240 likes | 412 Views
Computers a Necessary Evil: Know the Risks. Introduction. The importance of information security Security Smarts Computers Smartphones Social media At work. Information Security - Overview. Information assurance: the measures to avoid compromise to data and systems.
E N D
Introduction • The importance of information security • Security Smarts • Computers • Smartphones • Social media • At work
Information Security - Overview • Information assurance: the measures to avoid compromise to data and systems. • The three main threats: • Viruses – a program that attaches itself to other programs and files. • Worms – copy themselves from one computer to another using a network • Trojan Horses – a software that appears to do something else
Other Threats • Phishing – fake email messages and addresses and websites that appear to be legit that are used to obtain sensitive information. • Evil twins – wireless networks that seem to be legit (airports, hotels, etc.) • Social engineering – using social skills to convince people you are to be trusted with sensitive information (http://www.trutv.com/video/tiger-team/tiger-team-101-1-of-4.html)
Computer Security • Virus protection – • Run scans frequently • You get the protection you pay for • Many softwares now have the ability to scan facebook walls and search results. • Firewalls - Any barrier that is intended to thwart the spread of a destructive agent. • You – You have the ability to identify the potential threats and avoid them.
Computer Safety • Do not open emails from unknown senders • Do not click on links without verifying the URL • Sometimes the displayed URL is not the same as the embedded URL (unm.edu) • Before entering information verify you are at the correct site (that you are at amazon.com not anazon.com)
Smartphone Threats • Smartphones are vulnerable to the same threats as regular computers, but they are much easier targets. • Apps • Loss or theft • Lack of virus protection • Saved passwords and other personal information • 82% have their own smartphone
Top 10 Smartphone Threats • Smishing - text messages to trick victims into calling a fake bank or credit card company and divulging his/her account information under the pretext of needing to confirm a purchase or update security settings. • War Texting - a hacking technique that sniffs out the codes used to communicate between a smartphone and a car. • Wi-Fi Hijacking - some hackers set up free Wi-Fi hotspots in public places such as parks, cafes and airports.
Top 10 Smartphone Threats (cont.) 4. Open Hot Spot - hackers may be able to gain instant access to your connection and your communications using your own created hotspot. 5. Baseband Hacking- intercepting cellular calls 6. Bluetooth Snooping - UsingBluetooth device-pairing default passcodes can give an attacker access to all your messages and contacts. 7. Hidden URLs - shortened URLs are being used to hide malicious sites and software
Top 10 Smartphone Threats (cont.) 8. A Few Bad Apps - Hackers used a Trojan known as Droiddream and hid in it as many as 50 different rogue apps. 9. The One-Minute Attack - smart hacker can attack quickly and get out before the victim is aware anything is wrong 10. Message Forwarding - A weak password enables a hacker to automatically forward all incoming and outgoing emails to him. http://www.technewsdaily.com/7276-top-10-threats-smartphone.html (October 26, 2012)
Marketing Class Notable Statistics • 76% have their own computer • 100% use the internet and social media and have an email addresses • 94% have a facebook account • 24% have an instagram account • 65% use different passwords for different accounts • 94% have posted a picture of yourselves
Marketing Class Concerning Statistics • 18% have posted something they didn’t want their parent or employer to see • 6% don’t know what privacy settings are • 47% have had their email or social media account hacked • 24% don’t know the strength of their password • 12% aren’t aware of security policies at their place of employment
Social Media • Use privacy settings • Share information sparing • Read privacy/policy updates • Don’t add apps or add-ons without knowing what information it will access • Don’t added people you don’t know • Don’t “like” unverified pages
Facebook Risks • Fake product/organization/company pages • Spam • Applications access account information • Fake people • Fake posts – Joe Bob just watch a monkey kick a dog click here. • Advertisements
Instagram Vulnerability • “Friendship Vulnerability” • Anyone can add themselves as your friend • Can view photos set as private • Can view profile information http://www.zdnet.com/instagram-vulnerability-anyone-can-add-you-see-your-photos-7000000757/ (7/12/2012) • Inappropriate pictures • Geotagging (location of picture) http://www.campusecho.com/campus/campus-news/instagram-app-has-risks-1.2905250#.UI6dQIYoo3R (9/19/2012)
Social Media Posting Risks • College Recruiters, parents, and potential employers look at these sites • Computer administrators at work, school, or on public computers can access the information • Application publishers and their affiliates also have the rights to view your content, and post as you • The promote feature allows your post to be associate with a brand
LAHS 2013 on Facebook • Type of information I was able to find: • Clubs/activities • Statuses • Places • Pictures • Relationship information (status, date, person, etc.) • Family • “Likes” including: “Having Sex”, “Smoking Weed”, movie titles, band names, etc. • Check your privacy settings!!!
At Work • Security policies are in place to protect data • All companies deal with protected data • Companies may block a site if they deem it unnecessary or a security risk • Backdoor routes into blocked sites could cause extreme potential harm to the system • Follow the policies and procedures
Bonus Questions What percent use facebook?
Bonus Questions What is social engineering?
Bonus Questions What are the three main computer threats?
Bonus Questions In relationship to other countries in 2011 where did the US rank for Online Virus Threats Detected and what was it percentage? (on handout)
Bonus Questions What is phishing?