cyber security awareness

Shafeeque Olassery KunnikkalC|EH, C|HFI, C|EI, MCPFounder & CTOGraytips Cyber Technologieswww.graytips.comEmail: [email protected]: 9847113216

mailto:[email protected]

Topics What is Cyber Security? Common Cyber threats include:

Social Engineering Attacks Malwares Weak and Default Passwords Unpatched or Outdated Software Vulnerabilities Removable Media Frauds - The “Nigerian” Email Scam

Secure Browsing Fundamentals

2Graytips Cyber Technologies @ 2014

Topics Mobile Devices Security Social Media Security Email Best Practices

What is spam? What is BCC ? - Why would you want to use BCC?

Wireless Security Common Network Attacks Maintain Good Computer & Security Habits Key Steps to Better Secure Your Company and Workplace


What is Cyber Security? The protection of data and systems in networks

that connect to the internet

Applies to any computer or other device that can transmit data to another device over a network connection, whether it uses the internet or some other network


What are the risks? There are many risks, some more serious than others. viruses erasing your entire system someone breaking into your system and altering files someone using your computer to attack others someone stealing your credit card information and

making unauthorized purchases.


Common Cyber Threats Social Engineering Attacks.

Computer Based Social Engineering Phishing and spear phishing

Human based Social Engineering Dumpster Diving Shoulder Surfing Eavesdropping Piggybacking Tailgating

Mobile based Social Engineering Smishing Vishing


Common Cyber Threats - contdMalwaresWeak and default passwordsUnpatched or outdated software vulnerabilitiesRemovable mediaCommon Frauds

The Nigerian email scam


Social Engineering Attacks


Social Engineering Attack Computer based Social Engineering

Phishing and Spear Phishing. Human based Social Engineering

Dumpster Diving, Shoulder Surfing Eavesdropping Piggybacking Tailgating

Mobile Based Social Engineering Smishing Vishing


Phishing Email Example


Phishing and Spear Phishing• An e-mail to deceive you into disclosing personal

information. • Widely adopted method by Social Engineers.• you may be asked to click on a link or fraudulent

website which asks you to submit your personal data or account information.

• Spear phishing is a type of targeted phishing that appears to be directed towards a specific individual or group of individuals.


Common Symptoms• Uses e-mail • May include bad grammar, misspellings, and/or generic

greetings • May include maliciously-crafted attachments with varying

file extension or links to a malicious website • May appear to be from a position of authority or legitimate

company: – Your employer – Bank or credit card company – Online payment provider – Government organization

• Asks you to update or validate information or click on a link • Threatens dire consequence or promises reward • Appears to direct you to a web site that looks real


Spear PhishingHas a high level of targeting sophistication and

appears to come from an associate, client, or acquaintance

May be contextually relevant to your job May appear to originate from someone in your

email address book May contain graphics that make the email look

legitimate


Countermeasures• Ensure anti-virus software and definitions are up to date • Never trust an unsolicited email, text message, pop-up

window, Facebook message, etc. that asks you to: give sensitive information such as your Adhar Number or bank account numbers;

• Before clicking any link check the actual address by hovering the cursor over a link (bottom left in Chrome and Internet Explorer 10 and 11), make sure it looks legitimate.

• i.e the text in the URL and the text for the hyperlink are same.

• Do not delete suspicious e-mails, report to your companies system administrators.


Countermeasures - contd• Turn off the option to automatically download

attachments• Save and scan any attachments before opening them• Don’t trust the message no matter how convincing or

official it looks; no matter if it appears to come from your bank, the government, your ISP, or your best friend. Always independently verify the authenticity of the message before you respond.

• Don’t use an email address, link, or phone number in the message itself. If it’s from your bank, search online for the customer service line and call the bank


Countermeasure - contdDo not:

Open suspicious e-mails Click on suspicious links or attachments

in e-mails Call telephone numbers provided


Phishing

It's demo time !!!Cloning FacebookCloning akesissstar.info

Malwares Malware - short for malicious software - that is

intended to do harm to your computer or software – Viruses – Trojan horses – Worms – Keyloggers – Adware– Spyware – Rootkits – Backdoors


What is a Virus?


Symptoms

• System will not start normally (e.g. “blue screen of death”)

• System repeatedly crashes for no obvious reason• Internet browser goes to unwanted web pages• Anti‐virus software appears not to be working• Many unwanted advertisements pop up on the

screen• The user cannot control the mouse/pointer


Countermeasures Ensure Anti‐virus software is fully up‐to‐date

according to manufacturer’s standards Don’t fall for fake Antivirus offers


TROJAN


What is a TROJAN ?• The main objective of this type of malware is

to install other applications on the infected computer, so it can be controlled from other computers.

