Sec rit in a H perconnected WorldSecurity in a Hyperconnected World

October 22, 2008October 22, 2008 Cyber Security Awareness Day

HYPERCONNECTIVITY DEFINED

2

HyperconnectivityHyperconnectivity

3

Anything that can be connected and would benefit from being connected will be connected

Hyperconnectivity is Realand Happening Nowand Happening Now

B 2010 ld id

Person to MachinePerson to Person Machine to Machine

• By 2010, worldwide:

• 4-fold growth in Internet Commerce to 100B transactions • 98% of all CPUs today100B transactions

• 1-2 billion A-GPS-enabled handsets

• Europe – mobile phones no o tn mber people

98% of all CPUs today are embedded (by 2010 – 14 billion connected, embedded devices)

now outnumber people (103% penetration)

• Global mobile IM grew 33% 2H06

• 70%+ of all 2007 cars in U.S. have iPOD connectivity

• 100 million iPODs sold (market to double 2005 2010)

• iPhone: hyper-connectivity at applications level

• Sensor pocket in Nike shoes

2005 – 2010)

• One Laptop Per Child

4

applications level Per Child

“SOUNDS COOL, BUT…”“WHAT DOES THIS MEAN TO ME…!”WHAT DOES THIS MEAN TO ME…!

5

Technology vs. Riskrisk is winning…risk is winning…

Technology Innovation

Culture Change

6We adopt technologies before we really “understand” the risks of using them

Traditional Model is not Keeping Up

7Information Week, Feb07

Student, Alumni Data at RiskMore online more at riskMore online, more at risk

> New student application and selectionselection

> Course registration, instruction, testing

> Grade distribution

> Instructor evaluation

Fi i l id li ti d d> Financial-aid application and awards

> Dorm-room selection

> Library accounts> Library accounts

> Campus purchases

> Tuition billing and payment

> Campus and alumni directories

8

Computerworld, June 2005

“OK…BUT I’M PROTECTED”

“I HAVE A FIREWALL, ENCRYPTION, AND ANTI-VIRUS SOFTWARE…”

9

Attack of the Bot-Nets!Automated AttacksAutomated Attacks

> The rate of attack is increasing:• MTTA ranges from 45 sec to 24 hours• Average MTTA 1 hour!

> The big three defences:• Encryption• Firewalls• Anti-virus software

MTTA M Ti T A li hMTTA M Ti T A li h

10

MTTA – Mean Time To AccomplishMTTA – Mean Time To Accomplish

The Steel Door on the G H t H t C k DESGrass Hut

4

Hours to Crack DES

3408Yesterday’s strong3

3408Yesterday s strong encryption is today’s weak encryption

2

Thou

sand

sY

-Axi

s

Hours1416

weak encryption

1

Jan-97Feb-98

Jul-98Jan-99

056 22

11

Feb 98 Jan 99X-Axis

I Use a Personal FirewallI Use a Personal Firewall

> First line of defense• Could be a single point of failure

> Filter rules are prone to errorserrors• I just want to run that game• I can’t connect to Skype, I’ll just

disable the firewall so I candisable the firewall so I can contact my friend

> Some attacks can’t be d t t d b thdetected by them• Is this packet malicious• What if it was disabled by a

T jTrojan

12

Your firewall’s only open a crackYour firewall s only open a crack…

13

Wh AV l f ll h t?Why AV alone may fall short?

> Undiscovered variants = No signatures:• New distribution techniques to avoid discovery:

Sh t S• Short-Span• Serial Variant

> Stealth Rootkits can completely hide from AV scanning> Stealth - Rootkits can completely hide from AV scanning

> BlackWorm samples attempt to disable/alter AV products

R ’t i l b “ l d ” ft d> Ransomware can’t simply be “cleaned up” afterward

> Are you leveraging the existing signatures?• Is your system up to date on AV signatures?• Is your system up to date on AV signatures?

