Post on 14-Jan-2015
description
Internet Security
Dave PalmerInstructional Media Agent
South Central Extension District
Who This is For…
• Use a State computer
• Work at home on their own computer
This presentation is intended for Extension faculty and staff who…
It is not intended for faculty and staff who…
• Use a county computer
• Work behind a county firewall
Part 1 – The ThreatsVirus
Worms
Scams
Trojans
Backdoor
Bots
Malware
HackersPhishing
Rootkit Spyware
The threats most people are not aware of.
The threats many of us are aware of.
The Global Scope of the Problem
Estonia, a tiny but highly wired country on the Baltic Sea, was essentially shut down for 3 weeks during April and May of 2007 by organized cyber attacks.
The Global Scope of the Problem
2 dozen South Korean & U.S. Government agencies & others were attacked in July 2009. Targets included the DoD, FAA, Homeland Security, NYSE, NASDAQ, etc.
The National Scope of the Problem
Database breach by hackers personal information on 160,00 current and former students and alumni stolen.
530,000 medical records stolen including social security numbers.
Sensitive information on 65,000 current and former employees stolen.
A few of the many major security breaches that became public in the 2nd Quarter of 2009.
The Personal Scope of the Problem
• E-mail scams
• Identity theft
• Damage, repairs & replacements
• Productivity loss
Malware Headlines You Might Have Missed
• 10-11-09 - Spam dominates e-mail traffic (86%)• 10-11-09 - Malware threats in search engine results• 10-08-09 - FBI nets 100 people in phishing ring• 10-07-09 - Fox Sports site hacked to
serve malware• 10-06-09 - Malware flea market pays hackers
to hijack PC• 10-06-09 - Weak passwords dominate
Hotmail phishing leak
Malware Headlines You Might Have Missed
• 10-05-09 - Phony Facebook profiles spreading malware
• 09-30-09 - Malware re-writes online bank statements cover fraud
• 09-30-09 – Earthquake / tsunami searchers targeted by malware
• 09-15-09 - Malware ads hit NY Times• 09-15-09 - Operating systems not the
key security risk anymore• 08-20-09 - Malware designed to steal
IDs increased 600%
Malware – malicious software
Intent is to damage, disrupt, steal, or otherwise inflict problems on data, hosts, or networks.
The Scope of the ProblemThe number of NEW malware threats is increasing
New malicious code signatures - Symantec
2007
2008
What are the Threats?
• Tracking Cookies• Flash Cookies• Adware• Hoaxes• Scams• Phishing• Vishing
Not malware
• Backdoor• Keyloggers• Viruses & Worms• Worms• Trojans• Spyware• Rootkits• Bots
Malware
Tracking Cookies
• Not malware• Tag containing
info, sometimes useful to you
• No personal info unless offered
• Cookie storage can be limited
• May expire• Easy to remove
Flash Cookies• Largely unknown,
widely used• Installed by a
Flash plugin• Never expire• More cumbersome
to remove• Can send info w/o
user permission
Adobe Flash logo
Flash Cookies
Widely used…
…including in Extension
Adware• Free software that
plays, displays or downloads advertising
• May be toolbars, search boxes, games, utilities
• Mostly safe but some is spyware
• Read privacy policies
Social Engineering
Means: Manipulating people to do things or to divulge confidential information
Phishing
• Aim is to steal valuable information such as credit cards, social security numbers, user IDs and passwords
• Usually done by e-mail
• Social engineering
Phishing
• Often masquerades as legitimate person or business, even government
• Often contains a threat or consequence
• E-mail may look genuine, trustworthy
• Always points to different website than it appears to come from.
• Legitimate organizations never ask for sensitive information through e-mail
Pharming
Intent is to redirect a legitimate website's traffic to another, nearly identical but bogus website for the purpose of stealing sensitive information.
Scams
• Based on social engineering
• Often appeal to compassion or greed
• Disasters typically generate large numbers of scams
• Appear legitimate
Scams• Don’t click on links
in these e-mails• Typically offer
something of value, ask for money in advance
• Nearly impossible to track the monetary transactions
• Scammers are accomplished social engineers
Scams• Nigerian money fraud scams began in
1997 or before – by fax!
• These scams have spread to 80 countries or more.
• U.S. and U.K. are major targets
Scam Targets• Dating sites - exploit
the victims’ desire for a companionship
• Religious sites - seek donations from their victims for “worthy cause”
• Social websites - exploit personal info
Scams
• US - $1-$2 billion
• UK – 150 million pounds
• Australia - $36 million AUD
Estimated annual losses
Trojans• Programs that
masquerade as “good” programs
• Can spy, steal information, log keystrokes, download other malware
• Open backdoors, over write data
Trojans
• Cannot reproduce
• Must be spread by user interaction
• Many different types of trojans
Virus
• Can create files, move files, erase files
• Can consume memory and cause computer problems
• Can replicate• Can attach to other
programs• Can travel across
networks
Worms• A special type of virus • Can replicate itself and use
memory• Reproduce so fast they
overload and shut down entire systems
• Cannot attach itself to other programs.