• Looks like a legitimate program but when installed it does harmful things.

• The term Trojan refers to the wooden horse used by the Greeks to sneak inside the city of Troy and capture it.


Common Behavior of a Trojan• Is a standalone program or malicious file,

– These do not infect other files but often pretend to a legitimate program,

– They can harm their host computer, – Corrupt the file allocation table on your computer, – Install keyloggers, steal bank details, logons to websites, – Install other software including third party malware, – Watch what the user is doing on screen, – Upload files from your computer,


Common Behavior of a Trojan– Give a hacker remote access to the infected computer, take

advantage of unpatched systems to run other malware etc. – Remove files from the infected computer.– Download files to the infected computer.– Make registry changes to the infected computer.– Delete files on the infected computer.– Steal passwords and other confidential information.– Log keystrokes of the computer user.– Rename files on the infected computer.– Disable a keyboard, mouse, or other peripherals.– Shut down or reboot the infected computer.– Run selected applications or terminate open applications.– Disable virus protection or other computer security software.


Trojan

It's demo time !!!Trojan – ProratMaking dropperWrapping inside a game

What is an Adware ?

Adware is the name given to programs that are designed to advertising banners, re-directs you to websites, and otherwise conducts advertising on your computer. Also collect marketing-type data about you – for example, the types of websites that you visit – so that customized adverts can be displayed.


Adware Example


What is a Spyware?• Spyware is software that gathers information about

you, your browsing and Internet usage habits, as well as other data.

• How does it reach users?• Spyware is installed on computers without the user’s

knowledge. It can be installed when downloading certain content from the Web or from P2P networks, when installing freeware, or simply when visiting dubious websites.


Types Of Spyware• Video Spyware• Audio Spyware• Desktop Spyware• USB Spyware• Email Spyware

Spytechagent

It's demo time !!!

What is a Rootkit?

Malware authors use rootkits to hide malware on your PC.

Malware hidden by rootkits often monitor, filter, and steal your data or abuse your computer’s resources


A program designed to capture the keystrokes Two Types– Hardware keylogger– Software Keylogger


Keylogger


Hardware Keylogger

Symptoms of Malware Your computer is running extremely slow. Unexpected Crashes: Excessive Hard Drive Activity: Random Network Activity Erratic Email: Beware of pop-ups! Your Antivirus and firewall protection is

unexpectedly disabled. Unfamiliar and peculiar error messages


Distribution Of Malwares

E-mail attachments Downloading files Visiting an infected website Removable mediaCracked/Pirated Games and Softwares

downloaded from torrents and file sharing servers


Countermeasures

To guard against malicious code in email: View e-mail messages in plain text Use caution when opening e-mail Scan all attachments Delete e-mail from senders you do not know Turn off automatic downloading


To guard against malicious code in websites: Block malicious links / IP addresses Block all unnecessary ports at the Firewall and Host Disable unused protocols and services Stay current with all operating system service packs and

software patches


Countermeasures

Weak and Default PasswordsThe use of weak and default passwords creates

easily exploitable system vulnerabilities.


Symptoms Words found in the dictionary Readily available information significant to you

(names, dates, cities, etc.) Lack of character diversity (e.g., all lower case

letters) Personal information such as birth date,

names of self, or family, or pets, or anything else that could easily be learned by others. Remember: if a piece of information is on a social networking site, it should never be used in a password.


Countermeasures Combine letters, numbers, special characters,

Include a combination of upper case and lower case letters, at least one number and at least one special character, such as a punctuation mark

Do not use personal information Do not use common phrases or words


Do not write down your password, memorize it Change password according to your organization’s

policy Enforce account lockout for end-user accounts after a

set number of retry attempts Do not save your passwords or login credentials in

your browser NEVER share your password


Countermeasures

Dictionary AttackBrute-force AttackHybrid attacksSyllable AttackRule-based Attack


Common Password Attacks

Weak Windows Password Cracking

It's demo time !!!Retrieving Windows Passwords from SAMLophtcrack – password cracker

Unpatched or Outdated Software Vulnerabilities

Unpatched or outdated software provide vulnerabilities and opportunities for adversaries to access information systems.


