user security awareness
TRANSCRIPT
-
7/30/2019 User Security Awareness
1/37
User Awareness and Practices
-
7/30/2019 User Security Awareness
2/37
The internet allows an attacker to attack from anywhereon the planet.
Risks caused by poor security knowledge and practice:Identity Theft
Monetary TheftLegal Ramifications (for yourself and companies)Termination if company policies are not followed
According to www.SANS.org , the top vulnerabilitiesavailable for a cyber criminal are:
Web Browser IM ClientsWeb ApplicationsExcessive User Rights
-
7/30/2019 User Security Awareness
3/37
Security: We mustprotect our computersand data in the sameway that we secure the
doors to our homes.
Safety: We must
behave in ways thatprotect us against risksand threats that comewith technology.
-
7/30/2019 User Security Awareness
4/37
-
7/30/2019 User Security Awareness
5/37
Cracker:Computer-savvyprogrammer createsattack software
Script Kiddies :Unsophisticatedcomputer userswho know how to
execute programs
Hacker Bulletin BoardSQL Injection
Buffer overflow
Password CrackersPassword Dictionaries
Successful attacks!Crazyman broke into CoolCat penetrated
Criminals:Create & sell bots -> spamSell credit card numbers,
System AdministratorsSome scripts are usefulto protect networks
Malware package=$1K-2K1 M Email addresses = $8
10,000 PCs = $1000
-
7/30/2019 User Security Awareness
6/37
VirusWormTrojan Horse / Logic BombSocial EngineeringRootkits
Botnets / Zombies
-
7/30/2019 User Security Awareness
7/37
A virus attaches itself to a program, file,or diskWhen the program executes, the virusactivates and replicates itself The virus may be benign or malignantwhen executing its payload (often uponcontact)
Viruses result in crashing computers andloss of data.
In order to recover/prevent virus/attacks: Avoid potentially unreliable websites/emailsSystem RestoreRe-install operating system
Anti-virus (e.g. Avira, AVG, Norton)
Program A
Extra Code
ProgramB
infects
-
7/30/2019 User Security Awareness
8/37
Independent program which replicates itself and sends copies fromcomputer to computer across network connections. Upon arrival theworm may be activated to replicate.
To JoeTo AnnTo Bob
Email List:[email protected]
-
7/30/2019 User Security Awareness
9/37
Logic Bomb: Legitimate program executes malwarelogic upon special conditions.
Software malfunctions if maintenance fee is not paidEmployee triggers a database erase when he is fired.
Trojan Horse: Masquerades as beneficial program whilequietly destroying data or damaging your system.
Download a game: Might email your password file without you
knowing.
-
7/30/2019 User Security Awareness
10/37
Social engineering manipulates people into performing actions or divulgingconfidential information. Social engineering uses deception to gain information,commit fraud, or access computer systems.
Phone Call:This is John,the System
Admin. Whatis your
password?
Email: ABC Bank has
noticed aproblem with
your account
In Person:What ethnicityare you? Your
mothersmaiden name?
and havesome
softwarepatches
I have cometo repair
your machine
-
7/30/2019 User Security Awareness
11/37
Phishing : atrustworthy entity
asks via e-mail for sensitiveinformation suchas SSN, creditcard numbers,login IDs or passwords.
-
7/30/2019 User Security Awareness
12/37
The link provided in the e-mail leads to a fake webpagewhich collects important information and submits it to theowner.The fake web page looks like the real thing
Extracts account information
-
7/30/2019 User Security Awareness
13/37
A botnet is a large number of compromised computers thatare used to create and send spam or viruses or flood anetwork with messages as a denial of service attack.The compromised computers are called zombies
-
7/30/2019 User Security Awareness
14/37
An attacker pretends to be your final destination on the network. If a person tries to connect to a specific WLAN access point or webserver, an attacker can mislead him to his computer, pretending tobe that access point or server.
-
7/30/2019 User Security Awareness
15/37
Upon penetrating a computer, ahacker installs a collection of programs, called a rootkit .
May enable:Easy access for the hacker (andothers)Keystroke logger
Eliminates evidence of break-in
Modifies the operating system
-
7/30/2019 User Security Awareness
16/37
Pattern Calculation Result Time to Guess(2.6x10 18/month)
Personal Info: interests, relatives 20 Manual 5 minutes
Social Engineering 1 Manual 2 minutes
American Dictionary 80,000 < 1 second
4 chars: lower case alpha 26 4 5x10 5
8 chars: lower case alpha 26 8 2x10 11
8 chars: alpha 52 8 5x10 13
8 chars: alphanumeric 62 8 2x10 14 3.4 min.
8 chars alphanumeric +10 72 8 7x10 14 12 min.8 chars: all keyboard 95 8 7x10 15 2 hours
12 chars: alphanumeric 62 12 3x10 21 96 years
12 chars: alphanumeric + 10 72 12 2x10 22 500 years
12 chars: all keyboard 95 12 5x10 23
16 chars: alphanumeric 62 16 5x10 28
-
7/30/2019 User Security Awareness
17/37
Restricted data includes:Social Security Number Drivers license # or state ID # Financial account number (credit/debit) andaccess code/passwordDNA profile (Statute 939.74)
Biometric dataIn US, HIPAA protects:Health status, treatment, or payment
-
7/30/2019 User Security Awareness
18/37
Symptoms: Antivirus software detects a problemPop-ups suddenly appear (may sell securitysoftware)Disk space disappearsFiles or transactions appear that should not bethereSystem slows down to a crawlStolen laptop (1 in 10 stolen in laptop lifetime)
Often not recognized
-
7/30/2019 User Security Awareness
19/37
Spyware symptoms:Change to your browser homepage/start pageEnding up on a strange site when conducting asearch
System-based firewall is turned off automaticallyLots of network activity while not particularly activeExcessive pop-up windowsNew icons, programs, favorites which you did notaddFrequent firewall alerts about unknown programstrying to access the InternetBad/slow system performance
-
7/30/2019 User Security Awareness
20/37
Virus symptoms Antivirus software often catches virusesUnusual messages or displays on your monitor Unusual sounds or music played at randomtimesYour system has less available memory than itshould
A disk or volume name has been changedPrograms or files are suddenly missingUnknown programs or files have been createdSome of your files become corrupted or suddenly don't work properly
-
7/30/2019 User Security Awareness
21/37
-
7/30/2019 User Security Awareness
22/37
Defense in depth uses multiple layers of defense to addresstechnical, personnel, and operational issues.
