Seven Effective Habits When Using The Internet
-
Upload
helen-dixon -
Category
Internet
-
view
239 -
download
0
description
Transcript of Seven Effective Habits When Using The Internet
![Page 1: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/1.jpg)
7 Effective Habits whenusing the Internet
Philip O’Kane
1
![Page 2: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/2.jpg)
Introduction
Who are the players?
The Attackers
IT Support/Department
End-user
Attack Surface
What is an attack surface
How well are you protected?
Myths about Malware (Virus, Worm, Trojan, etc.)
Seven Effective Habits
2
![Page 3: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/3.jpg)
The Players
IT Department Multifunction Resolve Issues Protect User, Assets and Networks
User Carry out Business function Protect Asset
Attacker(Malware)
Assets Personal Information Account Details IPR
Firewall
3
![Page 4: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/4.jpg)
Attack Surface
4
Firefox
InternetExplorer
Chrome
Java AppsEmail
Web Browser
Flash Player
Vulnerability(Bug or Poor configuration)
Assets Personal Information Account Details IPR
Attacker(Malware)
![Page 5: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/5.jpg)
Attacks
The End-user PC is inside the firewall
It inherits the trusted status of the PC and can access sensitive information
Use privileged protocols to access data
Spread to others using privileged protocols
Email everyone in your contacts with malware attachments
Backdoor access – can send data to the attackers
Used as part of a Botnet to attack others (DDOS)
5
![Page 6: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/6.jpg)
Attacks on Corporates
Bank Dbase hacked $45 Million in ATM (Dec 2013)
RSA Security,40 million employee records
stolen (March 2011)
Sony's PlayStation Network (April 2011)
77 million accounts hacked
Sony site was down for a month
6
![Page 7: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/7.jpg)
Attacks on the Individual
Mobile Ransomware (2014)
Spam Emails
PayPal (URLs).
Emails with attachments
Zip, SCR, EXEC
CryptoLockers/Ransomware
Backdoors
USB
Found or given a USB at a show
7
![Page 8: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/8.jpg)
IT Departments/Defence Solutions
Firewall configuration
Internet protocols
Open ports
Patch Deployment
Centralised vulnerability remediation as exploitations are on the internet within 8 hours of patch deployment (Patch Tuesday)
Permitting open policies for privileged user authority
70% of stolen data via USBs
8
![Page 9: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/9.jpg)
Myths
I will know when I’m infected
Malware is just for Windows
Email attachments from known persons are safe
Visiting only reputable sites is completely safe
Malware is not a problem, I have nothing important on my PC
9
![Page 10: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/10.jpg)
I will know when I’m infected
Malware Detection Rate over 30 Days
10
0->25% 26->50% 51->75% 76->90% 91->100%Key
Day 1 8 15 22 30
McAfee 22% 53% 85% 86% 86%
Kaspersky 22% 87% 91% 92% 92%
AVG 13% 85% 92% 92% 93%
Virus Buster 10% 30% 46% 74% 74%
Symantec 21% 36% 43% 46% 47%
Trend Mirco 17% 29% 32% 32% 38%
Poor Good
"Cyveillance testing finds AV vendors detect on average less than 19% of malware attacks", Aug, 2010, https://www.cyveillance.com/web/blog/press-release/cyveillance-testing-finds-av-vendors-detect-on-average-less-than-19-
of-malware-attacks.
Zero Day
![Page 11: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/11.jpg)
Malware is just for Windows
Window is the biggest target
Windows 8 release - a firm announced a zero-day vulnerability that circumvents all new security enhancements in Windows 8 and Internet Explorer 10
Mobile phone
Study claims 614% increase last year.
Android accounts for 92% of total infections (June 2013)
Apple Mac
Small volume of malware to date
11
![Page 12: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/12.jpg)
Email attachments from known persons are safe
Do not execute untrusted programs
Internet protocols
Open ports
Email attachments
Who can you trust?
Has your friend been hacked?
Embedded URLs
(Spear) Phishing Emails
PayPal scam etc.
12
![Page 13: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/13.jpg)
Visiting only reputable sites is completely safe
Advice such as ‘Do not visit risky websites’
It is good advice
The converse is not necessary true
Reputable websites can be hacked
NBC Media website hacked, which installed fake antivirus software (Feb 2013).
msn.co.nz website hacked to re-directed to a site that hosts pictures of Bill Gates (MS) with pie on his face.
EA games web server hacked to host phishing website, users where asked to enter their Apple IDs and personal information.
13
![Page 14: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/14.jpg)
Malware in not a problem, I have nothing..
Malware is not a problem, I have nothing important on my PC
Even if your computer has nothing important stored on it
Address books can be used to send out spam and malicious emails
Malware can record all of your keystrokes and steal your usernames and passwords. When the malware authors have that information, they can use it to cause severe damage ranging from financial loss to identity theft.
Bank account details Social media website to scam friends
14
![Page 15: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/15.jpg)
Reduce your Attack Surface
Browser
Use the latest browser
Update your security regularly
Browser controls
Games and Apps
Do you need those apps?
Where to get apps?
15
![Page 16: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/16.jpg)
Reduce your Attack Surface
Portable media
Two-thirds of lost USB drives carry malware – from a survey of USB drives in a lost and found department
Beware of USBs you find lying around
Malware infected USB drives handed out at a trade show
16
![Page 17: Seven Effective Habits When Using The Internet](https://reader035.fdocuments.net/reader035/viewer/2022062703/555165b5b4c905a8768b541f/html5/thumbnails/17.jpg)
Seven Effective Habits
You can’t disengage your brain
Be safe both at work and home
Update your software to include latest patches
Use the latest software
Don’t install software you don’t use
Be careful about the apps you download - Games etc.
Run with minimum privileges
17