Internet Security & Safety

•What makes up the internet?

•Protecting and securing your password

•Protecting your identity

•What is social networking?

•Benefits and risks associated with social networking

Overview

•Origin of the internet dates back to?•1960’s

•Network•A system containing any combination of computers, computer terminals, printers, audio or visual display devices, or telephones interconnected by telecommunication equipment or cables: used to transmit or receive information.

•Internet•A network of networks that can be used to disperse information throughout the world

Internet (1 of 2)

Internet (2 of 2)

• Approximately ¼ of Earth’s population uses the internet• Popular uses include:

– E-mail– Advertising– Social Networking– Search Engines

• Accessing the Internet:– Computers– Phones– Game Consoles

Password Protection

• Why use a password?– Protect personal

information– Prove identity– Restrict access

• When would you use a password?– Accessing programs– Checking e-mail– Logging into websites

Los Alamos Weak Computer Security

• Los Alamos has been under fire for weak computer security– Did not always manage passwords securely

on the classified computer network • As a result of this weakness, increased risk exists

that insiders with malicious intent could guess the passwords of other individuals and use them to gain inappropriate access to classified information.

– Users were granted access to more computer files than needed to perform their duties

How to choose a password

• 8.3 rule– Include letters– Include numbers– Include non-alphanumeric characters

• Use lower case and upper case letters• Different passwords for different sites• No such thing as a perfect password

Protecting your identity: Examples

• FBI: Online Banking Attacks Reach $100 Million Mark– Victims receive a phishing e-mail with an infected attachment or

malicious link – If the recipient falls for the trick, they end up downloading a key

logger that swipes their business or corporate bank account credentials.

• Stealth Keylogger Used to Invade Victim Bank Accounts– The electronic thefts occurred by infecting the victims’ computers

with a key logging program embedded in emails and malicious web sites.

– key logging software was stealthy and remained inactive until a victim used their computer to contact their bank online. It would record login and password information and send to the computer crime gang.

Protecting your Identity (1 of 2)

• Https vs. Http websites– Https: Secure– Http: Unsecure

• What information can be stolen?– SSN, Address, password, DOB, Credit and

Banking information– Any information on the internet can be stolen

Protecting your Identity (2 of 2)

• How is information stolen?– Malware– Keyloggers

• How to protect your information?– Up to date antivirus, firewall, and spyware– Be careful who you give personal information to– Put as little information as possible on the internet

Social Networking (1 of 2)

• Defined:– Constructing a public or semi-public profile– Connecting with others based on shared

interests, activities, etc…– Viewing your list of connections and those

made by others within the system

Social Networking (2 of 2)

• Sites:– Facebook– MySpace– Twitter

Phony Facebook Email

• Facebook Users Targeted By Banking Trojan– Facebook users receive an e-mail informing them that Facebook

is updating its log-in system to make things more secure. – The e-mail then urges them to click on what appears to be an

update button embedded in the message – Once users click on the link, they are directed to a bogus

Facebook log-in page, then asks for their password to allegedly complete the update.

– Then, after "logging in," victims are taken to a page offering them an "update tool," which is, in actuality, the Trojan updatetool.exe. Once victims' click on the tool, their computers become infected with the Zeus Trojan, known for targeting banking accounts and designed to swipe personal and financial information.

Risks

• Increased visibility

• Cyberstalking

• Identity theft

• Spy ware, malware, viruses

Benefits

• Easy to make friends

• Connect with others around the world

• Learn about new cultures

• Develop technical skills

Cyberstalkers: Real Example

• How Cyberstalkers Obtain Your Personal Information-Part 2 – Cyberstalker sent harassing emails– Put up fake ads in her name saying she

wanted sex– Questioned her legitimacy at her workplace,

and endless other torments. – He turned out to be an ex that she had broken

up with 14 years earlier.

Social Networking Safety

• What information is acceptable? – Name?– Address?– Phone number?

• How can someone else use information?

• What steps can you take to ensure privacy?

How Pedophiles Think

• The Internet: A Breeding Ground for Online Pedophiles– Chicken hawk: which refers to an online pedophile

who uses chat lines and member profiles to locate potential victims, sometimes posing as another youth to establish a bond

– They listen to and empathize with the problems of children.

– They will be aware of the latest music, hobbies, and interests of children

– Try to gain children’s trust– Many of these offenders ultimately seek to sexually

exploit the children they encounter online.

Common Social Networking Rules

• Never give away personal information

• Be careful what photos are posted

• Make sure you only accept people to be friends that you know well

• Never plan a face-to-face meeting

• Restrict information on profile page so only friends can see it

References

• "Los Alamos National Lab again under fire for weak computer security - Nextgov." Nextgov - Federal technology news, best practices, and web 2.0 tools. Web. 10 Nov. 2009. <http://www.nextgov.com/nextgov/>.

• “Stealth Keylogger Used to Invade Victim Bank Accounts | Shafer Consulting” Small Business Computer Consultants. Web. 17 Nov. 2009. <http://www.shaferconsulting.com/news.>.

• “FBI: Online Banking Attacks Reach $100 Million” Web. 14 Nov. 2009. <http://www.eweek.com/c/a/Security/FBI-Online-Banking-Attacks-Reach-100-Million-Mark-785125/>.

• "Facebook Users Targeted By Banking Trojan - Security - IT Channel News by CRN." Channel News, Technology News and Reviews for VARs and Technology Integrators--ChannelWeb. Web. 12 Nov. 2009. <http://www.crn.com/security/>.

• "How Cyberstalkers Obtain Your Personal Information - Part 2." Women's Issues - All About Women's Issues. Web. 12 Nov. 2009. <http://womensissues.about.com/od/violenceagainstwomen>.

• “The Internet: A Breeding Ground for Online Pedophiles.” Crime Scene Investigator Network. Web. 16 Nov. 2009. <http://www.crime-scene-investigator.net/>.