14

Attack Sophistication IncreasesIntruder Sophistication DecreasesIntruder Sophistication Decreases

HIGH HIGH

AttackSophistication

IntruderSophistication

LOW LOW

15

LOW

Tools for the Hacker “Wannabe”

www.test.com

Connected to www.test.com

16

The Cost of Wireless Hackinge Cost o e ess ac g

> RequiresO i (i t il) 802 11b d $20• One generic (intersil) 802.11b card $20(range ¼ mile)

• Free hacking software $ 0

> Deluxe Version• Add one (empty) Pringles can ant. $ 3

(range approx ½ mile)( g pp )

> Super Deluxe Version• Add one 18” satellite dish antenna $25

(up to 3 mile range)(up to 3 mile range)

17

“OK, THIS IS INTERESTING…”“BUT I’M STILL COOL RIGHT??”“BUT I’M STILL COOL…RIGHT??”

18

Network Misuse/Network Security: Installed Keylogger

Found in an email conversation User emailing keylogged events to themselves checking viato themselves – checking via 

Yahoo

19

Potential Network Misuse: Bank Account

20Individual Claims to have Bank Account Info

“OK, MR. NORTEL…”“WHAT DO I HAVE TO BUY FROM YOU??”WHAT DO I HAVE TO BUY FROM YOU??

21

NOTHING!!!

THE SOLUTION TO THIS

O G

THE SOLUTION TO THIS…IS IN YOUR HANDS!!

22

Becoming a Cyber-Security GuruBecoming a Cyber-Security Guru…

> What is Cyber-Security?> What is Cyber Security?• Preventing• Detecting

R di t tt k• Responding to attacks

> Wh t th i k t ? Not the Love Guru!> What are the risks to me?• Identity Theft• Disclosure of confidential information

Not the Love Guru!

• Someone else using your computer to attack others (Bot-Net)• Destruction of your computer and information

23

Becoming a Cyber-Security Guru contBecoming a Cyber-Security Guru…cont.

> Defining the Cyber-Security Lingo> Defining the Cyber Security Lingo

> Hacker, Attacker, Intruder• People who seek to exploit weaknesses in software and computer p p p

systems for their own gain• Can range from benign (just for fun) to organized crime (Russian

Mafia) to Terrorists

> Malicious Code• Virus – This type of code requires you to do something before it

infects your computerinfects your computer• Worms – Worms propagate without user intervention. May have

similar effects as viruses, except they use self-propagation• Trojan Horses – A Trojan horse is software that claims to do oneTrojan Horses A Trojan horse is software that claims to do one

thing while in fact doing something different behind the scenes.

24

General Security TipsGeneral Security Tips

> Passwords> Passwords• Use the same simple password for everything…NOT!!!• Use long, complicated passwords that aren’t easy to guess

T t t di ti d b tit t b f l tt• Try not to use dictionary words or substitute numbers for letters• Use both upper and lower case letters• Use different passwords for different systems

> This is your first line of defense into your private life

> If something is really important, encrypt the data on your PC. Windows XP and Vista passwords can be hacked in less than 2 minutes…encrypted data on those systems are much more complicated.

25

General Security Tips contGeneral Security Tips…cont.

> Anti-Virus Software> Anti Virus Software• Scan your computer on a regular basis• Keep your virus signatures up to date

D ’t i t ll ti i ft th t t i il l• Don’t install anti-virus software that comes to you in an email unless you are sure of the sender (see Trojan horse software…)

> Firewalls• Hardware Firewall – If you have a DSL router or cable modem

router with a firewall, enable it. A basic hardware firewall provides a large amount of protection

• Software Firewall – This software adds a second line of defense. A lot of operating systems provide a firewall free.