Symptoms List of suspicious indicators related to unpatched and

outdated software: Unauthorized system access attempts Unauthorized system access to or disclosure of

information Unauthorized data storage or transmission Unauthorized hardware and software modifications


Countermeasures Comply with the measures in your organization’s

policies Stay current with patches and updates Conduct frequent computer audits Ideally: Daily At minimum: Weekly Do not rely on firewalls to protect against all attacks


Removable Media Removable media is any type of storage device that

can be added to and removed from a computer while the system is running. Adversaries may use removable media to gain access to your system. Examples of removable media include: Thumb drives Flash drives CDs DVDs External hard drives


Symptoms Adversaries may: Leave removable media, such as thumb drives, at

locations for personnel to pick up Send removable media to personnel under the guise

of a prize or free product trial Effects include, but are not limited to: – Corrupt files and destroyed or modified

information – Hacker access and sabotaged systems


Countermeasures Follow your organization’s removable media policy Disable autorun/autoplay


The “Nigerian” Email Scam


Secure Browsing Fundamentals

Avoid Microsoft Internet Explorer Google Chrome is currently the best choice Safari and Firefox are the middle choices Login in as a Limited User Make sure https for financial transaction Use NoScript or NotScripts Know what link you are clicking


Mobile Devices Security Avoid free and open hotspots Use Virtual Private Networks (VPN) Restrict usage in free and open hotspots Maintain an Upto Date OS Disable interfaces that are not currently in use,

such as Bluetooth, infrared, or Wi-Fi. Only download Apps from trusted sources Install Antivirus for Android


Mobile Devices Security Configure the device to be more secure. Configure web accounts to use secure

connections. Set Bluetooth-enabled devices to non-

discoverable. Delete all information stored in a device prior to

discarding it. Do not “root” or “jailbreak” the device.


Mobile Devices Security Be careful when using social networking

applications.


Social Media Security It’s Too Easy to Share Too Much Information How can you protect yourself in social media?– Limit the amount of personal information you post– Remember that the internet is a public resource– Be wary of strangers


Be skeptical - Evaluate your settings - Be wary of third-party applications - Use strong passwords Check privacy policies Keep software, particularly your web browser, up to

date


Social Media Security

Avoid links to other pages Use a different email Don’t post complete personal information Keep your computer up to date


Social Media Security

Email Best Practices

Avoid sending or accepting sensitive information via email

Avoid phishing attempts Look for an email provider with strong antispam

filtering capability. Use filters Identify unwanted spam with the “spam” button.


Consider viewing email in plain text. Turn off auto downloads Never respond to spam and avoid chain mail Use separate emails for work and home Configure email software securely Be aware of hoaxes and scams


Email Best Practices

What is spam? Spam is the electronic version of "junk mail."


How can you reduce the amount of spam?

Don't give your email address out arbitrarily Check privacy policies Report messages as spam Don't follow links in spam messages Disable the automatic downloading of graphics in

HTML mail Consider opening an additional email account


Blind Carbon Copy - BCC What is BCC ? - Why would you want to use BCC? Privacy Tracking Respect for your recipients Reduce the risk


Wireless Security• Change the default username and password • Use the highest encryption level (e.g.

WPA/WPA2• Do not use WEP encryption • Change the default Service Set Identifier (SSID)• Do not automatically connect to an open wireless

network• Turn off the wireless network when not in use


Common Network Attacks ARP Spoofing Network sniffing (Packet sniffing) Denial Of Service Attack(DOS)/DDOS Man In The Middle Attack


ARP Spoofing


Network Sniffing


Man In The Middle Attack


Maintain Good Computer & Security Habits

Update Automatically Install a Comprehensive HostBased Security Suite Limit Use of the Administrator Account Use a Web Browser with Sandboxing Update to a PDF Reader with Sandboxing Capabilities Enable File Sharing with passwords for required

users. Lock your computer When you are away. Disconnecting your computer from the Internet

when you aren't using it. Backup your important data regularly


Graytips Cyber Technologies @ 2014 75

Watch out for Social Engineering attacks Separate machines for handling sensitive

information like payroll Enable Firewall If ISP not providing DNS use Open DNS or

google's Public DNS Change Default Username and Password on the

devices like router, computer, smartphone or any device you use

Key Steps to Better Secure Your Company and Workplace

Graytips Cyber Technologies @ 2014 76

Set strong passwords Install Antivirus Use any browser EXCEPT Internet Explorer

(Chrome and Chromium are really good, Opera, Safari, Firefox are mid level choice

Install Antivirus Uninstall unused applications Ensure https:// and the lock picture while doing

financial transactions Use virtual keyboard available in banking site for

entering passwords. Use Thunderbird as Email-client

Key Steps to Better Secure Your Company and Workplace

Q&A


Thank You


Shafeeque Olassery KunnikkalC|EH, C|HFI, C|EI, MCPFounder & CTOGraytips Cyber Technologieswww.graytips.comEmail: [email protected]: 9847113216

mailto:[email protected]

cyber security awareness

Documents