pa sb dc cyber brief
TRANSCRIPT
1© 2016. Concurrent Technologies Corporation. All Rights Reserved.
Cyber Security Challenges for Small BusinessJune 2016
Scott Zimmerman, CISSP, ISSEPtwitter: @zimmy266email: [email protected]
© 2016. Concurrent Technologies Corporation. All Rights Reserved. 2
Concurrent Technologies Corporation (CTC)
• Headquartered in Johnstown, PA
• Nonprofit applied research and development firm
• Technology development and transition
• 25+ years of solutions in information technology, manufacturing, energy, environment, materials & related cybersecurity
© 2016. Concurrent Technologies Corporation. All Rights Reserved. 3
Why should a small business worry? • Your data is more valuable then you think• Attacks are low risk and high return• You really ARE an easy target• Your tools and systems are probably no match for today’s
threat
© 2016. Concurrent Technologies Corporation. All Rights Reserved. 4
Small Business Cybersecurity Issues• Small business have become prime target for attackers and
act as a stepping stone to large business (ex., Target)– Reported attacks are up 64 %
• Small business are spending less on cyber security while large businesses are spending more
– SMB spending down 20%, large business increased by 5%• Small business generally don’t have formal cyber security
awareness efforts for their employees
5© 2016. Concurrent Technologies Corporation. All Rights Reserved. 5
One Month – Web Intrusion attempts
6© 2016. Concurrent Technologies Corporation. All Rights Reserved. 6
2015 Verizon Security Incidents Report
- Verizon Data Breach Report 2015
7© 2016. Concurrent Technologies Corporation. All Rights Reserved. 7
Malware
Recent Past Last 10 Years
© 2016. Concurrent Technologies Corporation. All Rights Reserved. 8
ThreatsUntargeted
• Spammers• Opportunists• Commodity Malware• Configuration Errors
Targeted
• Criminals • Disgruntled ex-employee• Competitors • Malicious Insiders
9© 2016. Concurrent Technologies Corporation. All Rights Reserved. 9
Phishing Made Simple
NEARLY 50% OPEN E-
MAILS AND CLICK ON
PHISHING LINKS WITHIN
THE FIRST HOUR.
23% OF RECIPIENTS
NOW OPEN PHISHING
MESSAGES AND 11% CLICK ON ATTACHMENTS.
-Verizon Data Breach Report
2015
or
10© 2016. Concurrent Technologies Corporation. All Rights Reserved. 10
Reducing the Phishing Threat• Be cautious of emails from unknown senders
– “if it is to good to be true, it probably is”– Check for spelling mistakes and bad grammar– Never open an attachment from unknown sender– Hover over a link in an email prior to clicking (at a minimum)
• Limit communication of personal information to secure websites or phone (pick up the phone)
• Beware of the need to act urgently• Check your online accounts often for fraudulent activity• Ensure applications that protect your computer are up to
date and turned on
11© 2016. Concurrent Technologies Corporation. All Rights Reserved. 11
Social Media
600,000Facebook accounts are compromised every single day!
12© 2016. Concurrent Technologies Corporation. All Rights Reserved.
13© 2016. Concurrent Technologies Corporation. All Rights Reserved. 13
Reducing the Social Media Threat• Strong passwords are a must (account verification,
federation of account, 2 factor) • Privacy settings exist for a reason (sharing contacts,
protect the telephone number associated with the account) • Once posted, always posted• Keep personal information personal (separate business
from personal accounts) • Search your business online • Ensure applications that protect your computer are up to
date and turned on
14© 2016. Concurrent Technologies Corporation. All Rights Reserved. 14
Watering Hole Attacks
15© 2016. Concurrent Technologies Corporation. All Rights Reserved. 15
Reducing the Watering Hole Threat
• If you host your website:– Ensure timely patching of website systems and defenses– Implement a “defense in depth” approach to your perimeter design
• If using a web service provider discuss the following:– Timely patching– Unknown or unwanted network identification
• Where available, subscribe and follow threat intelligence services for your industry type
16© 2016. Concurrent Technologies Corporation. All Rights Reserved. 16
Ransomware
• Ransomware - a type of malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid. More modern ransomware families, collectively categorized as crypto-ransomware, encrypt certain file types on infected systems and forces users to pay the ransom through certain online payment methods to get a decrypt key.
www.trendmicro.com/vinfo/us/security/definition/ransomware
17© 2016. Concurrent Technologies Corporation. All Rights Reserved. 17
Reducing the Ransomware Threat
• Backup regularly• Bookmark frequently visited sites, and use them• Verify emails sender’s address and identity before opening
an attachment• Ensure applications that protect your computer are up to
date and turned on– A few vendors are marketing a ransomware solution
18© 2016. Concurrent Technologies Corporation. All Rights Reserved. 18
Point of Sale Security• Payment Card Industry Data
Security Standard (PCI DSS) compliance
• Most POS systems are PC based thus inheriting same issues
• Clients information can be exposed in one successful attack impacting reputation
Source: www.digitalcheck.com/pos-encryption-overview/
19© 2016. Concurrent Technologies Corporation. All Rights Reserved. 19
Securing the Person
Source: http://www.norriejohnstonrecruitment.com/downloads/cyber-security/Cyber Security: How Real is the Threat and How Can You Reduce Your Risk?
20© 2016. Concurrent Technologies Corporation. All Rights Reserved. 20
Tips for “Securing the Person”• Awareness training• Use of Virtual Private Network (VPN) technology• Password hygiene• Store important data in different location• Use of encryption where applicable
– Disk or file encryption– Connection/Transmission encryption
© 2016. Concurrent Technologies Corporation. All Rights Reserved. 21
Service Provider Discussion• “Trust and Verify”
– You wouldn't’t blindly trust someone with your financial livelihood without a third party audit
– Read the fine print• Monthly reporting at a minimum, more than an invoice!• What is their incident response plan?• Do you have copies of your admin passwords?• How do they ensure secure remote access into your network?
© 2016. Concurrent Technologies Corporation. All Rights Reserved. 22
What should I do first? (Action Plan)
• Assume you’re a target, because you are• Identify your most valuable assets and ensure you are at least
protecting those• Educate, educate, educate your workforce• Cyber hygiene is more than the monthly Windows patch• Have a plan for when an incident occurs • Talk with your insurance provider about cyber insurance
23© 2016. Concurrent Technologies Corporation. All Rights Reserved. 23
Review
• Install updates (Adobe, Office, Browsers, Flash)• Use search engines (Google, Bing, DuckDuckGo) to
search (don’t click on links)• Use caution when messages urge you to act in haste • Hover over before clicking a link• Use caution when accessing personal e-mail at the office • Turn on 2-Factor authentication for social network account• Use more than one password
– Include some portion of website name in your password for each site
24© 2016. Concurrent Technologies Corporation. All Rights Reserved. 24
Questions
© 2016. Concurrent Technologies Corporation. All Rights Reserved. 25
1-800-CTC-4392www.ctc.com
How we can help you achieve your mission?
© 2016. Concurrent Technologies Corporation. All Rights Reserved. 26
Resources
• www.sec.gov/investor/pubs/phishing.htm• staysafeonline.org• www.us-cert.gov/ncas/tips/ST06-003• securingthehuman.sans.org• securingthehuman.sans.org/security-awareness-training/
enduser-support-materials• http://www.techlicious.com/tip/complete-guide-to-facebook-
privacy-settings/