091005 Internet Security

Internet Security Dave Palmer Instructional Media Agent South Central Extension District

Who This is For… Use a State computer Work at home on their own computer This presentation is intended for Extension faculty and staff who… It is not intended for faculty and staff who… Use a county computer Work behind a county firewall

Part 1 – The Threats Virus Worms Scams Trojans Backdoor Bots Malware Hackers Phishing Rootkit Spyware

The threats most people are not aware of. The threats many of us are aware of.

The Global Scope of the Problem Estonia, a tiny but highly wired country on the Baltic Sea, was essentially shut down for 3 weeks during April and May of 2007 by organized cyber attacks.

The Global Scope of the Problem 2 dozen South Korean & U.S. Government agencies & others were attacked in July 2009. Targets included the DoD, FAA, Homeland Security, NYSE, NASDAQ, etc.

The National Scope of the Problem Database breach by hackers personal information on 160,00 current and former students and alumni stolen. 530,000 medical records stolen including social security numbers. Sensitive information on 65,000 current and former employees stolen. A few of the many major security breaches that became public in the 2 nd Quarter of 2009.

The Personal Scope of the Problem E-mail scams Identity theft Damage, repairs & replacements Productivity loss

Malware Headlines You Might Have Missed 10-11-09 - Spam dominates e-mail traffic (86%) 10-11-09 - Malware threats in search engine results 10-08-09 - FBI nets 100 people in phishing ring 10-07-09 - Fox Sports site hacked to serve malware 10-06-09 - Malware flea market pays hackers to hijack PC 10-06-09 - Weak passwords dominate Hotmail phishing leak

Malware Headlines You Might Have Missed 10-05-09 - Phony Facebook profiles spreading malware 09-30-09 - Malware re-writes online bank statements cover fraud 09-30-09 – Earthquake / tsunami searchers targeted by malware 09-15-09 - Malware ads hit NY Times 09-15-09 - Operating systems not the key security risk anymore 08-20-09 - Malware designed to steal IDs increased 600%

Malware – malicious software Intent is to damage, disrupt, steal, or otherwise inflict problems on data, hosts, or networks.

The Scope of the Problem The number of NEW malware threats is increasing New malicious code signatures - Symantec 2007 2008

What are the Threats? Tracking Cookies Flash Cookies Adware Hoaxes Scams Phishing Vishing Not malware Backdoor Keyloggers Viruses & Worms Worms Trojans Spyware Rootkits Bots Malware

Tracking Cookies Not malware Tag containing info, sometimes useful to you No personal info unless offered Cookie storage can be limited May expire Easy to remove

Flash Cookies Largely unknown, widely used Installed by a Flash plugin Never expire More cumbersome to remove Can send info w/o user permission Adobe Flash logo

Flash Cookies Widely used… … including in Extension

Adware Free software that plays, displays or downloads advertising May be toolbars, search boxes, games, utilities Mostly safe but some is spyware Read privacy policies

Social Engineering Means: Manipulating people to do things or to divulge confidential information

Phishing Aim is to steal valuable information such as credit cards, social security numbers, user IDs and passwords Usually done by e-mail Social engineering

Phishing Often masquerades as legitimate person or business, even government Often contains a threat or consequence E-mail may look genuine, trustworthy Always points to different website than it appears to come from. Legitimate organizations never ask for sensitive information through e-mail

Pharming Intent is to redirect a legitimate website's traffic to another, nearly identical but bogus website for the purpose of stealing sensitive information.

Scams Based on social engineering Often appeal to compassion or greed Disasters typically generate large numbers of scams Appear legitimate

Scams Don’t click on links in these e-mails Typically offer something of value, ask for money in advance Nearly impossible to track the monetary transactions Scammers are accomplished social engineers

Scams Nigerian money fraud scams began in 1997 or before – by fax! These scams have spread to 80 countries or more. U.S. and U.K. are major targets

Scam Targets Dating sites - exploit the victims’ desire for a companionship Religious sites - seek donations from their victims for “worthy cause” Social websites - exploit personal info

Scams US - $1-$2 billion UK – 150 million pounds Australia - $36 million AUD Estimated annual losses

