october is cyber security month. we’re glad you decided to join us. · 2020-04-27 · why cyber...
TRANSCRIPT
October is Cyber Security Month.
We’re glad you decided to join us.
IT Forum, October 30, 2019
Division of Information Technology
Team & Agenda
• Susan Bowen; Chief Information Officer and Associate Vice President for IT
• Carl Hurst; Associate CIO
• Ikram Muhammad; Information Security Engineer
• Thomas Kern; Information Security Analyst
Agenda
• Why Cyber Security
• Don't Fall For a Phish
• Passwords
• What’s Next
What is Cyber Security
Cyber security focuses on protecting computers, networks, programs and data, from unintended or unauthorized access, change or destruction.
Why Cyber Security
• Cyber Security affects everyone
• Your computer, tablet, cellphone and social media probably contain information that hackers and other criminals would love to have
• When you are aware of the risks, it may be much easier to protect yourself
A strong cyber security system relies on cyber defense technology &
on people making smart cyber defense choices
One Technique: Phishing
• What: Specialized email attack against a specific target
• Goal: collect information or gain access to systems
• Technique: disguising oneself as a trustworthy entity in an electronic communication
Spot a Phish
Review the email samples on your tables.
1. Is it a phish?
2. Why or why not?
3. If it is a phish - what is your next step? What do you do or
not do?
Dear Colleagues:
Our aim is to provide guidance and align our behaviors as we make great decisions that impact our daily operations. We rely on our values and this code as guidelines, as a breach of the Policy may result in disciplinary action against the Employee concerned.
All employees, including all individuals on full-time or part-time employment with the institution are required to go through the guidelines attached in this email. It is important that we all adhere to these guidelines so you will be helping to ensure a future success of this great institution
Thank you for your ongoing commitment to delivering a better and reliable service.
Sincerely
Scott R. Pilarz
Dear Colleagues:
Our aim is to provide guidance and align our behaviors as we make great decisions that impact our daily operations. We rely on our values and this code as guidelines, as a breach of the Policy may result in disciplinary action against the Employee concerned.
All employees, including all individuals on full-time or part-time employment with the institution are required to go through the guidelines attached in this email. It is important that we all adhere to these guidelines so you will be helping to ensure a future success of this great institution
Thank you for your ongoing commitment to delivering a better and reliable service.
Sincerely
Scott R. PilarzPhish
Malware was detected in one or more attachments included with this email message.Action: All attachments have been deleted.
I want you to get some Gift cards available. We have some clients we would like to give some as gifts.
Let me know if it is possible for you to make arrangements for the gift cards, so I can tell you which
product we would need and what denomination they would be.
Kindly confirm this to me now.
Thank you
I need you to get a task done for me now. I am in a meeting can't take calls or text just reply my
email.
What do you need.
Social Engineering/Scam
I want you to get some Gift cards available. We have some clients we would like to give some as gifts.
Let me know if it is possible for you to make arrangements for the gift cards, so I can tell you which
product we would need and what denomination they would be.
Kindly confirm this to me now.
Thank you
I need you to get a task done for me now. I am in a meeting can't take calls or text just reply my
email.
What do you need.
Social Engineering/Scam
Hello!
I am a hacker who has access to your operating system. I also have full access to your account.
I've been watching you for a few months now. The fact is that you were infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain. Trojan Virus gives me full access and control over a computer or other device.This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it. I also have access to all your contacts and all your correspondence.
Why your antivirus did not detect malware?Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.
I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.With one click of the mouse, I can send this video to all your emails and contacts on social networks.I can also post access to all your e-mail correspondence and messengers that you use.If you want to prevent this, transfer the amount of $545 to my bitcoin address (if you do not know how to do this, write to Google:
"Buy Bitcoin"). My bitcoin address (BTC Wallet) is: 1ELKdWgfedTJ9FV4U5W2JVXFzTpKSqcCjM
After receiving the payment, I will delete the video and you will never hear me again. I give you 50 hours (more than 2 days) to pay. I have a notice reading this letter, and the timer will work when you see this letter.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.I do not make any mistakes.If I find that you have shared this message with someone else, the video will be immediately distributed.
Best regards!
Extortion and using passwords from other breaches.
Hello!
I am a hacker who has access to your operating system. I also have full access to your account.
I've been watching you for a few months now. The fact is that you were infected with malware through an adult site that you visited.
If you are not familiar with this, I will explain. Trojan Virus gives me full access and control over a computer or other device.This means that I can see everything on your screen, turn on the camera and microphone, but you do not know about it. I also have access to all your contacts and all your correspondence.
Why your antivirus did not detect malware?Answer: My malware uses the driver, I update its signatures every 4 hours so that your antivirus is silent.
