1 / 25

Cyber Security

Cyber Security. Valerie Mercer Summer 2012. What is Cyber Security?. Cyber security involves protecting information by preventing, detecting, and responding to attacks. http://www.us-cert.gov/cas/tips/ST04-001.html. True or False?.

kare
Télécharger la présentation

Cyber Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Cyber Security Valerie Mercer Summer 2012

  2. What is Cyber Security? Cyber security involves protecting information by preventing, detecting, and responding to attacks. http://www.us-cert.gov/cas/tips/ST04-001.html

  3. True or False? The first virus was created in 1986. Its origin is in Pakistan, and its creators are still around today.

  4. True or False? Phishing was a fad of the 1990s. With the rise of Google, the fad has faded.

  5. True or False? Geotagging is a way to geographically locate a picture’s origin through the code in that picture.

  6. True or False? Keylogger is a game played through xBOX Kinect.

  7. True or False? The password “badhairday” is an outstanding password example. It’s so exemplary that you should share it with friends so that they can use it, too.

  8. What can you do? Recognize Risks Educate Yourself and Your Students Stay Protected

  9. Remember, YOUR information IS on the Internet…. • www.browsys.com/finder/index.php • www.peekyou.com • www.pipl.com • www.spokeo.com • www.tineye.com • www.123people.com • http://www.melissadata.com/lookups/index.html

  10. WayBackMachine • Visit www.archive.org. You will see “waybackmachine” and a text box with “http://” near the center of the page. Type ‘www.yahoo.com’ (or another website of your choice) in the textbox and click on the button that says “Take Me Back”. • Remember: What got put on the internet in the 1990s? It is still out there…

  11. Why is it important to remember that the internet is public? • Never anonymous! • Easy to forget that there are ways to find out about others. • We’re comfortable, so we adopt practices that make us vulnerable. • Once it is online, it can be accessed by a world of strangers, and you have no idea what they might do with that information.

  12. TED Presentation Yesterday’s Viruses and Tomorrow’s Viruses http://www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net.html Also consider: TED Presentation Three Types of Online Attacks http://www.ted.com/talks/mikko_hypponen_three_types_of_online_attack.html

  13. Publishing Info on the Internet • View the internet as a magazine, not a diary - Make sure you are comfortable with anyone seeing the information you put online. • Be careful what you advertise – Personal information is available online, especially because people are creating personal web pages with information about themselves. • Realize that you can't take it back - Once you publish something online, it is available to other people and to search engines. You can change or remove information after something has been published, but it is possible that someone has already seen the original.

  14. Spam, Spam Everywhere • Don't give your email address out arbitrarily! • Check privacy policies - Before submitting your email address online, look for a privacy policy. • Be aware of options selected by default - When you sign up for some online accounts or services, there may be a section that provides you with the option to receive email about other products and services. • Use filters - Many email programs offer filtering capabilities that allow you to block certain addresses or to only allow email from addresses on your contact list. Some ISPs offer spam "tagging" or filtering services, but legitimate messages misclassified as spam might be dropped before reaching your inbox. • Report messages as spam - Most email clients offer an option to report a message as spam or junk. If your has that option, take advantage of it. Reporting messages as spam or junk helps to train the mail filter so that the messages aren't delivered to your inbox.

  15. Spam, Spam Everywhere • Don't follow links in spam messages - If you click a link within an email message or reply to a certain address, you are just confirming that your email address is valid. • Disable the automatic downloading of graphics in HTML mail - Many spammers send HTML mail with a linked graphic file that is then used to track who opens the mail message—when your mail client downloads the graphic from their web server, they know you've opened the message. • Consider opening an additional email account – Use a gmail or hotmail or other “free” account for online purchasing or correspondence with those you don’t know. • Don't spam other people - Some people consider email forwards a type of spam, so be selective with the messages you redistribute.