Trojans Programs that masquerade as “good” programs Can spy, steal information, log keystrokes, download other malware Open backdoors, over write data

Trojans Cannot reproduce Must be spread by user interaction Many different types of trojans

Virus Can create files, move files, erase files Can consume memory and cause computer problems Can replicate Can attach to other programs Can travel across networks

Worms A special type of virus Can replicate itself and use memory Reproduce so fast they overload and shut down entire systems Cannot attach itself to other programs. Spreads mostly by e-mail

Backdoor Malware that allows access to a computer without knowledge of the user’s password and user name. Allows attackers easy remote access

Spyware Purpose is to capture information Email, usernames, passwords, credit card info, etc. Can transmit this information

Rootkit Help intruders gain access to systems Avoid detection Subversion & evasion May avoid anti-virus or anti-spyware scan

Bots or Zombies A computer infected with malware, controlled remotely without the knowledge of the user Combined into networks called botnets Rented or sold to criminal interests

Bots or Zombies Can be used to propagate malware or for cyber attacks Botnets may consist of thousands of machines worldwide Used to send about 80% of all spam and to attack commercial websites and other systems

Intermission When we return… how do we protect our computers and our data?

Part 2 – The Protection We’ve covered the threats, but how do we protect ourselves?

Use Best Practices Data Router w/ hardware firewall ZoneAlarm software firewall Spybot w/ tea timer Super Anti Spyware Anti virus software Backup Data

Best Practices Physical computer security Legal agreements - read the fine print Use good passwords Keep passwords safe Use a flash drive capable of “read-only” Update your operating system (OS) Update your applications

Best Practices Use a hardware firewall Use a software firewall Use and update security products ie: anti-spyware, anti-virus, etc. Clean the system regularly Backup system regularly (after cleaning) Suggest using FireFox w/ security plugins

Physical Computer Security Limit physical access to computers especially laptops

Physical Computer Security All users should be required to log in, even at home A PC with no log-in password is like a car with the keys in the ignition.

Legal Agreements A software license agreement is a legal contract between a producer and a purchaser of computer software. Called End User Licensing Agreements (EULA) or Terms of Use (TOU) Privacy Agreements

Read the Fine Print Agreeing to these electronic documents means you are signing a legal contract. Read them before agreeing Suggest you keep a copy (paper or digital)

Use Good Passwords Great Internet security means nothing if the bad guys can guess your passwords

Keep Passwords Safe Need a “system” of choosing and using good passwords or… Password management software Examples: Roboform, KeePass, others KeePass RoboForm

Password Management Software Password generator Master password Encrypted database of passwords Desktop, portable, Web-based

USB Malware Flash drives banned by US Army in 2008 due to malware and security concerns. An estimated 10% of malware was written to move on a flash drive.

USB Flash Drive w/ Read-Only May be difficult to find Have a physical switch that prevents writing (and spreading malware) to the flash drive useful on unknown / unfamiliar computers

Upgrade vs Update An upgrade – from v2.5 to v2.6 for example is simply a major update “ Upgrading is taking your vitamins; fixing a hack is open-heart surgery.” Matt Mullenweg, founding developer of WordPress

Update Your Operating System Install all security patches Go to Windows Update website

Update Your Operating System Set auto updates to download but not install unless you approve

Update/ Upgrade Your Applications Hackers are finding ways to embed malware in everyday programs In July 2009 it happened to Adobe PDF files. Adobe issued a patch. Unless you install the patch, you’re vulnerable when viewing PDFs

Update Your Applications Average computer holds 80+ programs How to keep them all updated? If offered, turn the auto-update on Update often-used programs manually Helper programs for the rest - Secunia Free, checks your programs, notifies you when updates are needed

Data Router w/ hardware firewall ZoneAlarm software firewall Spybot w/ tea timer Super Anti Spyware Anti virus software Use Best Practices Backup Data

Hardware Router w/Firewall First line of defense Available in wired or wireless versions Wired is more secure Protects against incoming attacks $100 - $150

Software Firewall Protects against intrusion – scanning or attacks Protects against outbound communication by malware Outbound Communication

Software Firewall Use the pre-installed Windows firewall only if you have no other options. Turn it off before installing a better product. If you have the XP operating system you MUST obtain a software firewall DO NOT use XP’s firewall.