> Use both Anti-Virus software and Firewalls to get the mostUse both Anti Virus software and Firewalls to get the most amount of protection, but beware of Trojans and Phishing

26

Cyber-Security MythsCyber-Security Myths

> Anti-Virus and firewalls are 100% effective> Anti Virus and firewalls are 100% effective…• While important, without good security habits, they are not guaranteed

> Once software is installed, I don’t need to worry about it…y• Software vendors aren’t perfect…there are patches to fix security bugs

> There is nothing important on my machine…• What may not be important to you, may be important to a hacker,

especially if they can use your computer to attack someone else

> Attackers only attack people with money…I’m in college…y p p y g• Anyone can be a victim of identify theft. Attackers are lazy, they try to

get the most benefit from the least amount of work. The way I was in college…

27

Good Security HabitsHow to keep your stuff your stuffHow to keep your stuff…your stuff

> Minimizing access to your computer by other people helps> Minimizing access to your computer by other people helps reduce your risk of being compromised

> Lock your computer when you walk away• Even though you trust your roommate, what about his/her

friends…think keylogger software

> Shut down your computer when you aren’t using it> Shut down your computer when you aren t using it• If your computer is online all the time, you increase the risk of

infection

> Check your security settings• Newer software is better with security, but still check settings

> Backup your computer ’nuff said> Backup your computer… nuff said.

28

Real world lessons in the virtual worldCommon sense isn’t that commonCommon sense…isn t that common…

> Don’t take candy from strangers> Don t take candy from strangers…• Just because something is on the Internet, doesn’t mean it’s true.

People also can say one thing and be another. Verify identities before opening/clicking on email attachmentsp g g

> If it sounds too good to be true, it probably is…• There is no such thing as a free XBox/I-POD, people don’t want to

i l t f if l h l th littl Thgive you lots of money if you only help them a little. The anonymous nature of the Internet allows all kinds of scams, hoaxes and other illegal schemes.

f> Don’t advertise you are away from home…• Many email programs have an out of office response, but don’t be

too detailed in your response. That’s as bad as leaving a note on d i f hyour door saying you are away from home…

29

“OK, THAT WAS GOOD, BUT…”“WHAT’S PHISHING BOTNETS OR“WHAT’S PHISHING, BOTNETS OR SOCIAL ENGINEERING???”

30

Rootkits and BotnetsSecretive and dangerousSecretive and dangerous…

> Rootkits> Rootkits• Software that is installed and hidden on your computer without your

knowledge• Can be part of a larger software package or something someone• Can be part of a larger software package or something someone

has convinced you to download (free beer if you click here…)• Provide full access to your computer without your knowledge or

your anti-virus and firewall’s knowledgey g

> Botnets• Automated programs on many machines that, while controlled by

hi k t th t li h t kone machine, work together to accomplish a task• Spam• Denial of service

Vir s distrib tion• Virus distribution• Encryption cracking

31

“On the Internet, nobody knows you’re a dog”

32

Phishing, Social Engineeringand Spear Phishingand Spear Phishing

> All of these are ways to use social skills to obtain> All of these are ways to use social skills to obtain information from you – either in person, an email, a website or even an automated phone call

> Always verify that the person you are interacting with is who they say they are…They could be a dog…

> Phishing> Phishing• Use email or web sites to solicit personal or financial information• Emails may seem to be from a reputable company, but in actuality

come from attackers seeking your informationcome from attackers seeking your information

> Spear Phishing• An advanced form of Phishing, in that the attacker knows insiderAn advanced form of Phishing, in that the attacker knows insider

information and uses that information to gain credibility. Has mainly been used in the defense industry

33

“NOW I’M CONCERNED”“WHERE DO I FIND MORE INFORMATION?”“WHERE DO I FIND MORE INFORMATION?”

34

More InformationReference MaterialsReference Materials

> US Gov – We’re from the government we’re here to help> US Gov We re from the government, we re here to help…• www.us-cert.gov/cas/tips

> SANS Institute – A private security firmp y• www.sans.org/top20/

> Norwich University – Current Vulnerabilities• www.securityfocus.com/vulnerabilities

> Nortel LearnIT – Curriculum for students and teachers• www nortellearnit org/technology• www.nortellearnit.org/technology

35

THANK YOU FOR YOUR TIME &BE SAFE IN THISBE SAFE IN THIS

HYPERCONNECTED WORLD!

36