This approach was conceived by NSA to ensure informationand electronic security.
-
7/30/2019 User Security Awareness
23/37
Anti-virus software detects malware and candestroy it before any damage is doneInstall and maintain anti-virus and anti-spyware softwareBe sure to keep anti-virus software updatedMany free and pay options exist
-
7/30/2019 User Security Awareness
24/37
A firewall acts as a wall between your computer/private network andthe internet. Hackers may use the internet to find, use, and installapplications on your computer. A firewall prevents hacker connections from entering your computer.Filters packets that enter or leave your computer
-
7/30/2019 User Security Awareness
25/37
Packet Filter Firewall
Web Request
Ping Request
FTP request
Email Connect Request
Web Response
Telnet Request
Email Response
SSH Connect RequestDNS Request
EmailResponse
WebResponse
Illegal Source IP Address
Illegal Dest IP Address
Microsoft NetBIOS Name Service
-
7/30/2019 User Security Awareness
26/37
Microsoft regularly issues patches or updates to solve securityproblems in their software. If these are not applied, it leaves your computer vulnerable to hackers.
Windows Update can be set to automatically download / install updates.
Avoid logging in as administrator
-
7/30/2019 User Security Awareness
27/37
Merry ChristmasBadPassword
GoodPassword
Merry Xmas
mErcHr2yOu
MerryChrisToYou
MerChr2You
MerryJul
MaryJul
Mary*Jul
,rttuc,sd J3446sjqw
(Keypad shiftRight . Up)
(Abbreviate)
(Lengthen)
(convert vowelsto numeric)
M5rryXm1s
MXemrarsy
(IntertwineLetters)
Glad*Jes*Birth
(Synonym)
-
7/30/2019 User Security Awareness
28/37
Combine 2 unrelatedwords
Mail + phone = m@!lf0n3
Abbreviate a phrase My favorite color is blue=
MfciblueMusic lyric Happy birthday to you,
happy birthday to you,happy birthday dear John,happy birthday to you.
hb2uhb2uhbdJhb2u
-
7/30/2019 User Security Awareness
29/37
Never use admin or root or administrator as a login for the admin
A good password is:private : it is used and known by one person only
secret : it does not appear in clear text in any file or program or on a piece of paper pinned to the terminal
easily remembered : so there is no need to write it down
at least 8 characters, complex : a mixture of at least 3 of the following: upper case letters, lower case letters, digits and punctuation
not guessable by any program in a reasonable time, for instance less than oneweek.
changed regularly : a good change policy is every 3 months
Beware that someone may see you typing it. If you accidentally typeyour password instead of your login name, it may appear in system logfiles
-
7/30/2019 User Security Awareness
30/37
Do not open email attachments unlessyou are expecting the email with theattachment and you trust the sender.
Do not click on links in emails unlessyou are absolutely sure of their validity.
Only visit and/or download softwarefrom web pages you trust.
-
7/30/2019 User Security Awareness
31/37
Be sure to have a pop-up blocker installedPop-up blockers do not always block ALL pop-ups soalways close a pop- up window using the X in theupper corner.
Never click yes, accept or even cancel
Infected USB drives are often left unattended byhackers in public places.
-
7/30/2019 User Security Awareness
32/37
Always use secure browser to do online activities.Frequently delete temp files, cookies, history, saved passwords etc.
https://
Symbol showingenhanced security
-
7/30/2019 User Security Awareness
33/37
No security measure is 100%What information is important to you?Is your back-up:
Recent?Off-site & Secure?
Process Documented?Tested?Encrypted?
-
7/30/2019 User Security Awareness
34/37
Organizations lose 5-6%of revenue annually dueto internal fraud = $652Billion in U.S. (2006)
Average scheme lasts 18months, costs $159,000
25% costs exceed $1M
Smaller companies suffer greater average $ lossesthan large companies
Internal Fraud Recovery
$0 RecoveredRecovery
-
7/30/2019 User Security Awareness
35/37
Tips are most common way fraud is discovered.Tips come from:
Employee/Coworkers 64%, Anonymous 18%,Customer 11%,Vendor 7%
If you notice possible fraud, CONTACT: ??????????
05
10152025303540
Tip By Accident Internal Audit Internal Controls External Audit Notified byPolice
%
How Fraud is Discovered
Essentials of Corporate Fraud, T LCoenen, 2008, John Wiley & Sons
-
7/30/2019 User Security Awareness
36/37
Additional Slides to insert
How is information security confidentiality tobe handled? Show table of how informationconfidentiality is categorized and treated.Is there specific legal actions all employeesshould be concerned with?Physical security how are the rooms laid outand how is security handled?Handling information at home on homecomputer any special restrictions?On fraud slide, specify contact if fraud issuspected.
-
7/30/2019 User Security Awareness
37/37
These are best practices involving InformationSecurity.
Most of these practices are from the National Institute of Standards and Technology.
Use these practices at home and at work to keepsafe and secure.
Employers have policies and procedures regardingsecure practices. Be sure to understand them andadhere to them. It will protect you, your employer and your customers.