• Spreads mostly by e-mail
Backdoor
• Malware that allows access to a computer without knowledge of the user’s password and user name.
• Allows attackers easy remote access
Spyware
• Purpose is to capture information
• Email, usernames, passwords, credit card info, etc.
• Can transmit this information
Rootkit
• Help intruders gain access to systems
• Avoid detection
• Subversion & evasion
• May avoid anti-virus or anti-spyware scan
Bots or Zombies• A computer infected with
malware, controlled remotely without the knowledge of the user
• Combined into networks called botnets
• Rented or sold to criminal interests
Bots or Zombies
• Can be used to propagate malware or for cyber attacks
• Botnets may consist of thousands of machines worldwide
• Used to send about 80% of all spam and to attack commercial websites and other systems
Bot Network
Intermission When we return…
how do we protect our computers and our data?
Part 2 – The Protection
We’ve covered the threats, but how do we protect ourselves?
UseBest Practices
Data
Router w/ hardware firewall
ZoneAlarmsoftware firewall
Spybot w/ tea timer
Super Anti Spyware
Anti virus software
Backup
Data
Best Practices
• Physical computer security
• Legal agreements - read the fine print
• Use good passwords
• Keep passwords safe
• Use a flash drive capable of “read-only”
• Update your operating system (OS)
• Update your applications
Best Practices
• Use a hardware firewall
• Use a software firewall
• Use and update security products ie: anti-spyware, anti-virus, etc.
• Clean the system regularly
• Backup system regularly (after cleaning)
• Suggest using FireFox w/ security plugins
Physical Computer Security
• Limit physical access to computers
• especially laptops
Physical Computer Security
• All users should be required to log in, even at home
• A PC with no log-in password is like a car with the keys in the ignition.
Legal Agreements• A software license
agreement is a legal contract between a producer and a purchaser of computer software.
• Called End User Licensing Agreements (EULA) or Terms of Use (TOU)
• Privacy Agreements
Read the Fine Print
• Agreeing to these electronic documents means you are signing a legal contract.
• Read them before agreeing
• Suggest you keep a copy (paper or digital)
Use Good Passwords
• Great Internet security means nothing if the bad guys can guess your passwords
Keep Passwords Safe
• Need a “system” of choosing and using good passwords or…
• Password management software
• Examples: Roboform, KeePass, others
KeePass
RoboForm
Password Management Software
• Password generator
• Master password
• Encrypted database of passwords
• Desktop, portable, Web-based
USB Malware• Flash drives
banned by US Army in 2008 due to malware and security concerns.
• An estimated 10% of malware was written to move on a flash drive.
USB Flash Drive w/ Read-Only• May be difficult to
find• Have a physical
switch that prevents writing (and spreading malware) to the flash drive
• useful on unknown / unfamiliar computers
Upgrade vs Update
• An upgrade – from v2.5 to v2.6 for example is simply a major update
• “Upgrading is taking your vitamins; fixing a hack is open-heart surgery.” Matt Mullenweg, founding developer of WordPress
Update Your Operating System
• Install all security patches
• Go to Windows Update website
Update Your
Operating System
• Set auto updates to download but not install unless you approve
Update/ Upgrade Your Applications
• Hackers are finding waysto embed malware in everyday programs
• In July 2009 it happened to Adobe PDF files. Adobe issued a patch.
• Unless you install the patch, you’re vulnerable when viewing PDFs
Update Your Applications
• Average computer holds 80+ programs
• How to keep them all updated?
• If offered, turn the auto-update on
• Update often-used programs manually
• Helper programs for the rest - Secunia
• Free, checks your programs, notifies you when updates are needed
Update Your Applications
Data
Router w/ hardware firewall
ZoneAlarmsoftware firewall
Spybot w/ tea timer
Super Anti Spyware
Anti virus softwareUse
Best Practices
Backup
Data
Hardware Router w/Firewall
• First line of defense
• Available in wired or wireless versions
• Wired is more secure
• Protects against incoming attacks
• $100 - $150
Software Firewall
• Protects against intrusion – scanning or attacks
• Protects against outbound communication by malware
Outbound Communication
Software Firewall
• Use the pre-installed Windows firewall only if you have no other options.
• Turn it off before installing a better product.