Install firewall first, then install other security software – antivirus, antispy Do not install multiple software firewalls ZoneAlarm Pro is adequate - $40 Does require system resources Software Firewall

Data Wireless Router w/ hardware firewall ZoneAlarm software firewall Spybot w/ tea timer Super Anti Spyware Anti virus software Use Best Practices Backup Data

Spybot Search & Destroy Eliminates adware, spyware, Trojans, keyloggers, dialers - Free - Real-time protection

Spybot Search & Destroy Malware often changes the registry Spybot warns of potential registry changes with “Tea-timer” Legitimate software installations also change the registry and may cause false alarms

Spybot Search and Destroy Will “immunize” the system Like a “Do Not Call” list of websites for your browser

Super AntiSpyware Removes spyware, Adware Trojans, Dialers, Worms, HiJackers, KeyLoggers, Parasites, Rootkits - Free - Real-time protection - Can be scheduled

MalwareBytes Free version Full version (one time fee of $24.95) includes real-time protection.

Antivirus Software Many software options Many are free, or free trial UF faculty has access to McAfee for free

How to Use These Tools Effectively Pick one day of the week (Sunday AM?) Use the tools in this order: Spybot, SuperAntispyware, Antivirus Start one tool, go read the paper When one tool has finished, start the next, go read the paper When all tools are done, do a complete backup and label it w/ date & “clean”

Backup Your Data Why backup? Data loss or corruption Human error, fire, flood, malware Backing up is cheaper, easier than re-creating the data

Backup Your Data Many ways to backup Data only, whole system, online, local Compressed, uncompressed, automated

Data-Only Backup Dozens of software choices for every budget & free Backs up selected files Typically uses proprietary compression SyncToy – Free MS program – no compression Back2Zip free software

Whole-System Backup Takes an “image” of the whole system not each file individually Several choices including Acronis, Norton Ghost, others Backup in 15-20 min, restore - 30 min to 1 hr

Online Backup Service Advantages Inexpensive Some operate in the background Disadvantages Monthly fee Depends on Internet access

Local External Backup Advantages Low one-time cost Multi-purpose Easily accessible Disadvantage Risks similar to original data Note – keep unit unplugged unless in use External Hard Drive

FireFox with Security Plugins A plugin is an additional component or feature that can be added to a larger program NoScript – to stop web scripts from running Better Privacy – to control Flash cookies

Virtual PC Products These programs create a “virtual PC” within your real PC. When programs run in the virtual PC, they can’t make changes to the real PC Requires some technical knowledge Requires extra processing power Extremely safe – if the Virtual PC gets infected, simply delete it and create a new one.

Virtual PC Software Microsoft Windows Virtual PC VMware Connectix Virtual PC Sun VirtualBox

Creates a small “virtual space” inside your computer called a “sandbox.” Can run a program or browser inside the sandbox. Smaller learning curve than a Virtual PC Less processing power needed than a Virtual PC Sandboxie

You Commercial Repair Local PC Users Groups Friends & family CompUSA Geek Squad Local repair shop Etc. When you need help…

When You Need Help You are a key component Become knowledgeable about basic computer problems – what’s serious, what’s not Understand who your resources are, who can deal with which problems Ask around about commercial repair options – who’s recommended?

50+ organized groups around the state. Dues avg $25-$35/yr FACUG – Fla Assn of Computer User Groups is the umbrella organization - list is at http://www.facug.org/ Members help members w/ problems Attend meetings occasionally – build relationships PC Users Groups

Disclaimers Information presented here is based on currently available information. This information changes frequently. No guarantee of accuracy is possible. Hardware, software, companies and techniques discussed are options, not recommendations. You alone are responsible for software and /or hardware choices and use of any techniques. Please read all legal agreements, instructions, user agreements and privacy terms associated with any hardware, software or websites.

Thanks to… Bill Black – IT Support Ninja Brent Broaddus – Local IT Jedi DarryD – Obi-Wan & IT Master

091005 Internet Security

More Related Content

091005 Internet Security