  16. What is a phishing attack? • Phishing attacks use email or malicious websites to solicit personal information by posing as a trustworthy organization. • Phishing attacks may appear to come from organizations such as charities. Attackers often take advantage of current events and certain times of the year, such as… • natural disasters (e.g., Hurricane Katrina, Indonesian tsunami) • epidemics and health scares (e.g., H1N1) • economic concerns (e.g., IRS scams) • major political elections • holidays

  17. How do you avoid being a victim? • Be suspicious of unsolicited phone calls, visits, or email messages from individuals asking about employees or other internal information. • Don't send sensitive information over the Internet before checking a website's security. Look for a lock and/or “https” at the front of the web address. • Pay attention to the URL of a website. Malicious websites may look identical to a legitimate site, but the URL may use a variation in spelling or a different domain (e.g., .com vs. .net). • If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. • Take advantage of any anti-phishing features offered by your email client and web browser. • Popup blocker – never surf without one!

  18. What do you do if you think you are a phishing attack victim? • If you believe you might have revealed sensitive information about your organization, report it to the appropriate people within the organization, including network administrators. • If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for any unexplainable charges to your account. • Immediately change any passwords you might have revealed. If you used the same password for multiple resources, make sure to change it for each account, and do not use that password in the future. • Watch for other signs of identity theft including bills for products you have never used. • Consider reporting the attack to the police, and file a report with the Federal Trade Commission (http://www.ftc.gov/).

  19. Proactive CyberSecurity Measures • Do business with reputable companies - Before providing any personal or financial information, make sure that you are interacting with a reputable, established company. Some attackers may try to trick you by creating malicious web sites that appear to be legitimate, so you should verify the legitimacy before supplying any information . • Take advantage of security features - Passwords and other security features add layers of protection if used appropriately . • Check privacy policies - Take precautions when providing information, and make sure to check published privacy policies to see how a company will use or distribute your information. • Be careful what information you publicize - Attackers may be able to piece together information from a variety of sources. Avoid posting personal data in public forums. Going on vacation? Don’t publish that on Facebook! • Use and maintain anti-virus software and a firewall - Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable by using anti-virus software and a firewall . • Be aware of your account activity - Pay attention to your statements, and check your credit report yearly. You are entitled to a free copy of your credit report from each of the main credit reporting companies once every twelve months.

  20. Virus Protection • Apple versus Microsoft? • It’s a myth that MacIntosh computers don’t get viruses! • Too much virus protection might not be a good thing • Yes, you need antivirus software, but you don’t need three different kinds running simultaneously. • Got Malware? • You may need a separate program to protect your device from malware • Don’t forget about all of your devices! • Cell Phone • Tablet • MP3 Player • Gaming Device

  21. Tools to Know • http://www.howsecureismypassword.net • http://www.grc.com • Click on “shields up” and then run the shields test and port probe test. • Make sure antivirus is up-to-date first! • http://privacy.net/analyze • Tests your machine and tells you how much information you are providing to others

  22. How safe are we? • Cloud computing brings a whole new dimension to cybersecurity. • Mobile devices bring new possibilities for hackers. • Google (in data published on June 19 via http://www.cioinsight.com) indicates that the company is finding approximately 9500 malicious or compromised sites per day.

  23. Geotagging • Lots of names: Location, Places, Check-in-GPS, GeoNotification, GeoLocation • Way to find your exact location within the code behind a picture or image. • Social media accounts should be set to the highest “private” settings available • Disable GPS settings in cameras • Also, remember to check settings of GPS on individual apps. • You can upload photos to http://regex.info/exif.cgi to view the GPS information.

  24. Social Networking Cyber Security • http://www.fbparents.orgThis is a great resource for parents and teachers to use to acclimate to the features of Facebook • Be cautious about messages you receive on social networking sites that contain links.Links from friends can sometimes contain malware or be part of a phishing attack! • Use privacy settings on social networking sites - Social networking sites allow you to choose who has access your email address.

  25. Cybersecurity maxims to incorporate into lessons… • Have sound passwords • Be careful when forwarding email! • Virus Protection – it’s a must! • Malware Protection – you might need a separate program for that in addition to virus protection. • If you wouldn’t give it to a stranger, then don’t tell it online • Remember, you create an online activity “tattoo” that follows you throughout your life.

More Related