I made a video showing how you satisfy yourself in the left half of the screen, and in the right half you see the video that you watched.With one click of the mouse, I can send this video to all your emails and contacts on social networks.I can also post access to all your e-mail correspondence and messengers that you use.If you want to prevent this, transfer the amount of $545 to my bitcoin address (if you do not know how to do this, write to Google:
"Buy Bitcoin"). My bitcoin address (BTC Wallet) is: 1ELKdWgfedTJ9FV4U5W2JVXFzTpKSqcCjM
After receiving the payment, I will delete the video and you will never hear me again. I give you 50 hours (more than 2 days) to pay. I have a notice reading this letter, and the timer will work when you see this letter.
Filing a complaint somewhere does not make sense because this email cannot be tracked like my bitcoin address.I do not make any mistakes.If I find that you have shared this message with someone else, the video will be immediately distributed.
Best regards!
Spear phishing - Faculty and Deans
Legitimate
Legitimate
Legitimate
https://livescranton-my.sharepoint.com/:f:/g/personal/ikram_muhammad_scranton_edu/EvD_Cl6k
r6JPg8jcFyTg78ABcvl2e-imqOv4M1h4F_jVQg?e=5
%3aKXDB4I&at=9
The Anatomy of a Phish
Read all communications carefully, and look for:
• Unofficial or odd “From” address
• Links to a questionable website
• Misspellings or incorrect grammar
• Urgent action
• Claim to have compromised your account
• A request to send funds
Hover over these to review
• Keep personal information secure• Do not click on any links• Do not open any attachments • Forward the phishing attempt as an
attachment to [email protected]• Mark the email as Junk
Questions
• Is Duo Mobile worth the effort? Please update us on its value, as it is a genuine pain in the ass.
• Is there any way to stop those awful Robo calls? Also, if I answer or call them back, does that
open me up to security breaches?
• Do your smartphones need apps for to check for anti-virus / malware / etc?
What’s in a password?
• Use Scranton or Royals
• End in numerals 123 or 1234
• End with a year, i.e. 2019 or 1888
• Same for multiple accounts
• Minimum 9 characters
• No password change in the past 6 months
Passwords: Good, better & best practices
Good• Use the longest password or passphrase permissible
• Always remember to log out
• Avoid common phrases, famous quotes, and lyrics
Passwords: Good, better & best practices
• Use different passwords on different systems and accounts
• Use a password manager to store multiple passwords• Common freeware solutions include:
• Sticky Password (mobile fingerprint scan, form autofill)
• Roboform (one-click logins, offline access)
• Dashlane (security alerts for breaches, password generator)
• Lastpass (Syncing across devices) - How secure is your password?
• Don’t save passwords in browsers
• Modify passwords every 6 months
• Do not reuse old passwords
Better
Passwords: Good, better & best practices
• Avoid using real words (in any language)
• Don’t use passwords based on personal information
• Update security questions
• Use 2FA/MFA when possible
• Mnemonics!
Best
Mnemonic ExampleI Can Never Remember A Password
For The Life Of Me!
1cnr@Pftl0m!
Questions
• How to keep track of multiple passwords - I usually end up using a few different ones, but know
that is not what I am supposed to do! And I keep different ones in a file in my Documents on my
home computer. Also wrong, I think. Help!
The Future of Cyber Security at the University
Microsoft Office 365 Security Initiatives
• Email Encryption & Data Loss Prevention (DLP)
• Exchange Online Protection (EOP)
• Advanced Threat Protection (ATP)
Email Encryption & Data Loss Prevention
Sensitive Data Detection in Email, One Drive, SharePoint and Teams
• U.S Social Security Number
• U.S /U.K Passport Number
• Credit Card Number
• U.S Driver License Number
• U.S Bank Account Number
Sensitive Data can be sent via an encrypted email
Office 365 Exchange Online Protection
Anti-spam
• This current policy protects our organization from spam and move emails to Junk folder.
Anti-malware
• This policy protects our organization from known Malware.
Office 365 Advanced Threat Protection Testing
ATP anti-phishing• This feature helps protect users from phishing attacks (like impersonation
and spoofing) and use safety tips to warn users about potentially harmful messages.
ATP safe attachments• This feature helps protect our organization from malicious content in email
attachments and files in SharePoint, OneDrive and Teams.
ATP Safe Links• This feature helps protect our users form opening and sharing malicious
links in email messages and office 2016 desktop application.
Questions
• Is it important to secure our own home wifi, if so what is suggested? Are we at risk when using various smart technology in the home? (light switches, plugs, cameras, etc.)
• Is Windows Defender our only Virus\Trojan\Malware protection service? How do we remove these files from the quarantined space (asks for admin)?
• Do you recommend any particular antivirus software for home computers? What recommendations do you have for our personal computers related to privacy and security?
Resources
• Office of Information Security at [email protected]
• Online resources with videos and tips: Scranton.edu/infosec