• If you have the XP operating system you MUST obtain a software firewall DO NOT use XP’s firewall.
• Install firewall first, then install other security software – antivirus, antispy
• Do not install multiple software firewalls
• ZoneAlarm Pro is adequate - $40
• Does require system resources
Software Firewall
Data
Wireless Router w/ hardware firewall
ZoneAlarmsoftware firewall
Spybot w/ tea timer
Super Anti Spyware
Anti virus softwareUse
Best Practices
Backup
Data
Spybot Search & Destroy
• Eliminates adware, spyware, Trojans, keyloggers, dialers
- Free- Real-time protection
Spybot Search & Destroy
• Malware often changes the registry
• Spybot warns of potential registry changes with “Tea-timer”
• Legitimate software installations also change the registry and may cause false alarms
Spybot Search and Destroy
• Will “immunize” the system
• Like a “Do Not Call” list of websites for your browser
Super AntiSpyware
• Removes spyware, Adware Trojans, Dialers, Worms, HiJackers, KeyLoggers, Parasites, Rootkits
- Free- Real-time protection- Can be scheduled
MalwareBytes
• Free version
• Full version (one time fee of $24.95) includes real-time protection.
Antivirus Software
• Many software options
• Many are free, or free trial
• UF faculty has access to McAfee for free
Data
Wireless Router w/ hardware firewall
ZoneAlarmsoftware firewall
Spybot w/ tea timer
Super Anti Spyware
Anti virus softwareUse
Best Practices
Backup
Data
How to Use These Tools Effectively
• Pick one day of the week (Sunday AM?)
• Use the tools in this order: Spybot, SuperAntispyware, Antivirus
• Start one tool, go read the paper
• When one tool has finished, start the next, go read the paper
• When all tools are done, do a complete backup and label it w/ date & “clean”
Backup Your Data• Why backup?
• Data loss or corruption
• Human error, fire, flood, malware
• Backing up is cheaper, easier than re-creating the data
Backup Your Data
• Many ways to backup
• Data only, whole system, online, local
• Compressed, uncompressed,automated
Data-Only Backup
• Dozens of software choices for every budget & free
• Backs up selected files• Typically uses
proprietary compression
• SyncToy – Free MS program – no compression
Back2Zipfree software
Whole-System Backup
• Takes an “image” of the whole system not each file individually
• Several choices including Acronis, Norton Ghost, others
• Backup in 15-20 min, restore - 30 min to 1 hr
Online Backup Service
• Advantages
• Inexpensive
• Some operate in the background
• Disadvantages
• Monthly fee
• Depends on Internet access
Local External Backup• Advantages• Low one-time cost• Multi-purpose• Easily accessible• Disadvantage• Risks similar to
original data• Note – keep unit
unplugged unless in useExternal Hard Drive
FireFox with Security Plugins
• A plugin is an additional component or feature that can be added to a larger program
• NoScript – to stop web scripts from running
• Better Privacy – to control Flash cookies
Virtual PC Products
• These programs create a “virtual PC” within your real PC.
• When programs run in the virtual PC, they can’t make changes to the real PC
• Requires some technical knowledge• Requires extra processing power• Extremely safe – if the Virtual PC gets
infected, simply delete it and create a new one.
Virtual PC Software
• Microsoft Windows Virtual PC
• VMware
• Connectix Virtual PC
• Sun VirtualBox
• Creates a small “virtual space” inside your computer called a “sandbox.”
• Can run a program or browser inside the sandbox.
• Smaller learningcurve than aVirtual PC
• Less processing power neededthan a Virtual PC
Sandboxie
You
CommercialRepair
Local PC Users Groups
Friends & family
CompUSA
Geek Squad
Local repair shop
Etc.
When you need help…
When You Need Help
• You are a key component
• Become knowledgeable about basic computer problems – what’s serious, what’s not
• Understand who your resources are, who can deal with which problems
• Ask around about commercial repair options – who’s recommended?
• 50+ organized groups around the state. Dues avg $25-$35/yr
• FACUG – Fla Assn of Computer User Groups is the umbrella organization - list is at http://www.facug.org/
• Members help members w/ problems
• Attend meetings occasionally – build relationships
PC Users Groups
Disclaimers• Information presented here is based on
currently available information.• This information changes frequently. No
guarantee of accuracy is possible.• Hardware, software, companies and techniques
discussed are options, not recommendations.• You alone are responsible for software and /or
hardware choices and use of any techniques. • Please read all legal agreements, instructions,
user agreements and privacy terms associated with any hardware, software or websites.
Thanks to…
• Bill Black – IT Support Ninja
• Brent Broaddus – Local IT Jedi
• DarryD – Obi-Wan & IT Master