATE
  • 41. Promptly reporting security incidents 41 This handy card lists emergency contacts and precautions. The cards are distributed by the Media Center. Carry one with you, together with your student/staff ID! Knowing emergency contacts at all times is a useful security measure .
  • 42. Countermeasures and behaviors 42 Many things have been explained, but fundamentally, you can protect yourself against security breaches by practicing “5 countermeasures” and “5 behaviors”. 5 countermeasures 5 behaviors
  • 43. 5 countermeasures 43 Install antivirus software and keep it updated. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods. Keep your OS and applications updated. Manage your IDs and passwords carefully. Make regular backups. Keep informed of the latest threats and attack methods.
  • 44. 5 behaviors 44 Don’t click inadvertently on file attachments or URLs. Do not install suspicious applications. Check whether your devices are not used by unknown third party. Use only secure communications channels. Take care not to lose your PC or smartphone, or have it stolen.
  • 45. Conclusion 45 We are at the end of this online workshop. After this, you must take an evaluation test. 16 correct answers out of 20 questions is a pass. If you pass the evaluation test make sure to • 1st year: Check that your account is working. • 2nd and later years: Update your account for the current year
  • 46. Reference documents and materials 46 • “Top 10 Threats to Information Security 2018,” IPA https://www.ipa.go.jp/security/vuln/10threats2018.htm • Trendmicro http://www.trendmicro.co.jp/jp/security-intelligence/threat- solution/ransomware/ http://blog.trendmicro.co.jp/archives/13041 Materials • Human Pictogram2.0 http://pictogram2.com/ • FLAT ICON DESIGN http://flat-icon-design.com/ • ICOOON MONO http://icooon-mono.com/
  • 47. 47 Issued in April, 2018 Information Media Center, Hiroshima University Attribution 4.0 International