Digital ThreatsFrom PC to Cell Phone

ByDr.Tapan Sengupta

Digital Threats

All computers connected to network are at risk of digital threats

Extent of threat depends the usage of the PC

Even a stand-alone PC is not risk free

Vulnerabilities

Flaws in computer software that create weaknesses in the overall security of the computer or network.

Improper computer or security configurations.

Threats exploit the weaknesses of vulnerabilities resulting in potential damage to the computer or personal data.

Activities Leading to a Threat

Web SurfingCommunication- email, messagingTransaction ( banking, shopping)File Sharing( data, photo,video)

What Are The Common Threats The basic typesVirus Does not propagate of its own Replicate itself within a single

machine Spread only thru human interactionWorms Use network to propagate itself Replicate anywhere Spread much faster than virus

What A The Common Types Of Threats

SpywareAdwareTrojan HorsesBots & Botnets ( Blended threat)

What A The Common Types Of Threats

SpamPhishingPharmingCrimeware

Misleading Application

Misleading applications, trick consumers into believing a problem exists on their system. Consumers who trust the messages are tricked into purchasing bogus applications for resolution of bogus problems

Sometimes these applications introduce Malware into your system

Known Misleading Application

Win FixerUltimate DefenderSpySheriffMalwareWipeDriveCleanerAVSystemCare

Known Misleading Application

AVSystemCare1stAntiVirusVirusBurstSpywareQuakeAntispywareSoldier

Anatomy Of A Typical Malware

MalwareServer

Keyboard LoggerEtc.

Infected PC

Network Keyboard LoggerEtc.

Un-infected PC

Malware

Account numberCredit Card Info

User Id, password etc.

Step-1

Step-2

What Can These Malware Do?

Destroy or modify your file systemHijack your browserSteal your identityMake your machine crawlUse your credit card, bank accountPopup adsFlood your mail box

E-mail: Watch attachments, not spams

The Internet: Watch downloads not pop-ups

Data Protection: Worry about backups before hackers

Danger vs. Annoyance

What To Do?

Keep software and security patches up to date

Pre-condition for this is to have a legal copy of the

operating system

What To Do?

Apply latest patches(PTFs)Configure security settings for

operating system, internet browser and security software Use a good Anti-virus programUse a well configured firewallUse Multiple anti-malware

software

What To Do?

Develop personal security policies for online behavior

Install a proactive security solution to block threats targeting vulnerabilities

Pay special attention to in configuring firewall

Personal Security Policy

Have email attachments scanned prior to opening

Delete all unwanted messages without opening

If you suspect an email is Spam, do not respond, delete it

Personal Security Policy

Reject all Instant Messages from persons who are not on your list

Do not click on URL links within IM unless from a trusted source

Never answer to the requests for confidential information via email or Instant Message

Personal Security Policy

Scan all files with an Internet Security solution before transferring them to your system

Only transfer files from a well known source

Use Security Software to block all unsolicited outbound communication

Personal Security Policy

Be especially cautious when clicking on pop-up advertisements

Do not respond to pop-up ads promoting system security or performance tools

Do not accept or open suspicious error dialogs from within the browser

LAST BUT NOT THE LEAST

Backup your files regularly

Security Software

The software that I use1. Anti-virus AVG free edition2. Malware AdAware free edition3. SpyBot, S&D4. Windows Defender5. CWshreder6. Firewall Zone Alarm free Note: 1, 3 and 4 run on a nightly schedule,

Wireless SOHO NetworkRouter Configuration

Change Router’s default passwordImplement system security Wep, 64bit recommended Rotate the default transmit keyDisable SS ID BroadcastDisable Remote ManagementEnable router’s built-in firwall

Virus on cell phone

First virus ‘Cabir’ was a research project

‘Cabir’ got twisted around and new viruses were created

Virus, worm – same concepts as PCsPropagates thru Blue ToothPropagates thru MMS

Virus on cell phoneWhat to do

Turn off Bluetooth discoverable mode. Set your phone to "hidden" so other phones can't detect it and send it the virus.

Check security updates to learn about filenames you should keep an eye out for.

Download only from trusted environment

Question any one?